You can monitor and build automations when specific events occur in your repositories. Among several others, events such as creating pull requests, adding comments, or reacting to comments
could be automatically captured and forwarded to a Lambda function, which then notifies the team over Slack or email, for example.
Data protection for meeting compliance requirements
Code is the biggest asset for software organizations as this is what differentiates them from competitors and is at the heart of their business. Protecting these resources should be a top priority and customers can use their own KMS encryption keys to protect data at rest. You also have in-transit protection using HTTPS, or SSH, enabled by remote endpoints for your repositories.
These days, organizations are actively adopting AWS services such as Cloud9, which offers a cloud-hostedintegrated development environment ( IDE). These instances can be hosted in your VPCs and you can further restrict the network traffic through the use of VPC endpoints. This rules out any traffic traversal over the internet when you push your code, thereby meeting the needs of highly restrictive environments.
Automated code reviews with CodeGuru
Code reviews often become a bottleneck for software teams who want to move fast. What if your Java or Python projects can be automatically reviewed by a machine learning-enabled engine, trained on millions of lines of code? Soon after a pull request is created, CodeGuru adds its review comments and suggestions to the pull request. This is a great value-add for teams, who get an additional pair of eyes looking at their code and suggesting optimizations that could improve their end user experience. If you’re interested, you can read more about this feature at https://docs.aws.amazon.com/ codeguru/latest/reviewer-ug/how-codeguru-reviewer-works.html.
You can also control what files to exclude from this analysis by putting a service manifest file alongside your code. This reduces the costs you would incur if the entire code repository was scanned instead.
Approval rule templates
Not all code modifications require the same level of review and analysis. To ensure the right balance between audit and agility, you can define approval templates within CodeCommit. For example, code merges into the main branch could require two senior developers to approve the request, while the ones on dev could just be approved by one.
Next, let’s look into CodeBuild, which works together with CodeCommit, and others, to offload the biggest challenge teams face when working with code at scale – build environments.