CodeArtifact là fully managed artifact repository service cho phép store, publish, và share software packages.
Domain → Repository → Packages
├── npm packages
├── PyPI packages
├── Maven packages
├── NuGet packages
└── Upstream connection → npmjs.com / PyPI / Maven Central
| Concept | Mô tả |
|---|---|
| Domain | Top-level container, cross-account sharing |
| Repository | Chứa packages, có thể có upstream repos |
| Upstream Repository | Proxy tới public registries hoặc repo khác |
| Package | npm, PyPI, Maven, NuGet, Swift, generic |
Developer → CodeArtifact Repo (private)
↓ (cache miss)
Upstream: CodeArtifact Repo (shared)
↓ (cache miss)
External: npmjs.com / PyPI
# Get auth token (12 hours default)
aws codeartifact get-authorization-token \
--domain my-domain \
--query authorizationToken --output text
# Configure npm
aws codeartifact login --tool npm \
--domain my-domain \
--repository my-repo
# Configure pip
aws codeartifact login --tool pip \
--domain my-domain \
--repository my-repo
# buildspec.yml — CodeBuild
phases:
pre_build:
commands:
- aws codeartifact login --tool npm --domain my-domain --repository my-repo
build:
commands:
- npm install
- npm run build
- npm publish # Publish private package
| Feature | CodeArtifact | S3 | ECR |
|---|---|---|---|
| Package types | npm, PyPI, Maven, NuGet | Any file | Container images |
| Versioning | ✅ Built-in | ✅ Object versioning | ✅ Image tags |
| Upstream proxy | ✅ | ❌ | ❌ |
| Package manager integration | ✅ Native | ❌ | Docker CLI |
Exam Tip: CodeArtifact = managed artifact repository cho npm/PyPI/Maven packages. Upstream repos = proxy + cache public packages. Cross-account sharing via domain resource policy. Auth token expires sau 12 hours (default).