我如何让AWS EC2 Container Service使用Cloud Formation从Docker Hub上的私人仓库中获取docker镜像？

Question

我如何让AWS EC2容器服务使用CloudFormation从Docker Hub上的私人仓库获取docker镜像（假设这是导致以下错误的原因）？

我继续收到此错误：

... was unable to place a task because no container instance met all of its requirements. Reason: No Container Instances were found in your cluster. 

我已经在S3中添加了一个ecs.config文件，其中包含以下内容：

ECS_ENGINE_AUTH_TYPE=dockercfg
ECS_ENGINE_AUTH_DATA={"https://index.docker.io/v1/":{"auth":"MY_AUTH_TOKEN"=,"email":"MY_EMAIL"}}

这些是我的CloudFormation stack.yml文件的相关摘录，请原谅我的缩进，其中一些可能已关闭：

 AutoScalingLaunchConfiguration:
    Type: "AWS::AutoScaling::LaunchConfiguration"
    Properties:
      ImageId: ami-241bd844
      InstanceType: t2.micro
      KeyName: { "Ref": "KeyPair" }
      IamInstanceProfile: { "Ref": "EC2InstanceProfile" }
      SecurityGroups:
        - { "Ref": "EC2InstanceSecurityGroup" }
      UserData: {
        "Fn::Base64": { "Fn::Join": ["", [
          "#!/bin/bash\n",
          "echo <ECS_CLUSTE>,l</ECS_CLUSTE>R=", { "Ref" : "EcsCluster" }, " >> /etc/ecs/ecs.config\n",
          "yum install -y aws-cli\n",
          "aws s3 cp s3://MY_BUCKET/ecs.config /etc/ecs/ecs.config"
    ] ] }
  }
AppTaskDefinition: 
    Type: "AWS::ECS::TaskDefinition"
    Properties:
      ContainerDefinitions:
        - Name: app
          Image: organization/privateapp
          Memory: 450
          Environment:
            - Name: DB_HOST
              Value: { "Ref": "DbHost" }
            - Name: DB_USER
              Value: { "Ref": "DbUsername" }
            - Name: DB_PASSWORD
              Value: { "Ref": "DbPassword" }
          MountPoints:
            - ContainerPath: /var/www/app
              SourceVolume: webroot
 Volumes: 
        - Name: webroot
          Host: 
            SourcePath: /ecs/webroot
EC2InstanceProfile:
    Type: "AWS::IAM::InstanceProfile"
    Properties: 
      Path: "/"
      Roles: [ { "Ref": "EC2InstanceRole" } ]
  EC2InstanceRole:
    Type: "AWS::IAM::Role"
    Properties:
      AssumeRolePolicyDocument: {
         "Version": "2012-10-17",
         "Statement": [
          {
            "Effect": "Allow",
            "Principal": { "Service": [ "ec2.amazonaws.com" ] },
            "Action": [ "sts:AssumeRole"]
          }
        ]
      }
       Policies: [ 
         {
            "PolicyName": "giveaccesstos3",
            "PolicyDocument": {
            "Version": "2012-10-17",
            "Statement": [ {
              "Action": ["s3:GetObject"],
              "Sid": "Stmt0123456789",
              "Resource": ["arn:aws:s3:::MY_BUCKET/ecs.config"],
              "Effect": "Allow"
            }]
          }
      }]
      Path: "/"
      ManagedPolicyArns: 
    - "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"