How to give access via role to Fargate container from AWS BATCH jobs interface

0

I have a docker image based on awslinux:latest with nodejs that I want to run in AWS Batch. The Job role configuration has Admin privilege for testing purposes. When I create a job and pass my AWS ID and AWS SECRET as env variables, everything works fine. But if I do not pass them the task just breaks, and node does not have access to AWS services. I assume that the permissions should be coming from the Job role but for some reason it doesn't work.

AWS SDK node version 2.1043.0

Log output Log output

질문됨 일 년 전450회 조회
1개 답변
0

To give access to Fargate containers from AWS Batch jobs interface, you can create an IAM Role that grants the necessary permissions to access the AWS services that your application requires, such as S3 or DynamoDB. You can then specify this role in your job definition when you submit a job to AWS Batch.

To do this, follow these steps:

  1. Create an IAM role with the necessary permissions for your application to access AWS services. You can use the AWS Management Console, AWS CLI, or AWS SDKs to create the role. Make sure to grant the appropriate permissions to access the services you need, and attach the role to the ECS task execution role.
  2. Create an AWS Batch job definition that specifies the container image, environment variables, and any other configuration options for your Fargate container.
  3. In the job definition, specify the IAM role you created in step 1 using the executionRoleArn parameter. This will grant the Fargate container the necessary permissions to access AWS services.
  4. Submit a job to AWS Batch using the job definition you created in step 2. The job will run with the permissions granted by the IAM role specified in the job definition.

By following these steps, you should be able to give access via role to Fargate container from AWS Batch jobs interface, without needing to pass your AWS ID and AWS SECRET as environment variables.

profile picture
Yasser
답변함 일 년 전
  • @Yasser That was my point I gave both roles (execution and job role) even admin privillage and I till get the above error unless I pass the env. So the role maybe is not loaded properly in the docker container

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠