[英]How to clone private Git repository in EC2 instance
I have a lambda function which starts an EC2 instance. 我有一个启动EC2实例的lambda函数。 I specify in the
boto3
call the user_data
some bash
script which install dependencies and start services. 我在
boto3
为user_data
调用了一些bash
脚本,用于安装依赖项并启动服务。
I would like to clone a private Bitbucket repository at that time, so my question is... 我当时想克隆一个私有的Bitbucket存储库,所以我的问题是...
What is the best practice in this case? 在这种情况下,最佳做法是什么?
I am thinking about download some ssh keys from S3 and configure everything with the user_data
script but I think is not a good practice. 我正在考虑从S3下载一些ssh密钥,并使用
user_data
脚本配置所有内容,但我认为这不是一个好习惯。
Suggestions? 有什么建议吗?
Thanks in advance! 提前致谢!
Finally I managed the SSH key inside a S3 bucket and provision that key with the following code in the user_data
script: 最后,我在S3存储桶中管理了SSH密钥,并在
user_data
脚本中使用以下代码设置了该密钥:
aws s3 cp s3://<bucket_name>/resources/id_rsa id_rsa --region <your_region>
chmod 600 id_rsa
mkdir -p /root/.ssh
ssh-keyscan -t rsa <your_domain> > /root/.ssh/known_hosts
mv id_rsa /root/.ssh/id_rsa
Of course that bucket is protected in order to avoid an accidental exposure of the key. 当然,该桶是受保护的,以避免意外暴露钥匙。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.