亚马逊aws docker注册表的ecr令牌错误

时间:2017-05-11 20:51:40

标签: amazon-web-services docker

以下是我的用户的注册表政策:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1494526914000",
            "Effect": "Allow",
            "Action": [
                "ecr:GetAuthorizationToken"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

我没有MFA身份验证

但是当我尝试时:

bussiere@kusanagi:~/Workspace/*****$ aws ecr get-login

An error occurred (AccessDeniedException) when calling the GetAuthorizationToken operation: User: arn:aws:iam::*******:user/bussiere is not authorized to perform: ecr:GetAuthorizationToken on resource: *
bussiere@kusanagi:~/Workspace/*****$

enter image description here

enter image description here

非常感谢和问候

1 个答案:

答案 0 :(得分:0)

考虑到你似乎有正确的政策,也许没有用,但权限并不是以某种方式纠正。您是否设置了区域,是否在cli中使用该用户的密钥?另外作为测试,它是否使用托管策略AmazonEC2ContainerRegistryPowerUser?

http://docs.aws.amazon.com/AmazonECR/latest/userguide/common-errors.html#error-unauthorized

相关问题
最新问题