Amazon ECR Operations: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 23: | Line 23: | ||
Effect: Allow | Effect: Allow | ||
Principal: AWS Account IDs (comma delimited list) | Principal: Everyone or AWS Account IDs (comma delimited list) | ||
Actions: | Actions: | ||
ecr:BatchCheckLayerAvailability | |||
ecr:CompleteLayerUpload | ecr:CompleteLayerUpload | ||
ecr:DescribeImages | ecr:DescribeImages | ||
ecr:DescribeRepositories | |||
ecr:GetDownloadUrlForLayer | |||
ecr:InitiateLayerUpload | ecr:InitiateLayerUpload | ||
ecr:ListImages | ecr:ListImages | ||
ecr:PutImage | ecr:PutImage | ||
ecr:UploadLayerPart | ecr:UploadLayerPart | ||
If the following error occurs: | |||
error parsing HTTP 403 response body: unexpected end of JSON input: "" | |||
docker push failed | |||
it means "ecr:BatchCheckLayerAvailability" is missing. | |||
Revision as of 10:08, 6 February 2019
Internal
Create Repository
AWS Console: ECR -> Repositories
Create Repository
Repository name: 673499572719.dkr.ecr.us-west-2.amazonaws.com/<namespace>/<repository-name>
Example: 673499572719.dkr.ecr.us-west-2.amazonaws.com/com.uplift/playground/themyscira
Configure Permissions
An external user needs permissions to interact with a repository (for example to push images). To configure permissions:
Select the repository in question -> Left Tab: Permissions -> Edit
Statement Name: "122226676707 can push and pull"
Effect: Allow
Principal: Everyone or AWS Account IDs (comma delimited list)
Actions:
ecr:BatchCheckLayerAvailability ecr:CompleteLayerUpload ecr:DescribeImages ecr:DescribeRepositories ecr:GetDownloadUrlForLayer ecr:InitiateLayerUpload ecr:ListImages ecr:PutImage ecr:UploadLayerPart
If the following error occurs:
error parsing HTTP 403 response body: unexpected end of JSON input: "" docker push failed
it means "ecr:BatchCheckLayerAvailability" is missing.