ShinyProxyOperator accessing private AWS ECR

bklaassens · April 28, 2026, 8:21pm

I run one ShinyProxy instance that is able to access a private AWS ECR.

To do this I run

aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 673456902717.dkr.ecr.us-east-1.amazonaws.com

I’m trying to get SPO to do the same, but since it is in a container itself it doesn’t seem to be able to authenticate.

Is possible to have a volume to inject the json that has the authentication token, or is there a better way.

tdekoninck · June 4, 2026, 1:55pm

Hi

In ShinyProxy and also in the operator there is currently no way to use the authentication token defined in the docker config file for pulling images.
ShinyProxy supports configuring image pull secrets, see Configuration | ShinyProxy . This typically uses a username and password. On Amazon you are probably using the instance metadata (IMDS), and not a username+password. I created an internal ticket to add support for this.