Argo CD and AWS CodeConnections: The Upside, the Redeploy Pain, and How I Fixed It

Argo CD and AWS CodeConnections: The Upside, the Redeploy Pain, and How I Fixed It I run Argo CD on Amazon EKS using the managed Argo CD capability and AWS CodeConnections for Git. CodeConnections has been a clear win for day-to-day operations. Then I had to recreate the connection (new resource, new identity in the URL). Every Application went to Sync: Unknown until I updated URLs in two places—Git and the live cluster—and fixed ApplicationSets so they stopped writing the old URL back. This article leads with why I still choose CodeConnections , then what breaks on redeploy , then what I did when it inevitably happened, in that order. 1. Why CodeConnections is worth it for Argo CD on EKS No SSH keys or personal tokens in the cluster. Argo pulls Git using IAM: the capability role is allowed to use the connection ( UseConnection , GetConnection ). You are not copying PATs into Secrets or rotating leaked keys because someone printed kubectl get secret . One connection, many repos. The HT