amplify-hosting icon indicating copy to clipboard operation
amplify-hosting copied to clipboard

Published 20 hours ago verified publisher icon aws-amplify

Use an `AWS::CodeStarConnections::Connection` for connecting an `AWS::Amplify::App` to an external repository

Open mbarneyjr opened this issue 3 years ago • 6 comments

I'd like to be able to connect my Amplify Apps to GitHub via a CodeStarConnection resource, rather than passing a GitHub token secret through CloudFormation.

So when provisioning an Amplify App via CloudFormation, it could look like this:

  AmplifyApp:
    Type: AWS::Amplify::App
    Properties:
      ...
      ConnectionArn: arn:aws:codestar-connections:us-east-1:012012012012:connection/abc123
      # AccessToken: abc123
      # OauthToken: abc123

Or via the API

$ aws amplify create-app ... --connection-arn arn:aws:codestar-connections:us-east-1:012012012012:connection/abc123

mbarneyjr avatar Aug 30 '21 16:08 mbarneyjr

yes this is needed! an automatic connection between the status of the amplify app deployment and github checks

bjudson1 avatar Mar 24 '22 14:03 bjudson1

Agreed, would like to see CodeStarConnection available for Amplify so existing enterprise connections to external providers can be reused.

dnalbach avatar Jul 14 '22 20:07 dnalbach

I need this as well. Any update on when this capability will ever be made available?

bsnyder74 avatar Jul 25 '23 23:07 bsnyder74

Yes, I need this feature as well, any idea when this will be made available?

Franklin08 avatar Mar 20 '24 09:03 Franklin08

am I missing a trick here? seems logical to me that this would be the preferred way to connect and it still is missing. Can someone from AWS give us an answer why it is still not a feature and or when it may become one. Going through the console doesn't ask for tokens, it installs Apps.

..... 5000 minutes later ....

ok, so some digging got me here Deep in the docs

Seems the PAT is required to install the GitHubApp, they don't keep the PAT after installing the GitHubApp but the PAT is required if any updates are needed. One might think that maybe the PAT can be replaced with "xyz" after the initial deploy and maybe unless some change is required forcing the CF to do an update, we don't need a real PAT.

It would just be nicer if we could reference an already installed GitHubApp or CodeStarConnection negating the need for keeping PATs handy in case we push a change to the Amplify App.

Took me a few days to stumble on this - that could be made easier too.

waynet-ihm avatar Jun 13 '24 22:06 waynet-ihm

In our environment, the use of PAT is strictly limited for security reasons. In such a situation, the inability to reuse CodeStarConnection poses a critical obstacle. We strongly request a mechanism to manage and reuse CodeStar independently, similar to CodeBuild.

RyogaK avatar Oct 16 '24 00:10 RyogaK