I am using GitHub a lot as my private and public repositories. Especially those private ones are used only as an "archive" of my files, with version control. So why not have it in AWS CodeCommit?
AWS CodeCommit
AWS CodeCommit is fully managed, highly available source control service that hosts private git repositories. Just like Github, data is encrypted in transit using SSH or HTTPS. There is also encryption at rest using AWS Key Management Service (AWS KMS). There is an option to use an AWS managed key for this encryption (by default), or to create and use your own customer managed key.
Behind the scene, AWS CodeCommit stores your repositories in Amazon S3 and Amazon DynamoDB and the data data is redundantly stored across multiple facilities.
To migrate the data from Github (or any other git service) to AWS CodeCommit, all you need is AWS Account.
Migrating to AWS CodeCommit keeps all your previous commits and branches.
Part 1 - GitHub repository
In this section, I will create the Github repo from scratch.
If you already have a GitHub repo, just skip this section and continue to Part 2.
Let's create some GitHub repo, do some commits and a new branch.
In your GitHUb account, navigate to Repositories and hit New.
Choose a name whatever you like, I chose 'myfilesbackup' and make sure the repo is private.
Once the Github repo is created, we can push our files there.
For start I created this simple file structure:
Let's initialize git:
Add the Github repository as a remote to your local repository.
Now you should finally add, commit and push your files to master branch.
Let's do some more commits. For start create another folder with some dummy file.
Another commit and push will do the job.
Let's make it more fun and create another branch, called development and switch to it.
Now let's create another file
I want this file to be pushed to branch development
So to summarize, we did 3 commits and 1 additional branch.
This is how it looks like in the Github repo:
Part 2 - AWS CodeCommit repository
You have to have an AWS account. If you don't, create one
https://aws.amazon.com/resources/create-account/
Once you have an AWS account, you need to create 2 (3) things:
- AWS CodeCommit repo
- AWS IAM user with CodeCommit credentials (or access key)
- This is optional, but once you create AWS account, you can sign in as a root user. That approach is not the best way, thus you should creatale an IAM User with admin rights you can use to sign in to the console.
Let's presume you already have AWS account and can log in either as root or IAM User (this is more suggested), so let's create AWS CodeCommit repo and IAM User with CodeCommit credentials.
Create AWS CodeCommit repo
In the AWS account navigate to Developer Tools > CodeCommit > Repositories and hit Create repository
Fill in:
Name of the repo
Description (optional)
Choose AWS KMS key for encryption (AWS managed, or your own if you have it and want to use it). If you with to create your own AWS KMS key, this comes with additional cost. AWS Managed KMS key is provided for free.
Optinaly you can also enable Amazon CodeGuru reviewer for Java and Python, which is machine learning powered code reviewer. This may also come with additional cost.
Once the repository is created, you have 2 options how to clone it:
HTTPS
SSH
If you are signed as a root user, you only can use HTTPS, not SSH. Me personally prefer HTTPS, so I will choose this one.
Before we clone this repo, we need IAM user we will use to connect to AWS CodeCommit.
Navigate to IAM > Users > Create user and let's create IAM User we will use exclusively to connect to AWS CodeCommit.
Give it a name, click Next and then choose Attach policies directly.
From the filter menu, find AWSCodeCommitPowerUser policy, mark it and click Next > Creat User
This will give the IAM User enough permissions to pull, push, etc...
Once the user is created, we need to assign a credentials. Go inside the user, tab Security Credentials, where you have 2 options:
You can assign SSH key or HTTPS credentials valid only for AWS CodeCommit.
You can assign Security Credentials.
The difference is, that with AWS CodeCommit SSH key or HTTPS credentials, the user is only able to connect to AWS CodeCommit service, while user with Security Credentials can potentially connect to the AWS console, or CLI.
The less priviledge the better I say, so I choose AWS CodeCommit credentials.
As mentioned before, I personally prefer HTTPS over SSH, therefore I scroll down to HTTPS Git credentials for AWS CodeCommit and hit Generate credentials
This wil transfer you to a new window, where you can see those credentials.
I suggest you download them and store securely, because this is the only time you can see your password. Of course if you loose it, you can generate it again, or just reset the password.
Ok, so now that we have everything set up, let's push the repo to AWS CodeCommit cloned by HTTPS.
As first, pull the repo to make sure you are up to date.
Copy the repo link from HTTPS tab,:
and modify the git origin to that value:
You will be asked for username and password - that's the AWS CodeCommit HTTPS credentials you set up in AWS Console.
Once you add the credentials, the value of remote repo is modified to AWS CodeCommit.
We are now ready to push everything into AWS CodeComit repo.
All my previous commits and branches are now part of AWS CodeCommit repo
For some reason it made development branch the default, so I will change the default branch back to master.
In repository, navigate to Settings,
and scroll to Default branch, where you can change it to master.
Now we are fully migrated from Github to AWS CodeCommid.
Let's summarize the benefits:
This is not a challenge between Github and AWS CodeCommit, as each offers different benefits, but:
By defining the IAM user with CodeCommit credentials, you have full controll who can access the repo.
The data is in your account and cannot be accessed from another account or another user, if you don't specifically allow it.
The data is encrypted at rest with KMS key.
The repo can be easily integrated with other AWS services like EventBridge and SNS (can come with addional cost), so you are notified about every change to your repo (commit, pull, etc...).
You can have unlimited number of repositories.
No Size Limits on Repositories, aw AWS CodeCommit does not impose hard limits on repository sizes (unlike GitHub).
Free tier is available (see below).
Cost
Up to 5 active users, 50 GB-month of storage, and 10,000 Git requests per month is for free. So in most cases, your repo will be free all the time.
Conclusion
Creating and migrating the repo to the AWS CodeCommit is very easy. Migrating a GitHub repo to AWS CodeCommit can offer numerous benefits, especially for those already running the AWS ecosystem for its ability of integration with AWS services, scalability, and security features present a compelling case for teams looking to streamline their development workflows within AWS.
Top comments (0)