Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

cannot push Dockerimage to ECR

0

I get an error on my EC2 with "Docker version 20.10.7, build f0df350" while

docker push 0123456789.dkr.ecr.eu-central-1.amazonaws.com/myimage

7c7d65e44641: Retrying in 1 second
b4ccc1f2e36b: Retrying in 1 second
cceec67921d6: Retrying in 1 second
5530f13a133e: Retrying in 1 second
22510f0870a6: Retrying in 1 second
EOF

The aws login before

aws ecr get-login-password ...

works fine: "Login succeeded" and ~/.docker/config.json is created.

My ECR is created and my EC2 has a role with AmazonEC2ContainerRegistryFullAccess.

Any suggestions?

Many thanks

Themen
Behälter
Tags
Amazon Elastischer Container-Registry (ECR)
Sprache
English
AWS-User-7095317
gefragt vor 2 Jahren3418 Aufrufe
2 Antworten
0

Hello

Verify that you have the IAM role curl http://169.254.169.254/latest/meta-data/iam/security-credentials/examplerole use example policy Please use the policy below

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ecr:PutLifecyclePolicy",
                "ecr:PutImageTagMutability",
                "ecr:StartImageScan",
                "ecr:CreateRepository",
                "ecr:PutImageScanningConfiguration",
                "ecr:UploadLayerPart",
                "ecr:BatchDeleteImage",
                "ecr:DeleteLifecyclePolicy",
                "ecr:DeleteRepository",
                "ecr:PutImage",
                "ecr:CompleteLayerUpload",
                "ecr:StartLifecyclePolicyPreview",
                "ecr:InitiateLayerUpload",
                "ecr:DeleteRepositoryPolicy"
            ],
            "Resource": "arn:aws:ecr:us-east-1:<aws-account-id>:repository/ec2-ecr-test"
        },
        {
            "Effect": "Allow",
            "Action": "ecr:GetAuthorizationToken",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "ecr:BatchCheckLayerAvailability",
            "Resource": "arn:aws:ecr:us-east-1:<aws-account-id>:repository/ec2-ecr-test"
        }
    ]
}

The login

aws ecr get-login-password --region region | docker login --username AWS --password-stdin aws_account_id.dkr.ecr.region.amazonaws.com

profile picture
EXPERTE
GK
beantwortet vor 2 Jahren
0

not, this works not. My IAM role has these rigths > the same error.

AWS-User-7095317
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt