amplify-hosting icon indicating copy to clipboard operation
amplify-hosting copied to clipboard

Published 20 hours ago verified publisher icon aws-amplify

Separation of Prod and Non-Prod accounts for Amplify Console when using CodeCommit

Open timothy-baker opened this issue 5 years ago • 35 comments

Is your feature request related to a problem? Please describe.

Per AWS best practices, I'd like to keep my non-prod and prod environments in separate accounts with varying degrees of IAM access based on least-priviledges. I am using CodeCommit as a repository for my application code. The Amplify Console requires a connection to a specific CodeCommit branch within the same account. CodeCommit does not allow me to initiate and accept pull requests across accounts, so I have no way to maintain my master code branch in one account, then promote it to production via pull request to my prod account to trigger a build and deploy.

Describe the solution you'd like

I see two possible resolutions to this problem:

  1. Allow Amplify Console access to CodeCommit resources in separate accounts, or
  2. Allow cross-account / cross-repo pull requests in CodeCommit

timothy-baker avatar Aug 21 '19 17:08 timothy-baker

I also need this. It is frustrating that we can connect to Github from multiple AWS accounts on Amplify but not to Code Commit (own by AWS itself!)

rfpedrosa avatar Nov 08 '19 15:11 rfpedrosa

another problem of the console is that amplifyPush --simple does not pick settings from team-provider-info.json

rfpedrosa avatar Nov 18 '19 18:11 rfpedrosa

Will this feature be supported in the near future? Any information about this?

TLaue avatar Jan 07 '20 16:01 TLaue

@TLaue @rfpedrosa @timothy-baker we have prioritized this work and will update you when we have it ready.

swaminator avatar Feb 20 '20 21:02 swaminator

another problem of the console is that amplifyPush --simple does not pick settings from team-provider-info.json

@rfpedrosa can you be a little more explicit about what you mean?

swaminator avatar Feb 20 '20 21:02 swaminator

@swaminator I think I was using amplifyPush --simple in Amplify Console and amplifyPush --simpledidn't look on team-provider-info.json file to find out, for example, what is the AmplifyAppId to use for the environment I was deploying. That makes amplifyPush --simple to fail when I was using a single Amplify console setup and 2 AWS regions for prod & non-prod environments. Does that make sense?

It is being a while since I comment this and I'm not working with Amplify currently so I may be missing something

rfpedrosa avatar Apr 20 '20 13:04 rfpedrosa

Any update on this request, facing same problem wherein want to access Code Commit Repo from cross/another account.

@swaminator any update you have on this? Seems like feature is in discussion for long.

akshaymishi avatar Jan 06 '21 02:01 akshaymishi

any update here?

ericwolf08 avatar Feb 22 '21 15:02 ericwolf08

can you plz update this one? @swaminator Thanks!

ddongEee avatar May 12 '21 04:05 ddongEee

+1 please update. I have a project stalled. I don't want to get to the point where they rip out Amplify.

creativeleep-zz avatar May 27 '21 17:05 creativeleep-zz

+1. Forcing us to use GitHub if CodeCommit not enabled within next few weeks. Is it close?

danfreid avatar Jul 12 '21 11:07 danfreid

+1 for allowing Amplify access to CodeCommit in other accounts.

macamhi avatar Jul 22 '21 10:07 macamhi

+1 Please update. I have a same problem. we will change github to code commit, but AWS Amplify can't access code commit repo in another account.

HeejongLee-aws avatar Aug 14 '21 04:08 HeejongLee-aws

+1 Please can this feature be implemented. Most organisations want a separate prod account that can access the same code as the dev environment.

katsa9 avatar Aug 30 '21 04:08 katsa9

+1 from another team that is facing the same challenge.

sasedlock avatar Sep 03 '21 19:09 sasedlock

+1

adnan-iqbal-ch avatar Sep 10 '21 16:09 adnan-iqbal-ch

+1

jkelting avatar Oct 05 '21 21:10 jkelting

@swaminator - Any update or roadmap for allowing cross account code commit repo in amplify? pls update so that we can plan.. This became must need for projects where we maintain central Code commits in another account.

vinoth12988 avatar Nov 15 '21 13:11 vinoth12988

+1

heejonglee avatar Nov 16 '21 08:11 heejonglee

Hey all, any new updates to this?

MishFTW avatar Nov 18 '21 15:11 MishFTW

+1

ConnectivityChris avatar Nov 24 '21 02:11 ConnectivityChris

We actually went past this by having a CodeCommit on each account, and pushing the required branch from (a local clone of) the dev repo to the Pre-prod or Prod repo (using Git Remote CodeCommit ). This is actually very simple once set up and allows for good control of deployment. One needs to remember that contrary to CVS or SVN, Git is distributed by nature, so it makes no sense trying to have a 'central' Git repository.

macamhi avatar Nov 24 '21 08:11 macamhi

+1

koxon avatar Dec 23 '21 20:12 koxon

+1

maziarzamani avatar Jan 10 '22 21:01 maziarzamani

+1

mageyuki avatar Feb 17 '22 15:02 mageyuki

@swaminator do you have any updates about this issue??

yaguirre avatar Apr 07 '22 17:04 yaguirre

its 2023, any update ?

rickspark4 avatar Jan 29 '23 06:01 rickspark4

Seems AWS is not going to provide an access to code repos hosted in AWS. Maybe because they think GitHub is good enough for everyone?

rayrapetyan avatar Mar 06 '23 16:03 rayrapetyan

Guys any plans for this?

jatin1201 avatar Jul 12 '23 11:07 jatin1201

It would be beneficial if we could enable cross-region CodeCommit access for Amplify when creating an Amplify app using CDK. so please prioritize this feature.

dhaval-s avatar Sep 26 '23 14:09 dhaval-s