aws/code series
deploy source belonging to cross account in AWS
gepp
2022. 6. 10. 17:05
This document will describe how to deploy AWS code pipeline with the source in cross account.
Create pipeline.json as you wish:
root@sy:~/crosscb/my-codcommit-repo01# aws codepipeline update-pipeline --cli-input-json file://pipeline.json
{
"pipeline": {
"name": "test",
"roleArn": "arn:aws:iam::[CrossAccountB]:role/test",
"artifactStore": {
"type": "S3",
"location": "my-test",
"encryptionKey": {
"id": "arn:aws:kms:ap-northeast-2:[CrossAccountB]:key/xxxxxxxxxxxxxxxxxxx",
"type": "KMS"
}
},
"stages": [
{
"name": "Source",
"actions": [
{
"name": "Source",
"actionTypeId": {
"category": "Source",
"owner": "AWS",
"provider": "CodeCommit",
"version": "1"
},
"runOrder": 1,
"configuration": {
"BranchName": "main",
"OutputArtifactFormat": "CODE_ZIP",
"PollForSourceChanges": "true",
"RepositoryName": "my-codcommit-repo01"
},
"outputArtifacts": [
{
"name": "SourceArtifact"
}
],
"inputArtifacts": [],
"roleArn": "arn:aws:iam::[CrossAccountA]:role/CrossAccountRepoAccessRole",
"region": "ap-northeast-2",
"namespace": "SourceVariables"
}
]
},
{
"name": "Build",
"actions": [
{
"name": "Build",
"actionTypeId": {
"category": "Build",
"owner": "AWS",
"provider": "CodeBuild",
"version": "1"
},
"runOrder": 1,
"configuration": {
"ProjectName": "test"
},
"outputArtifacts": [
{
"name": "BuildArtifact"
}
],
"inputArtifacts": [
{
"name": "SourceArtifact"
}
],
"region": "ap-northeast-2",
"namespace": "BuildVariables"
}
]
},
{
"name": "Staging",
"actions": [
{
"name": "DeployPOC",
"actionTypeId": {
"category": "Deploy",
"owner": "AWS",
"provider": "CodeDeploy",
"version": "1"
},
"runOrder": 1,
"configuration": {
"ApplicationName": "yourapp",
"DeploymentGroupName": "yourdeploygroup"
},
"outputArtifacts": [],
"inputArtifacts": [
{
"name": "SourceArtifact"
}
]
}
]
}
],
"version": 6
}
}
Deploy below execution command like:
# aws codepipeline start-pipeline-execution --name test
{
"pipelineExecutionId": "de0afxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}