我是本地kubernetes集群的新手,并且很难访问ECR等AWS服务。 (因为我所有的图像都在ECR中)
有没有办法向AWS认证和授权本地kubernetes集群?
最佳答案
您需要设置适当的IAM policy permission来访问您的ECR注册表。
The Amazon EKS worker node IAM role (
NodeInstanceRole
) that you use with your worker nodes must possess the following IAM policy permissions for Amazon ECR.
这是一个例子:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:GetDownloadUrlForLayer",
"ecr:GetAuthorizationToken"
],
"Resource": "*"
}
]
}您可以阅读有关存储库策略的更多here。
关于amazon-web-services - 如何启用从本地kubernetes到AWS的访问?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63771794/