Backup your AWS CodeCommit repositories to Amazon S3.

(or risk discovering that deleting an AWS CodeCommit repository is a one-way operation)

This module is designed for a GitHub source type but it could be cloned and deployed locally, or from a private registry.

module "codecommit-s3-backups" {
  source  = "aws-samples/codecommit-s3-backups/aws"
  version = "2.2.2"
  name    = "codecommit-s3-backup" 
}

The name will be used in the resource names.

module "codecommit_s3_backup" {
  ...
  kms_key               = aws_kms_key.this.arn
  access_logging_bucket = aws_s3_bucket.this.id
 }

kms_key is the arn of an existing AWS KMS key. It encrypts the Amazon S3 bucket and Amazon CloudWatch Log group. Your AWS KMS key policy will need to follow CloudWatch Logs guidance for AWS KMS and CodeBuild guidance for AWS KMS.

access_logging_bucket is the arn of your Amazon S3 access logging bucket.

1. Users push code to a repository in CodeCommit.
2. Amazon EventBridge monitors for changes to any repository.
3. EventBridge invokes AWS CodeBuild and sends it information about the repository.
4. CodeBuild clones the repository and packages it into a .zip file.
5. CodeBuild uploads the .zip file to an S3 bucket.

• Automate event-driven backups from CodeCommit to Amazon S3 using CodeBuild and CloudWatch Events
• Terraform Registry: aws-samples/codecommit-s3-backups/aws

See CONTRIBUTING for more information.

This library is licensed under the MIT-0 License. See the LICENSE file.