-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathon-start.sh
28 lines (21 loc) · 944 Bytes
/
on-start.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#!/bin/bash
set -e
# OVERVIEW
# This script sets cross-account CodeCommit access, so you can work on repositories hosted in another account.
# You'll need to create a role in AccountA granting repositories access to AccountB as instructed here:
# https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-cross.html
# More information about the credential helper here:
# https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-https-unixes.html#setting-up-https-unixes-credential-helper
# PARAMETERS
ROLE_ARN=arn:aws:iam::CodeCommitAccount:role/CrossAccountRepositoryContributorRole
REGION=us-east-1
sudo -u ec2-user -i <<EOF
cat >>/home/ec2-user/.aws/config <<-END_CAT
[profile CrossAccountAccessProfile]
region = $REGION
role_arn = $ROLE_ARN
credential_source = Ec2InstanceMetadata
output = json
END_CAT
git config --global credential.helper '!aws --profile CrossAccountAccessProfile codecommit credential-helper $@'
EOF