How to Clone a Git Repository in AWS ap-south-1 Region Using HTTPS Connection

Requirements to Clone a Git Repository in AWS ap-south-1 Region Using HTTPS Connection

Prev Question Next Question

Question

A software engineer has created a git repository from the AWS console in the AWS ap-south-1 region.

The git repo name is called “MyDemoRepo”

He is using an Ubuntu Linux machine to continue developing the software.

He already has an IAM user configured in AWS.

Which of the following options are required to clone the repository properly using the HTTPS connection? (Select TWO.)

Answers

A. In the local Ubuntu machine, create a public/private RSA key pair with ssh-keygen and save the private key in the ~/.ssh folder.

B. Attach the IAM policy AWSCodeCommitPowerUser to the IAM user through the AWS IAM console.

C. Generate a username/password locally and upload the password in the AWS IAM console by selecting the IAM user and choosing "Upload HTTPS password".

D. Attach the IAM policy AWSCodeCommitFullAccess to the IAM user through the AWS IAM console.

E. In the IAM console, generate HTTPS Git credentials for AWS CodeCommit and download credentials to a .CSV file.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

Correct Answer - B, E.

Option A is incorrect because, for HTTPS connections, there is no need to generate RSA key pairs as they are used for SSH connections.

Option B is CORRECT because AWSCodeCommitPowerUser policy is required to provide the necessary permissions for an IAM user to clone the Git repository from CodeCommit.

Option C is incorrect because this is not how credentials are created for CodeCommit.

You need to generate the credentials through Codecommit for the IAM user instead of create them locally.

Option D is incorrect because compared with Option B, AWSCodeCommitFullAccess provides unnecessary permissions, which does not meet the least privilege principal.

Option E is CORRECT because you need to generate HTTPS Git credentials through CodeCommit and use them to establish the connections with CodeCommit repositories.

For further information on how to connect to an AWS CodeCommit repository with HTTPS, please refer to.

https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html?icmpid=docs_acc_console_connect_np

The correct options are B and E.

Explanation:

To clone the repository properly using the HTTPS connection, the following steps are required:

Option A is not required because it is only necessary if the user intends to use the SSH connection instead of HTTPS.

Option B is required because the IAM policy AWSCodeCommitPowerUser grants the necessary permissions to the IAM user to clone the repository.

Option C is not required because the user can use AWS IAM users to authenticate with AWS CodeCommit using HTTPS, and they don't need to generate a separate username and password.

Option D is not required because AWSCodeCommitFullAccess grants more permissions than necessary to clone the repository, and it is not recommended to use such broad permissions.

Option E is required because the user needs to generate HTTPS Git credentials for AWS CodeCommit and download the credentials to a .CSV file. The .CSV file will contain a Git clone URL, a username, and a password that can be used to clone the repository.

Therefore, the correct options are B and E.

Prev Question Next Question