To provide the Gearset app access to your CodeCommit repository, you need three things: Repository Url, Access Key Id and Access Key Secret.

Creating a new CodeCommit repository

Step 1: Navigate to CodeCommit in AWS console

Step 2: Click Create repository

Step 3: Choose a Repository name and click Create

Step 4: In the Clone URL menu, choose Clone HTTPS and save the URL of the repository

Provisioning a user for access to CodeCommit repository from Gearset

Step 1: Navigate to Identity and Access Management (IAM)

Step 2: Click Add User or choose an existing one with programmatic access

Step 3: If you're creating a new User, please mark Access type as Programmatic access

Step 4: On the last step of User creation, copy User's Access key ID and Secret access key

Step 5: Navigate to Users menu and click Add inline policy

Step 6: Choose JSON tab

Step 7: You have a choice of two policies. The first policy grants Gearset broad access to your AWS CodeCommit repository, so as Gearset implements new features you won't need to modify this policy. The other policy contains the minimum set of actions that Gearset uses at the time of writing, but this could change as new versions of Gearset are related so you may need to update the policy from time to time.

Broad policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "codecommit:Merge*",
                "codecommit:Post*",
                "codecommit:Update*",
                "codecommit:Get*",          
                "codecommit:Test*",
                "codecommit:BatchGet*",
                "codecommit:GitPull",
                "codecommit:Create*",
                "codecommit:Put*",
                "codecommit:GitPush",
                "codecommit:DeleteBranch"
            ],
            "Resource": [
                "arn:aws:codecommit:$aws_repo_region:$aws_account_number:$aws_codecommit_repository_name"
            ]
        }
    ]
}

Policy containing minimum set of rights (correct as of 11.11.2019):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "codecommit:GetRepository",
                "codecommit:ListRepositories",
                "codecommit:GetCommit",
                "codecommit:GetBranch",
                "codecommit:GitPull",
                "codecommit:GitPush",
                "codecommit:ListBranches"
            ],
            "Resource": [
      "arn:aws:codecommit:$aws_repo_region:$aws_account_number:$aws_codecommit_repository_name"
            ]
        }
    ]
}

In those example you need to replace the following values:

  • $aws_repo_region - region where AWS CodeCommit repository created
  • $aws_account_number - AWS account identifier number
  • $aws_codecommit_repository_name - name of AWS CodeCommit repository

Step 8: Click Review policy

Step 9: Name the policy and click Create policy

Integrate CodeCommit into Gearset

Step 1: Go to Source control and services in the Gearset app

Step 2: Click on + Connect to AWS CodeCommit


Step 3: In the opened pop-up window, paste all values from previous steps


Step 4: Press Test connection, and it should become Connection succeeded

Step 5: Press Connect


Step 6: Run your first comparison in Gearset!

Did this answer your question?