I have two AWS profiles associated with different accounts configured on my machine as shown below.
[profile staging]
sso_start_url = https://xxxxxxxxxx.awsapps.com/start
sso_region = us-west-2
sso_account_id = xxxxxxxxxxxxx
sso_role_name = staging
region = us-west-2
output = json
[profile dev]
region = us-east-1
output = json
I am looking to pull a docker image from ECR which is present in account (A) corresponding to the staging profile
However, when I am trying to pull the image it is trying with my dev profile which doesn't have access to the repo in account (A)
Following are the commands
aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin xxxxxxxxxxxx.dkr.ecr.eu-west-2.amazonaws.com
Login Succeeded
docker pull xxxxxxxxxxxx.dkr.ecr.eu-west-2.amazonaws.com/sample-image:latest
Getting access denied error for "arn:aws:iam::XXXXXXXXXXXXX:user\iam-user" which is associated to my dev profile
Please suggest what could be the issue.
As mentioned by jordanm in the comments above, answer is to use --profile option while using the command as shown below
aws ecr get-login-password --region eu-west-2 --profile=staging | docker login --username AWS --password-stdin xxxxxxxxxxxx.dkr.ecr.eu-west-2.amazonaws.com