- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
Hi
The network is public with the internet gateway but without public IP
If you do not want to assign public ip to Fargate, you should create another subnet(private subnet) associated with route table that has default route to NAT Gateway or NAT instance. Or you should create another subnet(private subnet) with VPC endpoint. Even though subnet has default route to internet gateway, instance used by Fargate can not reach out to the internet without public ip.
May be this article will help you. https://repost.aws/knowledge-center/ecs-fargate-pull-container-error
Hello,
From the above error it is failing to connect to the "starport" S3 bucket which is used by ECR to store your image layers. Since you are deploying it your Fargate containers in a private subnet, ensure that you have a S3 gateway endpoint. If you already have a S3 gateway endpoint, ensure that you have a policy that allows access to the "starport" bucket.
Refer to: https://docs.aws.amazon.com/AmazonECR/latest/userguide/vpc-endpoints.html#ecr-setting-up-s3-gateway and https://repost.aws/knowledge-center/ecs-ecr-docker-image-error for more information.
{
"Statement": [
{
"Sid": "Access-to-specific-bucket-only",
"Principal": "*",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::prod-region-starport-layer-bucket/*"]
}
]
}
If any issues, please feel free to reach out.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr