Restrict read access to CodeCommit Repository

Question

Hello,

I have 2 repositories[repo-1, repo-2] in my CodeCommit. And have 2 IAM groups[org-1, org-2],  I want to create 2 IAM policies that will restrict read and write access for org-2 users in repo-1 and org-1 users in repo-2. I have successfully blocked the write access, now trying to block the read access, basically trying to implement two policies, where org-1 users won't be able to see repo-2 and vice versa. Can anyone please help me with this? Thanks in advance.

Answer

Some good example CodeCommit IAM policies  can be found here.

https://docs.amazonaws.cn/en_us/codecommit/latest/userguide/customer-managed-policies.html#identity-based-policies-example-2

You can build off the examples to get the behavior you are looking for.

Here is a link for more detail on how IAM policies work.
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html

Restrict read access to CodeCommit Repository

相關內容