AWS CodeCommit HTTPS access without setting up credentials
We are moving from GitHub to AWS CodeCommit to have a tightly integrated environment.
You must have access to one repository over HTTPS. This repo is provided with a ny Spring Cloud Config Server product that uses jgit to read the repo and clone files to use it.
AWS CodeCommit appears to require the use of the Credential Helper when connecting over HTTPS, but I am not configured that way. I need a user and password setup that jgit can use without having to create temp credentials using the credential helper. Any way to achieve this?
Is there a way to configure CodeCommit to access a fixed user and password to access the repository over HTTPS?
source to share
Update
As of December 22, 2016, AWS CodeCommit supports using a static username and password as a lightweight authentication method to your AWS CodeCommit Repositories over HTTPS:
With Git credentials, you can create a static username and password in the Identity and Access Management (IAM) console, which you can use to access the AWS CodeCommit repositories from the command line, Git CLI, or any Git that supports HTTPS authentication.
Since these are static credentials, they can be cached using the password management tools included with your local operating system or stored in the credential management utility. This allows you to get started with AWS CodeCommit in minutes. You don't need to download the AWS CLI or configure your Git client to connect to your AWS CodeCommit repository on HTTPS. You can also use your username and password to connect to the AWS CodeCommit repository from third-party tools that support username and password authentication, including popular Git GUI clients (such as TowerUI) and IDEs (such as Eclipse, IntelliJ, and Visual Studio).
[...]
Original Answer
Is there a way to configure CodeCommit to access a fixed user and password to access the repository over HTTPS?
No, as stated in Setting up for AWS CodeCommit , you need to either use HTTPS or SSH, and the former requires a cryptographically signed version of your IAM user credentials or an Amazon EC2 instance role whenever Git needs to authenticate with AWS in order to communicate with repositories in AWS CodeCommit.
However, as Mark L. Smith mentioned in his answer to using native Git not jgit in Eclipse git but These credentials expire in ~ 15 minutes , nothing prevents you from going through the signing process yourself, and Mark has kindly provided acc. For an example showing how to clone the AWS CodeCommit repository over HTTPS using jgit right away, see jgit-codecommit for details.
source to share
As far as I know (and I spent most of my time with CodeCommit for two weeks), no, there is no way to use a username and password combination. One of the key features of CodeCommit is that it integrates with your existing AWS ecosystem, using IAM users and / or roles to provide access more or less automatically after installation. What is holding you back from using the Credential Assistant?
This may not be what you want, but have you tried to create an IAM user solely so that your server can access CodeCommit? You can then create an access token and private key for that user and save them as a profile in the server credentials file (usually ~ / .aws / credentials). Then you can configure the git config server to use the credential helper with this profile and it will auto-authenticate in the future. The key must use the user's IAM credentials, so they are persistent, as opposed to expiring IAM role credentials.
source to share
Is there a way to configure CodeCommit to access a fixed user and password to access the repository over HTTPS?
The answer was no, but AWS CodeCommit now offers HTTPS Git Credentials
These are static user and password credentials that can be cached using standard accounts (if any) and work with IDEs that support username / password. Setting up the IDE
source to share
It is possible. Set up the AWS Credential Wizard. Follow this link for Unix-like systems. Configuring the AWS Credential Wizard. This command will display your AWS credentials if the git credential helper is working properly. Unless you use the same command with the --debug flag to find the problem.
echo -e "protocol=https\npath=/v1/repos/myrepo\nhost=git-codecommit.us-east-1.amazonaws.com" | aws codecommit credential-helper get
Include the dependency in your assembly.
implementation('com.amazonaws:aws-java-sdk-core:1.11.463')
Then set the CodeCommit URL to application.yml.
spring.cloud.config.server.git.uri=https://git-codecommit.us-west-2.amazonaws.com/v1/repos/moa-config
source to share
It is now possible.
1) Configure the AWS Credential Wizard. Follow this link for Unix-like systems. Configuring the AWS Credential Wizard.
2) This command displays your AWS credentials if the git credential helper is working properly. Unless you use the same command with the --debug flag to find the problem.
echo -e "protocol=https\npath=/v1/repos/myrepo\nhost=git-codecommit.us-east-1.amazonaws.com" | aws codecommit credential-helper get
3) Include the dependency in your assembly.
implementation('com.amazonaws:aws-java-sdk-core:1.11.463')
4) Then set the URL CodeCommit to application.yml.
spring.cloud.config.server.git.uri=https://git-codecommit.us-west-2.amazonaws.com/v1/repos/moa-config
source to share