堆栈内存溢出
  简体   繁体   English

没有授权AWS SageMaker执行:资源上的ecr:CreateRepository:*

[英]AWS SageMaker is not authorized to perform: ecr:CreateRepository on resource: *

 原文  2018-06-03 19:06:16       amazon-web-services/ docker/ scikit-learn/ dockerfile/ amazon-sagemaker

问题描述

I am creating my own Docker image so that I can use my own models in AWS SageMaker. 我正在创建自己的Docker映像,以便可以在AWS SageMaker中使用自己的模型。 I sucessfully created a Docker image using command line inside the Jupyter Notebook in SageMaker ml.t2.medium instance using a customized Dockerfile: 我使用自定义Dockerfile在SageMaker ml.t2.medium实例中的Jupyter Notebook中使用命令行成功创建了一个Docker映像: 

REPOSITORY            TAG                 IMAGE ID            CREATED             SIZE
sklearn               latest              01234212345        6 minutes ago       1.23GB

But when I run in Jupyter: 但是当我在Jupyter中运行时: 

! aws ecr create-repository --repository-name sklearn

I get the following error: 我收到以下错误: 

An error occurred (AccessDeniedException) when calling the CreateRepository operation: User: arn:aws:sts::1234567:assumed-role/AmazonSageMaker-ExecutionRole-12345/SageMaker is not authorized to perform: ecr:CreateRepository on resource: *

I already set up SageMaker, EC2, EC2ContainerService permissions and the following policy for EC2Container but I still get the same error. 我已经设置了SageMaker,EC2,EC2ContainerService权限以及EC2Container的以下策略,但是仍然遇到相同的错误。 

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "sagemaker:*",
        "ec2:*"
      ],
      "Resource": "*"
    }
  ]
}

Any idea on how I can solve this issue? 关于如何解决此问题的任何想法吗?

Thanks in advance. 提前致谢。

1 个解决方案

解决方案1
 1 已采纳  2018-06-04 15:31:01

I solved the problem. 我解决了问题。 We must set a permission at SageMaker Execution Role as following: 我们必须在SageMaker执行角色上设置权限,如下所示: 

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Action": [
            "ecr:*"            ],
        "Resource": "*"
    }
]}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS ECR 用户无权执行:ecr-public:GetAuthorizationToken 对资源:* - AWS ECR user is not authorized to perform: ecr-public:GetAuthorizationToken on resource: * 未授权执行:ecr:GetAuthorizationToken on resource: * 因为没有基于身份的策略允许 ecr:GetAuthorizationToken - Not authorized to perform: ecr:GetAuthorizationToken on resource: * because no identity-based policy allows the ecr:GetAuthorizationToken AWS cli:无权执行:sts:AssumeRole 对资源 - AWS cli: not authorized to perform: sts:AssumeRole on resource AWS IAM / QuickSight-用户无权执行:quicksight:资源上的GetDashboardEmbedUrl - AWS IAM / QuickSight - user is not authorized to perform: quicksight:GetDashboardEmbedUrl on resource 无权执行:SNS:ListTopics 资源:arn:aws:sns - not authorized to perform: SNS:ListTopics on resource: arn:aws:sns AWS SES:用户无权对资源执行 ses:SendEmail - AWS SES: User is not authorized to perform ses:SendEmail on resource AWS AssumeRole - 用户无权对资源执行:sts:AssumeRole - AWS AssumeRole - User is not authorized to perform: sts:AssumeRole on resource AWS Boto3-用户无权在资源上执行sts :: AssumeRole吗? - AWS Boto3 - User is not authorized to perform sts::AssumeRole on resource? aws lambda - 用户无权执行:cognito-idp:ListUsers on resource - aws lambda - user is not authorized to perform: cognito-idp:ListUsers on resource AWS EKS:用户无权执行:对资源执行 iam:CreateRole - AWS EKS: user is not authorized to perform: iam:CreateRole on resource
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM