ECR private registry with Cloudfront

0

Hi there, I have a private ECR repository, and I need to pull images from on prem machine (using K3s or k0s or microk8s)

I want to avoid from using the ECR url (xxxxxxxxx.yyy.ecr.eu-zzzzz.amazonaws.com/test:latest) and use my domain with Cloudfront origin (blablabla.cloudfront.net/test).

Is it possible to create origin that backed by ECR repository using relevant behavior?

Topics

Containers Networking & Content Delivery

Tags

Amazon Elastic Container Registry (ECR)Amazon CloudFront Amazon Route 53

Language

English

asked 7 months ago443 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

0

No afraid this is not possible.

Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. ECR is not web service im afraid.

EXPERT

answered 7 months ago

EXPERT

reviewed 7 months ago

shaiz
7 months ago
Why is that? This isn't possible even with Lambda function in the middle between the cloudfront & the ECR origin?
Gary Mclean EXPERT
7 months ago
Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. ECR is not web service im afraid.
shaiz
7 months ago
1st of all, thanks for the response There is a way maybe with APi GW? or route 53? or LB? maybe with other way?

We want to serve our registry with a signed URL and not the ECR url.
Gary Mclean EXPERT
7 months ago
I just found this terraform article which says it can be done with APi GW and Lambda https://github.com/amancevice/terraform-aws-custom-ecr-domain But this is just a DNS redirect

Relevant content

Download images from ECR using cognito authn
shaiz
asked 6 months ago
AWS Greengrass v2 pull docker images from private a ECR registry in a different account
Accepted Answer
Phillipp
asked a year ago
Can you use an Amazon ECR private repository with LightSail?
Accepted Answer
AWS-User-1888013
asked 2 years ago
ECS Fargate task running in private subnet can't pull container from private ECR repository
Laszlo Hegedus
asked a year ago
How do I allow Amazon ECS tasks to pull images from an Amazon ECR image repository?
AWS OFFICIALUpdated 2 years ago
How do I resolve the "error pulling image configuration: error parsing HTTP 403 response body" error in Amazon ECS when pulling a Docker image from Amazon ECR?
AWS OFFICIALUpdated 2 years ago
How can I troubleshoot the “Lambda does not have permission to access the ECR image...” error for a Lambda function with a container image?
AWS OFFICIALUpdated a year ago
How can I allow a secondary account to push or pull images in my Amazon ECR image repository?
AWS OFFICIALUpdated 2 years ago
How to connect to a private EC2 instance from a local Visual Studio Code IDE with Session Manager and AWS SSO (CLI)
EXPERT
Faraz_AWS
published 2 years ago
Access a private Amazon Redshift from a local machine via a private EC2 instance
EXPERT
Ziad
published 6 months ago