Associate a CodeCommit Repository in a Different Amazon Account with a Notebook Instance - Amazon SageMaker
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Associate a CodeCommit Repository in a Different Amazon Account with a Notebook Instance

To associate a CodeCommit repository in a different Amazon account with your notebook instance, set up cross-account access for the CodeCommit repository.

To set up cross-account access for a CodeCommit repository and associate it with a notebook instance:

  1. In the Amazon account that contains the CodeCommit repository, create an IAM policy that allows access to the repository from users in the account that contains your notebook instance. For information, see Step 1: Create a Policy for Repository Access in AccountA in the CodeCommit User Guide.

  2. In the Amazon account that contains the CodeCommit repository, create an IAM role, and attach the policy that you created in the previous step to that role. For information, see Step 2: Create a Role for Repository Access in AccountA in the CodeCommit User Guide.

  3. Create a profile in the notebook instance that uses the role that you created in the previous step:

    1. Open the notebook instance.

    2. Open a terminal in the notebook instance.

    3. Edit a new profile by typing the following in the terminal:

      vi /home/ec2-user/.aws/config

    4. Edit the file with the following profile information:

      [profile CrossAccountAccessProfile]
region = us-west-2
role_arn = arn:aws:iam::CodeCommitAccount:role/CrossAccountRepositoryContributorRole
credential_source=Ec2InstanceMetadata
output = json

      Where CodeCommitAccount is the account that contains the CodeCommit repository, CrossAccountAccessProfile is the name of the new profile, and CrossAccountRepositoryContributorRole is the name of the role you created in the previous step.

  4. On the notebook instance, configure git to use the profile you created in the previous step:

    1. Open the notebook instance.

    2. Open a terminal in the notebook instance.

    3. Edit the Git configuration file typing the following in the terminal:

      vi /home/ec2-user/.gitconfig

    4. Edit the file with the following profile information:

      [credential]
        helper = !aws codecommit credential-helper --profile CrossAccountAccessProfile $@
        UseHttpPath = true

      Where CrossAccountAccessProfile is the name of the profile that you created in the previous step.