AWS CodeCommit - AWS GovCloud (US)

AWS CodeCommit

AWS CodeCommit is a fully-managed source control service that hosts secure Git-based repositories. It makes it easy for teams to collaborate on code in a secure and highly scalable ecosystem. CodeCommit eliminates the need to operate your own source control system or worry about scaling its infrastructure. You can use CodeCommit to securely store anything from source code to binaries, and it works seamlessly with your existing Git tools.

How AWS CodeCommit Differs for AWS GovCloud (US)

  • The old console experience is not available in the AWS GovCloud (US) Regions. The documentation reflects the new console experience.

  • Since AWS GovCloud (US); operates as isolated regions, you cannot share or use CodeCommit repositories and resources with other services outside of the regions. For example, you cannot use a CodeCommit repository in AWS GovCloud (US-West) as the source for a pipeline in CodePipeline that is not in the AWS GovCloud (US-West) Region.

  • All policy statements must refer to the GovCloud ARNs for the AWS GovCloud (US) Regions. For example, policies for Amazon SNS notifications, CloudWatch Events rules, and trigger resources must use the AWS GovCloud (US) ARNs for those services. For more information, see Amazon Resource Names (ARNs) in AWS GovCloud.

  • All IAM users and service roles must exist in the AWS GovCloud (US) Regions.

Documentation for AWS CodeCommit

AWS CodeCommit documentation.

ITAR Boundary

AWS GovCloud (US) has an ITAR boundary, which defines where customers are allowed to store ITAR-controlled data for this service in the AWS GovCloud (US) Region. To maintain ITAR compliance, you must place ITAR-controlled data on the applicable part of the ITAR boundary. If you do not have any ITAR-controlled data in the AWS GovCloud (US) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted ITAR-Regulated Data Not Permitted

All deployments managed in CodeCommit support ITAR-regulated data.

The following CodeCommit metadata fields are not permitted to contain ITAR-regulated data:

  • Repository name

  • Repository description

  • Branch name

  • Trigger name

  • SNS topic name

  • AWS Lambda topic name