Amazon ECR private registries - Amazon ECR

「翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。」

Amazon ECR private registries

Amazon ECR private registries host your container images in a highly available and scalable architecture. You can use your private registry to manage private image repositories consisting of Docker and Open Container Initiative (OCI) images and artifacts. Each AWS account is provided with a default private Amazon ECR registry. For more information about Amazon ECR public registries, see Public registries in the Amazon Elastic Container Registry Public User Guide.

Private registry concepts

  • The URL for your default private registry is https://aws_account_id.dkr.ecr.region.amazonaws.com.

  • By default, your account has read and write access to the repositories in your private registry. However, IAM users require permissions to make calls to the Amazon ECR APIs and to push or pull images to and from your private repositories. Amazon ECR provides several managed policies to control user access at varying levels. 詳細については、「 」を参照してください。Amazon Elastic Container Registry アイデンティティベースのポリシーの例.

  • You must authenticate your Docker client to your private registry so that you can use the docker push and docker pull commands to push and pull images to and from the repositories in that registry. 詳細については、「 」を参照してください。プライベートレジストリの認証.

  • Private repositories can be controlled with both IAM user access policies and repository policies. リポジトリポリシーの詳細については、「」を参照してください。リポジトリポリシー.

  • The repositories in your private registry can be replicated across Regions in your own private registry and across separate accounts by configuring replication for your private registry. 詳細については、「 」を参照してください。プライベートイメージのレプリケーション.