- Le plus récent
- Le plus de votes
- La plupart des commentaires
Hello,
I would recommend you to mask your account-id while posting in public forum.
Looking at the exception in the logs that you have shared , Can you please take a look at the role arn:aws:sts::xxxxxxxxx:assumed-role/AmazonSageMaker-ExecutionRole-20240320T110821/SageMaker has a policy that has ecr:BatchGetImage permission ?
Alternatively you can assign AmazonSageMakerFullAccess policy to the role to check if this resolves the issue and then write new least privilege policy based on the need from this.
To resolve this issue, you need to ensure that the IAM role associated with your SageMaker notebook instance has the necessary permissions to access the ECR repository.
Grant ECR permissions: Update the IAM role policy attached to your SageMaker notebook instance to include permissions for ecr:BatchGetImage on the specified ECR repository.
You can add the following statement to the IAM role policy:
{
"Effect": "Allow",
"Action": "ecr:BatchGetImage",
"Resource": "arn:aws:ecr:eu-west-2:XXXXXXXX:repository/sagemaker-data-wrangler-container"
}
Ensure that the Resource ARN matches the ARN of your ECR repository.
Restart SageMaker notebook instance: After updating the IAM role policy, restart the SageMaker notebook instance to apply the changes.
Retry the operation: Once the SageMaker notebook instance is restarted and the IAM role has the necessary permissions, retry the operation to output the feature store to the S3 bucket.
If you continue to encounter issues, double-check the IAM role permissions and ensure that the ECR repository exists in the specified region.
Contenus pertinents
- demandé il y a 2 mois
- demandé il y a 2 mois
- demandé il y a 7 mois
- AWS OFFICIELA mis à jour il y a 10 mois