Use git-remote-codecommit to Clone AWS CodeCommit Repositories without Creating IAM Users

Up until March 2020, the only way to connect to AWS CodeCommit repositories was to create an IAM user, generate Git credentials for this user in the IAM console & provide them to Git on your machine. But what if you’re in an environment where no IAM users are involved, such as federated access or single sign-on in AWS Control Tower. This article describes how to use the newly introduced git-remote-codecommit to clone CodeCommit repositories in an AWS Control Tower single sign-on environment.


You’ll need the following installed on your system to follow this guide:

  • Python 3+
  • PIP, the Python package manager
  • Git

Step 1 — Install git-remote-codecommit

At your terminal, run:

pip install git-remote-codecommit

The installation is complete when you see this:

Successfully built git-remote-codecommit

Step 2 — Configure AWS Profile

Run the following at your terminal to create a user profile:

aws configure

Provide these values when prompted:

AWS Access Key ID [None]: 
AWS Secret Access Key [None]: 
Default region name [None]: 
Default output format [None]: 

You’ll find them in the Control Tower single sign-on page as shown below:

Step 3 — Clone Repo

Finally, to clone your CodeCommit repository, run this at your terminal:

git clone codecommit://repo-name local-dir

That uses the default profile. If you named your profile in step 2, run:

git clone codecommit://profile-name@repo-name local-dir

To clone a repo from another region, run:

git clone codecommit::ap-south-1://repo-name local-dir

Harish KM is a Cloud Evangelist & a Full Stack Engineer at QloudX. 

He is very passionate about cloud-native solutions & using the best tools for his projects. With 10+ Cloud & IT certifications, he is an expert in a multitude of application languages & is up to date with all new offerings & services from cloud providers, especially AWS.

2 Replies to “Use git-remote-codecommit to Clone AWS CodeCommit Repositories without Creating IAM Users”

  1. aaron says:

    hi, is there any way to specify the location of the stored repo locally?

    • Harish KM says:

      Yes, the last argument to the “git clone” command above is the local directory where you want the Git repo cloned. You can change this to any path on your machine where the repository will be stored.

Leave a Reply

Your email address will not be published. Required fields are marked *