By using AWS re:Post, you agree to the AWS re:Post Terms of Use

GitSync At the Enterprise Level

0

We are looking to utilize GitSync in our Cloudformation templates to easily manage our AWS Service updates that could be needed. It looks like the CodeConnection is made for a signle user, but what happens if that user leaves the company and their Github/Gitlab/Bitbucket account is deactivated?

Do we need to re-create the connection with a new user, and then go through each CFN stack to update to the connected Repo? Could we create the connection with a service token instead so that we don't have this problem in the future? For example; we use Gitlab and they have the ability to create a "Service Account" that cannot log in and is not a billable user, but can be given an access token that we would like to use to create our connection.

1 Answer
0
Accepted Answer

Hello,

Thank you for reaching out to us.

Service Accounts in Gitlab only supports authentication with a personal access token or PAT. Unfortunately support of PAT based authentication for normal Gitlab.com accounts to create CodeConnection is not supported as of now. Currently we have an open internal Feature Request for the same, however we cannot provide an ETA as to when it will be supported. You can track the What's New with AWS [1] section for any updates on the same.

Also to address :- Do we need to re-create the connection with a new user, and then go through each CFN stack to update to the connected Repo?  Yes, it will require you to re-create the connection with a new user and update the CloudFormation i.e in case the user leaves and their Github/Gitlab/Bitbucket account is deactivated.

Based on your current ask, one way to address this issue would be to use a dedicated Admin account[that is not tied to a single User and which will not be deactivated] to create CodeConnections.

I hope the above information proves to be helpful.

References

[1] https://docs.gitlab.com/ee/user/profile/service_accounts.html

[2] https://aws.amazon.com/about-aws/whats-new/2024/?whats-new-content-all

AWS
SUPPORT ENGINEER
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions