By using AWS re:Post, you agree to the Terms of Use
/Can not able to deploy Private ECR to Personal Linux machine using greengrass. while deploying component is not able to download Artifact.(Reason: Failed to get auth token for docker login)/

Can not able to deploy Private ECR to Personal Linux machine using greengrass. while deploying component is not able to download Artifact.(Reason: Failed to get auth token for docker login)

0

I created a component using "Recipe as YAML"

---
RecipeFormatVersion: '2020-01-25'
ComponentName: com.example.MyPrivateDockerComponent
ComponentVersion: '1.0.0'
ComponentDescription: 'A component that runs a Docker container from a private Amazon ECR image.'
ComponentPublisher: Amazon
ComponentDependencies:
  aws.greengrass.DockerApplicationManager:
    VersionRequirement: ~2.0.0
  aws.greengrass.TokenExchangeService:
    VersionRequirement: ~2.0.0
Manifests:
  - Platform:
      os: all
    Lifecycle:
        Run: docker run <accountID>.dkr.ecr.us-east-1.amazonaws.com/demo:latest
    Artifacts:
      - URI: "docker:<accountID>.dkr.ecr.us-east-1.amazonaws.com/demo:latest"

i have tried to install docker-ce docker-ce-cli by using

Install:
      RequiresPrivilege: true
      Script: apt-get install docker-ce docker-ce-cli containerd.io

after component created i tried to deploy it in core but it is showing:-

FAILED_NO_STATE_CHANGE: Failed to download artifact name: 'docker:<accountID>.dkr.ecr.us-east-1.amazonaws.com/demo:latest' for component com.example.Test7-1.0.0, reason: Failed to get auth token for docker login
1 Answers
0

Hi. Have you followed the pre-requisites for running a Docker container in a component? Included in that, for using a Docker image stored in a private ECR repository, you need to add the following to your Greengrass device role:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "ecr:GetAuthorizationToken",
        "ecr:BatchGetImage",
        "ecr:GetDownloadUrlForLayer"
      ],
      "Resource": [
        "*"
      ],
      "Effect": "Allow"
    }
  ]
}
answered 23 days ago
  • Hi, thanks for response i have provided Role to greengrass device the same error is showing after that also

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions