Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Possible to use temporary credentials by assume-role #93

Open
garyjyao1 opened this issue Mar 9, 2020 · 1 comment
Open

Possible to use temporary credentials by assume-role #93

garyjyao1 opened this issue Mar 9, 2020 · 1 comment

Comments

@garyjyao1
Copy link

I am not sure if CodeBuild plugin can use temporary credentials like codedeploy plugin does.

Our use case is Jenkins is running in 1 AWS account but the CodeBuild project is located in another AWS account, to start the CodeBuild project that we would like to use IAM role in the first AWS account but assume to a role in the 2nd AWS account with approprite permission.

CodeDeploy has this feature, https://github.com/awslabs/aws-codedeploy-plugin/blob/6b74409a2f44faf712ca704ba095cac95fdc5c42/src/main/resources/com/amazonaws/codedeploy/AWSCodeDeployPublisher/help-iamRoleArn.html

Thanks in advance.
@subinataws
Copy link
Contributor

@garyjyao1 - CodeBuild is integrated with Resource Access Manager for sharing resources between AWS accounts. Today, we only support cross-account read APIs. Meaning, you can view the build details or project details, but not start or edit the project. In a future release, we will enable write access as well, which should address your use case.

@subinataws subinataws reopened this Mar 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@garyjyao1 @subinataws