AWS CodeCommit - Setup SSH Connection
Inception: Learn about AWS CodeCommit SSH Connection that will help you in connecting to AWS CodeCommit repository to execute git commands like `pull` and `push`, `branching`, etc from your local machine. This is another important step towards setting up fully automated AWS Pipeline in DevOps.
You need to set up connection to communicate with AWS CodeCommit from your local machine. Developers are right audience for this article, because they need to set up connection with CodeCommit for their regular work like code pull, code commit and code push actions.
In the previous article, we learned that you can add/upload, edit, or delete files to a CodeCommit repository directly through the AWS CodeCommit console. However, if you are a member of the development team and working on multiple files, branches, code commit, pull requests, review process, etc, then you will have to set up your local computer to work with the repository.
There are three types of connections in AWS CodeCommit. SSH connection is most popular and secure connection type.
- SSL connection
- HTTPS connection
- HTTPS (GRP) connection
In this article, you will learn to setup SSH Connections to AWS CodeCommit Repositories.
Setup SSH Connection to AWS CodeCommit Repository
Follow the below steps to setup SSH connection to AWS CodeCommit repository.
1. Create IAM Users/Groups
Follow below steps to create a IAM Group and User.
- Create a IAM Group named developer
- Attach a Managed Policy AWSCodeCommitFullAccess to developer
- Create an IAM User
- Add this new User to the developer group
2. Create SSH keys
This will be a pairs of keys (private key & public key) used for authenticating user. Follow below steps to create a pair of SSH keys.
- On Linux/Mac: Use
ssh-keygen
tool to create the keys.- Execute
ssh-keygen -t rsa -b 4096
command and follow the default instructions. - Above command will
generate id_rsa
, andid_rsa.pub
in your home directory. Usels -la ~/.ssh
command to list these files.
- Execute
- On Windows: Use ssh-keygen tool to create the keys same as Linux.
3. Add SSH keys for AWS CodeCommit into IAM User
Following are the steps to add SSH keys for AWS CodeCommit into IAM User’s Security Credentials.
- Login to AWS Console and Go to IAM
- Click on Users link and then Search and click on IAM user you want to add SSH keys
- Click on “Security Credentials” tab
- Go to “SSH keys for AWS CodeCommit”, and click on “Upload public Key” button.
- Copy public from your local machine using
cat ~/.ssh/id_rsa.pub
command. - Paste public key content into IAM page
- Click on “Upload public Key” button to upload the public key
- Copy the SSH key ID (for example,
APKA4RFXP4D73G3C3PLE
)
4. Add AWS CodeCommit to your SSH Configuration
Follow the below steps to add AWS CodeCommit to your SSH configuration.
- Go to
$HOME/.ssh
folder - Create a file
touch config
. - Change the permission
chmod 600 config
- Write below 3 lines in config file with actual value of YOUR_SSH_KEY_ID_FROM_IAM
cat > $HOME/.ssh/config << "EOF"
Host git-codecommit.*.amazonaws.com
User YOUR_SSH_KEY_ID_FROM_IAM
IdentityFile ~/.ssh/codecommit_rsa
EOF
5. Test your SSH connection with AWS CodeCommit
Execute the below command to test SSH connection from your local machine to AWS CodeCommit.
ssh git-codecommit.us-east-1.amazonaws.com
Conclusion: You have set up SSH Connection from your local machine to AWS CodeCommit. Now you are ready to clone repo, develop the code, commit and push the changes into CodeCommit Repository. You can run all git from your local machine.