Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Create VPC endpoints for CodeArtifact

Focus mode
Create VPC endpoints for CodeArtifact - CodeArtifact

To create virtual private cloud (VPC) endpoints for CodeArtifact, use the Amazon EC2 create-vpc-endpoint AWS CLI command. For more information, see Interface VPC Endpoints (AWS PrivateLink) in the Amazon Virtual Private Cloud User Guide.

Two VPC endpoints are required so that all requests to CodeArtifact are in the AWS network. The first endpoint is used to call CodeArtifact APIs (for example, GetAuthorizationToken and CreateRepository).

com.amazonaws.region.codeartifact.api

The second endpoint is used to access CodeArtifact repositories using package managers and build tools (for example, npm and Gradle).

com.amazonaws.region.codeartifact.repositories

The following command creates an endpoint to access CodeArtifact repositories.

aws ec2 create-vpc-endpoint --vpc-id vpcid --vpc-endpoint-type Interface \ --service-name com.amazonaws.region.codeartifact.api --subnet-ids subnetid \ --security-group-ids groupid --private-dns-enabled

The following command creates an endpoint to access package managers and build tools.

aws ec2 create-vpc-endpoint --vpc-id vpcid --vpc-endpoint-type Interface \ --service-name com.amazonaws.region.codeartifact.repositories --subnet-ids subnetid \ --security-group-ids groupid --private-dns-enabled
Note

When you create a codeartifact.repositories endpoint, you must create a private DNS hostname using the --private-dns-enabled option. If you can't or do not want to create a private DNS hostname when you create the codeartifact.repositories endpoint, you must follow an extra configuration step to use your package manager with CodeArtifact from a VPC. See Use the codeartifact.repositories endpoint without private DNS for more information.

After creating VPC endpoints, you may need to do more configuration with security group rules to use the endpoints with CodeArtifact. For more information about security groups in Amazon VPC, see Security groups.

If you are having issues connecting to CodeArtifact, you can use the VPC Reachability Analyzer tool to debug the issue. For more information, see What is VPC Reachability Analyzer?

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.