[AWS] CodeArtifact

AWS CodeArtifact is a fully managed artifact repository service that makes it easy for organizations of any size to securely store, publish, and share software packages used in their software development process. CodeArtifact can be configured to automatically fetch software packages and dependencies from public artifact repositories so developers have access to the latest versions. CodeArtifact works with commonly used package managers and build tools like Maven, Gradle, npm, yarn, twine, pip, and NuGet making it easy to integrate into existing development workflows.

 

Development teams often rely on both open-source software packages and those packages built within their organization. IT leaders need to be able to control access to and validate the safety of these software packages. Teams need a way to find up-to-date packages that have been approved for use by their IT leaders. To address these challenges, IT leaders turn to central artifact repository services to store and share packages. However, existing solutions often require teams to purchase licenses for software solutions that are complex to setup, scale, and operate.

 

AWS CodeArtifact is a pay-as-you go artifact repository service that scales based on the needs of the organization. With CodeArtifact there is no software to update or servers to manage. In just a few clicks, IT leaders can set-up central repositories that make it easy for development teams to find and use the software packages they need. IT leaders can also approve packages and control distribution across the organization, ensuring development teams consume software packages that are safe for use.

 

Benefits

Securely store and share artifacts

CodeArtifact integrates with AWS Key Management Service (KMS) to provide encrypted storage. CodeArtifact supports AWS IAM, so IT leaders can grant the appropriate level of access to different teams across their AWS accounts.

 

Reduce operational overhead

CodeArtifact is a fully managed service, eliminating the need to set up and operate the infrastructure required to manage artifact repositories. CodeArtifact is highly available and scales to meet the needs of organizations of all sizes.

 

Pay as you go

With CodeArtifact, there are no upfront fees or licensing costs for features that you don’t use. You pay only for the software packages stored, the number of requests made, and the data transferred out of an AWS Region.

 

How it works

Key Features

Consume packages from public artifact repositories

You can configure CodeArtifact to fetch software packages from public repositories such as the npm Registry, Maven Central, PyPI, and NuGet.org with just a few clicks. CodeArtifact automatically downloads and stores application dependencies from these repositories, so recent versions are always available to your developers and CI/CD systems.

Publish and Share packages

You can use your existing package managers such as npm, pip, yarn, twine, Maven, and NuGet to publish packages developed within your organization. Development teams can save time by retrieving packages published to and shared in a central organizational repository, rather than creating their own.

Approve packages for use and audit package usage

You can approve packages for use by building automated workflows using CodeArtifact APIs and AWS EventBridge. Integration with AWS CloudTrail gives leaders visibility into which packages are in use and where, making it easy to identify packages that need to be updated or removed.

 

 

AWS CodeArtifact features

AWS CodeArtifact is a fully managed artifact repository service that makes it easy for organizations of any size to securely store, publish, and share software packages used in their software development process.

Consume packages from public artifact repositories

You can configure CodeArtifact to fetch software packages from public repositories such as the npm Registry, Maven Central, PyPI, and NuGet.org with just a few clicks. CodeArtifact automatically downloads and stores application dependencies from these repositories, so they're always available to your developers and CI/CD systems.

Publish and share packages

You can use your existing package managers such as npm, pip, yarn, twine, Maven, and NuGet to publish packages developed within your organization. Development teams can save time by retrieving packages published to and shared in a central organizational repository, rather than creating their own.

Approve packages for use and get visibility into package usage

You can approve packages for use by building automated workflows using CodeArtifact APIs and AWS EventBridge. Integration with AWS CloudTrail gives leaders visibility into which packages are in use and where, making it easy to identify packages that need to be updated or removed.

High availability and durability

AWS CodeArtifact operates in multiple Availability Zones and stores artifact data and metadata in Amazon S3 and Amazon DynamoDB. Your encrypted data is redundantly stored across multiple facilities and multiple devices in each facility, making it highly available and highly durable.

Use a fully managed service

CodeArtifact lets you focus on delivering for your customers, not configuring and maintaining your development infrastructure. CodeArtifact is a highly available service that scales to meet the needs of any software development team. There is no software to update or servers to manage.

Enable access control and monitoring

AWS CodeArtifact integrates with IAM and AWS CloudTrail, offering control over who can access software packages and visibility into who has access to your software packages. CodeArtifact also integrates with AWS Key Management Service (KMS) for package encryption.

Access packages within a VPC

You can increase the security of your repositories by configuring AWS CodeArtifact to use AWS PrivateLink endpoints. This allows systems running in your VPC to access packages stored in CodeArtifact without the data being transferred over the public internet.