Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Push image using Role

Hello we're using roles to switch to our sub accounts.

I haven't found a way to use this with `pipe: atlassian/aws-ecr-push-image:1.4.2` yet.

Is there sample code for this? I don't understand how oidc:true plays with this.



1 answer

0 votes

Hi @Alex Williamson . Thanks for your question. Seems like you missing variable AWS_OIDC_ROLE_ARN. According to readme, you should try the next:

Build and push the image with OpenID Connect (OIDC) alternative authentication without required AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY. Parameter oidc: true in the step configuration and variable AWS_OIDC_ROLE_ARN are required:

- step:
    oidc: true
      # build the image
      - docker build -t my-docker-image .

      # use the pipe to push the image to AWS ECR
      - pipe: atlassian/aws-ecr-push-image:1.4.2
          AWS_OIDC_ROLE_ARN: 'arn:aws:iam::123456789012:role/role_name'
          IMAGE_NAME: my-docker-image

Regards, Igor

Also this may help you to setup AWS_OIDC_ROLE_ARN on AWS side. using-bitbucket-pipelines-and-openid-connect , bitbucket-guide-openid-connect 

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events