I need help. I am storing one image in ECR private repo, and I need to use that in the ECS task definition, so with that, I run a new task under ECS. I tried with ecsTaskExecutionPolicy and secret manager, but still, it is not working. Can someone guide me on the correct way to use private repo under task definition in AWS?
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"kms:Decrypt",
"ssm:GetParameters",
"secretsmanager:GetSecretValue"
],
"Resource": [
"arn:aws:secretsmanager:region:account:secret:secret-name"
]
}
]}
I also attached the above policy to the task execution role, but it is still not working.
Pulling images from the ECR repo doesn't require private authentication. You just need to add ECR repo permission to the ECS task execution IAM role and it will work.
https://aws.amazon.com/premiumsupport/knowledge-center/ecs-tasks-pull-images-ecr-repository/