I have following settings with my ec2 instance, but no luck.
And there is a same issue on aws forum but no answer.
helper = !aws --region us-east-1 codecommit credential-helper [email protected]
UseHttpPath = true
IAM Role Policy for the EC2 Instance:
Then following code works:
echo -e "protocol=https\npath=/v1/repos/my-repo\nhost=git-codecommit.us-east-1.amazonaws.com" | aws --region us-east-1 codecommit credential-helper get
However, with git, it doesn't.
git clone https://git-codecommit.us-east-1.amazonaws.com/v1/repos/my-repo
Cloning into 'my-repo'...
fatal: unable to access 'https://git-codecommit.us-east-1.amazonaws.com/v1/repos/my-repo/': The requested URL returned error: 403
After some investigation, I figure out that attached IAM Role doesn't work git operation, but IAM User worked fine.
| Type | list-repositories | credential-helper | git operation |
| IAM User with CodeCommitFullAccess | OK | OK | OK |
| IAM Role with CodeCommitFullAccess | OK | OK | NG |
Tries following command:
aws codecommit list-repositories
echo -e "protocol=http\npath=/v1/repos/my-repo\nhost=git-codecommit.us-east-1.amazonaws.com" | aws --region=us-east-1 codecommit credential-helper get
git clone --config credential.helper='!aws --region=us-east-1 codecommit credential-helper [email protected]' --config credential.UseHttpPath=true https://git-codecommit.us-east-1.amazonaws.com/v1/repos/my-repo
my awscli version is following:
$ aws --version
aws-cli/1.10.44 Python/2.7.5 Linux/3.10.0-327.10.1.el7.x86_64 botocore/1.4.34
My git and curl version is as following:
$ git --version
git version 220.127.116.11
$ curl --version
curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.19.1 Basic ECC zlib/1.2.7 libidn/1.28 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz
You need to be using at least curl 7.33 or later. From the CodeCommit documentation:
AWS CodeCommit requires curl 7.33 and later. However, there is a known issue with HTTPS and curl update 7.41.0.