devops

🚨 AWS 128: Setting Up Amazon ECR and Pushing Docker Images

Published: (January 7, 2026 at 11:23 PM EST)
2 min read
Source: Dev.to

Source: Dev.to

Hey Cloud Builders 👋
Welcome to Day 28 of the #100DaysOfCloud Challenge! In this post we’ll create a private Amazon Elastic Container Registry (ECR) repository, build a custom Python app Docker image, and push it to the registry.

Overview

Amazon ECR is a fully managed Docker container registry that lets developers store, manage, and deploy container images securely. Using a private registry keeps your application artifacts hidden from the public.

Step‑by‑Step Workflow

We’ll move logically through the following stages:

  1. Create the repository
  2. Build the Docker image
  3. Authenticate Docker with ECR
  4. Tag and push the image
  5. Verify the upload

Create the Repository

aws ecr create-repository \
    --repository-name devops-ecr \
    --region us-east-1

Note: ECR repositories are region‑specific. Make sure your AWS CLI is configured for the same region where you intend to create the repository.

After creation, note the Repository URI, which looks like:

.dkr.ecr..amazonaws.com/devops-ecr

Build the Docker Image

cd /root/pyapp          # Directory containing the Dockerfile
docker build -t pyapp .   # Build a local image named "pyapp"

Authenticate Docker with ECR

Generate a temporary 12‑hour login token and pipe it to Docker:

aws ecr get-login-password --region  |
docker login --username AWS --password-stdin .dkr.ecr..amazonaws.com

Tag and Push the Image

# Tag the local image with the full ECR URI
docker tag pyapp:latest .dkr.ecr..amazonaws.com/devops-ecr:latest

# Push the image to the repository
docker push .dkr.ecr..amazonaws.com/devops-ecr:latest

Verify the Upload

  1. Open the ECR console.
  2. Select the devops-ecr repository.
  3. Confirm that an image with the tag latest appears.

You can also test pulling the image from another machine (after authenticating) to ensure it’s stored correctly:

docker pull .dkr.ecr..amazonaws.com/devops-ecr:latest

Common Issues & Tips

IssueResolution
Incorrect regionVerify that the repository URI matches the region configured in your CLI.
Access deniedEnsure the IAM user has the AmazonEC2ContainerRegistryFullAccess policy attached.
Missing tagTag the local image with the full ECR URI before pushing.
Login expiryDocker login sessions expire after 12 hours; re‑run the login command when needed.

Next Steps

Once the image resides in ECR, you can deploy it to services such as ECS, EKS, or Lambda. Automating the build‑and‑push process with a CI/CD pipeline is a natural next step.

Resources

  • KodeKloud Engineer – Practice Labs – Try these tasks in a real AWS environment.
  • LinkedIn: Hritik Raj
  • GitHub: 100 Days of Cloud (⭐ Support the journey)
Back to Blog

Related posts

Read more »

Launch an AWS EC2 Instance

Introduction This guide walks you through launching an AWS EC2 instance, installing Docker, and running NGINX inside a Docker container. By the end you will ha...

How to Deploy AWS ELASTIC BEANSTALK

Overview AWS Elastic Beanstalk is a managed cloud service that lets you deploy and run web applications without worrying about the underlying infrastructure. I...