On July 31, 2024, Amazon Web Services (AWS) will discontinue support for creating and viewing AWS CodeStar projects. After July 31, 2024, you will no longer be able to access the AWS CodeStar console or create new projects. However, the AWS resources created by AWS CodeStar, including your source repositories, pipelines, and builds, will be unaffected by this change and will continue to function. AWS CodeStar Connections and AWS CodeStar Notifications will not be impacted by this discontinuation.
If you wish to track work, develop code, and build, test, and deploy
your applications, Amazon CodeCatalyst provides a streamlined getting started
process and additional functionality to manage your software projects. Learn
more about functionality
Add an IAM Role to a Project
As of December 6, 2018 PDT you can define your own roles and polices in the application stack (template.yml). To mitigate risks of privilege escalation and destructive actions, you are required to set the project-specific permissions boundary for every IAM entity you create. If you have a Lambda project with multiple functions, it is a best practice to create an IAM role for each function.
To add an IAM role to your project
-
Edit the
template.yml
file for your project. -
In the
Resources:
section, add your IAM resource, using the format in the following example:SampleRole: Description: Sample Lambda role Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: [lambda.amazonaws.com] Action: sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole PermissionsBoundary: !Sub 'arn:${AWS::Partition}:iam::${AWS::AccountId}:policy/CodeStar_${ProjectId}_PermissionsBoundary'
-
Release your changes through the pipeline and verify success.