AWS Developer Tools

AWS CodeCommit

5 min read
Updated June 23, 2025
4,835 characters

Core Concepts

AWS CodeCommit uses standard Git, so you can use all your favorite Git commands and tools. The core components will be familiar to anyone who has used Git.

  • Repository: A repository is the central location where your project's source code, files, and history are stored. In CodeCommit, these repositories are private and stored securely in the AWS cloud.

  • Commits: A commit is a snapshot of the changes made to the files in your repository. Each commit has a unique ID and includes information about who made the change, when it was made, and a message describing the change.

  • Branches: A branch is an independent line of development. The default branch is typically main or master. You can create feature branches to work on new functionality without affecting the main codebase, and then merge them back in when ready.

  • Tags: A tag is a pointer to a specific commit, often used to mark release points like v1.0 or v2.0-beta.

  • Pull Requests: A pull request is a mechanism for reviewing and merging code changes from one branch to another. Team members can comment on the code, suggest changes, and approve the merge.

Access and Security

Security is a core aspect of AWS CodeCommit. Access is managed through AWS Identity and Access Management (IAM), and data is encrypted at rest and in transit.

Authentication Methods

You can connect to your CodeCommit repositories using two primary methods:

  1. HTTPS with Git Credentials:

    • You can generate Git credentials (a specific username and password) for your IAM user in the AWS console.

    • This is a simple way to connect from your local machine using standard Git commands.

    • For Windows users, the AWS CLI includes a credential helper that simplifies connecting to CodeCommit repositories.

  2. SSH:

    • You can associate an SSH public key with your IAM user and use the corresponding private key to connect.

    • This method is common for automated processes and users who prefer key-based authentication.

Authorization with IAM

  • Permissions to perform actions like creating repositories, pushing code, or creating pull requests are controlled by IAM policies.

  • You can create fine-grained permissions, for example, allowing a user to read a repository but not write to it.

  • Using IAM roles with EC2 instances or other AWS services provides a secure way to grant your applications access to CodeCommit without managing static credentials.

Encryption

  • Encryption at Rest: Your data is automatically encrypted at rest using AWS Key Management Service (KMS). You can use an AWS-managed key or a customer-managed key for more control.

  • Encryption in Transit: Data is encrypted when you transfer it to and from CodeCommit using standard HTTPS or SSH protocols.

Key Features

Triggers

  • You can create triggers for your CodeCommit repositories to invoke actions in response to specific events.

  • Common Events:

    • A push to an existing branch.

    • The creation of a new branch or tag.

    • A pull request being created, updated, or merged.

  • Targets: Triggers can invoke an AWS Lambda function or publish a notification to an Amazon SNS topic.

  • Use Case: A common pattern is to use a trigger to start a build and deployment pipeline in AWS CodePipeline whenever new code is pushed to the main branch.

Notifications

  • You can use Amazon SNS to send notifications to users about events in your repository. This is useful for keeping your team informed about pull request updates, comments, and merges.

Pull Request Approval Rules

  • To enforce code quality standards, you can create approval rules for pull requests.

  • An approval rule can require a specific number of approvals from a pool of designated users before the pull request can be merged.

Migrating to CodeCommit

You can easily migrate an existing Git repository to AWS CodeCommit. The process typically involves:

  1. Creating a new CodeCommit repository.

  2. Configuring your local Git client with AWS credentials.

  3. Adding the CodeCommit repository as a new remote (git remote add...).

  4. Pushing your existing branches and tags to the new remote (git push <remote-name> --all).

Limits and Pricing

  • Limits: AWS CodeCommit has some soft limits, such as the number of repositories per account (which can be increased) and a maximum file size.

  • Pricing: CodeCommit offers a generous free tier that includes a certain number of active users, Git requests, and storage per month. Beyond the free tier, you pay for additional active users and storage. An "active user" is any IAM user or role that accesses a CodeCommit repository during the month.

📚 Recommended AWS Resources

AWS Certified Solutions Architect Study Guide
Complete preparation for AWS certification exams
AWS Cookbook
Practical recipes for AWS cloud solutions
As an Amazon Associate, we earn from qualifying purchases.
Back to All