Create a domain
You can create a domain using the CodeArtifact console or the AWS Command Line Interface (AWS CLI). When you create a domain, it does not contain any repositories. For more information, see Create a repository.
Create a domain (console)
-
Open the AWS CodeArtifact console at https://console.aws.amazon.com/codesuite/codeartifact/home
. -
In the navigation pane, choose Domains, and then choose Create domain.
-
In Name, enter a name for your domain.
-
Expand Additional configuration.
-
Use an AWS KMS key (KMS key) to encrypt all assets in your domain. You can use an AWS managed KMS key or a KMS key that you manage.
Important
-
CodeArtifact supports only symmetric KMS keys. You can't use an asymmetric KMS key to encrypt your CodeArtifact domains. For more information, see Identifying symmetric and asymmetric KMS keys. To learn how to create a new customer managed key, see Creating symmetric encryption KMS keys in the AWS Key Management Service Developer Guide.
-
CodeArtifact does not support AWS KMS External Key Stores (XKS). Attempting to create a domain with a key ARN that refers to an AWS KMS key in an external key store will fail with a 400 (Bad Request) error.
-
Choose AWS managed key if you want to use the default AWS managed key.
-
Choose Customer managed key if you want to use a KMS key that you manage. To use a KMS key that you manage, in Customer managed key ARN, search for and choose the KMS key.
For more information, see AWS managed key and Customer managed key in the AWS Key Management Service Developer Guide.
-
-
Choose Create domain.
Create a domain (AWS CLI)
To create a domain with the AWS CLI, use the create-domain command. You
must use an AWS KMS key (KMS key) to encrypt all assets in your domain. You can use
an AWS managed KMS key or a KMS key that you manage. If you use an AWS managed
KMS key, do not use the --encryption-key parameter. For more information
about KMS keys, see AWS managed key and Customer managed key in
the AWS Key Management Service Developer Guide.
Important
-
CodeArtifact supports only symmetric KMS keys. You can't use an asymmetric KMS key to encrypt your CodeArtifact domains. For more information, see Identifying symmetric and asymmetric KMS keys. To learn how to create a new customer managed key, see Creating symmetric encryption KMS keys in the AWS Key Management Service Developer Guide.
-
CodeArtifact does not support AWS KMS External Key Stores (XKS). Attempting to create a domain with a key ARN that refers to an AWS KMS key in an external key store will fail with a 400 (Bad Request) error.
aws codeartifact create-domain --domainmy_domain
JSON-formatted data appears in the output with details about your new domain.
{ "domain": { "name": "my_domain", "owner": "111122223333", "arn": "arn:aws:codeartifact:us-west-2:111122223333:domain/my_domain", "status": "Active", "encryptionKey": "arn:aws:kms:us-west-2:111122223333:key/your-kms-key", "repositoryCount": 0, "assetSizeBytes": 0, "createdTime": "2020-10-12T16:51:18.039000-04:00" } }
If you use a KMS key that you manage, include its Amazon Resource Name (ARN) with the --encryption-key parameter.
aws codeartifact create-domain --domainmy_domain--encryption-keyarn:aws:kms:us-west-2:111122223333:key/your-kms-key
JSON-formatted data appears in the output with details about your new domain.
{ "domain": { "name": "my_domain", "owner": "111122223333", "arn": "arn:aws:codeartifact:us-west-2:111122223333:domain/my_domain", "status": "Active", "encryptionKey": "arn:aws:kms:us-west-2:111122223333:key/your-kms-key", "repositoryCount": 0, "assetSizeBytes": 0, "createdTime": "2020-10-12T16:51:18.039000-04:00" } }
Create a domain with tags
To create a domain with tags, add the --tags parameter to your create-domain command.
aws codeartifact create-domain --domainmy_domain--tagskey=k1,value=v1 key=k2,value=v2
