feature suggestion: ee from private AWS ECR registry

[LeoSpyke]

Please confirm the following

• [X] I agree to follow this project's code of conduct.
• [X] I have checked the current issues for duplicates.
• [X] I understand that AWX Operator is open source software provided for free and that I might not receive a timely response.

Feature Summary

It would be very useful to pull the execution environments images from a private AWS Elastic Container Registry. The limitation here is due to the 12 hours authentication token validity of the ECR service, that forces us to refresh it manually, which is not a sustainable workaround. Is it possible to implement such feature natively in the Operator?

Thank you

[LeoSpyke]

Any updates on this?

[harilalbhaskaran]

+1

[ilyaluk]

I have implemented a tiny credential plugin that allows you to use private ECR repos for EEs: https://github.com/ilyaluk/awx-credential-plugin-ecr-token/tree/main

However, after implementing it, I realized that EE from ECR work as expected without any credentials, if you run it on EKS and have required permissions for node instance profiles 🙈

Still, might be useful if you don't run AWX on EKS, but want to use ECR.