==============================================================================
Configuring credentials for task
...configuring AWS credentials from service endpoint '{redacted}'
...endpoint defines standard access/secret key credentials
Configuring region for task
...configured to use region us-east-1, defined in task.
Pushing image '{redacted}:latest'
Obtaining authentication token for ECR login
##[error]Error: Failed to obtain authorization token to log in to ECR, error: UnrecognizedClientException: The security token included in the request is invalid
Finishing: Push docker image to AWS ECR
Expected behavior
Image will be pushed to ECR
Your Environment
On-prem or cloud based?: Cloud
Azure DevOps version: N/A
AWS Toolkit for Azure DevOps version: 1.13.0 (Latest)
Additional context
Credentials was provide via Azure DevOps service connection
The IAM role has ecr.* permission assigned
Repository policy. Tried remove it, still doesn't work.
Describe the bug
Encounter 'UnrecognizedClientException: The security token included in the request is invalid' when try to push ECR image
To reproduce
Setup Azure DevOps service connection with only
access key id
&secret access key
Use 'Amazon ECR Push' Task
Run pipeline
Task failed
Expected behavior
Image will be pushed to ECR
Your Environment
Additional context
ecr.*
permission assignedaws ecr get-authorization-token
via CLIaws ecr get-login-password -region us-east-1 | docker ...
via CLIaccess key id
,secret access key
&session token
from another account with identical permission set.