How to pass user-name and password to Clone a private repo via aws user-data

Question

I am trying to clone a repo using git on a ec2 server, my goal is to get a repo on it and for that I am planning on executing a shell script as user data. Please suggest me how do I authenticate to github on the fly

I tried installing git and then cloning it using git clone.

Answer 1

Github has the concept of Deploy Keys which would be a good solution for you:

• read only access
• scoped to a repo, not your entire account / org
• distinct from your personal access to protect your github account

1. Generate an SSH key
2. Put the private key somewhere accessible by the application. you have a few different options here - AWS service storage (Secrets Manager or maybe s3) which will require you to give your EC2 instances an IAM Instance Profile so they can authenticate to AWS, which is a great solution but a little complicated the first time to handle AWS auth. Or you could build an AMI with the key already added. You could even hard code the ssh key in the user-data if that is acceptable to you - user data is often
3. in user-data, grab the key (if it's not already in the ami) and put it in a location you can specify for the git clone (or put it in ~/.ssh/id_rsa` and it will be used automatically)
4. You'll also need to populate ~/.ssh/known_hosts with the host keys of github
5. When you clone the repo, use the ssh protocol url style