Amazon ECR Docker Push hangs and ends in error with EOF after saying “Retrying in X seconds”
docker push 3234234234234.dkr.ecr.us-east-1.amazonaws.com/name-of-ecr-repo:latest The push refers to repository [3234234234234.dkr.ecr.us-east-1.amazonaws.com/name-of-ecr-repo]84d49c7b6dcd: Retrying in 1 second d2cd686e0f2b: Retrying in 1 second 11b309a0a714: Retrying in 1 second 84c064edcba0: Retrying in 1 second 085af9a0ade7: Retrying in 1 second 593df8e4bac5: Waiting 12c49c4d67f0: Waiting 5f70bf18a086: Waiting cd0b79f24bf2: Waiting bab0e23e8c77: Waiting 7393ae547845: Waiting 8a907b4bbcbf: Waiting c8ae34277e89: Waiting a353f0ecb543: Waiting EOFWhat can happen if you have multiple users, especially if you have IAM Identity Center with multiple accounts that can assume many different roles, it might get confused about the authenticated user you want to assume.
What we can do if we have IAM Identity Center set up is go right to the programmatic access section and use that key and secret key in coordination with the AWS CLI to configure an IAM role that we can assume to update ECR.
Read the docs here: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
Configure AWS profile (the easy way)
aws configure --profile AccountID_IICPermissionSet
[Company_AccountID_PermissionSet]
aws_access_key_id=XXXXXXXX
aws_secret_access_key=XXXXXXXXXX
aws ecr get-login-password --profile AC_585477435234_PowerUserAccess --region us-east-1 | docker login --username AWS --password-stdin 585477435234.dkr.ecr.us-east-1.amazonaws.com
IAM Identity Center user credentials won’t work:
It needs to be an Access Key created under an IAM user
Needs to be a unique user key associated with a user and not with short-term credentials that expire quickly and regularly like those made by IAM Identity Center.
