AWS CodeArtifact is a fully managed artifact repository service that makes it easier for organizations of any size to securely store, publish, and share software packages used in their software development process.
You can configure CodeArtifact to fetch software packages from public repositories such as the npm Registry, Maven Central, PyPI, RubyGems.org and NuGet.org in just a few quick steps.
You can use your existing package managers such as npm, pip, yarn, twine, Maven, NuGet, the Gem CLI, Bundler, and SwiftPM to publish packages developed within your organization.
You can approve packages for use by building automated workflows using CodeArtifact APIs and Amazon EventBridge. Integration with AWS CloudTrail gives leaders visibility into which packages are in use and where, making it easy to identify packages that need to be updated or removed.
CodeArtifact operates in multiple Availability Zones and stores artifact data and metadata in Amazon Simple Storage Service (Amazon S3) and Amazon DynamoDB. Your encrypted data is redundantly stored across multiple facilities and multiple devices in each facility, making it highly available and highly durable.
CodeArtifact lets you focus on delivering for your customers, not configuring and maintaining your development infrastructure. CodeArtifact is a highly available service that scales to meet the needs of any software development team. There is no software to update or servers to manage.
CodeArtifact integrates with AWS Identity and Access Management (IAM) and CloudTrail, offering control over who can access software packages and visibility into who has access to your software packages. CodeArtifact also integrates with AWS Key Management Service (AWS KMS) for package encryption.
You can increase the security of your repositories by configuring CodeArtifact to use AWS PrivateLink endpoints. This allows systems running in your virtual private cloud (VPC) to access packages stored in CodeArtifact without the data being transferred over the public internet.