Additional permissions needed for instances to pull from ECR
marians opened this issue · comments
The worker instances need the following permissions to fetch credentials and images from EC2 container registries (ECR):
- ecr:GetAuthorizationToken
- ecr:BatchCheckLayerAvailability
- ecr:GetDownloadUrlForLayer
- ecr:GetRepositoryPolicy
- ecr:DescribeRepositories
- ecr:ListImages
- ecr:BatchGetImage
See Kubernetes docs.