Amazon web services 为AWS假定角色生成docker/config.json
我正在尝试推送到AWS注册表(通过Kaniko)。在注册表帐户中,有一个角色Amazon web services 为AWS假定角色生成docker/config.json,amazon-web-services,assume-role,Amazon Web Services,Assume Role,我正在尝试推送到AWS注册表(通过Kaniko)。在注册表帐户中,有一个角色功能性,我的帐户应承担此角色。因此,我尝试通过以下方式生成.docker/config.json: set -o errexit -o nounset -o pipefail export HOME=/root mkdir -p "/root/.aws/" cat <<EOF > /root/.aws/credentials [functional] role_arn = arn:aws:iam::35
功能性.docker/config.jsonset -o errexit -o nounset -o pipefail
export HOME=/root
mkdir -p "/root/.aws/"
cat <<EOF > /root/.aws/credentials
[functional]
role_arn = arn:aws:iam::359685361593:role/functional
source_profile = default
[default]
aws_access_key_id=$AWS_ACCESS_KEY_ID
aws_secret_access_key=$AWS_SECRET_ACCESS_KEY
EOF
export AWS_DEFAULT_REGION=eu-central-1
export AWS_SDK_LOAD_CONFIG=true
export AWS_PROFILE=functional
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY
docker_cmd=$(aws ecr get-login --no-include-email)
url=$(echo "$docker_cmd" | sed -rn 's/docker login -u (.*) -p (.*) (.*)/\3/p')
auth=$(echo "$docker_cmd" | sed -rn 's/docker login -u (.*) -p (.*) (.*)/\1:\2/p')
auth=$(echo -n "$auth" | base64 -w 0)
cat <<EOF > /kaniko/.docker/config.json
{
"auths": {
"$url": {
"auth": "$auth"
}
}
}
EOF
set-o errexit-o nounset-o pipefail
export HOME=/root
mkdir-p“/root/.aws/”
你解决过这个问题吗?没有。我们放弃了这个想法。你解决过这个问题吗?没有。我们放弃了这个想法。