Codepipeline with remote ECR source

0
votes

Is it possible to use a remote ECR Repository as a source in CodePipeline?

I get the following error: The repository with name '12345.dkr.ecr.eu-central-1.amazonaws.com/ecrrepo' does not exist in the registry with id '67890' (Account IDs have been intentionally changed)

However the remote repository definitely exists.

Whole picture: I have 2 accounts, dev and test. Now that I have a pipeline built and running in dev account, I would like to do the same deployment in test account, but using the same ECR repository. Just additional info: I am able to deploy to the ECS cluster of test account manually using the dev account's repository.

CodeBuild definitely supports cross account ECR image access, doesn't CodePipeline? Any hints for solution or workaround? (I can think of Lambda)

1
amazon-web-servicesaws-codepipelineaws-ecr

1 Answers

1
votes

At the moment in CodePipeline source stage when ECR is selected you only have option to provide ECR from the current AWS account.

Workaround would be to have a CodeBuild stage in the pipeline which can retrieve cross account ECR source:

https://aws.amazon.com/blogs/devops/how-to-use-cross-account-ecr-images-in-aws-codebuild-for-your-build-environment/

Your pipeline can still be started by CloudWatch Events when the ECR source changes in the other account:

CW Event Bus: https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/CloudWatchEvents-CrossAccountEventDelivery.html