- Le plus récent
- Le plus de votes
- La plupart des commentaires
There are two roles associated with a Fargate task: The Task Role, and the Task Execution Role.
The Task Execution Role needs all the permissions needed to start the task, including pulling the container image from ECR, obtaining and decrypting any secrets needed to launch the container, and dispatching logs and telemetry data to CloudWatch. The container runtime runs in the Task Execution Role context.
The Task Role, on the other hand, needs all the permissions that are required by the task containers after launch. For example, if your application needs to access S3 or DynamoDB, the Task Role would contain those policies granting access to the application.
So it is important to distinguish those two roles: Task Execution role is used before launch; the Task Role is used after launch. It is possible that you associated the policies with the Task Role instead of the Task Execution role.
Contenus pertinents
- demandé il y a un an
- demandé il y a 2 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 9 mois
- AWS OFFICIELA mis à jour il y a 2 ans
Thanks, that's a good suggestion but I have been adding permissions to the Task Execution Role. I tested adding PowerUser permissions to the Task Execution Role, and I still have exactly the same error, so I think it's not a permissions issue.
@mhairi, did you get this to work? I'm thinking it is a network issue, but cannot figure it out. thanks