I am getting the error in the title every time I attempt to create an an endpoint using an image in ECR. The ECR repository has the following IAM permissions applied:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Sagemaker",
"Effect": "Allow",
"Principal": {
"Service": "sagemaker.amazonaws.com"
},
"Action": [
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:GetDownloadUrlForLayer"
]
}
]
}
I have tried recreating everything multiple times, both via CLI and from the Admin UI. New repo, new endpoint config, new model, etc. I always get the same error, even though I am explicitly granting exactly those permissions to the sagemaker.amazonaws.com principle.