service account for gitlab container registry

We would like to use our private gitlab container registry in AWS ECS. When accessing the registry, we get 403 as expected. Now we need a service account to access the registry, but I cannot figure out how to create them.

The gitlab ci seems to have a global user "gitlab-ci-token" which has access to the registry. docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN see https://about.gitlab.com/2016/05/23/gitlab-container-registry/

Is there any possibility to create non-project users/api tokens that can access the registry?

Solution

You can create a user within your organisation ([email protected]) and create a Personal Access Token for that user. It took me some time to figure out you need to replace gitlab-ci-token with that users email adres in order to successfully login.

gitlab.com SSH connection timed out
I've created child items (tasks) in a gitlab issue. This issue is now split in two. How to move some children of the first issue to the second one?
error: RPC failed; curl transfer closed with outstanding read data remaining
RPC failed; HTTP 400 curl 22 The requested URL returned error: 400 Bad Request
npm publish fails with GitLab NPM registry
GitLab registry cleanup policy: how to keep most recent n tags, but delete others?
Reference an issue from a commit message in gitlab
GitLab: How to change merge commit message template?
ssh: Could not resolve hostname git: Name or service not known fatal: Could not read from remote repository
GitLab API Rest filtering issues by milestone_id
Can I use symbolic link to .gitlab-ci.yml?
Flutter android pipeline Docker cirrusci/flutter:stable image was not found
How do I add image to README file on GitLab?
Gitlab CE: gitaly['gitconfig'] has been deprecated since 15.10 and was removed in 16.0
Cannot get !reference to work in .gitlab-ci.yaml
How to iterate over variables list in Gitlab pipeline?
Why is postgres container ignoring /docker-entrypoint-initdb.d/* in Gitlab CI
Keycloak 18 in Gitlab Service sometimes does not load realm (without error)
Webhooks for branching in Gitlab
How do I pass credentials to pull a submodule in a Gitlab CI script?
git clone works; git submodule fails "Permission denied"
Gitlab-ci.yml to create merge request
Trigger a child pipeline based on reading flags from a config file
Gradle gets 503 Service Unavailable trying to download dependency
Restrict access to gitlab container registry
Fast-forward merge is not possible. To merge this request, first rebase locally
List project variables API doesn't show all GitLab project (repository) variables
How do I commit to multiple repositories at the same time, with separate commit usernames based on each repository setting
Controlling prod deployment with GitLab CI/CD
Sync Gitlab Repository that import from Bitbucket