Skip to content

Commit

Permalink
Remove region from assume-role
Browse files Browse the repository at this point in the history
  • Loading branch information
@aahung
aahung committed Jun 23, 2021
1 parent 7bf4743 commit 5b6d67b
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 8 deletions.
7 changes: 3 additions & 4 deletions assume-role.sh
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,11 @@
#!/bin/bash
REGION=$1
ROLE=$2
SESSION_NAME=$3
ROLE=$1
SESSION_NAME=$2

# Unset AWS credentials stored in env so that every time this script runs,
# it will use the AWS CodeBuild service role to assume the target IAM roles.
unset AWS_SESSION_TOKEN
export AWS_DEFAULT_REGION=$REGION
unset AWS_DEFAULT_REGION
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY

Expand Down
8 changes: 4 additions & 4 deletions codepipeline.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -565,7 +565,7 @@ Resources:
build:
commands:
- sam build --use-container --template ${SAM_TEMPLATE}
- . ./assume-role.sh ${TESTING_REGION} ${TESTING_PIPELINE_EXECUTION_ROLE} feature-deploy
- . ./assume-role.sh ${TESTING_PIPELINE_EXECUTION_ROLE} feature-deploy
- sam deploy --stack-name $(echo ${FEATURE_BRANCH_NAME} | tr -cd '[a-zA-Z0-9-]')
--capabilities CAPABILITY_IAM
--region ${TESTING_REGION}
Expand Down Expand Up @@ -624,12 +624,12 @@ Resources:
build:
commands:
- sam build --use-container --template ${SAM_TEMPLATE}
- . ./assume-role.sh ${TESTING_REGION} ${TESTING_PIPELINE_EXECUTION_ROLE} test-package
- . ./assume-role.sh ${TESTING_PIPELINE_EXECUTION_ROLE} test-package
- sam package --s3-bucket ${TESTING_ARTIFACT_BUCKET}
--image-repository ${TESTING_IMAGE_REPOSITORY}
--region ${TESTING_REGION}
--output-template-file packaged-test.yaml
- . ./assume-role.sh ${PROD_REGION} ${PROD_PIPELINE_EXECUTION_ROLE} prod-package
- . ./assume-role.sh ${PROD_PIPELINE_EXECUTION_ROLE} prod-package
- sam package --s3-bucket ${PROD_ARTIFACT_BUCKET}
--image-repository ${PROD_IMAGE_REPOSITORY}
--region ${PROD_REGION}
Expand Down Expand Up @@ -691,7 +691,7 @@ Resources:
- pip install --upgrade awscli aws-sam-cli
build:
commands:
- . ./assume-role.sh ${ENV_REGION} ${ENV_PIPELINE_EXECUTION_ROLE} deploy
- . ./assume-role.sh ${ENV_PIPELINE_EXECUTION_ROLE} deploy
- sam deploy --stack-name ${ENV_STACK_NAME}
--template ${ENV_TEMPLATE}
--capabilities CAPABILITY_IAM
Expand Down

0 comments on commit 5b6d67b

Please sign in to comment.