{"slug":"iam-aws-codecommit","cloud":"aws","service":"codecommit","title":"AWS CodeCommit (IAM)","description":"AWS CodeCommit is a fully-managed source control service that hosts secure Git-based repositories.","category":"devops","common_permissions":["codecommit:GetBranch","codecommit:GetCommit","codecommit:GetFile","codecommit:PutFile","codecommit:CreateBranch","codecommit:ListBranches","codecommit:GetRepository","codecommit:ListRepositories"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"codecommit:GetBranch\",\n        \"codecommit:GetCommit\",\n        \"codecommit:GetFile\",\n        \"codecommit:PutFile\",\n        \"codecommit:CreateBranch\",\n        \"codecommit:ListBranches\",\n        \"codecommit:GetRepository\",\n        \"codecommit:ListRepositories\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid codecommit:* — grants full control including delete and modify of repositories and branches","Avoid codecommit:DeleteRepository unless explicitly needed for repository cleanup"],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/codecommit/codecommit.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:50:08.485Z","updated_at":"2026-06-14T04:50:08.485Z"}