Lindsay S
01/18/2023, 10:44 PMUsercodeService TaskFailedToStart: Resourceinitializationerror: unable to pull secrets or registry auth: execution resource retrieval failed: unable to retrieve ecr registry auth: service call has been retried 3 time(s): RequestError: send request failed caused by: Post "<https://api.ecr.us-east-1.amazonaws.com/>":
I have also created vpc endpoints with sg and subnets mentioned in run_launcher config for:
com.amazonaws.us-east-1.ecr.api
com.amazonaws.us-east-1.ecr.dkr
com.amazonaws.us-east-1.secretsmananger
the default vpc (which is what is set here) allows traffic from igw
run_launcher:
module: "dagster_aws.ecs"
class: "EcsRunLauncher"
config:
run_task_kwargs:
networkConfiguration:
awsvpcConfiguration:
subnets:
- subnet-xxxxxx
- subnet-xxxx
assignPublicIp: true
securityGroups:
- vpc-xxxxx
Mike Atlas
01/18/2023, 10:58 PMMike Atlas
01/18/2023, 11:00 PMMike Atlas
01/18/2023, 11:00 PMLindsay S
01/18/2023, 11:03 PMMike Atlas
01/18/2023, 11:03 PMMike Atlas
01/18/2023, 11:04 PMcom.amazonaws.us-east-1.ecr.api
Lindsay S
01/18/2023, 11:04 PMMike Atlas
01/18/2023, 11:05 PM> "In my case granting the IAM privilege, along with opening up network access, especially as the ECR I'm trying to reach is in another account, were the keys to solving the issue"secretsmanager:GetSecretValue
Mike Atlas
01/18/2023, 11:06 PMMike Atlas
01/18/2023, 11:07 PMLindsay S
01/18/2023, 11:08 PM