[ECR] [request]: Pull through cache for self-hosted Artifactory

[mjrlee]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Tell us about your request We use an on-prem self-hosted Artifactory instance to host container images. We currently pull directly from that for our ECS and EKR jobs. It would be better if we could use ECR's pull through cache feature to reduce load on our Artifactory instance, and reduce traffic over our Direct Connect.

To add complexity, we pull from our cache over a direct connect, so it would be important that we could use our internal network to pull from to avoid having to expose our Artifactory to the internet. Amazon Managed Grafana supports this for example (https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-vpc.html)

Which service(s) is this request for? ECR

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? Using Artifactory with a pull through cache is not possible.

Are you currently working around this issue? We are currently pulling directly from our Artifactory instance

Additional context

Attachments

[philslab-ninja]

I was just thinking about opening a request for this feature as well when I found this one. I hope it's ok to share a diagram I have created with how I imagine this could be done:

So kind of like deploying a route53 outbound resolver, but in this case an ECR outbound connector