AWS CodeCommit - Setup SSH Connection

Posted: | Last updated: | 2 minute read

Inception: Learn about AWS CodeCommit SSH Connection that will help you in connecting to AWS CodeCommit repository to execute git commands like `pull` and `push`, `branching`, etc from your local machine. This is another important step towards setting up fully automated AWS Pipeline in DevOps.

You need to set up connection to communicate with AWS CodeCommit from your local machine. Developers are right audience for this article, because they need to set up connection with CodeCommit for their regular work like code pull, code commit and code push actions.


In the previous article, we learned that you can add/upload, edit, or delete files to a CodeCommit repository directly through the AWS CodeCommit console. However, if you are a member of the development team and working on multiple files, branches, code commit, pull requests, review process, etc, then you will have to set up your local computer to work with the repository.

There are three types of connections in AWS CodeCommit. SSH connection is most popular and secure connection type.

  1. SSL connection
  2. HTTPS connection
  3. HTTPS (GRP) connection

In this article, you will learn to setup SSH Connections to AWS CodeCommit Repositories.

Setup SSH Connection to AWS CodeCommit Repository

Follow the below steps to setup SSH connection to AWS CodeCommit repository.

1. Create IAM Users/Groups

Follow below steps to create a IAM Group and User.

  1. Create a IAM Group named developer
  2. Attach a Managed Policy AWSCodeCommitFullAccess to developer
  3. Create an IAM User
  4. Add this new User to the developer group

2. Create SSH keys

This will be a pairs of keys (private key & public key) used for authenticating user. Follow below steps to create a pair of SSH keys.

  • On Linux/Mac: Use ssh-keygen tool to create the keys.
    • Execute ssh-keygen -t rsa -b 4096 command and follow the default instructions.
    • Above command will generate id_rsa, and in your home directory. Use ls -la ~/.ssh command to list these files.
  • On Windows: Use ssh-keygen tool to create the keys same as Linux.

3. Add SSH keys for AWS CodeCommit into IAM User

Following are the steps to add SSH keys for AWS CodeCommit into IAM User’s Security Credentials.

  1. Login to AWS Console and Go to IAM
  2. Click on Users link and then Search and click on IAM user you want to add SSH keys
  3. Click on “Security Credentials” tab
  4. Go to “SSH keys for AWS CodeCommit”, and click on “Upload public Key” button.
  5. Copy public from your local machine using cat ~/.ssh/ command.
  6. Paste public key content into IAM page
  7. Click on “Upload public Key” button to upload the public key
  8. Copy the SSH key ID (for example, APKA4RFXP4D73G3C3PLE)

4. Add AWS CodeCommit to your SSH Configuration

Follow the below steps to add AWS CodeCommit to your SSH configuration.

  1. Go to $HOME/.ssh folder
  2. Create a file touch config.
  3. Change the permission chmod 600 config
  4. Write below 3 lines in config file with actual value of YOUR_SSH_KEY_ID_FROM_IAM
cat > $HOME/.ssh/config << "EOF"
Host git-codecommit.*
  IdentityFile ~/.ssh/codecommit_rsa

5. Test your SSH connection with AWS CodeCommit

Execute the below command to test SSH connection from your local machine to AWS CodeCommit.

Conclusion: You have set up SSH Connection from your local machine to AWS CodeCommit. Now you are ready to clone repo, develop the code, commit and push the changes into CodeCommit Repository. You can run all git from your local machine.