AWS::CodeArtifact::Domain
The AWS::CodeArtifact::Domain
resource creates an AWS CodeArtifact domain.
CodeArtifact
domains make it easier to manage multiple repositories across an
organization. You can use a domain to apply permissions across many repositories owned by different
AWS accounts. For more information about domains, see the
Domain concepts information
in the
CodeArtifact User Guide. For more information about the CreateDomain
API, see
CreateDomain
in the
CodeArtifact API Reference.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::CodeArtifact::Domain", "Properties" : { "DomainName" :
String
, "EncryptionKey" :String
, "PermissionsPolicyDocument" :Json
, "Tags" :[ Tag, ... ]
} }
YAML
Type: AWS::CodeArtifact::Domain Properties: DomainName:
String
EncryptionKey:String
PermissionsPolicyDocument:Json
Tags:- Tag
Properties
DomainName
-
A string that specifies the name of the requested domain.
Required: Yes
Type: String
Pattern:
^([a-z][a-z0-9\-]{0,48}[a-z0-9])$
Minimum:
2
Maximum:
50
Update requires: Replacement
EncryptionKey
-
The key used to encrypt the domain.
Required: No
Type: String
Pattern:
\S+
Minimum:
1
Maximum:
1011
Update requires: Replacement
PermissionsPolicyDocument
-
The document that defines the resource policy that is set on a domain.
Required: No
Type: Json
Minimum:
2
Maximum:
5120
Update requires: No interruption
-
A list of tags to be applied to the domain.
Required: No
Type: Array of Tag
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the resource arn.
For more information about using the Ref
function, see Ref
.
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see Fn::GetAtt
.
Arn
-
When you pass the logical ID of this resource, the function returns the Amazon Resource Name (ARN) of the domain.
EncryptionKey
-
When you pass the logical ID of this resource, the function returns the key used to encrypt the domain.
Name
-
When you pass the logical ID of this resource, the function returns the name of the domain.
Owner
-
When you pass the logical ID of this resource, the function returns the 12-digit account number of the AWS account that owns the domain.
Examples
The following examples can help you create CodeArtifact domains using CloudFormation.
Create a domain
The following example creates a CodeArtifact domain named my-domain.
YAML
Resources: MyCodeArtifactDomain: Type: 'AWS::CodeArtifact::Domain' Properties: DomainName: "my-domain"
JSON
{ "Resources": { "MyCodeArtifactDomain": { "Type": "AWS::CodeArtifact::Domain", "Properties": { "DomainName": "my-domain" } } } }
Create a domain with an AWS Key Management Service encryption key and IAM resource-based policy
The following example creates a CodeArtifact domain named my-domain with an AWS Key Management Service encryption key and attaches an IAM resource-based policy.
YAML
Resources: MyCodeArtifactDomain: Type: 'AWS::CodeArtifact::Domain' Properties: DomainName: "my-domain" EncryptionKey: arn:aws:kms:us-west-2:123456789012:key/12345678-9abc-def1-2345-6789abcdef12 PermissionsPolicyDocument: Version: 2012-10-17 Statement: - Action: - codeartifact:ReadFromRepository - codeartifact:DescribePackageVersion - codeartifact:DescribeRepository - codeartifact:GetPackageVersionReadme - codeartifact:GetRepositoryEndpoint - codeartifact:ListPackageVersionAssets - codeartifact:ListPackageVersionDependencies - codeartifact:ListPackageVersions - codeartifact:ListPackages - codeartifact:ReadFromRepository Effect: Allow Principal: AWS: "arn:aws:iam::123456789012:root" Resource: "*"
JSON
{ "Resources": { "MyCodeArtifactDomain": { "Type": "AWS::CodeArtifact::Domain", "Properties": { "DomainName": "my-domain", "EncryptionKey": "arn:aws:kms:us-west-2:123456789012:key/12345678-9abc-def1-2345-6789abcdef12", "PermissionsPolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Action": [ "codeartifact:ReadFromRepository", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:GetPackageVersionReadme", "codeartifact:GetRepositoryEndpoint", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersionDependencies", "codeartifact:ListPackageVersions", "codeartifact:ListPackages", "codeartifact:ReadFromRepository" ], "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:root" }, "Resource": "*" } ] } } } } }
Create a domain with tags
The following example creates a CodeArtifact domain named my-domain with two tags.
One tag consists of a key named keyname1
and a value of value1
. The other
consists of a key named keyname2
and a value of value2
.
YAML
Resources: MyCodeArtifactDomain: Type: 'AWS::CodeArtifact::Domain' Properties: DomainName: "my-domain" Tags: - Key: "keyname1" Value: "value1" - Key: "keyname2" Value: "value2"
JSON
{ "Resources": { "MyCodeArtifactDomain": { "Type": "AWS::CodeArtifact::Domain", "Properties": { "DomainName": "my-domain", "Tags" : [ { "Key" : "keyname1", "Value" : "value1" }, { "Key" : "keyname2", "Value" : "value2" } ] } } } }