General MacOS

MacOS keychain with AWS CodeCommit

Using temporary credentials (access-tokens) with AWS CodeCommit and git clients can be hard with MacOS. The Keychain saves those credentials and after ~15min you must renew them (remove them manually from the keychain). And if you have also to work with repositories other than AWS (like GitHub, GitLab) its even worse. But since recent git versions (>2.9) it is possible to reset the credential helper by Git-Host!

Using the git credential-helper for CodeCommit repositories only:

[credential "https://git-codecommit.eu-central-1.amazonaws.com"]
  helper=!aws codecommit --profile developer-cloudformation credential-helper $@
        UseHttpPath = true

It’s important to add that „helper=“ line. Regularly the global git config contains a „helper=osxkeychain“ line and those helper-directives are additive – but the „helper=“ line breaks/resets that inheritance.


My GitHub Profile

Mein GitHub Profil: https://github.com/otto802/.

Reichlich spät, aber besser spät als nie ;-).