AWS Developer Tools

AWS CodeCommit Repository

4 min read
Updated June 23, 2025
4,621 characters

AWS CodeCommit Cheat Sheet

What is AWS CodeCommit?

AWS CodeCommit is a fully managed source control service that hosts secure and private Git repositories. It provides a secure, scalable, and highly available alternative to hosting your own Git server or using other third-party Git hosting services like GitHub or Bitbucket, especially when working within the AWS ecosystem.

Because it's a standard Git service, you can use all your existing Git tools, workflows, and commands.

How to Authenticate with CodeCommit

Controlling access to CodeCommit repositories is done through AWS IAM, but authenticating your Git client requires specific credential types. You do not use your standard IAM access keys directly with Git commands.

1. For HTTPS Connections

This is the most common method for users.

  • Git Credentials: This is the recommended method for HTTPS. You generate a static username and password pair in the IAM console for a specific IAM user. You then use these credentials when your Git client prompts for a username and password.
  • git-remote-codecommit helper (for AWS CLI users): An alternative that allows your Git client to use the credentials configured in the AWS CLI, enabling authentication via IAM roles.

2. For SSH Connections

This method is common for automated processes and developers who prefer key-based authentication.

  • Setup:
    1. Generate an SSH key pair on your local machine.
    2. Upload the SSH public key to your IAM user in the AWS console.
    3. Configure your local SSH client (~/.ssh/config) to use the corresponding SSH private key when connecting to CodeCommit's Git endpoint.

Key Features & Concepts

  • Secure and Private: Repositories are private by default. All data is encrypted at rest and in transit. Access control is managed exclusively through AWS IAM.
  • Highly Available and Durable: CodeCommit stores your repository data redundantly across multiple Availability Zones (AZs) within an AWS Region, protecting it from single-point failures.
  • Scalable: There are no practical limits on the size of your repositories or the number of files you can store.
  • Pull Requests: Supports a full collaborative workflow, allowing you to create pull requests, review and comment on code changes, and merge branches.
  • Notifications: You can configure notifications for repository events (e.g., a comment on a pull request, a push to a branch) to be sent to Amazon SNS. This can then be integrated with services like email, AWS Chatbot (for Slack/Chime), or SQS.
  • Triggers: This is a powerful automation feature. You can create triggers that invoke an AWS Lambda function or publish a message to an Amazon SNS topic in response to specific repository events (like push or createBranch). This is a common way to kick off CI/CD pipelines or custom validation workflows.

Integration with AWS Services

CodeCommit is deeply integrated with the AWS developer tool suite and other services:

  • AWS CodePipeline: CodeCommit is a primary source provider for CodePipeline. A push to a specified branch can automatically trigger your entire CI/CD pipeline.
  • AWS CodeBuild: CodeBuild can be configured to use a CodeCommit repository as its source, automatically pulling the latest code to start a build.
  • AWS CodeGuru Reviewer: Can be associated with a repository to automatically analyze your code during a pull request, providing recommendations to improve code quality and find defects.
  • IAM: Used for all authentication and authorization, allowing for fine-grained control over who can perform which actions on specific repositories or branches.

Security

  • Authentication: Handled via IAM using either HTTPS Git credentials or SSH keys (as described above).
  • Authorization: You use IAM policies to control access. You can specify which users or roles are allowed to perform actions like codecommit:GitPull, codecommit:GitPush, or codecommit:CreateBranch on specific repository ARNs.
  • Encryption: Data is automatically encrypted in transit (via HTTPS/SSH) and at rest.

Pricing

  • Free Tier: AWS CodeCommit includes a generous free tier for a certain number of active users, Git requests, and storage per month. For many small teams, the service can be essentially free.
  • Pay-as-you-go: Beyond the free tier, you pay a small monthly fee for each active user and for storage that exceeds the free tier allowance.

📚 Recommended AWS Resources

AWS Certified Solutions Architect Study Guide
Complete preparation for AWS certification exams
AWS Cookbook
Practical recipes for AWS cloud solutions
As an Amazon Associate, we earn from qualifying purchases.
Back to All