Amazon ECR

ID: amazon-ecr

This plugin offers integration with Amazon Container Registry (ECR) as a DockerRegistryToken source to convert Amazon Credentials into a Docker CLI Authentication Token.


Amazon ECR plugin implements a Docker Token producer to convert Amazon credentials to Jenkins’ API used by (mostly) all Docker-related plugins.

Thank's to this producer, you can select your existing registered Amazon credentials for various Docker operations in Jenkins, for sample using the Docker Build and Publish plugin:


Navigate to the "Plugin Manager" screen, install the "Amazon ECR" plugin and restart Jenkins.

The plugin will use the proxy configured on Jenkins if it is set.

Recommended logger for troubleshooting, you have to take care where you publish these logs could contain sensitive information

  • com.cloudbees.jenkins.plugins.amazonecr
  • com.amazonaws
  • org.apache.http.wire
  • org.jenkinsci.plugins.docker.workflow

Docker Pipeline Usage

When using the Docker Pipeline Plugin, in order to obtain an ECR login credential, you must use the ecr provider prefix.

docker.withRegistry("", "ecr:us-east-1:credential-id") {

If you experience authentication issues, you would try to remove user docker configuration files on the agents before to run the docker commands, something like this pipeline script.

node {
  // cleanup current user docker credentials
  sh 'rm -f ~/.dockercfg ~/.docker/config.json || true'

  // configure registry
  docker.withRegistry('', 'ecr:eu-west-1:86c8f5ec-1ce1-4e94-80c2-18e23bbd724a') {

    // build image
    def customImage ="my-image:${env.BUILD_ID}")

    // push image


Code Style

This plugin tries to migrate to Google Java Code Style, please try to adhere to that style whenever adding new files or making changes to existing files. The style is enforced using the spotless plugin, if the build fails because you were using the "wrong" style, you can fix it by running:

$ mvn spotless:apply

to reformat Java code in the proper style.