Security Best Practices for AWS CodeStar Resources Best Practices for Setting Versions for Dependencies Monitoring and Logging Best Practices for AWS CodeStar Resources

On July 31, 2024, Amazon Web Services (AWS) will discontinue support for creating and viewing AWS CodeStar projects. After July 31, 2024, you will no longer be able to access the AWS CodeStar console or create new projects. However, the AWS resources created by AWS CodeStar, including your source repositories, pipelines, and builds, will be unaffected by this change and will continue to function. AWS CodeStar Connections and AWS CodeStar Notifications will not be impacted by this discontinuation.

If you wish to track work, develop code, and build, test, and deploy your applications, Amazon CodeCatalyst provides a streamlined getting started process and additional functionality to manage your software projects. Learn more about functionality and pricing of Amazon CodeCatalyst.

AWS CodeStar Best Practices

AWS CodeStar is integrated with a number of products and services. The following sections describe best practices for AWS CodeStar and these related products and services.

Topics

Security Best Practices for AWS CodeStar Resources
Best Practices for Setting Versions for Dependencies
Monitoring and Logging Best Practices for AWS CodeStar Resources

Security Best Practices for AWS CodeStar Resources

You should regularly apply patches and review security best practices for the dependencies used by your application. Use these security best practices to update your sample code and maintain your project in a production environment:

Track ongoing security announcements and updates for your framework.
Before you deploy your project, follow the best practices developed for your framework.
Review dependencies for your framework on a regular basis and update as needed.
Each AWS CodeStar template contains configuration instructions for your programming language. See the README.md file in your project's source repository.
As a best practice for isolating project resources, manage least-privilege access to AWS resources using a multi-account strategy as introduced in Security in AWS CodeStar.

Best Practices for Setting Versions for Dependencies

The sample source code in your AWS CodeStar project uses dependencies that are listed in the package.json file in your source repository. As a best practice, always set your dependencies to point to a specific version. This is known as pinning the version. We do not recommend that you set the version to latest because that can introduce changes that might break your application without notice.

Monitoring and Logging Best Practices for AWS CodeStar Resources

You can use logging features in AWS to determine the actions users have taken in your account and the resources that were used. The log files show:

The time and date of actions.
The source IP address for an action.
Which actions failed due to inadequate permissions.

AWS CloudTrail can be used to log AWS API calls and related events made by or on behalf of an AWS account. For more information, see Logging AWS CodeStar API Calls with AWS CloudTrail.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Project Templates

Working with Projects