「翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。」
Private registry permissions
Amazon ECR uses a registry policy to grant permissions to an AWS principal, allowing the replication of the repositories from a source registry to your registry. By default, you have permission to configure cross-Region replication within your own registry. You only need to configure the registry policy if you're granting another account permission to replicate contents to your registry.
A registry policy must grant permission for the ecr:ReplicateImage
API action. This API is an internal Amazon ECR API that can replicate images between
Regions or accounts. You can also grant permission for the ecr:CreateRepository
permission, which allows Amazon ECR to create repositories in your registry if they
don't exist already. If the ecr:CreateRepository
permission isn't provided, a repository with the same name as the source repository
must be created manually in your registry. If neither is done, replication fails.
Any failed CreateRepository or ReplicateImage API actions show up in CloudTrail.
トピック