connecting Docker to a cloud provider, Amazon AWS
Context: I was going though Link to Amazon Web Services to create Swarms, in order to connect to my provider.
The role was created with success.
Then, while creating the policy, to associate to the role, a problem happened.
Problem: An error occurred: Cannot exceed quota for PolicySize: 5120
As suggested by them, this is what I need to add in policy:
https://docs.docker.com/docker-for-aws/iam-permissions/
Did some research and people seem to like this solution:
https://github.com/docker/machine/issues/1655
How can I create the policy using the best method? Noticing that the documentation in Docker is wrong - doesn't work in my case - what's the best method?
You are looking at the wrong instructions to connect docker-cloud to AWS follow these instructions: https://docs.docker.com/docker-cloud/infrastructure/link-aws/
It's the following 3 steps
- Create AWS Policy for docker-cloud
- Create a docker-cloud role and attache the policy from 1
- Attach AWS role/account to docker-cloud
The policy in (1) above is pretty simple. It should be allowed to perform ec2 instances related actions (your screenshot of the policy looks like it doesn't provide ec2 permissions):
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:*",
"iam:ListInstanceProfiles"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
The role must have the permissions to implement the policy.
For a detailed post on the deployment via docker-cloud see: https://blog.geografia.com.au/how-we-are-using-docker-cloud-for-automated-testing-and-deployments-of-applications-bb87ec3173e7
- How to pull every single image (tag or untagged) from AWS ECR?
- In CloudFormation how can I link RDS and Secrets Manager so I don't have to hardcode the password?
- How to install postgresql-client to Amazon EC2 Linux machine?
- PyCharm: Why "Python Console" is not accessing ~\.aws\credentials file? How to set it within "Python Console"
- Is it possible to run aws s3 sync with boto3?
- Python 3 asyncio with aioboto3 seems sequential
- Serverless / AWS Lambda - Create the triggers for the published lambda versions
- AWS Glue missing permissions
- Invoking lambda from API gateway test, but hitting the endpoint does not invoke the lambda. 500 returned
- terraform destroy needs original terraform code to destroy?
- How to correctly/safely access parameters from AWS SSM Parameter store for my Python script on EC2 instance?
- Why is my image not displaying on my Web page?
- How to copy blobs from azure to aws using python?
- S3 Bucket action doesn't apply to any resources
- Couldn't proceed with upgrade process as new nodes are not joining node group standard-workers
- How to customize "From" name for SNS emails
- Changing the name of a Load Balancer on AWS Console
- how to decrease the exceution time of aws lambda function nodejs
- Timeout when trying to retrieve EC2 instance-id metadata from within it
- Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect)
- Downloading an entire S3 bucket?
- Unable to unzip .zip file on linux machine
- Missing Authentication Token while accessing API Gateway?
- AWS S3 Access Denied when open object URL in browser
- How to update a nested field in dynamodb via cli?
- AWS Lambda NodeJs unable to return response
- How can I access my AWS MSK managed kafka queue from my local machine and EC2 instances in other regions
- How to recreate EC2 instances of an autoscaling group with terraform?
- AWS Cloudwatch Alarm Issue
- AWS EC2 | using Rusoto SDK: Couldn't find AWS credentials