Followed https://docs.aws.amazon.com/codebuild/latest/userguide/sample-private-registry.html to create a CodeBuild project manually. Secret Manager is being used to store the docker hub credentials . I am trying to pull "hashicorp/terraform:1.3.7". IAM role used here has the following IAM policy attached:
Excerpt from terraforms file:
statement {
sid = ""
actions = ["secretsmanager:GetSecretValue"]
resources = ["*"]
effect = "Allow"
}
statement {
sid = ""
actions = ["logs:","codebuild:","s3:", "iam:"]
resources = ["*"]
effect = "Allow"
}
The code build project fails :
PROVISIONING
Client error
BUILD_CONTAINER_UNABLE_TO_PULL_IMAGE: Unable to pull customer's container image. CannotPullContainerError: Error response from daemon: Head "https://registry-1.docker.io/v2/hashicorp/terraform/manifests/1.3.7": unauthorized: incorrect username or password
Please note: if you want to add something to your question, just edit it. Do not post additional information as an answer, because it isn't actually an answer. Thank you.