如何在EC2实例中克隆私有Git存储库
[英]How to clone private Git repository in EC2 instance
问题描述
I have a lambda function which starts an EC2 instance. 
我有一个启动EC2实例的lambda函数。 I specify in the boto3 call the user_data some bash script which install dependencies and start services. 我在boto3为user_data调用了一些bash脚本,用于安装依赖项并启动服务。
I would like to clone a private Bitbucket repository at that time, so my question is... 我当时想克隆一个私有的Bitbucket存储库,所以我的问题是...
What is the best practice in this case? 在这种情况下,最佳做法是什么?
I am thinking about download some ssh keys from S3 and configure everything with the user_data script but I think is not a good practice. 我正在考虑从S3下载一些ssh密钥,并使用user_data脚本配置所有内容,但我认为这不是一个好习惯。
Suggestions? 有什么建议吗?
Thanks in advance! 提前致谢!
1 个解决方案
解决方案1
0 已采纳 2018-02-07 11:57:11
Finally I managed the SSH key inside a S3 bucket and provision that key with the following code in the user_data script: 最后,我在S3存储桶中管理了SSH密钥,并在user_data脚本中使用以下代码设置了该密钥:
aws s3 cp s3://<bucket_name>/resources/id_rsa id_rsa --region <your_region>
chmod 600 id_rsa
mkdir -p /root/.ssh
ssh-keyscan -t rsa <your_domain> > /root/.ssh/known_hosts
mv id_rsa /root/.ssh/id_rsa
Of course that bucket is protected in order to avoid an accidental exposure of the key. 当然,该桶是受保护的,以避免意外暴露钥匙。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.