Customer Feature Request: Pull ECR Tokens for private registries in customer account #777
Comments
|
@junshun is working on something using the kubelet credential provider https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ they provide credentials with read only ECR permissions and the credential provider will update the ECR token as needed. Does this sound like it should meet your customer's requirements? |
|
We discussed this with the customer, and discussed a potential short term solution which we use an Environment variable in the cronjob spec with the AccountID instead of in the Go code, so it can be modified customer side. The long term solution would be the Work @junshun is working on too. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Type: Customer Feature Request
What would you like to be added: As a customer, I would like the ability to create refreshed image pull secrets with Docker login credentials to a private ECR registry in my account so that I can deploy custom container images and applications to my EKS Anywhere clusters.
Why is this needed: Customer needs to pull custom container images and applications from private ECR registries using the ecr-token-refresher cron job.
The text was updated successfully, but these errors were encountered: