AWS::CodeArtifact::Domain - AWS CloudFormation

AWS::CodeArtifact::Domain

The AWS::CodeArtifact::Domain resource creates an AWS CodeArtifact domain. CodeArtifact domains make it easier to manage multiple repositories across an organization. You can use a domain to apply permissions across many repositories owned by different AWS accounts. For more information about domains, see the Domain concepts information in the CodeArtifact User Guide. For more information about the CreateDomain API, see CreateDomain in the CodeArtifact API Reference.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::CodeArtifact::Domain", "Properties" : { "DomainName" : String, "EncryptionKey" : String, "PermissionsPolicyDocument" : Json, "Tags" : [ Tag, ... ] } }

YAML

Type: AWS::CodeArtifact::Domain Properties: DomainName: String EncryptionKey: String PermissionsPolicyDocument: Json Tags: - Tag

Properties

DomainName

A string that specifies the name of the requested domain.

Required: Yes

Type: String

Minimum: 2

Maximum: 50

Pattern: [a-z][a-z0-9\-]{0,48}[a-z0-9]

Update requires: Replacement

EncryptionKey

The key used to encrypt the domain.

Required: No

Type: String

Minimum: 1

Maximum: 1011

Pattern: \S+

Update requires: Replacement

PermissionsPolicyDocument

The document that defines the resource policy that is set on a domain.

Required: No

Type: Json

Update requires: No interruption

Tags

A list of tags to be applied to the domain.

Required: No

Type: List of Tag

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource arn.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn

When you pass the logical ID of this resource, the function returns the Amazon Resource Name (ARN) of the domain.

EncryptionKey

When you pass the logical ID of this resource, the function returns the key used to encrypt the domain.

Name

When you pass the logical ID of this resource, the function returns the name of the domain.

Owner

When you pass the logical ID of this resource, the function returns the 12-digit account number of the AWS account that owns the domain.

Examples

The following examples can help you create CodeArtifact domains using CloudFormation.

Create a domain

The following example creates a CodeArtifact domain named my-domain.

YAML

Resources: MyCodeArtifactDomain: Type: 'AWS::CodeArtifact::Domain' Properties: DomainName: "my-domain"

JSON

{ "Resources": { "MyCodeArtifactDomain": { "Type": "AWS::CodeArtifact::Domain", "Properties": { "DomainName": "my-domain" } } } }

Create a domain with an attached AWS KMS encryption key and IAM permissions policy

The following example creates a CodeArtifact domain named my-domain and attaches an AWS KMS encryption key and IAM permissions policy.

YAML

Resources: MyCodeArtifactDomain: Type: 'AWS::CodeArtifact::Domain' Properties: DomainName: "my-domain" EncryptionKey: arn:aws:kms:us-west-2:123456789012:key/12345678-9abc-def1-2345-6789abcdef12 PermissionsPolicyDocument: Version: 2012-10-17 Statement: - Action: - codeartifact:ReadFromRepository - codeartifact:DescribePackageVersion - codeartifact:DescribeRepository - codeartifact:GetPackageVersionReadme - codeartifact:GetRepositoryEndpoint - codeartifact:ListPackageVersionAssets - codeartifact:ListPackageVersionDependencies - codeartifact:ListPackageVersions - codeartifact:ListPackages - codeartifact:ReadFromRepository Effect: Allow Principal: AWS: "arn:aws:iam::123456789012:root" Resource: "*"

JSON

{ "Resources": { "MyCodeArtifactDomain": { "Type": "AWS::CodeArtifact::Domain", "Properties": { "DomainName": "my-domain", "EncryptionKey": "arn:aws:kms:us-west-2:123456789012:key/12345678-9abc-def1-2345-6789abcdef12", "PermissionsPolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Action": [ "codeartifact:ReadFromRepository", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:GetPackageVersionReadme", "codeartifact:GetRepositoryEndpoint", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersionDependencies", "codeartifact:ListPackageVersions", "codeartifact:ListPackages", "codeartifact:ReadFromRepository" ], "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:root" }, "Resource": "*" } ] } } } } }