Not working with IMDSv2

[waiyanmin95]

OS: Ubuntu 20.04

I'm facing the issue ( can't use amazon-ecr-credential-helper ) with EC2 IMDSv2. I used the EC2 Instance profile and attached it to the EC2 instance.

[danwashusen]

It would be really great if the debug logging around IMDS was improved while this is being 'fixed'. It look us far too long to figure out this was the issue...

[ptrdlbrg]

I hit this problem too. I changed IMDSv2 session tokens to "required" and then amazon-ecr-credential-helper version 0.6.0 stopped returning credentials. When I set the IMDS session tokens back to "optional" then the credential helper started returning credentials again.

I looked back in the issues and found #215 which indicates that amazon-ecr-credential-helper should work with IMDSv2 since version 0.5.0. I'm not sure if this is a regression or if this functionality didn't work even in 0.5.0.

[kholisrag]

same for me,

trying using imds v2 but still got result :

$ echo "xxxxxxxxxxxx.dkr.ecr.us-west-2.amazonaws.com" | docker-credential-ecr-login get

credentials not found in native keychain

any workaround to fix this issue?

[adkafka]

I had this issue as well, but I noticed that my version of docker-credential-ecr-login was old:

$ docker-credential-ecr-login -v
amazon-ecr-credential-helper
Version:    0.3.1
Git commit: b4a1707

I updated the binary in-place, after installing:

$ sudo curl https://amazon-ecr-credential-helper-releases.s3.us-east-2.amazonaws.com/0.6.0/linux-amd64/docker-credential-ecr-login -o `which docker-credential-ecr-login`
$ sudo chmod +x `which docker-credential-ecr-login`

And now it is working as expected on a machine that only supports IMDSv2!