Amazon ECR

Jenkins Plugin GitHub release Jenkins Plugin Installs Build Status GitHub license Maintenance

This plugin offers integration with Amazon Container Registry (ECR) as a DockerRegistryToken source to convert Amazon Credentials into a Docker CLI Authentication Token.


Amazon ECR plugin implements a Docker Token producer to convert Amazon credentials to Jenkins’ API used by (mostly) all Docker-related plugins.

Thank's to this producer, you can select your existing registered Amazon credentials for various Docker operations in Jenkins, for sample using the Docker Build and Publish plugin:


Navigate to the "Plugin Manager" screen, install the "Amazon ECR" plugin and restart Jenkins.

The plugin will use the proxy configured on Jenkins if it is set.

Recommended logger for troubleshooting, you have to take care where you publish these logs could contain sensitive information

  • com.cloudbees.jenkins.plugins.amazonecr
  • com.amazonaws
  • org.apache.http.wire
  • org.jenkinsci.plugins.docker.workflow

Docker Pipeline Usage

When using the Docker Pipeline Plugin, in order to obtain an ECR login credential, you must use the ecr provider prefix.

docker.withRegistry("", "ecr:us-east-1:credential-id") {

If you experience authentication issues, you would try to remove user docker configuration files on the agents before to run the docker commands, something like this pipeline script.

node {
  // cleanup current user docker credentials
  sh 'rm -f ~/.dockercfg ~/.docker/config.json || true'

  // configure registry
  docker.withRegistry('', 'ecr:eu-west-1:86c8f5ec-1ce1-4e94-80c2-18e23bbd724a') {

    // build image
    def customImage ="my-image:${env.BUILD_ID}")

    // push image


Code Style

This plugin uses Google Java Code Style, which is enforced by the spotless plugin. If the build fails because you were using the "wrong" style, you can fix it by running:

$ mvn spotless:apply

to reformat code in the proper style.