AWS Codeartifact

Introduction to AWS CodeArtifact

AWS CodeArtifact is one of the developer tools provided by AWS to the developers. It is an artifact repository service that is secure and highly scalable and helps the organization store and share software packages for their application development. We can use it with a different package manager like npm, pip, etc.

AWS CodeArtifact provides the features to create an Artifact repository that can manage the packages and libraries from different package managers in a single repository. We can also publish private packages to the artifact repository. It helps to easily share the software components between various applications and development teams within an organization.

Let's understand what is an Artifact repository.

What is Artifact Repository?

It is a repository in which we add different packages and libraries which help in software development.

• An Artifact repository supports different software package management systems.
• It helps professionals to make approved packages available for use.
• It helps developers to find and use the approved packages. They can also easily publish and share the developed packages.

How does AWS CodeArtifact Work?

AWS CodeArtifact stores packages and libraries in the repository. This repository contains the packages of any supported types.

The above diagram shows a detailed view of its working.

• The artifact service of AWS creates a repository to publish and store packages securely.
• We can access these packages and libraries from the repository using the domain across multiple AWS accounts within an organization.
• This makes it a secure, scalable, and cost-effective management tool for software development.
• It pulls the dependencies from the public artifact repository like npm, pip, etc.
• Developers use the dependencies from the CodeArtifact and publish their new private package and libraries to the AWS CodeArtifact.
• We can also access packages from one repository to another within a domain.

AWS CodeArtifact helps the developer to manage the dependencies, packages, and libraries for the development of any software.

Features of AWS CodeArtifact

Let's discuss some standard features of AWS CodeArtifact.

Publish and Share Packages

• The artifact packages developed within an organization can be published or shared using CodeArtifact.
• Publishing packages to CodeArtifacts is easy as we can use common package managers like npm, pip, yarn, twine, Maven, NuGet, etc.
• The packages can be uploaded to the AWS cloud, and then the developer's team of an organization can use the same artifact instead of creating a new one on their own.

Use Packages from Public Artifact Repositories

• Multiple organizations provide public repositories for storing artifacts like npm Registry, Maven Central, PyPI, etc.
• CodeArtifact allows us to download artifacts from these public repositories easily using a few mouse clicks.
• It automatically downloads these software artifacts and stores the dependency files attached, making it easy for developers.

Approve Packages and Get Package Visibility

• Packages are approved by automated workflows, built using CodeArtifact APIs and AWS EventBridge.
• We can easily keep an eye on the packages in use and where they are used with Integrating AWS CloudTrail.
• This visibility helps identify the packages that need to be updated or removed.

High Availability

• AWS always tries to keep its data highly available in all its services.
• AWS CodeArtifact is also highly available, as it operates in multiple Availability Zones.
• It stores its data and metadata in Amazon S3, which is available 99.99% of the time.

High Durability

• Durability is also one of the features provided by AWS in many of their services.
• AWS CodeArtifact uses S3 services, which are highly durable with 99.999999999% durability.
• AWS CodeArtifact saves the encrypted data across multiple facilities and devices, which makes it highly durable.

Fully Managed Service

• AWS always provides us with fully managed services which AWS fully manages.
• AWS CodeArtifact focused on the product delivery for the customers, not on maintaining the infrastructure, as configuring and maintaining are done by AWS.
• The organization that uses CodeArtifact has to focus only on its packages and libraries for its software development, not on the servers managing the repository of these packages.

Access Control and Monitoring

• AWS CodeArtifact integrates with IAM to manage the access control on the software packages.
• We can also encrypt our packages using AWS Key Management Service (KMS).
• AWS CloudTrail is another service of AWS that we integrate with AWS CodeArtifact to monitor the packages in use and where they are used.

Package Accessibility within VPC

• AWS CodeArtifact provides the facility to use AWS PrivateLink endpoints.
• It helps the artifact repository access the packages within a virtual private cloud.
• It provides security to the repository, and data are unavailable on the public internet.

AWS CodeArtifact Concepts/Terminologies

Let's know the concepts and terms we should know before using the AWS CodeArtifact.

Domain

A domain is a higher-level entity that aggregates the CodeArtifact repositories. We can store more than one repository in a domain.

• All the assets and packages are stored in a domain encrypted by AWS Key Management Service (KMS).
• We can't change the domain of any repository, and each repository is a member of only a single domain.
• An organization can have multiple domains, but it is better to have a single domain and add multiple repositories per the organization's need to share the packages.

Repository

AWS CodeArtifact Repository is the set of package versions that map to a set of assets.

• Repository stores packages of any supported type, which makes it polyglot.
• For fetching and publishing the packages to the CodeArtifact repositories, tools like the npm CLI, the Maven CLI (mvn), and pip are used.
• We can create up to 1000 repositories per domain.

Package

Packages are a bundle of software that is required for software development.

• Packages resolve the dependencies and install the software which is required.
• Package consists of package namespace, package versions, and package-level metadata.
• Package formats supported by AWS CodeArtifact are npm, PyPI, Maven, and NuGet.

Package Version

The package version tells about any specific version of a package.

• If we have a different version of any package, it will show all the installed package's versions in that Package. for example pendulum 2.1.2, pendulum 1.2.0
• Package version consists of:
  • version identifier
  • package version level metadata
  • a set of assets
• Whenever a package version is updated, a new version revision is created.

Upstream Repository

• Repositories in AWS CodeArtifact build upstream of another repository when package versions are accessed.
• This helps to merge the content of two repositories and use them accordingly.
• Upstream repository can be accessed from the repository endpoint of its downstream repository.

Asset

• Assets are the files associated with the package version and stored in AWS CodeArtifact.
• .tgz file in npm is the asset file.
• POM and JAR files in Maven are the assets files.

Package Namespace

Package namespace is also an AWS CodeArtifact term to organize packages into logical groups.

• It helps avoid name collisions.
• Different packages follow different namespaces. We can understand with this example the npm package @types/node has:
  • @types as scope.
  • node as the name.
• Some package formats don't support hierarchical names like PyPI.

Getting Started

Let's start with AWS CodeArtifact and do a sample hands-on practice. First, we have to set up AWS CLI for the connection part, and then we will do hands-on with AWS CodeArtifact.

Setup AWS Command Line Interface

Follow these steps:

• Open cmd on windows and run the following command. msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi It will start installing the AWS CLI in your system. Click next 2,3 times and then click on Install. It will install AWS CLI in the system in a few minutes, and click on Finish.

• Open the Environment variable and click on Edit. Add the path of the AWS CLI folder by creating a new path. Click on OK to save the changes.

We successfully install aws cli in the system.

Using CodeArtifact from AWS Management Console

Follow the steps:

• Login to the AWS console, search CodeArtifact in the search bar and click on it.
• We are on the AWS CodeArtifact console. Click on the Create repository.
• Enter a name to the repository in the Repository name. Select pypi-store in Public upstream repositories for upstream of the repository. Click on Next.
• On the select domain page, choose This aws account and provide a domain name. Click on Next.
• In the Review and create page, review the details of the CodeArtifact repository and click on Create repository.
• Our repository is created successfully. Click on View connection instructions.
• Choose pip. It will provide a command to configure the PyPI client using this AWS CLI. Copy the command.
• Open the command prompt and configure the AWS credentials.
• Run the copied command of the AWS CodeArtifact in the command prompt. It shows the connection is set and expires after 12 hours.
• Use the AWS CLI to install a pip package "reponse".
• Go to the AWS CodeArtifact and open the repository. We will see the package and library which we are installed.
• Again, go to the command prompt and install a pip package "pendulum".
• Return to the AWS CodeArtifact. We will see the installed packages are added.
• Click on the packages to view their version and status.
• We can also download any other version we want. For the demo again, go to the AWS CLI and install the pendulum package with version 1.2.0.
• Again, see the CodeArtifact console under the pendulum package. We have different versions.

Our software package management tool is ready on AWS CodeArtifact. Delete the repository and domain from the CodeArtifact console to avoid AWS charges.

We successfully learn to use AWS CodeArtifact.

Use Cases

Let's discuss a few use cases associated with the artifact service of AWS.

Consume Packages from Public Artifact Repositories

• AWS CodeArtifact can fetch many software packages from the public repositories after configuring using a different registry.
• These public repositories include the npm registry, Maven Central Repository, and Python Package Index (PyPI).
• AWS CodeArtifact automatically downloads and stores the recent versions of dependencies for the developers to use in their CI/CD systems.

Approve Packages for Use and Audit Package Usage

• Using CodeArtifact APIs and AWS EventBridge automated workflows, we can approve packages for use in software development.
• AWS CodeArtifact also helps to monitor the package's update and usage using the AWS CloudTrail.
• So, AWS CodeArtifact approves the package for use and audit package usage.

Publish and Share Packages

• We can use existing package managers to publish packages developed in the organization.
• These package managers are npm, yarn, pip, twine, and mvn.
• Sharing packages is also done by the development teams and shared packages across the central organizational repository.

Pricing

AWS CodeArtifact follows the Pay as you go model after the Free-tier limit. There is no upfront cost. We only pay for what we use. It also has a free tier for storage and monthly requests.

Free-Tier

Under the free tier, we can get started with this service for free. The following comes under the free-tier plan:

• We will get free the first 2 GB-month storage across all regions.
• In all the supported regions, the first 100,000 requests are free.

Standard Pricing

After the free-tier standard pricing comes into play, we have to pay as per the usage.

• For storage after 2 GB-month, it will charge $0.05 per GB-month in N.Virginia, Ohio, Oregon, and Ireland. In other supported regions, the cost is $0.055 per GB per month.
• For requests after the first 10000 requests, it will charge $0.05 per 10000 requests in N.Virginia, Ohio, Oregon, and Ireland. In other supported regions, the cost is $0.065 per 10000 requests.

Data Transfer Pricing

Data are transferred into and out of AWS CodeArtifact. We have to pay for all bandwidth. In the following case, we do not need to pay any cost:

• Data Transfer To AWS CodeArtifact From the Internet, there will be no charge.
• When the data is transferred between AWS CodeArtifact and other AWS services within the same AWS Region.