diff --git a/terraform/concourse/codecommit.tf b/terraform/concourse/codecommit.tf
index 35308f0900..bc1c738028 100644
--- a/terraform/concourse/codecommit.tf
+++ b/terraform/concourse/codecommit.tf
@@ -30,3 +30,9 @@ resource "aws_iam_user" "git" {
 #    ]
 #    append = true
 #}
+
+resource "aws_iam_user_ssh_key" "git" {
+  username = "${aws_iam_user.git.name}"
+  encoding = "PEM"
+  public_key = "${var.git_rsa_id_pub}"
+}
diff --git a/terraform/concourse/git_ssh_key_id b/terraform/concourse/git_ssh_key_id
new file mode 100644
index 0000000000..d2807ae17f
--- /dev/null
+++ b/terraform/concourse/git_ssh_key_id
@@ -0,0 +1 @@
+Empty file git_ssh_key_id to avoid terraform fail during the first run.
diff --git a/terraform/concourse/outputs.tf b/terraform/concourse/outputs.tf
index 5b804c3c39..8b6e9a6156 100644
--- a/terraform/concourse/outputs.tf
+++ b/terraform/concourse/outputs.tf
@@ -29,3 +29,7 @@ output "git_concourse_pool_clone_url_http" {
 output "git_user_name" {
   value = "${aws_iam_user.git.name}"
 }
+
+output "git_user_ssh_public_key_id" {
+  value = "${aws_iam_user_ssh_key.git.ssh_public_key_id}"
+}
diff --git a/terraform/concourse/variables.tf b/terraform/concourse/variables.tf
index 16e6012489..123ef3089b 100644
--- a/terraform/concourse/variables.tf
+++ b/terraform/concourse/variables.tf
@@ -10,3 +10,7 @@ variable "concourse_pool_git_rw_groupname" {
   description = "Group with permissions to write in concourse pool git repositories"
   default     = "concourse-pool-git-rw"
 }
+
+variable "git_rsa_id_pub" {
+  description = "Public SSH key for the git user"
+}