Integrate ROSA with AWS CodeCommit

Red Hat OpenShift Service on AWS is a fully managed OpenShift service, jointly supported by both Red Hat and Amazon Web Services and managed by Red Hat SRE team. ROSA is an opinionated OpenShift platform on AWS that takes away cluster lifecycle management from the customer, so that they can focus on building applications rather than maintaining and managing OpenShift clusters.

AWS CodeCommit is a version control service hosted by AWS that you can use to privately store and manage your application source code in the cloud. If a customer is exploring AWS CodeCommit or currently using AWS CodeCommit to maintain their application source code, they can now integrate AWS CodeCommit with ROSA. There are a few use cases where a customer may prefer to integrate OpenShift cluster directly with private source code repository: either to consistently build and deploy a security patch to an application or the speed with which they build and assemble application for faster deployment process without creating too many intermediate steps. Red Hat OpenShift offers an integrated Source-to-Image(S2I) framework through the OpenShift console that makes it easy to take application source code as an input and produce a new container image that runs the application on OpenShift Cluster.

This blog post will demonstrate how to integrate Red Hat OpenShift Service on AWS (ROSA) with AWS CodeCommit. We will create AWS CodeCommit repository, create IAM user with CodeCommit credentials, and configure OpenShift console to use the CodeCommit repository to deploy application to ROSA cluster using the Source-to-Image framework.

Overview of solution

The following diagram represents an overview of the build to deployment of the application lifecycle using a Source-to-Image framework.

The integration of AWS CodeCommit with ROSA Cluster will have the following steps:

  1. Create a CodeCommit repository
  2. Add files to your repository
  3. Set up an IAM user with Git credentials to connect to  CodeCommit
  4. Configure Red Hat OpenShift console to include CodeCommit repository URL
  5. Build and deploy application image from CodeCommit to ROSA cluster


  • AWS account
  • ROSA enabled in the AWS account
  • A ROSA cluster created
  • Access to Red Hat OpenShift console


Let’s take an example and walk through step-by-step to configure ROSA cluster with an AWS CodeCommit repository.

  1. Create the AWS CodeCommit repository:

To create the AWS CodeCommit repository, follow below steps:

a. Log in to your AWS account

b. Open CodeCommit in the AWS Management Console at

c. Use the Region selector to choose the AWS Region where you want to create the repository. For this example, chose a Region where you have created ROSA cluster.

d. On the Repositories page, choose Create repository.


e. Enter the name my-repo in the Repository Name field and description. Click the Create button.


f. From the repository you created just now, choose Clone URL, and then choose the protocol that you want to use when cloning or connecting to the repository. This copies the clone URL. For this example, we will chose Clone HTTPS.


2.     Set up the IAM user with Git credentials to connect to CodeCommit 

a. Within IAM in the AWS Management Console, chose Users from the left navigation pane and select your IAM user from the list of users.

b. On the user details page,  choose the Security Credentials tab, and in the HTTPS Git credentials for AWS CodeCommit section, chose Generate Credentials.

c. Copy the username and password that IAM generated. You will need these credentials to connect CodeCommit.

3.     Add files to your repository

a. Install Git client on your computer from this location:

b. Open a terminal, command line, or git shell and run the git clone command.

>git clone my-repo

The first time you connect, you will be prompted for the username and password for the repository. Enter the username and password generated for git credentials in IAM (the one you created in step 2.c). Execute below commands to add files to CodeCommit repo.

c. Add the files into git local repo

>git add .

d. Commit the changes

>git commit -m "Added initial repo"

e. Now push your commit to AWS CodeCommit repository

>git push origin

4.     Configure Red Hat OpenShift console to include AWS CodeCommit repository URL

a. Copy the HTTPS URL if you are using either Git credentials with your IAM user or the credential helper included with the AWS CLI.

b. Open the Red Hat console.

i. Go to your Red Hat account  and login with your credentials –

ii. Select your ROSA cluster. Select Open Console from the top right. This opens the Red Hat console in a new browser tab.

c. In the Red Hat console, select Developer from the top left drop-down.

i. Select Topology from the left navigation pane, and from the right, select Create Project or your existing project.

d. Fill the details if you are creating new project and select Create.

e. Now select your project from the project drop-down, select Add from left navigation. On the right widget, select From Git  to import code from Git repository to build and deploy code.

f. From the AWS CodeCommit repository you created above, choose Clone URL, select  Clone HTTPS  to copy the CodeCommit repository URL, and paste into Git Repo URL field in the Red Hat console as shown below


g. For Git type, chose Other from the drop-down. Select Show advanced and enter the subdirectory in the Context dir for your source code to build and deploy.

h. Select Create new Secret from the Source Secret drop-down. Enter a name for Secret Name and choose Basic Authentication  for Authentication Type from the drop-down. Enter AWS CodeCommit Git credential username and password  in the respective fields, choose Create.

i. Under Resources, select DeploymentConfig, and select Create. This will automatically start building the application. After a successful build, the S2I tool will automatically deploy the container application into the project you selected.

j. Select the application that was just deployed and click on the application to open the details page as shown below.

k. From the Resources tab, select View Logs to monitor the status of the build and deployment.

This completes the deployment of the application to a ROSA cluster using AWS CodeCommit.


This post has covered steps on how to integrate AWS CodeCommit with the ROSA OpenShift console using the HTTPS option. You can take this example and integrate with ROSA OpenShift Console using SSH option for your code repository in AWS using AWS CodeCommit.

For information on how to get started with AWS CodeCommit with Git credentials, refer to this documentation here. For getting started on creating ROSA cluster, check out this blog.

Vani Eswarappa

Vani Eswarappa

Vani Eswarappa is a Principal Architect at AWS with experiences in Containers, AI/ML and Enterprise Architecture. As technical leader , Vani works with AWS customers and partners on their cloud journey to meet business needs. In her spare time, she enjoys spending time with her family outdoors and exploring new locations.