I am trying to build a docker container in AWS code build as a means to deploy a container to ECR, but I get this error.
Error while executing command: $(aws ecr get-login --region ap-southeast-1). Reason: exit status 255
This command was run on the buildspec.yml file, using aws/codebuild/ubuntu-base:14.04 and Enable this flag if you want to build Docker images or want your builds to get elevated privileges.
The log files are as follows:
[Container] 2018/10/11 00:52:49 Running command $(aws ecr get-login --region $AWS_DEFAULT_REGION --no-include-email)
An error occurred (AccessDeniedException) when calling the GetAuthorizationToken operation: User: arn:aws:sts::502776083946:assumed-role/code-build-timesheet/AWSCodeBuild-f1d205b1-b03f-4727-a4d7-a02118021eec is not authorized to perform: ecr:GetAuthorizationToken on resource: *
[Container] 2018/10/11 00:52:52 Command did not exit successfully $(aws ecr get-login --region $AWS_DEFAULT_REGION --no-include-email) exit status 255
[Container] 2018/10/11 00:52:52 Phase complete: INSTALL Success: false
[Container] 2018/10/11 00:52:52 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: $(aws ecr get-login --region $AWS_DEFAULT_REGION --no-include-email). Reason: exit status 255
This status code usually indicates an unauthorized user. To fix this, we need to let our Code Build role be able to talk to ECR
. To do this: Go to IAM
and then attach a AmazonEC2ContainerRegistryPowerUser
policy to your CodeBuild
role.