In this step, you will create an IAM User to interface with the CodeCommit repository created in the serverless application creation step. You will then clone the repository to your local environment and test commiting back to CodeCommit, which will kick off a CodePipeline execution.
❗ Ensure you've completed the Serverless App Setup before beginning this module.
Each of the following sections provides an implementation overview and detailed, step-by-step instructions. The overview should provide enough context for you to complete the implementation if you're already familiar with the AWS Management Console or you want to explore the services yourself without following a walkthrough.
Create an IAM user with AWSCodeCommitFullAccess permissions, generate Git credentials and save them to a safe place on your computer.
✅ Step-by-step directions
-
In the IAM Console, choose Users in the left sidebar.
-
Choose Add user.
-
Give the user a name, e.g. CodeCommitUser and choose Programmatic access.
-
Choose Next: Permissions
-
Choose Attach existing policies directly.
-
Search for AWSCodeCommitFullAccess and select the checkbox next to the policy.
-
Choose Next: Tags.
-
Choose Next: Review.
-
Choose Create user.
-
Choose Close.
-
You will be redirected back to the Users page in IAM. Find the user you've just created.
-
Click on the user name.
-
Choose the Security credentials tab.
-
Under HTTPS Git credentials for AWS CodeCommit, choose Generate Git credentials.
-
Choose Download credentials or save username and password to a safe location on your computer.
-
You can close the IAM tab now.
In the first module, you created a simple "hello world" application from a template. In this step, you will update the Serverless Application Model (SAM) template and the Slack bot code to the repository. This will create additional AWS resources and deploy the Slack bot code to the Lambda function.
Clone the AWS CodeCommit repository, add a remote branch with the slack bot code, and push the slack bot code to CodeCommit. Verify that the code successfully goes through the pipeline and deploys.
✅ Step-by-step directions
-
Go back to the Lambda applications console and find the application you created in module 1.
-
Select the Code tab from the top.
-
Under Repository details and click on the square box next to HTTP under Clone URL. The URL has been automatically copied to the clipboard.
-
Open the terminal app on your computer and go to the directory where you want to store the code.
-
Type the following command
git clone <URL>
-
You will be prompted for a user name and password. Use the CodeCommit credentials you saved in step 2.
If you got an error: If you've previously configured aws credential helper for git, you may get a "repository not found" error. You will need to remove or comment (with a
#
) the following line in .gitconfig file (~/.gitconfig
on Mac/Linux,C:\Users\<USER>\.gitconfig
on Windows):helper = !aws --global codecommit credential-helper $@
-
Run the following commands in the terminal to get the Slack bot code added to your code repository.
cd <NAME-OF-REPOSITORY> git remote add gh-origin https://github.com/aws-samples/building-bots-on-aws.git git fetch gh-origin git merge gh-origin/master --strategy-option theirs --allow-unrelated-histories -m "Merge from github" git push origin master
-
Click on the Deployments tab in the Lambda application console. You should notice that your Application Pipeline's Status will change to "InProgress"
-
Select View In CodePipeline to watch the code go through the pipeline until all three stages (Source, Build, Deploy) succeed. This will take just a few minutes.
You've just made some major changes to the application you created in the previous module. If you head to the Overview tab and refresh you will see that you have new AWS resources that have been created. These include an API Gateway endpoint, a SNS Topic, a CloudWatch Alarm, and a Secrets Manager Secret. Explore the changes in the Code tab as well to see how the SAM template created these resources.
🔧 IAM gives you fine grained controls over who and what can access resources in your account. You just used IAM to create a user with access to CodeCommit which is a source version control service based on git. After that you set up the local credentially helper and tested your access.
✅ Proceed to the next module, Slack bot setup, wherein you'll configure a Slack application to connect to this backend.