Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS 2018 - By Service Section - FAQs > AWS CodeCommit | Security > Flashcards

AWS CodeCommit | Security Flashcards

1
Q

Can I get a history of AWS CodeCommit Git operations and API calls made in my account for security analysis and operational troubleshooting purposes?

Security

AWS CodeCommit | Developer Tools

A

Yes. To receive a history of CodeCommit Git operations and API calls made in your account, you simply turn on AWS CloudTrail in the AWS Management Console. The logging of individual commits within a Git push is not currently supported. Visit the CloudTrail user guide to learn more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Can I use AWS Identity and Access Management (IAM) to manage access to AWS CodeCommit?

Security

AWS CodeCommit | Developer Tools

A

Yes. AWS CodeCommit supports resource-level permissions. For each AWS CodeCommit repository, you can specify which users can perform which actions. You can also specify AWS multi-factor authentication (MFA) for a CodeCommit action. This allows you to add an extra level of protection for destructive actions such as deleting repositories. In addition to the AWS CodeCommit APIs, you can also specify git pull and git push as actions to control access from Git clients. For example, you can create a read-only user for a repository by allowing that user access to git pull but not git push on the repository. For more information on using IAM with AWS CodeCommit, see Access Permissions Reference. For more information on authenticating API access using MFA, see Configuring MFA-Protected API Access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What communication protocols are supported by AWS CodeCommit?

Security

AWS CodeCommit | Developer Tools

A

You can use either the HTTPS or SSH protocols or both to communicate with AWS CodeCommit. To use HTTPS, first install the AWS CLI. The AWS CLI installs a Git credential helper that can be configured with AWS credentials. It automatically signs all HTTPS requests to AWS CodeCommit using the Signature Version 4 signing specification. To use SSH, users create their own public-private key pairs and add their public keys to their IAM users. The private key encrypts the communication with AWS CodeCommit. For step-by-step instructions on setting up HTTPS and SSH access, see the Setting up AWS CodeCommit page.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What ports should I open in my firewall for access to AWS CodeCommit?

Security

AWS CodeCommit | Developer Tools

A

You will have to open outbound access to an AWS CodeCommit service endpoint on port 22 (SSH) or port 443 (HTTPS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How do I encrypt my repository in AWS CodeCommit?

Security

AWS CodeCommit | Developer Tools

A

Repositories are automatically encrypted at rest. No customer action is required. AWS CodeCommit uses AWS Key Management Service (KMS) to encrypt repositories. When you create your first repository, an AWS-managed CodeCommit key is created under your AWS account. For details, see Encryption for AWS CodeCommit Repositories.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS 2018 - By Service Section - FAQs (744 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions