Amazon Code Commit has arrived
Sort of at least, yesterday at the AWS NY Summit Amazon announced that CodeCommit is available, it is but only in us-east-1. Point is of course to integrate fully with the other AWS tools like CodeDeploy and the CodePipeline. Never the less, I felt an urge to get started and want to share some lessons learned from the initial experience.
The documentation for getting started primarily uses https:// for access but that is not a good idea, I prefer SSH access, and as it turns out, the HTTPS does not play with my Ubuntu 14.04. Additionally the HTTPS requires use of access keys which only adds to maintenance.
Creating the repository is just a few clicks in the terminal. The name you choose seems to be "global" so better grab the good ones now.
You have a new entry in IAM console for uploading public keys, when you do that you get a "name" for the key that you will have to use in your ~/.ssh/config when connecting.
Host git-codecommit.*.amazonaws.com
User APKAxxxxxxxxxxxxRIA
For most of my existing users this will be a very easy migration.
For the users to be able to connect they will also need to be assigned rights for this in the IAM console. I simply created a new group (git-users) with the managed policy "AWSCodeCommitPowerUser" and added my git users to that group.
So when digging into this and you are currently using SSH as authentication to your git repositories the process is dead simple:
- Create your repository.
- Get a IAM group with CodeCommit access and add your git users to that group.
- Have users upload their public keys and add their "user name" to their .ssh/config
Or you can do as I did, spend an hour and a half messing around with access keys, git configuration and aws cli to get https to fail when it does not play with Ubuntu.