ECR private registry with Cloudfront
Hi there, I have a private ECR repository, and I need to pull images from on prem machine (using K3s or k0s or microk8s)
I want to avoid from using the ECR url (xxxxxxxxx.yyy.ecr.eu-zzzzz.amazonaws.com/test:latest) and use my domain with Cloudfront origin (blablabla.cloudfront.net/test).
Is it possible to create origin that backed by ECR repository using relevant behavior?
- Language
- English
asked 3 years ago1.5K views
- Newest
- Most votes
- Most comments
No afraid this is not possible.
Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. ECR is not web service im afraid.
- shaiz3 years ago
Why is that? This isn't possible even with Lambda function in the middle between the cloudfront & the ECR origin?
- Gary Mclean EXPERT3 years ago
Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. ECR is not web service im afraid.
- shaiz3 years ago
1st of all, thanks for the response There is a way maybe with APi GW? or route 53? or LB? maybe with other way?
We want to serve our registry with a signed URL and not the ECR url.
- Gary Mclean EXPERT3 years ago
I just found this terraform article which says it can be done with APi GW and Lambda https://github.com/amancevice/terraform-aws-custom-ecr-domain But this is just a DNS redirect
Relevant content
- Accepted Answer
asked 2 years ago
- Accepted Answer
asked 5 years ago
