Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

CodeBuild Project fails for a Private registry with AWS Secrets Manager with BUILD_CONTAINER_UNABLE_TO_PULL_IMAGE

0

Followed https://docs.aws.amazon.com/codebuild/latest/userguide/sample-private-registry.html to create a CodeBuild project manually. Secret Manager is being used to store the docker hub credentials . I am trying to pull "hashicorp/terraform:1.3.7". IAM role used here has the following IAM policy attached:

Excerpt from terraforms file: statement { sid = "" actions = ["secretsmanager:GetSecretValue"] resources = ["*"] effect = "Allow" }

statement { sid = "" actions = ["logs:","codebuild:","s3:", "iam:"] resources = ["*"] effect = "Allow" }

The code build project fails :

PROVISIONING Client error BUILD_CONTAINER_UNABLE_TO_PULL_IMAGE: Unable to pull customer's container image. CannotPullContainerError: Error response from daemon: Head "https://registry-1.docker.io/v2/hashicorp/terraform/manifests/1.3.7": unauthorized: incorrect username or password

Topics
Developer ToolsSecurity, Identity, & Compliance
Tags
AWS Identity and Access ManagementAWS Secrets ManagerAWS CodeBuild
Language
English
asked 3 years ago893 views
1 Answer
0

Before trying it out manually, I was using this sample repo where others are also facing the same issue: https://github.com/davoclock/aws-cicd-pipeline/issues/6

answered 3 years ago
  • Dmitry Balabanov
    3 years ago

    Please note: if you want to add something to your question, just edit it. Do not post additional information as an answer, because it isn't actually an answer. Thank you.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content