Integrate with AWS

Learn how to integrate GitLab and AWS.

This content is intended for GitLab team members as well as members of the wider community.

When content that is badged for GitLab SaaS ( ) or Self-Managed ( ) it means that the link applies to only that type of GitLab instance implementation. Unbadged content works for any type of GitLab implementation.

This page attempts to index the ways in which GitLab can integrate with AWS. It does so whether the integration is the result of configuring general functionality, was built in to AWS or GitLab or is provided as a solution.

Text Tag Configuration / Built / Solution Support/Maintenance
[AWS Configuration] Integration via Configuring Existing AWS Functionality AWS
[GitLab Configuration] Integration via Configuring Existing GitLab Functionality GitLab
[AWS Built] Built into AWS by Product Team to Address AWS Integration AWS
[GitLab Built] Built into GitLab by Product Team to Address AWS Integration GitLab
[AWS Solution] Built as Solution Example by AWS or AWS Partners Community/Example
[GitLab Solution] Built as Solution Example by GitLab or GitLab Partners Community/Example
[CI Solution] Built, at least in part, using GitLab CI and therefore
more customer customizable.
Items tagged [CI Solution] will
also carry one of the other tags
that indicate the maintenance status.

Table of Contents

[TOC]

Integrations For Development Activities

These integrations have to do with using GitLab to build application workloads and deploy them to AWS.

SCM Integrations

  • AWS CodeStar Connections - enables SCM connections to multiple AWS Services. Currently for GitLab.com SaaS only. Configure GitLab. Supported Providers. Supported AWS Services - each one may have to make updates to support GitLab, so here is the subset that currently support GitLab [AWS Built]
    • AWS CodePipeline Integration - use GitLab as source for CodePipeline. [AWS Built]
    • AWS CodeBuild Integration - indirectly through CodePipeline support. [AWS Built]
    • Amazon CodeWhisperer Customization Capability can connect to a GitLab repo. [AWS Built]
    • AWS Service Catalog directly inherits CodeStar Connections, there is not any specific documentation about GitLab since it just uses any GitLab CodeStar Connection that has been created in the account. [AWS Built]
    • AWS Proton directly inherits CodeStar Connections, there is not any specific documentation about GitLab since it just uses any GitLab CodeStar Connection that has been created in the account. [AWS Built]
    • AWS Glue Notebook Jobs directly inherit CodeStar Connections, there is not any specific documentation about GitLab since it just uses any GitLab CodeStar Connection that has been created in the account. [AWS Built]
    • Amazon SageMaker MLOps Projects are done in CodePipeline and so directly inherit CodeStar Connections (as noted here), there is not any specific documentation about GitLab since it just uses any GitLab CodeStar Connection that has been created in the account. [AWS Built]
    • Amazon SageMaker Notebooks allow Git repositories to be specified by the Git clone URL and configuration of a secret - so GitLab is configurable. [AWS Configuration]
    • AWS CloudFormation publishing of public extensions - not yet supported. [AWS Built]
    • Amazon CodeGuru Reviewer Repositories - not yet supported. [AWS Built]
  • GitLab Push Mirroring to CodeCommit Workaround enables GitLab repositories to leverage CodePipeline SCM Triggers. GitLab can already leverage S3 and Container Triggers for CodePipeline. Still required for Self-Managed and Dedicated for the time being. [GitLab Configuration]

CI Integrations

  • Direct CI Integrations That Use Keys, IAM or OIDC/JWT to Authenticate to AWS Services from GitLab Runners

CD and Operations Integrations

End-to-End Solutions for development and deployment if specific development frameworks and ecosystems

Generally solutions demonstrate end-to-end capabilities for the development framework - leveraging all relevant integration techniques to show the art of maximum value for using GitLab and AWS together.

Serverless

Terraform

CloudFormation

CloudFormation Development and Deployment With GitLab Lifecycle Managed DevOps Environments Working Code [GitLab Solution] [CI Solution]

CDK

.NET on AWS

System to system integration of GitLab and AWS

AWS Identity providers (IDP) can be configured to authenticate into GitLab or GitLab can function as an IDP into AWS accounts.

Top level groups on GitLab.com are also known as “Namespaces” and naming one after your company is the first step to setting up a tenant for your organization on GitLab.com. Namespaces can be configured for special functionality like SSO which then integrates your IDP into GitLab.

User authentication and authorization between GitLab and AWS

Runner workload authentication and authorization integration

GitLab infrastructure workloads deployed on AWS

While GitLab can be deployed on a single box for up to 500 users, when it is horizontally scaled for very large user counts like 50,000 it expands into being a complex, many tiered platform that benefits from deployment to AWS. GitLab is supports and is regularly tested being backed by AWS services. GitLab is deployable to Ec2 for traditional scaling and to AWS EKS in a Cloud Native Hybrid implementation. It is called Hybrid because specific service layers cannot be placed in a container cluster due to the workload shapes that are common to Git (and common to how Git processes behave handles that workload variety).

GitLab Instance Compute & Operations Integration

GitLab Runner on AWS Compute