Amazon CodeArtifact

Amazon CodeArtifact is a fully managed, secure artifact repository service that helps organizations store, publish, and share software packages used in their software development process. CodeArtifact works with popular build tools and package managers including npm, yarn, pip, twine, Maven, Gradle, NuGet, and more. It supports Cargo, generic, Maven, npm, NuGet, PyPI, Ruby, and Swift package formats and integrates natively with AWS IAM, AWS KMS, AWS CloudTrail, and Amazon EventBridge.

1 APIs 12 Features
AmazonArtifact RepositoryPackage ManagementDevOpsSoftware Supply ChainnpmMavenPyPINuGet

APIs

Amazon CodeArtifact API

The Amazon CodeArtifact REST API enables programmatic management of artifact repositories, domains, packages, and package versions. Manage domains and repositories, control perm...

MCP Servers

Features

Multi-Format Package Support

Supports Cargo, generic, Maven, npm, NuGet, PyPI, Ruby, and Swift package formats in polyglot repositories that can hold any supported package type in a single repository.

Public Repository Integration

Connect repositories to public sources including npmjs, PyPI, Maven Central, NuGet Gallery, and RubyGems.org to proxy and cache open-source dependencies on demand.

Domain-Based Organization

Aggregate multiple repositories into a domain to apply organizational policies, manage encryption, and share packages across development teams.

Upstream Repositories

Create upstream relationships between repositories so downstream repositories can transparently access packages from upstream sources, effectively merging their contents.

Package Groups and Origin Controls

Apply configuration to multiple packages using package groups with pattern matching. Use origin controls to block or allow ingestion or publishing of new package versions against dependency substitution attacks.

Authorization Token Generation

Generate temporary authorization tokens (up to 12 hours) for secure authentication with package managers without long-lived credentials.

AWS IAM Integration

Control access to domains and repositories using AWS Identity and Access Management for fine-grained permissions policies.

AWS KMS Encryption

All assets and metadata in a domain are encrypted with the same AWS KMS key, supporting both AWS managed and customer managed keys.

AWS CloudTrail Integration

Track package usage and access across your organization with full audit logging via AWS CloudTrail.

Amazon EventBridge Integration

Automate package governance workflows and trigger actions on package events using Amazon EventBridge.

AWS PrivateLink Support

Access CodeArtifact repositories from within a VPC without exposing traffic to the public internet using AWS PrivateLink endpoints.

High Availability Storage

Multi-Availability Zone operation with redundant package asset storage across Amazon S3 and DynamoDB, fully managed with automatic scaling.

Use Cases

Internal Package Distribution

Share proprietary software components and internal libraries between multiple applications and development teams within an organization without managing your own artifact storage infrastructure.

Open-Source Dependency Caching

Proxy and cache open-source packages from public registries to ensure build reproducibility and availability even when upstream registries experience downtime.

Software Supply Chain Security

Control which packages developers can use with package origin controls to protect against dependency confusion and substitution attacks.

Multi-Team Package Governance

Apply organizational policies across multiple repositories in a domain and audit package consumption across development teams using CloudTrail and EventBridge.

CI/CD Pipeline Integration

Integrate with CI/CD systems using native package manager support (npm, Maven, pip, NuGet) to fetch and publish packages as part of automated build and release workflows.

Integrations

AWS IAM

Fine-grained access control for domains, repositories, and package operations.

AWS KMS

Encryption key management for all package assets and metadata stored in a domain.

AWS CloudTrail

Audit logging for all CodeArtifact API calls and package access events.

Amazon EventBridge

Event-driven automation for package governance workflows and notifications.

AWS PrivateLink

Private network connectivity to CodeArtifact from within a VPC.

npm Registry (npmjs.com)

Public upstream connection for npm package proxying and caching.

PyPI (pypi.org)

Public upstream connection for Python package proxying and caching.

Maven Central

Public upstream connection for Java/Maven package proxying and caching.

NuGet Gallery (nuget.org)

Public upstream connection for .NET package proxying and caching.

RubyGems.org

Public upstream connection for Ruby gem proxying and caching.

crates.io

Public upstream connection for Rust/Cargo package proxying and caching.

GitHub Actions

Integrate CodeArtifact with GitHub Actions CI/CD workflows for package management.

AWS CodeBuild

Use CodeArtifact as the package source in AWS CodeBuild build projects.

AWS CodePipeline

Incorporate package publishing and consumption into AWS CodePipeline deployment pipelines.

Semantic Vocabularies

Amazon Codeartifact Context

106 classes · 76 properties

JSON-LD

API Governance Rules

Amazon CodeArtifact API Rules

23 rules · 11 errors 10 warnings 2 info

SPECTRAL

JSON Structure

Codeartifact Account Id Structure

0 properties

JSON STRUCTURE

Codeartifact Allow Publish Structure

0 properties

JSON STRUCTURE

Codeartifact Allow Upstream Structure

0 properties

JSON STRUCTURE

Codeartifact Arn Structure

0 properties

JSON STRUCTURE

Codeartifact Asset Hashes Structure

0 properties

JSON STRUCTURE

Codeartifact Asset Name Structure

0 properties

JSON STRUCTURE

Codeartifact Asset Structure

0 properties

JSON STRUCTURE

Codeartifact Asset Summary List Structure

0 properties

JSON STRUCTURE

Codeartifact Asset Summary Structure

3 properties

JSON STRUCTURE

Codeartifact Boolean Optional Structure

0 properties

JSON STRUCTURE

Codeartifact Create Domain Request Structure

2 properties

JSON STRUCTURE

Codeartifact Create Domain Result Structure

1 properties

JSON STRUCTURE

Codeartifact Delete Domain Request Structure

0 properties

JSON STRUCTURE

Codeartifact Delete Domain Result Structure

1 properties

JSON STRUCTURE

Codeartifact Delete Package Request Structure

0 properties

JSON STRUCTURE

Codeartifact Delete Package Result Structure

1 properties

JSON STRUCTURE

Codeartifact Describe Domain Result Structure

1 properties

JSON STRUCTURE

Codeartifact Description Structure

0 properties

JSON STRUCTURE

Codeartifact Domain Description Structure

9 properties

JSON STRUCTURE

Codeartifact Domain Entry Point Structure

2 properties

JSON STRUCTURE

Codeartifact Domain Name Structure

0 properties

JSON STRUCTURE

Codeartifact Domain Status Structure

0 properties

JSON STRUCTURE

Codeartifact Domain Summary List Structure

0 properties

JSON STRUCTURE

Codeartifact Domain Summary Structure

6 properties

JSON STRUCTURE

Codeartifact Error Message Structure

0 properties

JSON STRUCTURE

Codeartifact Hash Algorithm Structure

0 properties

JSON STRUCTURE

Codeartifact Hash Value Structure

0 properties

JSON STRUCTURE

Codeartifact Integer Structure

0 properties

JSON STRUCTURE

Codeartifact License Info List Structure

0 properties

JSON STRUCTURE

Codeartifact License Info Structure

2 properties

JSON STRUCTURE

Codeartifact List Domains Request Structure

2 properties

JSON STRUCTURE

Codeartifact List Domains Result Structure

2 properties

JSON STRUCTURE

Codeartifact List Packages Request Structure

0 properties

JSON STRUCTURE

Codeartifact List Packages Result Structure

2 properties

JSON STRUCTURE

Codeartifact Long Optional Structure

0 properties

JSON STRUCTURE

Codeartifact Long Structure

0 properties

JSON STRUCTURE

Codeartifact Package Dependency Structure

4 properties

JSON STRUCTURE

Codeartifact Package Description Structure

3 properties

JSON STRUCTURE

Codeartifact Package Format Structure

0 properties

JSON STRUCTURE

Codeartifact Package Name Structure

0 properties

JSON STRUCTURE

Codeartifact Package Namespace Structure

0 properties

JSON STRUCTURE

Codeartifact Package Summary List Structure

0 properties

JSON STRUCTURE

Codeartifact Package Summary Structure

3 properties

JSON STRUCTURE

Codeartifact Package Version Error Structure

2 properties

JSON STRUCTURE

Codeartifact Package Version List Structure

0 properties

JSON STRUCTURE

Codeartifact Package Version Origin Structure

2 properties

JSON STRUCTURE

Codeartifact Package Version Status Structure

0 properties

JSON STRUCTURE

Codeartifact Package Version Structure

0 properties

JSON STRUCTURE

Codeartifact Pagination Token Structure

0 properties

JSON STRUCTURE

Codeartifact Policy Document Structure

0 properties

JSON STRUCTURE

Codeartifact Policy Revision Structure

0 properties

JSON STRUCTURE

Codeartifact Repository Description Structure

9 properties

JSON STRUCTURE

Codeartifact Repository Name Structure

0 properties

JSON STRUCTURE

Codeartifact Repository Summary Structure

7 properties

JSON STRUCTURE

Codeartifact Resource Policy Structure

3 properties

JSON STRUCTURE

Codeartifact Sha256 Structure

0 properties

JSON STRUCTURE

Codeartifact String Structure

0 properties

JSON STRUCTURE

Codeartifact String255 Structure

0 properties

JSON STRUCTURE

Codeartifact Tag Key List Structure

0 properties

JSON STRUCTURE

Codeartifact Tag Key Structure

0 properties

JSON STRUCTURE

Codeartifact Tag List Structure

0 properties

JSON STRUCTURE

Codeartifact Tag Resource Request Structure

1 properties

JSON STRUCTURE

Codeartifact Tag Resource Result Structure

0 properties

JSON STRUCTURE

Codeartifact Tag Structure

2 properties

JSON STRUCTURE

Codeartifact Tag Value Structure

0 properties

JSON STRUCTURE

Codeartifact Timestamp Structure

0 properties

JSON STRUCTURE

Codeartifact Untag Resource Request Structure

1 properties

JSON STRUCTURE

Codeartifact Untag Resource Result Structure

0 properties

JSON STRUCTURE

Codeartifact Upstream Repository Structure

1 properties

JSON STRUCTURE

Example Payloads

Codeartifact Tag Example

2 fields

EXAMPLE

Resources

🔗
TrustCenter
TrustCenter
🔗
VulnerabilityDisclosure
VulnerabilityDisclosure
🔗
DomainSecurity
DomainSecurity
🔑
Authentication
Authentication
🚀
GettingStarted
GettingStarted
🔑
Authentication
Authentication
💰
Pricing
Pricing
🌐
Console
Console
🌐
Portal
Portal
🔗
Documentation
Documentation
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
🟢
StatusPage
StatusPage
📰
Blog
Blog
📝
SignUp
SignUp
👥
GitHubOrganization
GitHubOrganization
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary
🔗
JSONLD
JSONLD
🔗
Packages
Packages
🔗
WellKnown
WellKnown
🔗
SecurityTxt
SecurityTxt
🔗
LLMsTxt
LLMsTxt
🔗
LLMsTxt
LLMsTxt
📰
Blog
Blog

Sources

Raw ↑
aid: amazon-codeartifact
name: Amazon CodeArtifact
description: Amazon CodeArtifact is a fully managed, secure artifact repository service that helps organizations store, publish,
  and share software packages used in their software development process. CodeArtifact works with popular build tools and
  package managers including npm, yarn, pip, twine, Maven, Gradle, NuGet, and more. It supports Cargo, generic, Maven, npm,
  NuGet, PyPI, Ruby, and Swift package formats and integrates natively with AWS IAM, AWS KMS, AWS CloudTrail, and Amazon EventBridge.
type: Index
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
tags:
- Amazon
- AWS
- Artifact Repository
- Package Management
- DevOps
- Software Supply Chain
- npm
- Maven
- PyPI
- NuGet
url: https://raw.githubusercontent.com/api-evangelist/amazon-codeartifact/refs/heads/main/apis.yml
created: '2026-03-16'
modified: '2026-06-20'
specificationVersion: '0.19'
apis:
- aid: amazon-codeartifact:amazon-codeartifact-api
  name: Amazon CodeArtifact API
  description: The Amazon CodeArtifact REST API enables programmatic management of artifact repositories, domains, packages,
    and package versions. Manage domains and repositories, control permissions policies, publish and copy package versions,
    retrieve authorization tokens, and manage external connections to public package registries such as npmjs, PyPI, Maven
    Central, NuGet Gallery, and RubyGems.
  humanURL: https://docs.aws.amazon.com/codeartifact/latest/APIReference/Welcome.html
  baseURL: https://codeartifact.us-east-1.amazonaws.com
  tags:
  - Amazon
  - AWS
  - Artifact Repository
  - Package Management
  - REST API
  properties:
  - type: Documentation
    url: https://docs.aws.amazon.com/codeartifact/latest/ug/welcome.html
  - type: APIReference
    url: https://docs.aws.amazon.com/codeartifact/latest/APIReference/Welcome.html
  - type: OpenAPI
    url: openapi/amazon-codeartifact-openapi-original.yaml
  - type: JSONSchema
    url: json-schema/codeartifact-domain-description-schema.json
  - type: JSONSchema
    url: json-schema/codeartifact-repository-description-schema.json
  - type: JSONSchema
    url: json-schema/codeartifact-package-version-description-schema.json
  - type: Overlay
    url: overlays/amazon-codeartifact-api-overlay.yaml
  - type: MCPServer
    url: mcp/amazon-codeartifact-mcp.yml
  - type: ErrorCatalog
    url: errors/amazon-codeartifact-problem-types.yml
  - type: Conformance
    url: conformance/amazon-codeartifact-conformance.yml
  - type: Lifecycle
    url: lifecycle/amazon-codeartifact-lifecycle.yml
common:
- type: TrustCenter
  url: security/amazon-codeartifact-trust-center.yml
- type: VulnerabilityDisclosure
  url: security/amazon-codeartifact-vulnerability-disclosure.yml
- type: DomainSecurity
  url: security/amazon-codeartifact-domain-security.yml
- type: Authentication
  url: authentication/amazon-codeartifact-authentication.yml
- type: GettingStarted
  url: https://docs.aws.amazon.com/codeartifact/latest/ug/getting-started.html
- type: Authentication
  url: https://docs.aws.amazon.com/codeartifact/latest/ug/tokens-authentication.html
- type: Pricing
  url: https://aws.amazon.com/codeartifact/pricing/
- type: Console
  url: https://console.aws.amazon.com/codesuite/codeartifact/start
- type: Portal
  url: https://aws.amazon.com/codeartifact/
- type: Documentation
  url: https://docs.aws.amazon.com/codeartifact/latest/ug/
- type: TermsOfService
  url: https://aws.amazon.com/service-terms/
- type: PrivacyPolicy
  url: https://aws.amazon.com/privacy/
- type: StatusPage
  url: https://health.aws.amazon.com/health/status
- type: Blog
  url: https://aws.amazon.com/blogs/devops/category/developer-tools/amazon-codeartifact/
- type: SignUp
  url: https://portal.aws.amazon.com/gp/aws/developer/registration/index.html
- type: GitHubOrganization
  url: https://github.com/aws
- type: SpectralRules
  url: rules/amazon-codeartifact-spectral-rules.yml
- type: Vocabulary
  url: vocabulary/amazon-codeartifact-vocabulary.yaml
- type: JSONLD
  url: json-ld/amazon-codeartifact-context.jsonld
- type: Packages
  url: packages/amazon-codeartifact-packages.yml
- type: WellKnown
  url: well-known/amazon-codeartifact-well-known.yml
- type: SecurityTxt
  url: well-known/amazon-codeartifact-security.txt
- type: LLMsTxt
  url: llms/amazon-codeartifact-llms.txt
- type: LLMsTxt
  url: llms/amazon-codeartifact-llms-full.txt
- type: Blog
  url: https://aws.amazon.com/blogs/devops/tag/codeartifact/feed/
- type: Features
  data:
  - name: Multi-Format Package Support
    description: Supports Cargo, generic, Maven, npm, NuGet, PyPI, Ruby, and Swift package formats in polyglot repositories
      that can hold any supported package type in a single repository.
  - name: Public Repository Integration
    description: Connect repositories to public sources including npmjs, PyPI, Maven Central, NuGet Gallery, and RubyGems.org
      to proxy and cache open-source dependencies on demand.
  - name: Domain-Based Organization
    description: Aggregate multiple repositories into a domain to apply organizational policies, manage encryption, and share
      packages across development teams.
  - name: Upstream Repositories
    description: Create upstream relationships between repositories so downstream repositories can transparently access packages
      from upstream sources, effectively merging their contents.
  - name: Package Groups and Origin Controls
    description: Apply configuration to multiple packages using package groups with pattern matching. Use origin controls
      to block or allow ingestion or publishing of new package versions against dependency substitution attacks.
  - name: Authorization Token Generation
    description: Generate temporary authorization tokens (up to 12 hours) for secure authentication with package managers
      without long-lived credentials.
  - name: AWS IAM Integration
    description: Control access to domains and repositories using AWS Identity and Access Management for fine-grained permissions
      policies.
  - name: AWS KMS Encryption
    description: All assets and metadata in a domain are encrypted with the same AWS KMS key, supporting both AWS managed
      and customer managed keys.
  - name: AWS CloudTrail Integration
    description: Track package usage and access across your organization with full audit logging via AWS CloudTrail.
  - name: Amazon EventBridge Integration
    description: Automate package governance workflows and trigger actions on package events using Amazon EventBridge.
  - name: AWS PrivateLink Support
    description: Access CodeArtifact repositories from within a VPC without exposing traffic to the public internet using
      AWS PrivateLink endpoints.
  - name: High Availability Storage
    description: Multi-Availability Zone operation with redundant package asset storage across Amazon S3 and DynamoDB, fully
      managed with automatic scaling.
- type: UseCases
  data:
  - name: Internal Package Distribution
    description: Share proprietary software components and internal libraries between multiple applications and development
      teams within an organization without managing your own artifact storage infrastructure.
  - name: Open-Source Dependency Caching
    description: Proxy and cache open-source packages from public registries to ensure build reproducibility and availability
      even when upstream registries experience downtime.
  - name: Software Supply Chain Security
    description: Control which packages developers can use with package origin controls to protect against dependency confusion
      and substitution attacks.
  - name: Multi-Team Package Governance
    description: Apply organizational policies across multiple repositories in a domain and audit package consumption across
      development teams using CloudTrail and EventBridge.
  - name: CI/CD Pipeline Integration
    description: Integrate with CI/CD systems using native package manager support (npm, Maven, pip, NuGet) to fetch and publish
      packages as part of automated build and release workflows.
- type: Integrations
  data:
  - name: AWS IAM
    description: Fine-grained access control for domains, repositories, and package operations.
  - name: AWS KMS
    description: Encryption key management for all package assets and metadata stored in a domain.
  - name: AWS CloudTrail
    description: Audit logging for all CodeArtifact API calls and package access events.
  - name: Amazon EventBridge
    description: Event-driven automation for package governance workflows and notifications.
  - name: AWS PrivateLink
    description: Private network connectivity to CodeArtifact from within a VPC.
  - name: npm Registry (npmjs.com)
    description: Public upstream connection for npm package proxying and caching.
  - name: PyPI (pypi.org)
    description: Public upstream connection for Python package proxying and caching.
  - name: Maven Central
    description: Public upstream connection for Java/Maven package proxying and caching.
  - name: NuGet Gallery (nuget.org)
    description: Public upstream connection for .NET package proxying and caching.
  - name: RubyGems.org
    description: Public upstream connection for Ruby gem proxying and caching.
  - name: crates.io
    description: Public upstream connection for Rust/Cargo package proxying and caching.
  - name: GitHub Actions
    description: Integrate CodeArtifact with GitHub Actions CI/CD workflows for package management.
  - name: AWS CodeBuild
    description: Use CodeArtifact as the package source in AWS CodeBuild build projects.
  - name: AWS CodePipeline
    description: Incorporate package publishing and consumption into AWS CodePipeline deployment pipelines.
maintainers:
- FN: Kin Lane
  email: kin@apievangelist.com