Amazon web services 我应该在AWS中添加哪些权限来启用ecr:getAuthorizationToken?
我试图使用AmazonElasticContainerRegistry(ECR),但我在第一步就被卡住了,那就是获取一个身份验证令牌 命令:Amazon web services 我应该在AWS中添加哪些权限来启用ecr:getAuthorizationToken?,amazon-web-services,aws-ecr,Amazon Web Services,Aws Ecr,我试图使用AmazonElasticContainerRegistry(ECR),但我在第一步就被卡住了,那就是获取一个身份验证令牌 命令: aws ecr get-login 或者 错误: An error occurred (AccessDeniedException) when calling the GetAuthorizationToken operation: User: arn:aws:iam::9#####4:user/### is not authorized to perf
aws ecr get-login
或者
错误:
An error occurred (AccessDeniedException) when calling the GetAuthorizationToken operation: User: arn:aws:iam::9#####4:user/### is not authorized to perform: ecr:GetAuthorizationToken on resource: *
AWS对us-west-2区域用户的权限:
AmazonEC2FullAccess
AmazonEC2ContainerRegistryFullAccess
Billing
AdministratorAccess
AmazonECS_FullAccess
AWS CLI版本:
aws help --version
aws-cli/1.14.40 Python/3.6.4 Darwin/18.2.0 botocore/1.8.44
请注意,从某种意义上说,您不允许您的用户访问ECR。 尝试向用户添加以下策略:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:GetRepositoryPolicy",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecr:DescribeImages",
"ecr:BatchGetImage"
],
"Resource": "*"
}]
}
您是否查阅了实际错误文档?
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:GetRepositoryPolicy",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecr:DescribeImages",
"ecr:BatchGetImage"
],
"Resource": "*"
}]
}