Skip to content

Integrate AWS CodeCommit with BoostSecurity

BoostSecurity allows you to connect your AWS CodeCommit organization to scan repositories and code commits for security issues.

Permissions

This integration requires an IAM role and policy to be created, to enable BoostSecurity to access your organization and repositories.

1. Connect AWS CodeCommit to BoostSecurity

To enable access to your AWS CodeCommit organization:

  1. Navigate to Settings on the navigation panel and select Integrations; Settings > Integrations.

    Settings and Integratinons

  2. Select the AWS CodeCommit integration from the Available section.

    AWS CodeCommit

  3. Select Install: A pop up is displayed, allowing to generate an external ID.

    AWS CodeCommit External ID

  4. Click the Generate External ID button to receive a randomly generated External ID

  5. In AWS IAM, ensure a proper setup of your IAM role with the provided External ID. Here are the required settings: 
    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "209299908473"
            },
        "Action": "sts:AssumeRole",
        "Condition": {
            "StringEquals": {
                "sts:ExternalId": "externalIdProvidedByBoost"
            }
        }
    }
    ]
}
  6. Go to your AWS account and create the necessary resources and policies with appropriate permissions
  7. Return to BoostSecurity and provide the following information during installation:
    • IAM Role ARN
    • Regions: Add regions using the + Region button. Use the delete button to remove or replace regions.

CodeCommit Details 8. Click on Install and the integration is ready.