View Source AWS.Codeartifact (aws-elixir v1.0.4)
CodeArtifact is a fully managed artifact repository compatible with language-native package managers and build tools such as npm, Apache Maven, pip, and dotnet.
You can use CodeArtifact to share packages with development teams and pull packages. Packages can be pulled from both public and CodeArtifact repositories. You can also create an upstream relationship between a CodeArtifact repository and another repository, which effectively merges their contents from the point of view of a package manager client.
codeartifact-concepts
CodeArtifact concepts
*
**Repository## : A CodeArtifact repository contains a set of package versions,
each of which maps to a set of assets, or files. Repositories are
polyglot, so a single repository can contain packages of any supported type.
Each
repository exposes endpoints for fetching and publishing packages using tools
such as the
npm
cli-or-the-maven-cli
CLI or the Maven CLI (
mvn
**). For a list of supported package managers, see the
CodeArtifact User Guide.
*
Domain: Repositories are aggregated into a higher-level entity known as a domain. All package assets and metadata are stored in the domain, but are consumed through repositories. A given package asset, such as a Maven JAR file, is stored once per domain, no matter how many repositories it's present in. All of the assets and metadata in a domain are encrypted with the same customer master key (CMK) stored in Key Management Service (KMS).
Each repository is a member of a single domain and can't be moved to a different domain.
The domain allows organizational policy to be applied across multiple repositories, such as which accounts can access repositories in the domain, and which public repositories can be used as sources of packages.
Although an organization can have multiple domains, we recommend a single production domain that contains all published artifacts so that teams can find and share packages across their organization.
*
Package: A package is a bundle of software and the metadata required to resolve dependencies and install the software. CodeArtifact supports npm, PyPI, Maven, NuGet, Swift, Ruby, Cargo, and generic package formats. For more information about the supported package formats and how to use CodeArtifact with them, see the CodeArtifact User Guide.
In CodeArtifact, a package consists of:
*A name (for example, webpack is the name of a
popular npm package)
*An optional namespace (for example, @types in @types/node)
*A set of versions (for example, 1.0.0, 1.0.1,
1.0.2, etc.)
*Package-level metadata (for example, npm tags)
*
Package group: A group of packages that match a specified definition. Package groups can be used to apply configuration to multiple packages that match a defined pattern using package format, package namespace, and package name. You can use package groups to more conveniently configure package origin controls for multiple packages. Package origin controls are used to block or allow ingestion or publishing of new package versions, which protects users from malicious actions known as dependency substitution attacks.
*
Package version: A version of a package, such as @types/node 12.6.9. The
version number
format and semantics vary for different package formats. For example, npm
package versions
must conform to the Semantic Versioning specification. In CodeArtifact, a package version consists
of the version identifier,
metadata at the package version level, and a set of assets.
*
Upstream repository: One repository is upstream of another when the package versions in it can be accessed from the repository endpoint of the downstream repository, effectively merging the contents of the two repositories from the point of view of a client. CodeArtifact allows creating an upstream relationship between two repositories.
*
Asset: An individual file stored in CodeArtifact associated with a package
version, such as an npm
.tgz file or Maven POM and JAR files.
codeartifact-supported-api-operations
CodeArtifact supported API operations
*
AssociateExternalConnection: Adds an existing external
connection to a repository.
*
CopyPackageVersions: Copies package versions from one
repository to another repository in the same domain.
*
CreateDomain: Creates a domain.
*
CreatePackageGroup: Creates a package group.
*
CreateRepository: Creates a CodeArtifact repository in a domain.
*
DeleteDomain: Deletes a domain. You cannot delete a domain that contains
repositories.
*
DeleteDomainPermissionsPolicy: Deletes the resource policy that is set on a
domain.
*
DeletePackage: Deletes a package and all associated package versions.
*
DeletePackageGroup: Deletes a package group. Does not delete packages or
package versions that are associated with a package group.
*
DeletePackageVersions: Deletes versions of a package. After a package has
been deleted, it can be republished, but its assets and metadata cannot be
restored
because they have been permanently removed from storage.
*
DeleteRepository: Deletes a repository.
*
DeleteRepositoryPermissionsPolicy: Deletes the resource policy that is set on
a repository.
*
DescribeDomain: Returns a DomainDescription object that
contains information about the requested domain.
*
DescribePackage: Returns a
PackageDescription object that contains details about a package.
*
DescribePackageGroup: Returns a
PackageGroup
object that contains details about a package group.
*
DescribePackageVersion: Returns a
PackageVersionDescription
object that contains details about a package version.
*
DescribeRepository: Returns a RepositoryDescription object
that contains detailed information about the requested repository.
*
DisposePackageVersions: Disposes versions of a package. A package version
with the status Disposed cannot be restored because they have been
permanently removed from storage.
*
DisassociateExternalConnection: Removes an existing external connection from a
repository.
*
GetAssociatedPackageGroup: Returns the most closely associated package group
to the specified package.
*
GetAuthorizationToken: Generates a temporary authorization token for accessing
repositories in the domain. The token expires the authorization period has
passed.
The default authorization period is 12 hours and can be customized to any length
with a maximum of 12 hours.
*
GetDomainPermissionsPolicy: Returns the policy of a resource
that is attached to the specified domain.
*
GetPackageVersionAsset: Returns the contents of an asset that is in a package
version.
*
GetPackageVersionReadme: Gets the readme file or descriptive text for a
package version.
*
GetRepositoryEndpoint: Returns the endpoint of a repository for a specific
package format. A repository has one endpoint for each
package format:
*cargo
*generic
*maven
*npm
*nuget
*pypi
*ruby
*swift
*
GetRepositoryPermissionsPolicy: Returns the resource policy that is set on a
repository.
*
ListAllowedRepositoriesForGroup: Lists the allowed repositories for a package
group that has origin configuration set to ALLOW_SPECIFIC_REPOSITORIES.
*
ListAssociatedPackages: Returns a list of packages associated with the
requested package group.
*
ListDomains: Returns a list of DomainSummary objects. Each
returned DomainSummary object contains information about a domain.
*
ListPackages: Lists the packages in a repository.
*
ListPackageGroups: Returns a list of package groups in the requested domain.
*
ListPackageVersionAssets: Lists the assets for a given package version.
*
ListPackageVersionDependencies: Returns a list of the direct dependencies for
a
package version.
*
ListPackageVersions: Returns a list of package versions for a specified
package in a repository.
*
ListRepositories: Returns a list of repositories owned by the Amazon Web
Services account that called this method.
*
ListRepositoriesInDomain: Returns a list of the repositories in a domain.
*
ListSubPackageGroups: Returns a list of direct children of the specified
package group.
*
PublishPackageVersion: Creates a new package version containing one or more
assets.
*
PutDomainPermissionsPolicy: Attaches a resource policy to a domain.
*
PutPackageOriginConfiguration: Sets the package origin configuration for a
package, which determine
how new versions of the package can be added to a specific repository.
*
PutRepositoryPermissionsPolicy: Sets the resource policy on a repository
that specifies permissions to access it.
*
UpdatePackageGroup: Updates a package group. This API cannot be used to update
a package group's origin configuration or pattern.
*
UpdatePackageGroupOriginConfiguration: Updates the package origin
configuration for a package group.
*
UpdatePackageVersionsStatus: Updates the status of one or more versions of a
package.
*
UpdateRepository: Updates the properties of a repository.
Link to this section Summary
Functions
Adds an existing external connection to a repository.
Copies package versions from one repository to another repository in the same domain.
Creates a domain.
Creates a package group.
Creates a repository.
Deletes a domain.
Deletes the resource policy set on a domain.
Deletes a package and all associated package versions.
Deletes a package group.
Deletes one or more versions of a package.
Deletes a repository.
Deletes the resource policy that is set on a repository.
Returns a PackageDescription
Returns a PackageGroupDescription object that contains information about the requested package group.
Returns a PackageVersionDescription
Returns a RepositoryDescription object that contains detailed information
about the requested repository.
Removes an existing external connection from a repository.
Deletes the assets in package versions and sets the package versions' status to
Disposed.
Returns the most closely associated package group to the specified package.
Generates a temporary authorization token for accessing repositories in the domain.
Returns the resource policy attached to the specified domain.
Returns an asset (or file) that is in a package.
Gets the readme file or descriptive text for a package version.
Returns the endpoint of a repository for a specific package format.
Returns the resource policy that is set on a repository.
Lists the repositories in the added repositories list of the specified restriction type for a package group.
Returns a list of packages associated with the requested package group.
Returns a list of DomainSummary objects for all domains owned by the Amazon Web Services account that makes this call.
Returns a list of package groups in the requested domain.
Returns a list of AssetSummary
Returns the direct dependencies for a package version.
Returns a list of PackageVersionSummary
Returns a list of PackageSummary
Returns a list of RepositorySummary
Returns a list of RepositorySummary
Returns a list of direct children of the specified package group.
Gets information about Amazon Web Services tags for a specified Amazon Resource Name (ARN) in CodeArtifact.
Creates a new package version containing one or more assets (or files).
Sets a resource policy on a domain that specifies permissions to access it.
Sets the package origin configuration for a package.
Sets the resource policy on a repository that specifies permissions to access it.
Adds or updates tags for a resource in CodeArtifact.
Removes tags from a resource in CodeArtifact.
Updates a package group.
Updates the package origin configuration for a package group.
Updates the status of one or more versions of a package.
Update the properties of a repository.
Link to this section Functions
Adds an existing external connection to a repository.
One external connection is allowed per repository.
A repository can have one or more upstream repositories, or an external connection.
Copies package versions from one repository to another repository in the same domain.
You must specify versions or versionRevisions. You cannot specify both.
Creates a domain.
CodeArtifact domains make it easier to manage multiple repositories across an organization. You can use a domain to apply permissions across many repositories owned by different Amazon Web Services accounts. An asset is stored only once in a domain, even if it's in multiple repositories.
Although you can have multiple domains, we recommend a single production domain that contains all published artifacts so that your development teams can find and share packages. You can use a second pre-production domain to test changes to the production domain configuration.
Creates a package group.
For more information about creating package groups, including example CLI commands, see Create a package group in the CodeArtifact User Guide.
Creates a repository.
Deletes a domain.
You cannot delete a domain that contains repositories. If you want to delete a domain with repositories, first delete its repositories.
Deletes the resource policy set on a domain.
Deletes a package and all associated package versions.
A deleted package cannot be restored. To delete one or more package versions, use the DeletePackageVersions API.
Deletes a package group.
Deleting a package group does not delete packages or package versions associated with the package group. When a package group is deleted, the direct child package groups will become children of the package group's direct parent package group. Therefore, if any of the child groups are inheriting any settings from the parent, those settings could change.
Deletes one or more versions of a package.
A deleted package version cannot be restored
in your repository. If you want to remove a package version from your repository
and be able
to restore it later, set its status to Archived. Archived packages cannot be
downloaded from a repository and don't show up with list package APIs (for
example,
ListPackageVersions), but you can restore them using
UpdatePackageVersionsStatus.
Deletes a repository.
delete_repository_permissions_policy(client, input, options \\ [])
View SourceDeletes the resource policy that is set on a repository.
After a resource policy is deleted, the permissions allowed and denied by the deleted policy are removed. The effect of deleting a resource policy might not be immediate.
Use DeleteRepositoryPermissionsPolicy with caution. After a policy is deleted,
Amazon Web Services users, roles, and accounts lose permissions to perform
the repository actions granted by the deleted policy.
describe_domain(client, domain, domain_owner \\ nil, options \\ [])
View SourceReturns a DomainDescription
object that contains information about the requested domain.
describe_package(client, domain, domain_owner \\ nil, format, namespace \\ nil, package, repository, options \\ [])
View SourceReturns a PackageDescription
object that contains information about the requested package.
describe_package_group(client, domain, domain_owner \\ nil, package_group, options \\ [])
View SourceReturns a PackageGroupDescription object that contains information about the requested package group.
describe_package_version(client, domain, domain_owner \\ nil, format, namespace \\ nil, package, package_version, repository, options \\ [])
View SourceReturns a PackageVersionDescription
object that contains information about the requested package version.
describe_repository(client, domain, domain_owner \\ nil, repository, options \\ [])
View SourceReturns a RepositoryDescription object that contains detailed information
about the requested repository.
Removes an existing external connection from a repository.
Deletes the assets in package versions and sets the package versions' status to
Disposed.
A disposed package version cannot be restored in your repository because its assets are deleted.
To view all disposed package versions in a repository, use
ListPackageVersions and set the
status
parameter
to Disposed.
To view information about a disposed package version, use DescribePackageVersion.
get_associated_package_group(client, domain, domain_owner \\ nil, format, namespace \\ nil, package, options \\ [])
View SourceReturns the most closely associated package group to the specified package.
This API does not require that the package exist
in any repository in the domain. As such, GetAssociatedPackageGroup can be
used to see which package group's origin configuration
applies to a package before that package is in a repository. This can be helpful
to check if public packages are blocked without ingesting them.
For information package group association and matching, see Package group definition syntax and matching behavior in the CodeArtifact User Guide.
Generates a temporary authorization token for accessing repositories in the domain.
This API requires the codeartifact:GetAuthorizationToken and
sts:GetServiceBearerToken permissions.
For more information about authorization tokens, see
CodeArtifact authentication and tokens.
CodeArtifact authorization tokens are valid for a period of 12 hours when
created with the login command.
You can call login periodically to refresh the token. When
you create an authorization token with the GetAuthorizationToken API, you can
set a custom authorization period,
up to a maximum of 12 hours, with the durationSeconds parameter.
The authorization period begins after login
or GetAuthorizationToken is called. If login or GetAuthorizationToken is
called while
assuming a role, the token lifetime is independent of the maximum session
duration
of the role. For example, if you call sts assume-role and specify a session
duration of 15 minutes, then
generate a CodeArtifact authorization token, the token will be valid for the
full authorization period
even though this is longer than the 15-minute session duration.
See Using IAM Roles for more information on controlling session duration.
get_domain_permissions_policy(client, domain, domain_owner \\ nil, options \\ [])
View SourceReturns the resource policy attached to the specified domain.
The policy is a resource-based policy, not an identity-based policy. For more information, see Identity-based policies and resource-based policies in the IAM User Guide.
get_package_version_asset(client, asset, domain, domain_owner \\ nil, format, namespace \\ nil, package, package_version, package_version_revision \\ nil, repository, options \\ [])
View SourceReturns an asset (or file) that is in a package.
For example, for a Maven package version, use
GetPackageVersionAsset to download a JAR file, a POM file,
or any other assets in the package version.
get_package_version_readme(client, domain, domain_owner \\ nil, format, namespace \\ nil, package, package_version, repository, options \\ [])
View SourceGets the readme file or descriptive text for a package version.
The returned text might contain formatting. For example, it might contain formatting for Markdown or reStructuredText.
get_repository_endpoint(client, domain, domain_owner \\ nil, endpoint_type \\ nil, format, repository, options \\ [])
View SourceReturns the endpoint of a repository for a specific package format.
A repository has one endpoint for each package format:
*
cargo
*
generic
*
maven
*
npm
*
nuget
*
pypi
*
ruby
*
swift
get_repository_permissions_policy(client, domain, domain_owner \\ nil, repository, options \\ [])
View SourceReturns the resource policy that is set on a repository.
list_allowed_repositories_for_group(client, domain, domain_owner \\ nil, max_results \\ nil, next_token \\ nil, origin_restriction_type, package_group, options \\ [])
View SourceLists the repositories in the added repositories list of the specified restriction type for a package group.
For more information about restriction types and added repository lists, see Package group origin controls in the CodeArtifact User Guide.
list_associated_packages(client, domain, domain_owner \\ nil, max_results \\ nil, next_token \\ nil, package_group, preview \\ nil, options \\ [])
View SourceReturns a list of packages associated with the requested package group.
For information package group association and matching, see Package group definition syntax and matching behavior in the CodeArtifact User Guide.
Returns a list of DomainSummary objects for all domains owned by the Amazon Web Services account that makes this call.
Each returned DomainSummary object contains information about a
domain.
Returns a list of package groups in the requested domain.
Returns a list of AssetSummary
objects for assets in a package version.
Returns the direct dependencies for a package version.
The dependencies are returned as PackageDependency
objects. CodeArtifact extracts the dependencies for a package version from the
metadata file for the package
format (for example, the package.json file for npm packages and the pom.xml
file
for Maven). Any package version dependencies that are not listed in the
configuration file are not returned.
Returns a list of PackageVersionSummary
objects for package versions in a repository that match the request parameters.
Package versions of all statuses will be returned by default when calling
list-package-versions with no --status parameter.
Returns a list of PackageSummary
objects for packages in a repository that match the request parameters.
Returns a list of RepositorySummary
objects.
Each RepositorySummary contains information about a repository in the
specified Amazon Web Services account and that matches the input
parameters.
Returns a list of RepositorySummary
objects.
Each RepositorySummary contains information about a repository in the
specified domain and that matches the input
parameters.
Returns a list of direct children of the specified package group.
For information package group hierarchy, see Package group definition syntax and matching behavior in the CodeArtifact User Guide.
Gets information about Amazon Web Services tags for a specified Amazon Resource Name (ARN) in CodeArtifact.
Creates a new package version containing one or more assets (or files).
The unfinished flag can be used to keep the package version in the
Unfinished state until all of its assets have been uploaded (see Package version
status
in the CodeArtifact user guide). To set
the package version’s status to Published, omit the unfinished flag
when uploading the final asset, or set the status using
UpdatePackageVersionStatus. Once a package version’s status is set to
Published, it cannot change back to Unfinished.
Only generic packages can be published using this API. For more information, see Using generic packages in the CodeArtifact User Guide.
Sets a resource policy on a domain that specifies permissions to access it.
When you call PutDomainPermissionsPolicy, the resource policy on the domain is
ignored when evaluting permissions.
This ensures that the owner of a domain cannot lock themselves out of the
domain, which would prevent them from being
able to update the resource policy.
Sets the package origin configuration for a package.
The package origin configuration determines how new versions of a package can be added to a repository. You can allow or block direct publishing of new package versions, or ingestion and retaining of new package versions from an external connection or upstream source. For more information about package origin controls and configuration, see Editing package origin controls in the CodeArtifact User Guide.
PutPackageOriginConfiguration can be called on a package that doesn't yet
exist in the repository. When called
on a package that does not exist, a package is created in the repository with no
versions and the requested restrictions are set on the package.
This can be used to preemptively block ingesting or retaining any versions from
external connections or upstream repositories, or to block
publishing any versions of the package into the repository before connecting any
package managers or publishers to the repository.
Sets the resource policy on a repository that specifies permissions to access it.
When you call PutRepositoryPermissionsPolicy, the resource policy on the
repository is ignored when evaluting permissions.
This ensures that the owner of a repository cannot lock themselves out of the
repository, which would prevent them from being
able to update the resource policy.
Adds or updates tags for a resource in CodeArtifact.
Removes tags from a resource in CodeArtifact.
Updates a package group.
This API cannot be used to update a package group's origin configuration or pattern. To update a package group's origin configuration, use UpdatePackageGroupOriginConfiguration.
update_package_group_origin_configuration(client, input, options \\ [])
View SourceUpdates the package origin configuration for a package group.
The package origin configuration determines how new versions of a package can be added to a repository. You can allow or block direct publishing of new package versions, or ingestion and retaining of new package versions from an external connection or upstream source. For more information about package group origin controls and configuration, see Package group origin controls in the CodeArtifact User Guide.
Updates the status of one or more versions of a package.
Using UpdatePackageVersionsStatus,
you can update the status of package versions to Archived, Published, or
Unlisted.
To set the status of a package version to Disposed, use
DisposePackageVersions.
Update the properties of a repository.