You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Oct 4, 2024. It is now read-only.
Copy file name to clipboardExpand all lines: docs/partner_editable/additional_info.adoc
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -33,7 +33,7 @@ You can launch this Quick Start without an *API Secret* parameter. If your Git s
33
33
34
34
To update the stack with an API secret, do the following:
35
35
36
-
. In the https://console.aws.amazon.com/cloudformation[AWS Cloudformation console], select the stack you want to update.
36
+
. In the https://console.aws.amazon.com/cloudformation[AWS CloudFormation console], select the stack you want to update.
37
37
. In the stack details pane, choose *Update*.
38
38
. Choose *Use current template*.
39
39
. On the *Specify stack details* page, change the *API Secret* parameter setting, then choose *Next*.
@@ -61,9 +61,9 @@ The architecture built by this Quick Start supports AWS best practices for secur
61
61
62
62
=== SSH Keys
63
63
64
-
This Quick Start deploys a private SSH key pair which is encrypted with an AWS KMS key and uploaded to Amazon S3. When invoked by the Lambda function, CodeBuild decrypts the private SSH key and uses it to authenticate your Git service before cloning the repository.
64
+
This Quick Start deploys a private SSH key pair which is encrypted with an AWS KMS key and uploaded to Amazon S3. CodeBuild decrypts the private SSH key and uses it to authenticate your Git service before cloning the repository.
65
65
66
-
We don’t recommend sharing SSH keys among multiple services, or launching another instance of this Quick Start for to clone and store another repository in Amazon S3. Each repository should use unique SSH keys.
66
+
We don’t recommend sharing SSH keys among multiple services, or launching another instance of this Quick Start to clone and store another repository in Amazon S3. Each repository should use unique SSH keys.
Copy file name to clipboardExpand all lines: docs/partner_editable/architecture.adoc
+4-6Lines changed: 4 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,15 +12,13 @@ As shown in <<architecture_diagram>>, this Quick Start sets up a serverless AWS
12
12
13
13
* Amazon API Gateway to receive Git webhook requests and forward them to AWS Lambda.
14
14
* An AWS Lambda function to process Git webhook requests from API Gateway and invoke an AWS CodeBuild project.
15
-
* AWS Identity and Access Management (IAM) roles required by Lambda and API Gateway (not pictured).
16
15
* A CodeBuild project to connect to your Git service, then retrieve, zip, and upload the latest version of your Git repository to Amazon S3.
17
-
* An AWS Key Management Service (AWS KMS) key to encrypt/decrypt the SSH (Secure Shell) keys used by CodeBuild to connect to your Git repository using SSH.
18
-
* Two Amazon S3 buckets: one for Git repository contents, and another for encrypted SSH keys.
19
-
* Two Lambda-backed AWS CloudFormation custom resources (not pictured). One generates an SSH key pair, encrypts it using AWS KMS, and uploads it to Amazon S3. The second deletes the contents of the S3 buckets when you delete the CloudFormation stack. If you need backups, ensure that you copy the S3 buckets before deleting the stack.
16
+
* An AWS Key Management Service (AWS KMS) key to encrypt/decrypt the SSH (Secure Shell) keys used by CodeBuild to connect to your Git repository using SSH. The SSH key pair is generated by a Lambda-backed AWS CloudFormation custom resource when the stack is deployed.
17
+
* Two Amazon S3 buckets: one for Git repository contents, and another for encrypted SSH keys. A Lambda-backed AWS CloudFormation custom resource deletes the contents of the S3 buckets when you delete the CloudFormation stack. If you need backups, ensure that you copy the S3 buckets before deleting the stack.
20
18
21
19
[NOTE]
22
20
========
23
-
* The inline permissions attached to the IAM roles are scoped using the http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege[least privilege] model.
21
+
* The Quick Start deploys AWS Identity and Access Management (IAM) roles required by Lambda and API Gateway. The inline permissions attached to the roles are scoped using the http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege[least privilege] model.
24
22
* The CodeBuild project must be able to communicate with your Git repository. For example, you can employ a SaaS-based Git service like GitHub to which CodeBuild can connect over the internet.
25
-
* The Git repository S3 bucket this Quick Start deploys has versioning enabled, and all previous versions are retained indefinitely. To modify the retention period, see http://docs.aws.amazon.com/AmazonS3/latest/user-guide/create-lifecycle.html[How do I create a lifecycle rule for an S3 bucket?].
23
+
* The Git repository S3 bucket this Quick Start deploys has versioning enabled, and all previous versions are retained indefinitely. To modify the retention period, see http://docs.aws.amazon.com/AmazonS3/latest/user-guide/create-lifecycle.html[How do I create a lifecycle rule for an S3 bucket?]
This Quick Start deploys the HTTPS endpoint and code you can use to configure webhooks linking your Git and AWS services. With this integration in place, each time a Git user pushes a commit, your repository is automatically retrieved, zipped, and uploaded to an Amazon Simple Storage Service (Amazon S3) bucket. You can then configure AWS services such as AWS CodePipeline, AWS CodeBuild, and AWS CodeDeploy to use the S3 bucket as a source. In this way, you can build a continuous integration and continuous delivery (CI/CD) pipeline on the foundation this Quick Start deploys.
1
+
This Quick Start deploys the HTTPS endpoint and code you can use to configure webhooks linking your Git and AWS services. With this integration in place, each time a Git user pushes a commit, your repository is automatically retrieved, zipped, and uploaded to an Amazon Simple Storage Service (Amazon S3) bucket. You can then configure AWS services such as AWS CodePipeline, AWS CodeBuild, and AWS CodeDeploy to use the S3 bucket as a source.
2
2
3
3
This guide describes the components that are deployed by the Quick Start, and contains links to launch the AWS CloudFormation template that automates the deployment.
After deploying this Quick Start and configuring a webhook in your Git service, when a Git user pushes changes to your repository, the Git service sends an HTTPS POST request to the HTTPS endpoint. The HTTPS POST request contains JavaScript Object Notation (JSON) data about the push that invoked the webhook action. After the request is accepted by Amazon API Gateway, it is passed to an AWS Lambda function that triggers an AWS CodeBuild project. The CodeBuild project retrieves the latest version of your repository, zips it, and uploads it to an Amazon S3 bucket.
1
+
After deploying this Quick Start and configuring a webhook in your Git service, when a Git user pushes changes to your repository, the Git service sends an HTTPS POST request to the HTTPS endpoint. The HTTPS POST request contains JavaScript Object Notation (JSON) data about the push operation and repository. After the request is accepted by Amazon API Gateway, it is passed to an AWS Lambda function that triggers an AWS CodeBuild project. The CodeBuild project retrieves the latest version of your repository, zips it, and uploads it to an Amazon S3 bucket.
3
2
4
3
For more information about the components that this Quick Start deploys, see the link:#_architecture[Architecture] section later in this guide.
0 commit comments