Q: What is Amazon CodeCommit?
Amazon CodeCommit is a secure, highly scalable, managed source control service that makes it easier for teams to collaborate on code. Amazon CodeCommit eliminates the need for you to operate your own source control system or worry about scaling its infrastructure. You can use Amazon CodeCommit to store anything from code to binaries, and it works seamlessly with your existing Git tools.
Q: What is Git?
Git is an open-source distributed version control system. To work with Amazon CodeCommit repositories, you use the Git command line interface (CLI) or any of the available Git clients. To learn more about Git, see the Git documentation. To learn more about using Amazon CodeCommit with Git, see Getting Started with Amazon CodeCommit.
Q: Who should use Amazon CodeCommit?
Amazon CodeCommit is designed for software developers who need a secure, reliable, and scalable source control system to store and version their code. In addition, Amazon CodeCommit can be used by anyone looking for an easy to use, fully managed data store that is version controlled. For example, IT administrators can use Amazon CodeCommit to store their scripts and configurations. Web designers can use Amazon CodeCommit to store HTML pages and images.
Q: How is Amazon CodeCommit different from other Git-based source control systems?
Amazon CodeCommit offers a number of features not offered by other Git source control systems:
- Fully Managed –Amazon CodeCommit eliminates the need to host, maintain, backup, and scale your own source control servers.
- Secure –Amazon CodeCommit automatically encrypts your files in transit and at rest. Amazon CodeCommit is integrated with Amazon Identity and Access Management (IAM), allowing you to assign user-specific permissions to your repositories.
- Highly Available – Amazon CodeCommit is built on highly scalable, redundant, and durable Amazon Web Services services such as Amazon S3 and Amazon DynamoDB.
- Scalable - Amazon CodeCommit allows you store any number of files and there are no repository size limits.
- Faster Development Lifecycle - Amazon CodeCommit keeps your repositories close to your build, staging, and production environments in the Amazon Web Services cloud. This allows you to increase the speed and frequency of your development lifecycle.
Q: How does Amazon CodeCommit compare to a versioned S3 bucket?
Amazon CodeCommit is designed for collaborative software development. It manages batches of changes across multiple files, offers parallel branching, and includes version differencing (“diffing”). In comparison, Amazon S3 versioning supports recovering past versions of individual files but doesn’t support tracking batched changes that span multiple files or other features needed for collaborative software development.
Using Amazon CodeCommit
Q: How do I update files in my repository?
You can edit your files directly from the CodeCommit console or you can use Git to work with the repository. For example Git commands, you can use the git clone command to make a local copy of the Amazon CodeCommit repository. Make changes to the local files and use the git commit command when you’re ready to save the changes. Finally, use the git push command to upload the changes to the Amazon CodeCommit repository. For step-by-step instructions, see Getting Started with Amazon CodeCommit.
Q: How do I import my existing repository to Amazon CodeCommit?
You can use Git to import any existing Git repository to Amazon CodeCommit. For other repositories, such as Subversion and Perforce, you can use a Git importer to first migrate it to a Git repository. For step by step instructions on importing Git repositories, see Migrate an Existing Repository to Amazon CodeCommit. For step-by-step instructions on importing local or unversioned content, see the Git migration documentation.
Q: What Git operations are currently supported by Amazon CodeCommit?
Amazon CodeCommit currently supports clone, pull, push and fetch commands.
Q: Does Amazon CodeCommit support Git submodules?
Yes. Amazon CodeCommit can be used with Git repositories that include submodules.
Q: What is the maximum size for a single file that I can store in CodeCommit?
A single file in a repository cannot be more than 2 GB in size.
Q: How do I backup my repository?
If you have a local copy of the repository from doing a full git clone, you can use that to restore data. If you want additional backups, there are multiple ways to do so. One way is to install Git on your backup server and run a scheduled job that uses the git clone command to take regular snapshots of your repository. You can use git pull instead of git clone if you want to copy only the incremental changes. Note that these operations may incur an additional user and/or request charges based on how you setup the backup server and the polling frequency.
Q: How do I restore a deleted Amazon CodeCommit repository?
Deleting an Amazon CodeCommit repository is a destructive one-way operation that cannot be undone. To restore a deleted repository, you will need to create the repository again and use either a backup or a local copy from a full clone to upload the data. We recommend using IAM policies along with MFA-protection to restrict users who can delete repositories. For more details, see the Can I use Amazon Identity and Access Management (IAM) to manage access to Amazon CodeCommit? question in the Security section of the FAQ.
Q: How do I manage code reviews with Amazon CodeCommit?
CodeCommit supports code reviews and enables you to set permissions on branches of your code. Please see our documentation for help with code reviews or branch-level permissions.
Q: How do I integrate my continuous integration system with Amazon CodeCommit?
Continuous Integration (CI) systems can be configured to use Git to pull code from Amazon CodeCommit.
Q: How do I create webhooks using Amazon CodeCommit?
In the Amazon Simple Notification Service (SNS) console, you can create a SNS topic with an HTTP endpoint and the desired URL for the webhook. From the Amazon CodeCommit console, you can then configure that SNS topic to a repository event using triggers.
Q: Can I get a history of Amazon CodeCommit Git operations and API calls made in my account for security analysis and operational troubleshooting purposes? >>
Q: Can I get a history of Amazon CodeCommit Git operations and API calls made in my account for security analysis and operational troubleshooting purposes?
Yes. You can review recent CodeCommit events, including Git operations and API calls, in the Amazon CloudTrail console. For an ongoing record of events you can create a trail and log events in an Amazon S3 bucket. For more information, see Logging Amazon CodeCommit API Calls with Amazon CloudTrail.
Q: Can I use Amazon Identity and Access Management (IAM) to manage access to Amazon CodeCommit?
Yes. Amazon CodeCommit supports resource-level permissions. For each Amazon CodeCommit repository, you can specify which users can perform which actions. You can also specify Amazon Web Services multi-factor authentication (MFA) for a CodeCommit action. This allows you to add an extra level of protection for destructive actions such as deleting repositories. In addition to the Amazon CodeCommit APIs, you can also specify git pull and git push as actions to control access from Git clients. For example, you can create a read-only user for a repository by allowing that user access to git pull but not git push on the repository. For more information on using IAM with Amazon CodeCommit, see Authentication and Access Control for Amazon CodeCommit. For more information on authenticating API access using MFA, see Configuring MFA-Protected API Access.
Q: What communication protocols are supported by Amazon CodeCommit?
You can use either the HTTPS or SSH protocols or both to communicate with Amazon CodeCommit. To use HTTPS, first install the Amazon CLI. The Amazon CLI installs a Git credential helper that can be configured with Amazon Web Services credentials. It automatically signs all HTTPS requests to Amazon CodeCommit using the Signature Version 4 signing specification. To use SSH, users create their own public-private key pairs and add their public keys to their IAM users. The private key encrypts the communication with Amazon CodeCommit. For step-by-step instructions on setting up HTTPS and SSH access, see the Setting up Amazon CodeCommit page.
Q: What ports should I open in my firewall for access to Amazon CodeCommit?
You will have to open outbound access to an Amazon CodeCommit service endpoint on port 22 (SSH) or port 443 (HTTPS).
Q: How do I encrypt my repository in Amazon CodeCommit?
Repositories are automatically encrypted at rest. No customer action is required. Amazon CodeCommit uses Amazon Key Management Service (KMS) to encrypt repositories. When you create your first repository, an Amazon Web Services-managed CodeCommit key is created under your Amazon Web Services account. For details, see Encryption for Amazon CodeCommit Repositories.
Q: How much does Amazon CodeCommit cost?
Amazon CodeCommit costs ¥6.96 per active user per month. For every active user, your account receives an additional allowance of 10 GB-month of storage and 2,000 Git requests for that month. Unused allowance for storage and Git requests does not carry over to later months. If you need more storage or Git requests for your users, additional usage will be charged at ¥0.42 per GB-month and ¥0.007 per Git request. Users may store as many Git repositories as they would like. Your usage is calculated each month across all regions and automatically applied to your bill. Please see the pricing page for more details.
Q: What is the definition of an active user in Amazon CodeCommit?
An active user is any unique Amazon identity (IAM user/role, federated user, or root account) that accesses Amazon CodeCommit repositories during the month, either through Git requests or by using the Amazon Web Services Management Console. A server accessing CodeCommit using a unique Amazon identity counts as an active user.
Q: Which Git requests are considered towards the monthly allowance?
A Git request includes any push or pull that transmits repository objects. The request does not count towards your Git request allowance if there is no object transfer due to local and remote branches being up-to-date.