Add links to clarify AWS and docker credentials requirements and clarification on image: tag
What does this MR do?
- Adds an AWS documentation link to explain the permissions the ECS service needs to launch fargate containers from an AWS ECR.
- Adds an AWS documentation link to explain how to enable an ECS task to use docker registry authentication credentials for task launches.
- Adds an Important Considerations section discussing how key pass-through limitations of AWS ECS Fargate may affect the decision to implement this solution versus the GitLab Kubernetes runner on EKS.
Why was this MR needed?
- Without indications on what permissions the ECS service needs to an ECR, implementers will fail to get the results shown in the practical steps.
- It may appear to customers that the Fargate runner solution not able to handle private registries outside of ECR - including private registries on a GitLab instance.
What's the best way to test this MR?
- Configure the GitLab Fargate runner with a private registry outside of AWS.
- Configure the GitLab Fargate runner with least permissions for the ECS service.
Related issues
Author's checklist
-
Consider taking the GitLab Technical Writing Fundamentals course -
Follow the: -
Ensure that the product tier badge is added to topic's h1
. -
Request a review based on: - The documentation page's metadata.
- The associated Technical Writer.
Review checklist
Documentation-related MRs should be reviewed by a Technical Writer for a non-blocking review, based on Documentation Guidelines and the Style Guide.
-
If the content requires it, ensure the information is reviewed by a subject matter expert. - Technical writer review items:
-
Ensure docs metadata is present and up-to-date. -
Ensure the appropriate labels are added to this MR. - If relevant to this MR, ensure content topic type principles are in use, including:
-
The headings should be something you'd do a Google search for. Instead of Default behavior
, say something likeDefault behavior when you close an issue
. -
The headings (other than the page title) should be active. Instead of Configuring GDK
, say something likeConfigure GDK
. -
Any task steps should be written as a numbered list. - If the content still needs to be edited for topic types, you can create a follow-up issue with the docs-technical-debt label.
-
-
-
Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review. -
Ensure a release milestone is set.
Edited by DarwinJS