Open garyjyao1 opened 4 years ago
@garyjyao1 - CodeBuild is integrated with Resource Access Manager for sharing resources between AWS accounts. Today, we only support cross-account read APIs. Meaning, you can view the build details or project details, but not start or edit the project. In a future release, we will enable write access as well, which should address your use case.
I am not sure if CodeBuild plugin can use temporary credentials like codedeploy plugin does.
Our use case is Jenkins is running in 1 AWS account but the CodeBuild project is located in another AWS account, to start the CodeBuild project that we would like to use IAM role in the first AWS account but assume to a role in the 2nd AWS account with approprite permission.
CodeDeploy has this feature, https://github.com/awslabs/aws-codedeploy-plugin/blob/6b74409a2f44faf712ca704ba095cac95fdc5c42/src/main/resources/com/amazonaws/codedeploy/AWSCodeDeployPublisher/help-iamRoleArn.html
Thanks in advance.