When it comes to Infrastructure Security taking things on a granular level becomes the most obvious thing.
Here is a quick guide that will help you get insights about the same.
ɪɴꜰʀᴀꜱᴛʀᴜᴄᴛᴜʀᴇ ꜱᴇᴄᴜʀɪᴛʏ ɪɴ ᴀᴡꜱ ᴄᴏᴅᴇᴄᴏᴍᴍɪᴛ
AWS CodeCommit repositories are automatically encrypted at rest and as well as in transit which means no customer action is required
How can we assure the security over the accessibility of CodeCommit at a granular level?
𝗧𝗢𝗣 𝟯 Ways of doing so are listed on AWS:
1) Restricting users to access CodeCommit Repos from a defined region
2) Allow or deny users over a specific IP Address range
3) Keeping private connection with interface VPC endpoints
Use IAM Policies and AWS Private link to restrict users to access and establish private connectivity between VPCs and services hosted on AWS or on-premises, without exposing data to the internet respectively.
Check out the attached PDF for a detailed explanation.
About Author: Riyaz Ul Haque
Senior Software Engineer | AWS Community Builder