We would like to use our private gitlab container registry in AWS ECS. When accessing the registry, we get 403 as expected. Now we need a service account to access the registry, but I cannot figure out how to create them.
The gitlab ci seems to have a global user "gitlab-ci-token" which has access to the registry.
docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN
see https://about.gitlab.com/2016/05/23/gitlab-container-registry/
Is there any possibility to create non-project users/api tokens that can access the registry?
You can create a user within your organisation ([email protected]) and create a Personal Access Token for that user. It took me some time to figure out you need to replace gitlab-ci-token with that users email adres in order to successfully login.