Up until March 2020, the only way to connect to AWS CodeCommit repositories was to create an IAM user, generate Git credentials for this user in the IAM console & provide them to Git on your machine. But what if you’re in an environment where no IAM users are involved, such as federated access or single sign-on in AWS Control Tower. This article describes how to use the newly introduced git-remote-codecommit
to clone CodeCommit repositories in an AWS Control Tower single sign-on environment.
Prerequisites
You’ll need the following installed on your system to follow this guide:
- Python 3+
- PIP, the Python package manager
- Git
Step 1 β Install git-remote-codecommit
At your terminal, run:
pip install git-remote-codecommit
The installation is complete when you see this:
Successfully built git-remote-codecommit
Step 2 β Configure AWS Profile
Run the following at your terminal to create a user profile:
aws configure
Provide these values when prompted:
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]:
Default output format [None]:
You’ll find them in the Control Tower single sign-on page as shown below:
Step 3 β Clone Repo
Finally, to clone your CodeCommit repository, run this at your terminal:
git clone codecommit://repo-name local-dir
That uses the default profile. If you named your profile in step 2, run:
git clone codecommit://profile-name@repo-name local-dir
To clone a repo from another region, run:
git clone codecommit::ap-south-1://repo-name local-dir
hi, is there any way to specify the location of the stored repo locally?
Yes, the last argument to the “git clone” command above is the local directory where you want the Git repo cloned. You can change this to any path on your machine where the repository will be stored.