2

I have Admin priveledge IAM user on my team's organization AWS account, and I also belong to a github organization of the team as a Owner role (and, we have several owners in the Github Organizaiton).

Now today, I wanted to try the AWS Codestar, and start using the Github organization as the source repository. From AWS console of Codestar, I clicked "Connect to Github". Then, it redirected me to Github's OAuth page.

The problem was on the OAuth, the page requested not only the access to the Organization I belong to but also to my private account. I assume authorizing AWS Codestar full access to my repo would mean any other Admins of the AWS account could also access my repo, which I think is not good.

Question:

  • Is there any way to configure AWS Codestar only to connect to my team's organization only?
Yuki Inoue
  • 231
  • 2
  • 6

1 Answers1

1

Can't add as a comment as i don't have enough reputation, but when we set it up in an organization i was part off. The owner authenticated aws to access their personal account so that aws could set up the organization connection for the github organization. The "AWS Connector for github access" to personal account was later able to be revoked and the organization connection still worked. so it seems the personal account connection is just needed to create the organization connection and after that isn't needed anymore and can be revoked.

Sheogorath
  • 11
  • 2