Pull image from AWS ECR with apikey

I use this configuration for cron job to get temporary token from AWS ECR:

    apiVersion: batch/v1
    kind: CronJob
    metadata:
      name: {{ .Values.cronjob.name }}
    spec:
      schedule: "0 */6 * * *"
      successfulJobsHistoryLimit: 0
      jobTemplate:
        spec:
          template:
            spec:
              serviceAccountName: grafana
              containers:
                - command:
                    - /bin/sh
                    - -c
                    - |-
                      TOKEN=`aws ecr get-login-password --region ${REGION} | cut -d' ' -f6`
                      kubectl delete secret -n default --ignore-not-found $SECRET_NAME
                      kubectl create secret -n default docker-registry $SECRET_NAME \
                      --docker-server=$ECR_REPOSITORY \
                      --docker-username=AWS \
                      --docker-password=$TOKEN \
                      --namespace=default
                      kubectl patch serviceaccount default -p '{"imagePullSecrets":[{"name":"'$SECRET_NAME'"}]}' -n default
                  envFrom:
                  - secretRef:
                      name: mockup-secret-env
                  - configMapRef:
                      name: application-mockup-configuration-configmap-env
                  image: {{ .Values.cronjob.image }}
                  imagePullPolicy: IfNotPresent
                  name: {{ .Values.cronjob.name }}
              restartPolicy: Never

Is it passible to pull images just with apikey without the need to generate a temporary token? These are the possible ways to make authentication for private registry? https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry_auth.html what if we make a request to get a token using apikey each time before we make image pull?