Enhancing Code Security with DevSecOps: Part 1 — Connecting Git with AWS CodeCommit

Hello, everyone! I’m excited to take this journey with you and walk you through the steps to enhance the security of your code throughout the Software Development Life Cycle (SDLC). This is Part 1 of a six-part series where we’ll dive into the world of DevSecOps. Today, I’ll guide you through the process of integrating Git with AWS CodeCommit, taking your first steps towards a more secure codebase. Don’t worry; we’ll start from the very beginning to ensure everyone can follow along.

Prerequisites: Before we begin, there are a few things you’ll need:

• An AWS account (Don’t worry; you can get started for free).
• A GitHub account (Free).
• Basic knowledge of Bash (We’ll keep it simple).

Now, let’s get started!

1. Navigate to AWS CodeCommit: Log in to your AWS account, and in the search bar at the top, type “CodeCommit.” You’ll be directed to the Developer Tools section of the AWS Management Console.

1. Create Project:

• Click on “Create repository.”
• Give your repository a name under “Repository name.”
• Once the repository is successfully created, you’ll see three steps to follow.

1. Let’s tackle these steps together!

Step 1 — Git Client Version: To connect to an AWS CodeCommit repository, you need a Git client that supports Git version 1.7.9 or later.

Use this command to see your version.

Step 2 — Git Credentials: Navigate to Git credentials for your IAM user if you haven’t already. Download these credentials and store them securely. Remember, security is paramount. Once in your Identity and Access Management (IAM), click your User, then select ‘Security Credentials.’ Within this tab, scroll down to find ‘HTTPS Git credentials for AWS CodeCommit,’ and click to generate your credentials

Step 3 — Clone the repository: But before we dive into this let look into some basic Bash skills: Basic Bash skills can be handy, but don’t worry if you’re new to it. Let’s open our command line.

• Create a new folder in your desired directory. You can choose any name or location you prefer. Once you’ve created a directory called “AWS-Lab-DevSecOps,” go ahead and create a new directory within it. In my case, I’ll name it “Hello-World.” To help you with this, simply use the following command in your terminal:

mkdir Hello-World

This will create the “Hello-World” directory within the “AWS-Lab-DevSecOps” directory. Here’s an example of mine:

Now, as mentioned in Step 3, clone your repository to your local computer and start working on your code. To copy the URL, simply click the ‘Copy’ button. Alternatively, you can also click on ‘Clone URL’ located at the top right corner of the page. This will open a dropdown menu, where you can select ‘Clone HTTPS.’

Top Right Clone URL Option.

Once you’ve copied it, please proceed to execute the command below and paste your copied URL.

git clone <URL>

In some cases, you might be prompted for a username and password. This is where those credentials you saved in Step 2 come into play.

• To ensure you’ve done it correctly, run the following commands:

ls -a

If you’ve successfully completed these steps, congratulations! You’ve successfully integrated Git with CodeCommit. You’re on your way to creating a DevSecOps pipeline. As mentioned earlier, this is just the beginning of our six-part series. In Part 2, we’ll explore how to push your code to AWS CodeCommit, further advancing your DevSecOps journey.

I’d like to give a huge shoutout to my mentor, Nicolas Moy! He’s been instrumental in sharpening my skills, and I’m thrilled to share this knowledge with you all. Stay tuned for the next part of our DevSecOps adventure!