By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

cannot push Dockerimage to ECR

0

I get an error on my EC2 with "Docker version 20.10.7, build f0df350" while

docker push 0123456789.dkr.ecr.eu-central-1.amazonaws.com/myimage

7c7d65e44641: Retrying in 1 second
b4ccc1f2e36b: Retrying in 1 second
cceec67921d6: Retrying in 1 second
5530f13a133e: Retrying in 1 second
22510f0870a6: Retrying in 1 second
EOF

The aws login before

aws ecr get-login-password ...

works fine: "Login succeeded" and ~/.docker/config.json is created.

My ECR is created and my EC2 has a role with AmazonEC2ContainerRegistryFullAccess.

Any suggestions?

Many thanks

Topics
Containers
Tags
Amazon Elastic Container Registry (ECR)
Language
English
AWS-User-7095317
asked 2 years ago3412 views
2 Answers
0

Hello

Verify that you have the IAM role curl http://169.254.169.254/latest/meta-data/iam/security-credentials/examplerole use example policy Please use the policy below

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ecr:PutLifecyclePolicy",
                "ecr:PutImageTagMutability",
                "ecr:StartImageScan",
                "ecr:CreateRepository",
                "ecr:PutImageScanningConfiguration",
                "ecr:UploadLayerPart",
                "ecr:BatchDeleteImage",
                "ecr:DeleteLifecyclePolicy",
                "ecr:DeleteRepository",
                "ecr:PutImage",
                "ecr:CompleteLayerUpload",
                "ecr:StartLifecyclePolicyPreview",
                "ecr:InitiateLayerUpload",
                "ecr:DeleteRepositoryPolicy"
            ],
            "Resource": "arn:aws:ecr:us-east-1:<aws-account-id>:repository/ec2-ecr-test"
        },
        {
            "Effect": "Allow",
            "Action": "ecr:GetAuthorizationToken",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "ecr:BatchCheckLayerAvailability",
            "Resource": "arn:aws:ecr:us-east-1:<aws-account-id>:repository/ec2-ecr-test"
        }
    ]
}

The login

aws ecr get-login-password --region region | docker login --username AWS --password-stdin aws_account_id.dkr.ecr.region.amazonaws.com

profile picture
GK
answered 2 years ago
0

not, this works not. My IAM role has these rigths > the same error.

AWS-User-7095317
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content