堆栈内存溢出
  简体   繁体   English

使用临时凭据从EC2连接到CodeCommit

[英]Connect to CodeCommit from EC2 using temporary credentials

 原文  2016-04-14 21:30:45       git/ amazon-ec2/ aws-codecommit

问题描述

I've set up an EC2 instance, given it an instance profile with an IAM role that permits it access to my codecommit repository, and now I'm trying to pull from it using git. 我已经设置了一个EC2实例,为它提供了一个具有IAM角色的实例配置文件,该实例配置文件允许它访问我的代码提交存储库,现在我正尝试使用git从中提取它。 Since I'm using temporary credentials from the iam role I don't have a credentials profile... but that should be ok. 由于我使用的是iam角色的临时凭据,因此我没有凭据配置文件...但是应该可以。

I've tried: 我试过了: 

git config --global credential.helper '!aws codecommit credential-helper $@'

But that doesn't work 但这不起作用

If I put the following into a file, say 'repodesc' 如果我将以下内容放入文件中,请说“ repodesc” 

protocol=https
path=/v1/repos/reponame
host=git-codecommit.us-east-1.amazonaws.com'

and then run 然后运行 

cat repodesc | aws codecommit credential-helper get

it sends me back a temporary username and password... so I know that's working... 它向我发送了一个临时用户名和密码...所以我知道这是可行的...

So using that I tried: 因此,我尝试使用: 

git pull https://user:pass@git-codecommit.us-east-1.amazonaws.com/v1/repos/reponame

But that fails. 但这失败了。 Says the format's wrong. 说格式错误。

I don't want to do this with ssh, because it defeats the whole point of temporary credentials. 我不想使用ssh进行此操作,因为它破坏了临时凭证的全部内容。 I want to do this the right way. 我想以正确的方式做。 But it's INFURIATING. 但这令人发指。

I've looked at the overly verbose amazon documentation a million times and can't seem to find my way to the page with the answer on. 我已经看了一遍过于冗长的亚马逊文档,而且似乎找不到答案所在的页面。

Any help would be hugely appreciated. 任何帮助将不胜感激。 I'm literally pulling my hair out. 我实际上是在拔头发。

1 个解决方案

解决方案1
 1  2016-04-14 22:26:59

Found a solution 找到了解决方案

The issue was with git and ubuntu14.04. 问题出在git和ubuntu14.04。 Seems the default package uses gnutls for authentication, rather than openssl, and it's not handling the proxy well. 似乎默认程序包使用gnutls而不是openssl进行身份验证,并且它不能很好地处理代理。 So I had to rebuild git with libcurl4-openssl-dev instead. 所以我不得不用libcurl4-openssl-dev重建git。 The solution, along with detailed build instructions came from here: 该解决方案以及详细的构建说明来自此处:

https://askubuntu.com/questions/186847/error-gnutls-handshake-failed-when-connecting-to-https-servers https://askubuntu.com/questions/186847/error-gnutls-handshake-failed-when-connecting-to-https-servers

Once that was built all I had to do was the following, as before: 一旦构建完成,与以前一样,我要做的就是以下操作: 

git config --global credential.helper '!aws codecommit credential-helper $@'
git pull https://git-codecommit.us-east-1.amazonaws.com/v1/repos/reponame master

(Or use git clone if that's what you're into) (或者,如果您要这么做,请使用git clone)

It was a bit ugly to rebuild so as far as I'm aware this isn't really a solution. 据我所知,这并不是一个真正的解决方案,它的重建有点丑陋。 I'll update this if I find something more elegant. 如果发现更优雅的内容,我将进行更新。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS在EC2实例启动时从codecommit中提取最新代码 - AWS Pull latest code from codecommit on EC2 Instance startup 如何在 EC2/CodeCommit 上更改 Git 配置 - How to Change Git Configuration on EC2/CodeCommit 如何告知所有AWS EC2实例从git / codecommit中提取? - How do I tell all my AWS EC2 instances to pull from git / codecommit? AWS Codecommit无法使用Git凭证使用HTTPS协议连接到第二仓库 - AWS codecommit can't connect to 2nd repo with HTTPS protocol using Git Credentials 检测 CodeCommit 中的更改并在 EC2 实例中运行命令 - Detect change in CodeCommit and run command in EC2 instance 如何在EC2 cfn-init上克隆CodeCommit存储库? - How to clone CodeCommit repo on EC2 cfn-init? 在Windows 8上拒绝使用SSH连接到Amazon EC2的权限 - Permission denied to connect to Amazon EC2 using SSH at Windows 8 无法在 EC2 Z3D945423F8E9496C429FZ5D8 实例中使用 git ssh 连接到 bitbucket - Not able to connect to bitbucket using git ssh in EC2 Ubuntu instance 使用具有https凭证的GitPython克隆AWS CodeCommit git存储库 - Clone AWS CodeCommit git repository using GitPython with https credentials 使用 ssh 从 AWS EC2 中的存储库进行 Git 克隆? - Git clone using ssh from a repository in AWS EC2?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM