boto3 ecr get_authorization_token return incorrect token
See original GitHub issueHi, Today I have experienced this issue with boto3 ecr. I used a simple scripts to get token from boto3 to access login docker on 2 machines.
import boto3
from docker import Client
client = boto3.client('ecr', region_name="us-east-1")
response = client.get_authorization_token(
registryIds=[
'MY ACCOUNT ID',
]
)
print response
token = response["authorizationData"][0]["authorizationToken"]
endpoint = response["authorizationData"][0]["proxyEndpoint"]
cli = Client(base_url='unix://var/run/docker.sock')
cli.login(username="AWS", password=token, registry=endpoint)
print cli
I ran the script on 2 machines with the same full access to ecr role. 2 machines returned same token, however only one machine worked with this token, the other returned 403 Forbidden.
Since I have a cluster of machines using ECR, I need all of them to be able to connect with ECR
Issue Analytics
- State:
- Created 8 years ago
- Comments:13 (3 by maintainers)
Top Results From Across the Web
ECR — Boto3 Docs 1.26.33 documentation - AWS
A low-level client representing Amazon EC2 Container Registry (ECR) ... Returns: True if the operation can be paginated, False otherwise. close ()¶.
Read more >Docker Python library cannot properly login into AWS ECR
Based on my findings, I can either use boto3 or run a sub-process ... get_authorization_token returns username and password but it is base ......
Read more >Resolve "The security token included in the request is expired ...
You must refresh the credentials before they expire. Another reason for expiration is using the incorrect time. A consistent and accurate time reference...
Read more >Python get authorization token - ProgramCreek.com
This page shows Python code examples for get authorization token. ... ConnectionError: return AuthenticationResponse(success=False, err_message="Unable to ...
Read more >How to connect to AWS ECR using python docker-py
import boto3 import base64 import docker sess = boto3.Session() resp = sess.client('ecr').get_authorization_token() token ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
The solution : the token returned by boto (in fact aws api) is not the password. It’s a base64 encoded user:password. You should do
user, password = base64.b64decode(token).split(':')
Hope it will unblock someone.For completeness, here’s how to login to an ECR repo with docker-py: