Why do I get an error about executionRoleArn not being specified when it's clearly specified in the file?
When trying to deploy my multi-docker application through beanstalk with a dockerrun.aws.json file, where it has secrets, I get an error that I have to specify an executionRoleArn. When I'm looking at the file, it IS defined.
I tried moving it to different spot inside the file, tried to define taskRoleArn too, nothing really works. I couldn't find any hints that it wasn't supported in the aws documentation. I followed this page : https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html
This is my dockerrun.aws.json file partially redacted.
{
"AWSEBDockerrunVersion": 2,
"executionRoleArn": "arn:aws:iam::ACCOUNT_ID:role/ecsTaskExecutionRole",
"containerDefinitions": [{
...
"secrets": [
{
"name" : "SOME_ENV",
"valueFrom" : "arn:aws:ssm:REGION:ACCOUNT_ID:parameter/MY_SECRET"
},
...
],
...
}],
"volumes": [
....
]
}
This is the exact error I'm getting while using eb deploy:
ERROR Service:AmazonECS, Code:ClientException, Message:When you
are specifying container secrets, you must also specify a value
for 'executionRoleArn'.,
Class:com.amazonaws.services.ecs.model.ClientException
At this moment of this post AWS doesn't support EBS with ECS with ecsTaskExecutionRole. The workaround is to have a bash script loaded at login which fetches the env variables from KMS
- AWS Elastic Beanstalk - Environment must have instance profile associated with it
- How to delete all images in an ECR repository?
- How to Remove Delete Markers from Multiple Objects on Amazon S3 at once
- AWS MediaConvert: HLS Output Video Plays Without Audio, Despite .aac and .ts Files in S3
- EC2 Instance Cloning
- CDK Unable to Add CodeStarNotification to CodePipeline
- Invalid index in dynamic block
- AWS Cloudformation- How to do string Uppercase or lowercase in json/yaml template
- AWS CodeArtifact public npm package version missing
- R random numbers almost the same but not identical
- AWS CodePipeline: GitHub > CodePipeline (CodeBuild - Maven Java .WAR) > S3/CodeArtifact > Elastic Beanstalk (Apache Tomcat)
- InvalidImage(ImageLayerFailure: UnsupportedImageLayerDetected when deploying AWS Docker Lambda using AWS CDK
- Proper syntax in redshift sql for "schema"."table"."field"?
- Getting 'blocked by CORS policy' error while adding authentication from AWS
- Does AWS Step-functions-local support map tasks?
- How to find an Amazon EC2 AMI if I only have the id?
- Amazon EMR 7.2 does not support Ganglia?
- AccessDenied on AWS Athena
- Parsing secrets from AWS secrets manager using AWS cli
- Boto3 generate_presigned_url, SignatureDoesNotMatch error
- serverless Cannot have overlapping suffixes in two rules if the prefixes are overlapping for the same event type
- Error copying parquet file to Redshift having comma separated data in one column
- module initialization error: Cannot load native module 'Crypto.Cipher._raw_ecb' at AWS lambda
- AWS EC2 > IGW Outbound Traffic Filtering by Domain or URL
- The new key policy will not allow you to update the key policy in the future
- How to modify the nginx.conf file during AWS Elastic Beanstalk deployment
- DynamoDB not as scalable as it seems?
- How can I print / debug all available fields of a data source resource?
- How to upgrade AWS EC2 instance type t2.medium to t3.medium?
- chmod unable to change permissions