Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

CodeBuild Project fails for a Private registry with AWS Secrets Manager with BUILD_CONTAINER_UNABLE_TO_PULL_IMAGE

0

Followed https://docs.aws.amazon.com/codebuild/latest/userguide/sample-private-registry.html to create a CodeBuild project manually. Secret Manager is being used to store the docker hub credentials . I am trying to pull "hashicorp/terraform:1.3.7". IAM role used here has the following IAM policy attached:

Excerpt from terraforms file: statement { sid = "" actions = ["secretsmanager:GetSecretValue"] resources = ["*"] effect = "Allow" }

statement { sid = "" actions = ["logs:","codebuild:","s3:", "iam:"] resources = ["*"] effect = "Allow" }

The code build project fails :

PROVISIONING Client error BUILD_CONTAINER_UNABLE_TO_PULL_IMAGE: Unable to pull customer's container image. CannotPullContainerError: Error response from daemon: Head "https://registry-1.docker.io/v2/hashicorp/terraform/manifests/1.3.7": unauthorized: incorrect username or password

Argomenti
Strumenti per sviluppatoriSicurezza, identità e conformità
Tag
AWS CodeBuildGestione identità e accesso AWSGestore AWS Secrets
Lingua
English
neuwiesner
posta un anno fa530 visualizzazioni
1 Risposta
0

Before trying it out manually, I was using this sample repo where others are also facing the same issue: https://github.com/davoclock/aws-cicd-pipeline/issues/6

neuwiesner
con risposta un anno fa
  • Dmitry Balabanov
    un anno fa

    Please note: if you want to add something to your question, just edit it. Do not post additional information as an answer, because it isn't actually an answer. Thank you.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente