AWS Transform for mainframe refactor

Push Outputs

AWS Transform for mainframe refactor allows you to push the outputs of your runs to your CodeCommit repository thanks to a dedicated Booster in order to streamline the workflow from code transformation, to code test and debug. The creation of the repository, branches, security configuration, etc. remains on CodeCommit, AWS Transform for mainframe refactor will simply connect to the repository and push the outputs upon your request.

Configuration

Create a Booster

  1. Go to your Transformation Center project, and in the left navigation panel, choose Settings.
  2. In Boosters, choose “Add” a CodeCommit Booster.

  3. In the pop-up window, fill the information required for creating the booster and note the provided AWS Transform for mainframe refactor service account and the external ID.

    image.png

 

  • Region: AWS region where your target repository is located.
  • External ID: A random identifier that you have to put in the trust policy of the provided role, as a verification condition for security reason (AWS External ID). Each time you create a booster, you need to add its External ID to the role's trust policy.
  • Role ARN: ARN of the role that you need to create later in 1.2 Create an IAM role, with necessary permissions to allow AWS Transform for mainframe refactor to push files to your target repository.
  • Name: Booster name.
  • Repository: Target CodeCommit repository’s name.
  • Branch: Target branch name, AWS Transform for mainframe refactor will push outputs by creating a commit in this branch.
  • Description: whatever you want to say about your booster.

Before saving the booster, click on Try to connect, to make sure that AWS Transform for mainframe refactor can assume the IAM Role that you provided.

  1. Choose Add, if the role connection is success.
  2. Click on the toggle button to activate CodeCommit boosters.
codecommit-booster-card.png

Create an IAM role

Firstly, you need to create an IAM Role in your AWS account that has permissions to push to your CodeCommit repository. Here is an example of how to create it, or you can also use other ways like AWS CLI or AWS API (see Create IAM Roles):

  1. Open the IAM console at https://console.aws.amazon.com/iam/
  2. In the navigation panel of the console, choose Roles and then choose Create role.
  3. Choose Custom trust policy role type.
  4. Copy and paste the trust policy below, change "{ExternalID}" and "{ServiceAccount}" to the external ID and the AWS Transform for mainframe refactor service account that you copy from CodeCommit Booster (see above).
{


    "Version": "2012-10-17",


    "Statement": [


        {


            "Effect": "Allow",


            "Principal": {


                "AWS": "arn:aws:iam::{ServiceAccount}:root"


            },


            "Action": "sts:AssumeRole",


            "Condition": {


                "StringEquals": {


                    "sts:ExternalId": "{ExternalID}"


                }


            }


        }


    ]


}
  1. Choose Next
  2. Give a name for the role, and then choose Create role.
  3. In the role list, choose the name of role you just created.
  4. Choose the Permissions tab.
  5. Choose Add permissions and then choose Create inline policy.
  6. Choose JSON Policy editor.
  7. Copy and paste the permission policy below. Replace “{Region}” by your CodeCommit repository’s region, “{AccountID}” by your AWS Account ID, and “{RepositoryName}” by your repository's name. In this policy, you give this role 2 action permissions (GitPush and GitPull), through which AWS Transform for mainframe refactor will be able to push your Transformation Center outputs to the repository (see Creating IAM policies).
{


    "Version": "2012-10-17",


    "Statement": [


        {


            "Sid": "AllowGetBranchAndCreateCommit",


            "Effect": "Allow",


            "Action": [


                "codecommit:GitPush",


                "codecommit:GitPull"


            ],


            "Resource": "arn:aws:codecommit:{Region}:{AccountID}:{RepositoryName}"


        }


    ]


}
  1. Choose Next.
  2. Give a name and a description for the policy.
  3. Choose Create policy.

Now you have created an IAM role with limited permissions. AWS Transform for mainframe refactor will use this role to push your Transformation Center outputs.

Push Transformation Center outputs.

Everything is ready! You can now push your outputs. To do so,

  1. Go to Velocity, select your outputs and choose Push Outputs in the options bar.
  2. Fill in the pop-up window with required details.
  3. Click on Save. Your outputs are waiting for you on CodeCommit!