[AWS Devopsl]Codecommit-securing repository and branches

The way to secure repository and branches: create group and add policy for the permission of the group

1.Create a junior group

2.Under permissions tab, create inline policies to limit junior developers push code to master

{
    "Version": "2021-12-27",
    "Statement": [
        {
            "Effect": "Deny",
            "Action": [
                "codecommit:GitPush",
                "codecommit:DeleteBranch",
                "codecommit:PutFile",
                "codecommit:MergeBranchesByFastForward",
                "codecommit:MergeBranchesBySquash",
                "codecommit:MergeBranchesByThreeWay",
                "codecommit:MergePullRequestByFastForward",
                "codecommit:MergePullRequestBySquash",
                "codecommit:MergePullRequestByThreeWay"
            ],
            "Resource": "arn:aws:codecommit:*:*:*",
            "Condition": {
                "StringEqualsIfExists": {
                    "codecommit:References": [
                        "refs/heads/master"
                       
                     ]
                },
                "Null": {
                    "codecommit:References": "false"
                }
            }
        }
    ]
}

posted on 2021-12-27 16:00 吃鱼高手阅读(31) 评论(0) 收藏举报

刷新页面返回顶部

[AWS Devopsl]Codecommit-securing repository and branches

公告