Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Developer Associate grant the developers access to CodeCommit

  • grant the developers access to CodeCommit

  • kung

    Member
    May 3, 2020 at 11:24 pm

    The scenario is like :
    “A development team has several developers where each of them has a corresponding IAM user. It is your primary responsibility to grant the developers access to CodeCommit to enable them to fully utilize the code repositories on their local computers.
    Which of the following should you implement to grant access to your developers (Select TWO)”

    IMO the whole setup is a bit weird, as it doesn’t look like a good practice to have someone else generate the public/private key that
    the developers should be using (how do you get the private key securely to the developer?).

    The scenario should be that you give the developers the required IAM rights (at least iam:CreateServiceSpecificCredential & iam:UploadSSHPublicKey), for them to use the iam cli to:

    Generate HTTPS Git credentials: aws iam create-service-specific-credential
    Upload SSH key: aws iam upload-ssh-public-key
    (generate the ssh key via openssl)


    What do you think?
    Cheers,
    Robert

  • Jon-Bonso

    Administrator
    May 5, 2020 at 10:55 am

    Hi Robert,

    For this scenario, the provided answers are:

    – Generate HTTPS Git credentials.

    – Generate new SSH keys and associate the public SSH key to each of your developer’s IAM user.

    Different companies have various development processes and access provision procedures. I understand your point that some companies allow their developers to generate the SSH key themselves. However, there are some companies, that only allow the Administrator to generate the SSH keys for their developers:

    https://docs.aws.amazon.com/codecommit/latest/userguide/images/codecommit-iam-gc1.png


    Regards,

    Jon Bonso

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now