Use an IAM Role in a Container in AWS CodeBuild
AWS CodePipeline and AWS CodeBuild are a great, serverless way to build your Docker containers and deploy them to ECS (or wherever). You can even use an IAM role with CodeBuild to let your build pipeline access other services like S3, etc. AWS CodeBuild already provisions a container for you to use, and that’s where it runs all the commands in your buildspec file. But if you’re using CodeBuild to build a Docker container, then you’ll be running a container (the one you’re building) inside another container (the CodeBuild one, where your buildspec stuff runs). ...