Amazon CodeArtifact
Amazon CodeArtifact is a fully managed, secure artifact repository service that helps organizations store, publish, and share software packages used in their software development process. CodeArtifact works with popular build tools and package managers including npm, yarn, pip, twine, Maven, Gradle, NuGet, and more. It supports Cargo, generic, Maven, npm, NuGet, PyPI, Ruby, and Swift package formats and integrates natively with AWS IAM, AWS KMS, AWS CloudTrail, and Amazon EventBridge.
1 APIs
12 Features
AmazonArtifact RepositoryPackage ManagementDevOpsSoftware Supply ChainnpmMavenPyPINuGet
Multi-Format Package Support
Supports Cargo, generic, Maven, npm, NuGet, PyPI, Ruby, and Swift package formats in polyglot repositories that can hold any supported package type in a single repository.
Public Repository Integration
Connect repositories to public sources including npmjs, PyPI, Maven Central, NuGet Gallery, and RubyGems.org to proxy and cache open-source dependencies on demand.
Domain-Based Organization
Aggregate multiple repositories into a domain to apply organizational policies, manage encryption, and share packages across development teams.
Upstream Repositories
Create upstream relationships between repositories so downstream repositories can transparently access packages from upstream sources, effectively merging their contents.
Package Groups and Origin Controls
Apply configuration to multiple packages using package groups with pattern matching. Use origin controls to block or allow ingestion or publishing of new package versions against dependency substitution attacks.
Authorization Token Generation
Generate temporary authorization tokens (up to 12 hours) for secure authentication with package managers without long-lived credentials.
AWS IAM Integration
Control access to domains and repositories using AWS Identity and Access Management for fine-grained permissions policies.
AWS KMS Encryption
All assets and metadata in a domain are encrypted with the same AWS KMS key, supporting both AWS managed and customer managed keys.
AWS CloudTrail Integration
Track package usage and access across your organization with full audit logging via AWS CloudTrail.
Amazon EventBridge Integration
Automate package governance workflows and trigger actions on package events using Amazon EventBridge.
AWS PrivateLink Support
Access CodeArtifact repositories from within a VPC without exposing traffic to the public internet using AWS PrivateLink endpoints.
High Availability Storage
Multi-Availability Zone operation with redundant package asset storage across Amazon S3 and DynamoDB, fully managed with automatic scaling.
Internal Package Distribution
Share proprietary software components and internal libraries between multiple applications and development teams within an organization without managing your own artifact storage infrastructure.
Open-Source Dependency Caching
Proxy and cache open-source packages from public registries to ensure build reproducibility and availability even when upstream registries experience downtime.
Software Supply Chain Security
Control which packages developers can use with package origin controls to protect against dependency confusion and substitution attacks.
Multi-Team Package Governance
Apply organizational policies across multiple repositories in a domain and audit package consumption across development teams using CloudTrail and EventBridge.
CI/CD Pipeline Integration
Integrate with CI/CD systems using native package manager support (npm, Maven, pip, NuGet) to fetch and publish packages as part of automated build and release workflows.
AWS IAM
Fine-grained access control for domains, repositories, and package operations.
AWS KMS
Encryption key management for all package assets and metadata stored in a domain.
AWS CloudTrail
Audit logging for all CodeArtifact API calls and package access events.
Amazon EventBridge
Event-driven automation for package governance workflows and notifications.
AWS PrivateLink
Private network connectivity to CodeArtifact from within a VPC.
npm Registry (npmjs.com)
Public upstream connection for npm package proxying and caching.
PyPI (pypi.org)
Public upstream connection for Python package proxying and caching.
Maven Central
Public upstream connection for Java/Maven package proxying and caching.
NuGet Gallery (nuget.org)
Public upstream connection for .NET package proxying and caching.
RubyGems.org
Public upstream connection for Ruby gem proxying and caching.
crates.io
Public upstream connection for Rust/Cargo package proxying and caching.
GitHub Actions
Integrate CodeArtifact with GitHub Actions CI/CD workflows for package management.
AWS CodeBuild
Use CodeArtifact as the package source in AWS CodeBuild build projects.
AWS CodePipeline
Incorporate package publishing and consumption into AWS CodePipeline deployment pipelines.
aid: amazon-codeartifact
name: Amazon CodeArtifact
description: Amazon CodeArtifact is a fully managed, secure artifact repository service that helps organizations store, publish,
and share software packages used in their software development process. CodeArtifact works with popular build tools and
package managers including npm, yarn, pip, twine, Maven, Gradle, NuGet, and more. It supports Cargo, generic, Maven, npm,
NuGet, PyPI, Ruby, and Swift package formats and integrates natively with AWS IAM, AWS KMS, AWS CloudTrail, and Amazon EventBridge.
type: Index
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
tags:
- Amazon
- AWS
- Artifact Repository
- Package Management
- DevOps
- Software Supply Chain
- npm
- Maven
- PyPI
- NuGet
url: https://raw.githubusercontent.com/api-evangelist/amazon-codeartifact/refs/heads/main/apis.yml
created: '2026-03-16'
modified: '2026-06-20'
specificationVersion: '0.19'
apis:
- aid: amazon-codeartifact:amazon-codeartifact-api
name: Amazon CodeArtifact API
description: The Amazon CodeArtifact REST API enables programmatic management of artifact repositories, domains, packages,
and package versions. Manage domains and repositories, control permissions policies, publish and copy package versions,
retrieve authorization tokens, and manage external connections to public package registries such as npmjs, PyPI, Maven
Central, NuGet Gallery, and RubyGems.
humanURL: https://docs.aws.amazon.com/codeartifact/latest/APIReference/Welcome.html
baseURL: https://codeartifact.us-east-1.amazonaws.com
tags:
- Amazon
- AWS
- Artifact Repository
- Package Management
- REST API
properties:
- type: Documentation
url: https://docs.aws.amazon.com/codeartifact/latest/ug/welcome.html
- type: APIReference
url: https://docs.aws.amazon.com/codeartifact/latest/APIReference/Welcome.html
- type: OpenAPI
url: openapi/amazon-codeartifact-openapi-original.yaml
- type: JSONSchema
url: json-schema/codeartifact-domain-description-schema.json
- type: JSONSchema
url: json-schema/codeartifact-repository-description-schema.json
- type: JSONSchema
url: json-schema/codeartifact-package-version-description-schema.json
- type: Overlay
url: overlays/amazon-codeartifact-api-overlay.yaml
- type: MCPServer
url: mcp/amazon-codeartifact-mcp.yml
- type: ErrorCatalog
url: errors/amazon-codeartifact-problem-types.yml
- type: Conformance
url: conformance/amazon-codeartifact-conformance.yml
- type: Lifecycle
url: lifecycle/amazon-codeartifact-lifecycle.yml
common:
- type: TrustCenter
url: security/amazon-codeartifact-trust-center.yml
- type: VulnerabilityDisclosure
url: security/amazon-codeartifact-vulnerability-disclosure.yml
- type: DomainSecurity
url: security/amazon-codeartifact-domain-security.yml
- type: Authentication
url: authentication/amazon-codeartifact-authentication.yml
- type: GettingStarted
url: https://docs.aws.amazon.com/codeartifact/latest/ug/getting-started.html
- type: Authentication
url: https://docs.aws.amazon.com/codeartifact/latest/ug/tokens-authentication.html
- type: Pricing
url: https://aws.amazon.com/codeartifact/pricing/
- type: Console
url: https://console.aws.amazon.com/codesuite/codeartifact/start
- type: Portal
url: https://aws.amazon.com/codeartifact/
- type: Documentation
url: https://docs.aws.amazon.com/codeartifact/latest/ug/
- type: TermsOfService
url: https://aws.amazon.com/service-terms/
- type: PrivacyPolicy
url: https://aws.amazon.com/privacy/
- type: StatusPage
url: https://health.aws.amazon.com/health/status
- type: Blog
url: https://aws.amazon.com/blogs/devops/category/developer-tools/amazon-codeartifact/
- type: SignUp
url: https://portal.aws.amazon.com/gp/aws/developer/registration/index.html
- type: GitHubOrganization
url: https://github.com/aws
- type: SpectralRules
url: rules/amazon-codeartifact-spectral-rules.yml
- type: Vocabulary
url: vocabulary/amazon-codeartifact-vocabulary.yaml
- type: JSONLD
url: json-ld/amazon-codeartifact-context.jsonld
- type: Packages
url: packages/amazon-codeartifact-packages.yml
- type: WellKnown
url: well-known/amazon-codeartifact-well-known.yml
- type: SecurityTxt
url: well-known/amazon-codeartifact-security.txt
- type: LLMsTxt
url: llms/amazon-codeartifact-llms.txt
- type: LLMsTxt
url: llms/amazon-codeartifact-llms-full.txt
- type: Blog
url: https://aws.amazon.com/blogs/devops/tag/codeartifact/feed/
- type: Features
data:
- name: Multi-Format Package Support
description: Supports Cargo, generic, Maven, npm, NuGet, PyPI, Ruby, and Swift package formats in polyglot repositories
that can hold any supported package type in a single repository.
- name: Public Repository Integration
description: Connect repositories to public sources including npmjs, PyPI, Maven Central, NuGet Gallery, and RubyGems.org
to proxy and cache open-source dependencies on demand.
- name: Domain-Based Organization
description: Aggregate multiple repositories into a domain to apply organizational policies, manage encryption, and share
packages across development teams.
- name: Upstream Repositories
description: Create upstream relationships between repositories so downstream repositories can transparently access packages
from upstream sources, effectively merging their contents.
- name: Package Groups and Origin Controls
description: Apply configuration to multiple packages using package groups with pattern matching. Use origin controls
to block or allow ingestion or publishing of new package versions against dependency substitution attacks.
- name: Authorization Token Generation
description: Generate temporary authorization tokens (up to 12 hours) for secure authentication with package managers
without long-lived credentials.
- name: AWS IAM Integration
description: Control access to domains and repositories using AWS Identity and Access Management for fine-grained permissions
policies.
- name: AWS KMS Encryption
description: All assets and metadata in a domain are encrypted with the same AWS KMS key, supporting both AWS managed
and customer managed keys.
- name: AWS CloudTrail Integration
description: Track package usage and access across your organization with full audit logging via AWS CloudTrail.
- name: Amazon EventBridge Integration
description: Automate package governance workflows and trigger actions on package events using Amazon EventBridge.
- name: AWS PrivateLink Support
description: Access CodeArtifact repositories from within a VPC without exposing traffic to the public internet using
AWS PrivateLink endpoints.
- name: High Availability Storage
description: Multi-Availability Zone operation with redundant package asset storage across Amazon S3 and DynamoDB, fully
managed with automatic scaling.
- type: UseCases
data:
- name: Internal Package Distribution
description: Share proprietary software components and internal libraries between multiple applications and development
teams within an organization without managing your own artifact storage infrastructure.
- name: Open-Source Dependency Caching
description: Proxy and cache open-source packages from public registries to ensure build reproducibility and availability
even when upstream registries experience downtime.
- name: Software Supply Chain Security
description: Control which packages developers can use with package origin controls to protect against dependency confusion
and substitution attacks.
- name: Multi-Team Package Governance
description: Apply organizational policies across multiple repositories in a domain and audit package consumption across
development teams using CloudTrail and EventBridge.
- name: CI/CD Pipeline Integration
description: Integrate with CI/CD systems using native package manager support (npm, Maven, pip, NuGet) to fetch and publish
packages as part of automated build and release workflows.
- type: Integrations
data:
- name: AWS IAM
description: Fine-grained access control for domains, repositories, and package operations.
- name: AWS KMS
description: Encryption key management for all package assets and metadata stored in a domain.
- name: AWS CloudTrail
description: Audit logging for all CodeArtifact API calls and package access events.
- name: Amazon EventBridge
description: Event-driven automation for package governance workflows and notifications.
- name: AWS PrivateLink
description: Private network connectivity to CodeArtifact from within a VPC.
- name: npm Registry (npmjs.com)
description: Public upstream connection for npm package proxying and caching.
- name: PyPI (pypi.org)
description: Public upstream connection for Python package proxying and caching.
- name: Maven Central
description: Public upstream connection for Java/Maven package proxying and caching.
- name: NuGet Gallery (nuget.org)
description: Public upstream connection for .NET package proxying and caching.
- name: RubyGems.org
description: Public upstream connection for Ruby gem proxying and caching.
- name: crates.io
description: Public upstream connection for Rust/Cargo package proxying and caching.
- name: GitHub Actions
description: Integrate CodeArtifact with GitHub Actions CI/CD workflows for package management.
- name: AWS CodeBuild
description: Use CodeArtifact as the package source in AWS CodeBuild build projects.
- name: AWS CodePipeline
description: Incorporate package publishing and consumption into AWS CodePipeline deployment pipelines.
maintainers:
- FN: Kin Lane
email: kin@apievangelist.com