I have the following AWS IAM policy for a user that has full read/write access to a single repo in AWS CodeCommit:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "codecommit:*",
"Resource": "arn:aws:codecommit:eu-west-1:123456789:Allowed-Repo"
}
]
}
I want to give this user AWS console access, but I only want the allowed repo to be viewable (all other repos should not be listed in the dashboard view). Is this possible? The only solution that I have seen so far involves adding the following to the policy:
{
"Effect": "Allow",
"Action": "codecommit:ListRepositories",
"Resource": "*"
}
This will show the user all repos in the codecommit dashboard. The user will not be able to read/write the repos, but they will still be able to view the repo names. Is it possible to restrict this?