Reputation: 47
Error 403 when cloning an AWS CodeCommit repository from EC2 instance
I'm trying to do exactly the same thing as this document I've found here : https://blog.0x427567.com/how-to-clone-aws-codecommit-repository-from-ec2-instance-99e4abfda1a1
I have created a new CodeCommit repository (empty) and I'm trying to clone it from a EC2 instance with a role assigned to it containing the permission "AWSCodeCommitFullAccess". Maybe I need a ssh key or something, but that's weird that the guide doesn't mention it.
On the EC instance I used the following command (with AWS CLI and pip already installed) :
git config --global credential.helper '!aws codecommit credential-helper $@'
git config --global credential.UseHttpPath true
pip install git-remote-codecommit
Then cloning with either :
git clone https://git-codecommit.eu-west-3.amazonaws.com/v1/repos/[REPO]
or
git clone codecommit::eu-west-3://[REPO]
Gives me the same error :
fatal: unable to access 'https://git-codecommit.eu-west-3.amazonaws.com/v1/repos/[Repo]/': The requested URL returned error: 403
Edit :
I have manage to clone my repository, the issue came that I was using a user that had a .aws/credentials file that override my role permissions. And thoses credentials didn't have any access to CodeCommit repo.
Upvotes: 1
Views: 1493
Answers (1)
Reputation: 1326
Im not sure there is enough info to provide a definitive answer but my guess is that since eu-west-3 (Paris) is not explicitly mentioned as a supported default region , you may need to update the version of botocore on your server.
The reason I ask is because you shouldn't need to provide the region name if the server and repository are in the same region:
# you should be able to just do this
$ git clone codecommit://MyDemoRepo
Turning up git's log level may provide you enough info to resolve as well:
$ GIT_TRACE=1 git clone codecommit::eu-west-3://MyRepo
...
Additional info that can help provide a better answer:
Is the server you're running the git commands from in the same region as the repository (eu-west-3)?
Making sure the role assigned to your ec2 instance is correct:
$ aws sts get-caller-identity
...
- What versions of tools/os are you using i.e. the output of the following commands:
# check the OS of the instance
$ cat /etc/os-release
...
# make sure semi recent version of git is used
$ git --version
...
# make sure semi recent of aws-cli is used (preferably v2)
$ aws --version
...
# make sure there aren't more than 1 aws-cli installed
$ type -a aws
...
# check pip version
$ pip --version
...
# list packages w/versions installed by pip
$ pip freeze
...
# show info about the credential helper package
$ pip show git-remote-codecommit
...
Upvotes: 2
Related Questions
- AWS Codecommit - fatal: unable to access : The requested URL returned error: 403
- running git clone against AWS CodeCommits gets me a 403 error
- aws codecommit not giving credentials prompt
- clone AWS codecommit repo via HTTP
- 403 Error while using AWS CodeCommit after being asked Username & Password (MacOS)
- fatal: unable to access 'https://git-codecommit.eu-west-1.amazonaws.com/v1/repos/myrepo/': The requested URL returned error: 403
- AWS Code Deploy 403 error on accessing repo
- AWS: Can't clone repo Codecommit, The requested URL returned error: 403
- Git clone works in AWS CodeCommit but pushing fails with 403
- aws codecommit cannot push