文章目录
问题
在AWS中使用Amazon Elastic Container Service (Amazon ECS) 创建集群,任务,服务和容器时返回ecsTaskExecutionRole的问题,进行解决。
在事件中查看具体报错如下:
===
service Windows-test failed to launch a task with (error ECS was unable to assume the role 'arn:aws:iam::123456789012:role/ecsTaskExecutionRole' that was provided for this task. Please verify that the role being passed has the proper trust relationship and permissions and that your IAM user has permissions to pass this role.).
解决
在AWS IAM中创建ecsTaskExecutionRole这个角色,进行 Add Permissions, Attach policies,将AmazonECSTaskExecutionRolePolicy,添加到ecsTaskExecutionRole,问题解决。
确保Trust relationships中有以下内容:
json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "ecs-tasks.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}参考
AWS ECS Getting started with the console using Windows containers on AWS Fargate
AWS Amazon ECS task execution IAM role