By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

CodeBuild Project fails for a Private registry with AWS Secrets Manager with BUILD_CONTAINER_UNABLE_TO_PULL_IMAGE

0

Followed https://docs.aws.amazon.com/codebuild/latest/userguide/sample-private-registry.html to create a CodeBuild project manually. Secret Manager is being used to store the docker hub credentials . I am trying to pull "hashicorp/terraform:1.3.7". IAM role used here has the following IAM policy attached:

Excerpt from terraforms file: statement { sid = "" actions = ["secretsmanager:GetSecretValue"] resources = ["*"] effect = "Allow" }

statement { sid = "" actions = ["logs:","codebuild:","s3:", "iam:"] resources = ["*"] effect = "Allow" }

The code build project fails :

PROVISIONING Client error BUILD_CONTAINER_UNABLE_TO_PULL_IMAGE: Unable to pull customer's container image. CannotPullContainerError: Error response from daemon: Head "https://registry-1.docker.io/v2/hashicorp/terraform/manifests/1.3.7": unauthorized: incorrect username or password

Topics
Developer ToolsSecurity, Identity, & Compliance
Tags
AWS CodeBuildAWS Identity and Access ManagementAWS Secrets Manager
Language
English
neuwiesner
asked a year ago515 views
1 Answer
0

Before trying it out manually, I was using this sample repo where others are also facing the same issue: https://github.com/davoclock/aws-cicd-pipeline/issues/6

neuwiesner
answered a year ago
  • Dmitry Balabanov
    a year ago

    Please note: if you want to add something to your question, just edit it. Do not post additional information as an answer, because it isn't actually an answer. Thank you.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content