Can’t Push Image to Amazon ECR — Fixing “no basic auth credentials”

When trying to push a Docker image to Amazon Elastic Container Registry (ECR), you might encounter this error:

no basic auth credentials

This usually means your Docker client isn’t authenticated with your ECR registry.

1️⃣ Why This Happens

Amazon ECR doesn’t store your login permanently like Docker Hub.
Instead, you must retrieve a temporary login token from AWS and use it to authenticate Docker.
These credentials expire after 12 hours, so pushing without refreshing them causes this error.

2️⃣ The Fix — Step-by-Step

Step 1 — Authenticate Docker with ECR

Run this command (replace <region> and <account_id> with your AWS details):

aws ecr get-login-password --region <region> \
| docker login --username AWS --password-stdin <account_id>.dkr.ecr.<region>.amazonaws.com

Example:

aws ecr get-login-password --region us-east-1 \
| docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-east-1.amazonaws.com

✅ If successful, you’ll see:

Login Succeeded

Step 2 — Tag Your Docker Image

Your image name must match the ECR repository path:

docker tag myapp:latest 123456789012.dkr.ecr.us-east-1.amazonaws.com/myapp:latest

Step 3 — Push to ECR

docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/myapp:latest

3️⃣ Common Pitfalls

ProblemCauseSolution
"no basic auth credentials" after loginToken expiredRun aws ecr get-login-password again
"repository does not exist"ECR repo not createdRun aws ecr create-repository --repository-name myapp
Permission errorsIAM user/role lacks ECR permissionsAttach AmazonEC2ContainerRegistryFullAccess policy

4️⃣ Bonus — Automating the Login

If you push images often, you can create a script:

#!/bin/bash
AWS_REGION="us-east-1"
ACCOUNT_ID="123456789012"
REPO="$ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com"

aws ecr get-login-password --region $AWS_REGION \
| docker login --username AWS --password-stdin $REPO

Run this before any docker push.

📌 Summary

The "no basic auth credentials" error when pushing to Amazon ECR means Docker isn’t authenticated.
The fix is simple:

  1. Get a fresh login token with aws ecr get-login-password
  2. Login to ECR
  3. Tag and push your image
Sharing Is Caring:

Leave a Comment