All Collections
Feature guides
Version control
Integrating with AWS CodeCommit
Integrating with AWS CodeCommit

Deploy to and from AWS CodeCommit

Quinn Kuiper avatar
Written by Quinn Kuiper
Updated over a week ago

There are three possible ways in which Gearset can connect to your CodeCommit repository. This document outlines how to create the git repository in Section 1, then how to connect to this repository in Gearset depending on your authentication type in Section 2 (OAuth, HTTPS or SSH).

Section 1.

Creating a new CodeCommit repository

Step 1:

Navigate to CodeCommit in AWS console

Step 2:

Click Create repository

Step 3:

Choose a Repository name and click Create

Step 4:

In the Clone URL menu, choose Clone HTTPS and save the URL of the repository.

Provisioning a user for access to CodeCommit repository from Gearset

Step 1:

Navigate to Identity and Access Management (IAM)

Step 2:

Click Users

Step 3:

Create a new user using the Add Users button.

Step 4:

Give the user an appropriate name.

Step 5:

Click next, then create user.

Step 6:

Select your new User.


Step 7:

Click the dropdown for Add permissions and select Create inline policy

Step 8:

Choose JSON tab

Step 9:

You have a choice of two policies. The first policy grants Gearset broad access to your AWS CodeCommit repository, so as Gearset implements new features you won't need to modify this policy. The other policy contains the minimum set of actions that Gearset uses at the time of writing, but this could change as new versions of Gearset are related so you may need to update the policy from time to time

Broad policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "codecommit:Merge*",
                "codecommit:Post*",
                "codecommit:Update*",
                "codecommit:Get*",
                "codecommit:Test*",
                "codecommit:BatchGet*",
                "codecommit:GitPull",
                "codecommit:Create*",
                "codecommit:Put*",
                "codecommit:GitPush",
                "codecommit:DeleteBranch",
                "codecommit:List*"
            ],
            "Resource": [                "arn:aws:codecommit:$aws_repo_region:$aws_account_number:$aws_codecommit_repository_name"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "codecommit:ListRepositories"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Policy containing minimum set of rights (correct as of Friday 4th February 2022):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "codecommit:GetRepository",
                "codecommit:GetCommit",
                "codecommit:GetBranch",
                "codecommit:GitPull",
                "codecommit:GitPush",
                "codecommit:ListBranches",
                "codecommit:CreateBranch",
                "codecommit:CreatePullRequest",
                "codecommit:CreateCommit",
                "codecommit:PutRepositoryTriggers",
                "codecommit:TestRepositoryTriggers"
            ],
            "Resource": [
      "arn:aws:codecommit:$aws_repo_region:$aws_account_number:$aws_codecommit_repository_name"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "codecommit:ListRepositories"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

In those examples you need to replace the following values:

  • $aws_repo_region - region where AWS CodeCommit repository created (ie. eu-west-1)

  • $aws_account_number - AWS account identifier number

  • $aws_codecommit_repository_name - name of AWS CodeCommit repository

Step 10:

Click Review policy

Step 11:

Name the policy and click Create policy

Step 12:

You can now see the permissions in your permission policies

Note: If you are going to connect this user to a new Gearset Pipeline that you are setting up we recommend editing the statement to include general CodeCommit access.

Section 2

Integrate CodeCommit into Gearset via OAuth

Step 1:

Navigate to Identity and Access Management (IAM)

Step 2:

Click Users

Step 3:

Select the user.

Step 4:

Select Security credentials and then Create access key

Step 5:

Select Third-party service, then create access key.

Step 6:

Copy the access key and secret access key to a temporary safe location.

Step 7:

Go to Source control and services in the Gearset app

Step 8:

Click on + Connect to AWS CodeCommit


Step 9:

In the connection modal, paste all values from previous steps, ensuring that in the Url field you paste the complete link to your git repository, found here. Make sure that this is the repository Url and not the page address from your web browser.


Step 10:

Press Test connection, and it should become Connection succeeded

Step 11:

Press Connect - you should now see your CodeCommit connection listed in Source control and services

Integrate CodeCommit into Gearset as a custom git repository via HTTPS

Step 1:

Go to Identity and Access Management (IAM) in your AWS code commit.

Select the user created earlier here.

Step 2

Select Security Credentials and scroll down until you find HTTPS Git Credentials

Step 3

Generate the credentials and keep them in a safe place.

Step 4

Go to Source control and services in the Gearset app

Step 5

Select ADD NEW CUSTOM GIT REPOSITORY...

Step 6

In the Add new linked Git repository modal, enter the required information and select Test connection, and you should then see this change to show that the connection has succeeded

  • For Repo URL in the AWS code commit console, select Repositories, you'll then be able to copy the repo URL - ensure you copy the HTTPS URL. See here for more details

Step 7

Select Add repository and your new repository will then be listed as a Custom git repository

Note: If you intend to use Pipelines make sure you create your connection using Oauth, see details here.

Integrate CodeCommit into Gearset as a custom git repository via SSH

Step 1:

Go to Source control and services in the Gearset app

Step 2

Select ADD NEW CUSTOM GIT REPOSITORY...

Step 3

Select the SSH radio button and copy the Public key

Step 4

Go to Identity and Access Management (IAM) in your AWS code commit.

Select the user created earlier here.

Step 5

Select Security Credentials and scroll down until you find SSH public keys

Step 6

Paste the SSH key copied in Step 3 and click Upload SSH public key.

Step 7

Copy the 20 digit code from the SSH public key list to keep in a safe place.

Step 8

In AWS go to CodeCommit, select the git repository you are connecting to, and then clone the SSH URL. Similar to Step 4 here.

Step 9

In Gearset, in the Add new linked Git repository modal paste the repo address that was cloned in CodeCommit. Then make the following changes:

¹ssh_keyID@git-codecommit.²us-region.amazonaws.com³:/v1/repos/your_git_repo

¹ Enter the 20 character SSH ID copied in step 5

² The region stated in your SSH repo URL

³ A colon needs to be added after .com in the URL

Click test connection to check to see if it is all set up correctly

Step 10

Select Add repository and your new repository will then be listed as a Custom git repository

Note: If you intend to use Pipelines make sure you create your connection using Oauth, see details here.

Did this answer your question?