Containers-roadmap: [Fargate] [request]: Support for insecure registry

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Tell us about your request
Possibility to use a "insecure" Docker private registry (e.g. with self-signed certificate) for pulling Docker images.

Which service(s) is this request for?
Fargate

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Currently, if the private registry has a self-signed certificate, we get an error from Fargate when we start the task:
CannotPullContainerError: Error response from daemon: Get https://my.private.registry/v2/: x509: certificate signed by unknown authority

Are you currently working around this issue?
There are actually two possible workarounds:

• Use ECS with EC2 instead of Fargate and customize the daemon.json with

{
    "insecure-registries" : ["my.private.registry:443"]
}

• Use ECR repository for my docker image, but it implies to pull image from my private registry and push them into ECR during the deployment pipeline.