Ok so I have the exact build script to build my nodejs app. The idea is to setup a CI/CD pipeline that will build our app across different aws accounts such as DEV, STAGING, and PROD.
I have a repo in Account A (Dev) that hosts a nodejs app I want to be able to create a pipeline in Account B that checks out code from repo in account A And finally when the pipeline is complete, it should deploy the built/compiled nodejs app to Account C (QA) and D (Prod)
My issue is not on how to build a nodejs app but rather how to allow codepipeline, in account B, to checkout the repo in account A and finally deploy the built app to staging and prod.
My ideas from reading around:
It's still not clear to me how to go about doing this; I'm just getting into aws
I will update this post if I come across a solution but maybe someone has a tutorial or could point me to a documentation or list the steps or an example here
It is possible to build and trigger multiple codepipelines in different accounts with one central codecommit repository from another AWS account based on the branches of the repository. You need to make sure the cross account IAM roles are in place, event buses need to be configured to receive events from cross accounts and also KMS permissions should be in place as well. Here is an article which covers exactly what you need: AWS Codepipeline with Cross Account CodeCommit Repo Hope it helps.
From my understanding it is not possible to build a cross account pipeline using codepipeline. What you need to do is build your pipeline in your central account first.
The central account pipeline would include the appropriate number of stages which result in a release candidate for the AWS accounts dev, staging and prod.
As you get to the different account stages, you should push your artifacts to S3 buckets in the related accounts. And these S3 buckets should be the sources of codepipelines the those accounts.
This way you create "deployment" pipelines in each account which start in S3 and end in whatever environment you are thinking of. The S3 buckets of these accounts can be created to have bucket policies to only receive files from your central account.
This is of course, not ideal but its how I solved this issue before hand. Build in one account and deliver to deployment pipelines in other accounts. If someone knows a better solution, I would love to hear it.
Good luck!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.