AWS CodeCommit HTTPS访问,无需设置凭证助手 [英] AWS CodeCommit HTTPS access without setting up credential helper
问题描述
我们正在从GitHub转换到AWS CodeCommit以建立一个紧密集成的环境。
需要通过HTTPS访问一个存储库。这个回购是通过Spring Cloud Config Server产品访问的,该产品使用jgit读取回购并克隆文件以供其使用。
AWS CodeCommit显然需要使用凭证助手当通过HTTPS连接时,但我没有设置那样。我想要一个jgit可以使用的用户和密码设置,而不需要使用凭证帮助程序生成临时凭证。任何方式来实现这一点?
有什么办法可以配置CodeCommit来访问固定的用户和密码来通过HTTPS访问版本库?
更新
截至2016年12月22日, AWS CodeCommit支持使用静态用户名和密码作为通过HTTPS向您的AWS CodeCommit存储库进行身份验证的简化方式:
使用Git凭据,您可以在身份和访问管理(IAM)控制台中生成静态用户名和密码,您可以使用该控制台从命令行访问AWS CodeCommit存储库, Git CLI或任何支持HTTPS认证的Git工具。
因为这些都是静态证书,所以它们可以是cach请使用本地操作系统中包含的或存储在凭证管理实用程序中的密码管理工具。这使您可以在几分钟内开始使用AWS CodeCommit。您无需下载AWS CLI或将您的Git客户端配置为通过HTTPS连接到您的AWS CodeCommit存储库。您还可以使用用户名和密码从支持用户名和密码身份验证的第三方工具(包括流行的Git GUI客户端(如TowerUI)和IDE(如Eclipse,IntelliJ和Visual)工作室)。
$ p
$ b $
初始回答
是否有任何方法配置CodeCommit以访问固定用户和密码以通过访问存储库HTTPS?
不,如设置AWS CodeCommit ,您必须使用HTTPS或SSH,前者需要加密签名版本的IAM用户凭证或Amazon EC2实例角色,只要Git需要使用AWS进行身份验证以与AWS CodeCommit中的存储库进行交互。
但是,正如Mark L. Smith在在Eclipse git中使用native git而不是jgit 的回答中所述,而 这些凭据在~15分钟内过期 ,但没有任何东西阻止您自己实施签名过程,而且Mark善意地提供了一个响应。 示例显示如何立即使用jgit 通过HTTPS克隆AWS CodeCommit存储库,请参阅 jgit-codecommit 了解详情。
We are transitioning from GitHub to AWS CodeCommit to have a tightly integrated environment.
One need is to access one repository through HTTPS. This repo is accessed ny Spring Cloud Config Server product that uses jgit to read the repo and clone the files for its use.
AWS CodeCommit apparently requires the use of the credential helper when connecting through HTTPS, but I don't the setup to be like that. I want a user and password setup that jgit can use without the need to generate a temp credential using the credential helper. Any way to accomplish this?
Is there any way to configure CodeCommit to access a fixed user and password to access the repository through HTTPS?
解决方案Update
As of December 22 2016, AWS CodeCommit supports the use of a static user name and password as a simplified way to authenticate to your AWS CodeCommit repositories over HTTPS:
With Git credentials, you can generate a static user name and password in the Identity and Access Management (IAM) console that you can use to access AWS CodeCommit repositories from the command line, Git CLI, or any Git tool that supports HTTPS authentication.
Because these are static credentials, they can be cached using the password management tools included in your local operating system or stored in a credential management utility. This allows you to get started with AWS CodeCommit within minutes. You don’t need to download the AWS CLI or configure your Git client to connect to your AWS CodeCommit repository on HTTPS. You can also use the user name and password to connect to the AWS CodeCommit repository from third-party tools that support user name and password authentication, including popular Git GUI clients (such as TowerUI) and IDEs (such as Eclipse, IntelliJ, and Visual Studio).
[...]
Initial Answer
Is there any way to configure CodeCommit to access a fixed user and password to access the repository through HTTPS?
No, as outlined in Setting Up for AWS CodeCommit, you have to either use HTTPS or SSH, and the former requires a cryptographically signed version of your IAM user credentials or Amazon EC2 instance role whenever Git needs to authenticate with AWS in order to interact with repositories in AWS CodeCommit.
However, as mentioned by Mark L. Smith in his answer to using native git not jgit in Eclipse git, while These credentials expire in ~15 minutes, nothing prevents you from implementing the signing process yourself, and Mark kindly provided a resp. Example showing how to clone an AWS CodeCommit repository over HTTPS using jgit right away, see jgit-codecommit for details.
这篇关于AWS CodeCommit HTTPS访问,无需设置凭证助手的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
