AWS::CodeArtifact::Domain

The AWS::CodeArtifact::Domain resource creates an AWS CodeArtifact domain. CodeArtifact domains make it easier to manage multiple repositories across an organization. You can use a domain to apply permissions across many repositories owned by different AWS accounts. For more information about domains, see the Domain concepts information in the CodeArtifact User Guide. For more information about the CreateDomain API, see CreateDomain in the CodeArtifact API Reference.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::CodeArtifact::Domain",
  "Properties" : {
      "DomainName" : String,
      "PermissionsPolicyDocument" : Json,
      "Tags" : [ Tag, ... ]
    }
}

YAML

Type: AWS::CodeArtifact::Domain
Properties:
  DomainName: String
  PermissionsPolicyDocument: Json
  Tags: 
    - Tag

Properties

DomainName

A string that specifies the name of the requested domain.

Required: Yes

Type: String

Pattern: ^([a-z][a-z0-9\-]{0,48}[a-z0-9])$

Minimum: 2

Maximum: 50

Update requires: Replacement

PermissionsPolicyDocument

The document that defines the resource policy that is set on a domain.

Required: No

Type: Json

Minimum: 2

Maximum: 5120

Update requires: No interruption

Tags

A list of tags to be applied to the domain.

Required: No

Type: Array of Tag

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource arn.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn

When you pass the logical ID of this resource, the function returns the Amazon Resource Name (ARN) of the domain.

EncryptionKey

When you pass the logical ID of this resource, the function returns the key used to encrypt the domain.

Name

When you pass the logical ID of this resource, the function returns the name of the domain.

Owner

When you pass the logical ID of this resource, the function returns the 12-digit account number of the AWS account that owns the domain.

Examples

The following examples can help you create CodeArtifact domains using CloudFormation.

Create a domain

The following example creates a CodeArtifact domain named my-domain.

YAML

Resources:
  MyCodeArtifactDomain:
    Type: 'AWS::CodeArtifact::Domain'
    Properties:
      DomainName: "my-domain"

JSON

{
  "Resources": {
    "MyCodeArtifactDomain": {
      "Type": "AWS::CodeArtifact::Domain",
      "Properties": {
        "DomainName": "my-domain"
      }
    }
  }
}

Create a domain with an AWS Key Management Service encryption key and IAM resource-based policy

The following example creates a CodeArtifact domain named my-domain with an AWS Key Management Service encryption key and attaches an IAM resource-based policy.

YAML

Resources:
  MyCodeArtifactDomain:
    Type: 'AWS::CodeArtifact::Domain'
    Properties:
      DomainName: "my-domain"
      EncryptionKey: arn:aws:kms:us-west-2:123456789012:key/12345678-9abc-def1-2345-6789abcdef12
      PermissionsPolicyDocument:
          Version: 2012-10-17
          Statement:
            - Action:
                - codeartifact:ReadFromRepository
                - codeartifact:DescribePackageVersion
                - codeartifact:DescribeRepository
                - codeartifact:GetPackageVersionReadme
                - codeartifact:GetRepositoryEndpoint
                - codeartifact:ListPackageVersionAssets
                - codeartifact:ListPackageVersionDependencies
                - codeartifact:ListPackageVersions
                - codeartifact:ListPackages
                - codeartifact:ReadFromRepository
              Effect: Allow
              Principal:
                AWS: "arn:aws:iam::123456789012:root"
              Resource: "*"

JSON

{
  "Resources": {
    "MyCodeArtifactDomain": {
      "Type": "AWS::CodeArtifact::Domain",
      "Properties": {
        "DomainName": "my-domain",
        "EncryptionKey": "arn:aws:kms:us-west-2:123456789012:key/12345678-9abc-def1-2345-6789abcdef12",
        "PermissionsPolicyDocument": {
          "Version": "2012-10-17",
          "Statement": [
            {
              "Action": [
                "codeartifact:ReadFromRepository",
                "codeartifact:DescribePackageVersion",
                "codeartifact:DescribeRepository",
                "codeartifact:GetPackageVersionReadme",
                "codeartifact:GetRepositoryEndpoint",
                "codeartifact:ListPackageVersionAssets",
                "codeartifact:ListPackageVersionDependencies",
                "codeartifact:ListPackageVersions",
                "codeartifact:ListPackages",
                "codeartifact:ReadFromRepository"
              ],
              "Effect": "Allow",
              "Principal": {
                "AWS": "arn:aws:iam::123456789012:root"
              },
              "Resource": "*"
            }
          ]
        }
      }
    }
  }
}

Create a domain with tags

The following example creates a CodeArtifact domain named my-domain with two tags. One tag consists of a key named keyname1 and a value of value1. The other consists of a key named keyname2 and a value of value2.

YAML

Resources:
  MyCodeArtifactDomain:
    Type: 'AWS::CodeArtifact::Domain'
    Properties:
      DomainName: "my-domain"
      Tags:
        - Key: "keyname1"
          Value: "value1"
        - Key: "keyname2"
          Value: "value2"

JSON

{
  "Resources": {
    "MyCodeArtifactDomain": {
      "Type": "AWS::CodeArtifact::Domain",
      "Properties": {
        "DomainName": "my-domain",
        "Tags" : [
          {
            "Key" : "keyname1",
            "Value" : "value1"
          },
          {
            "Key" : "keyname2",
            "Value" : "value2"
          }
        ]
      }
    }
  }
}