# Setting up with AWS CodeArtifact
<a name="get-set-up-for-codeartifact"></a>

 If you've already signed up for Amazon Web Services (AWS), you can start using AWS CodeArtifact immediately. You can open the CodeArtifact console, choose **Create a domain and repository**, and follow the steps in the launch wizard to create your first domain and repository. 

If you haven't signed up for AWS yet, or need assistance creating your first domain and repository, complete the following tasks to get set up to use CodeArtifact: 

**Topics**
+ [Sign up for AWS](get-set-up-sign-up-for-aws.md)
+ [Install or upgrade and then configure the AWS CLI](get-set-up-install-cli.md)
+ [Provision an IAM user](get-set-up-provision-user.md)
+ [Install your package manager or build tool](getting-started-install-package-manager.md)

# Sign up for AWS
<a name="get-set-up-sign-up-for-aws"></a>

When you sign up for Amazon Web Services (AWS), you are charged only for the services and resources that you use, including AWS CodeArtifact.

If you already have an AWS account, skip to the next task, [Install or upgrade and then configure the AWS CLI](get-set-up-install-cli.md). If you don't have an AWS account, use the following procedure to create one.

**To create an AWS account**

1. Open [https://portal.aws.amazon.com/billing/signup](https://portal.aws.amazon.com/billing/signup).

1. Follow the online instructions.

   Part of the sign-up procedure involves receiving a phone call or text message and entering a verification code on the phone keypad.

   When you sign up for an AWS account, an *AWS account root user* is created. The root user has access to all AWS services and resources in the account. As a security best practice, assign administrative access to a user, and use only the root user to perform [tasks that require root user access](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html#root-user-tasks).

# Install or upgrade and then configure the AWS CLI
<a name="get-set-up-install-cli"></a>

 To call CodeArtifact commands from the AWS Command Line Interface (AWS CLI) on a local development machine, you must install the AWS CLI. 

 If you have an older version of the AWS CLI installed, you must upgrade it so the CodeArtifact commands are available. CodeArtifact commands are available in the following AWS CLI versions:

1. **AWS CLI 1:** 1.18.77 and newer

1. **AWS CLI 2:** 2.0.21 and newer

To check the version, use the `aws --version` command.

**To install and configure the AWS CLI**

1. Install or upgrade the AWS CLI with the instructions in [Installing the AWS Command Line Interface](https://docs.aws.amazon.com/cli/latest/userguide/installing.html).

1. Configure the AWS CLI, with the **configure** command, as follows.

   ```
   aws configure
   ```

   When prompted, specify the AWS access key and AWS secret access key of the IAM user that you will use with CodeArtifact. When prompted for the default AWS Region name, specify the Region where you will create the pipeline, such as `us-east-2`. When prompted for the default output format, specify `json`.
**Important**  
When you configure the AWS CLI, you are prompted to specify an AWS Region. Choose one of the supported Regions listed in [Region and Endpoints](https://docs.aws.amazon.com/general/latest/gr/codeartifact.html) in the *AWS General Reference*.

   For more information, see [Configuring the AWS Command Line Interface](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html) and [Managing access keys for IAM users](https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html). 

1. To verify the installation or upgrade, call the following command from the AWS CLI.

   ```
   aws codeartifact help
   ```

   If successful, this command displays a list of available CodeArtifact commands.

Next, you can create an IAM user and grant that user access to CodeArtifact. For more information, see [Provision an IAM user](get-set-up-provision-user.md).

# Provision an IAM user
<a name="get-set-up-provision-user"></a>

Follow these instructions to prepare an IAM user to use CodeArtifact.

**To provision anIAM user**

1. Create an IAM user, or use one that is associated with your AWS account. For more information, see [Creating an IAM user](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SettingUpUser.html#Using_CreateUser_console) and [Overview of AWS IAM policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/PoliciesOverview.html) in the *IAM User Guide*.

1. Grant the IAM user access to CodeArtifact.
   + **Option 1:** Create a custom IAM policy. With a custom IAM policy, you can provide the minimum required permissions and change how long authentication tokens last. For more information and example policies, see [Identity-based policy examples for AWS CodeArtifact](security_iam_id-based-policy-examples.md).
   + **Option 2:** Use the `AWSCodeArtifactAdminAccess` AWS managed policy. The following snippet shows the contents of this policy.
**Important**  
This policy grants access to all CodeArtifact APIs. We recommend that you always use the minimum permissions required to accomplish your task. For more information, see [IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) in the *IAM User Guide*.

------
#### [ JSON ]

****  

     ```
     {
        "Version":"2012-10-17",		 	 	 
        "Statement": [
           {
              "Action": [
                 "codeartifact:*"
              ],
              "Effect": "Allow",
              "Resource": "*"
           },
           {
              "Effect": "Allow",
              "Action": "sts:GetServiceBearerToken",
              "Resource": "*",
                 "Condition": {
                    "StringEquals": {
                       "sts:AWSServiceName": "codeartifact.amazonaws.com"
                    }
                 }
           }
         ]
     }
     ```

------

**Note**  
The `sts:GetServiceBearerToken` permission must be added to the IAM user or role policy. While it can be added to a CodeArtifact domain or repository resource policy, the permission will have no effect in resource policies.

The `sts:GetServiceBearerToken` permission is required to call the CodeArtifact `GetAuthorizationToken` API. This API returns a token that must be used when using a package manager such as `npm` or `pip` with CodeArtifact. To use a package manager with a CodeArtifact repository, your IAM user or role must allow `sts:GetServiceBearerToken` as shown in the preceding policy example.

If you haven't installed the package manager or build tool that you plan to use with CodeArtifact, see [Install your package manager or build tool](getting-started-install-package-manager.md).

# Install your package manager or build tool
<a name="getting-started-install-package-manager"></a>

To publish or consume packages from CodeArtifact, you must use a package manager. There are different package managers for each package type. The following list contains some package managers that you can use with CodeArtifact. If you haven't already, install the package managers for the package type you want to use.
+ For npm, use the [npm CLI](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm) or [pnpm](https://pnpm.io/installation).
+ For Maven, use either [Apache Maven (`mvn`)](https://maven.apache.org/install.html) or [Gradle](https://gradle.org/install/).
+ For Python, use [pip](https://pip.pypa.io/en/stable/installation/) to install packages and [twine](https://twine.readthedocs.io/en/stable/#installation) to publish packages.
+ For NuGet, use the [Toolkit for Visual Studio](https://docs.aws.amazon.com/toolkit-for-visual-studio/latest/user-guide/setup.html) in Visual Studio or the [nuget](https://learn.microsoft.com/en-us/nuget/reference/nuget-exe-cli-reference) or [dotnet](https://learn.microsoft.com/en-us/dotnet/core/install/) CLIs.
+ For [generic](using-generic.md) packages, use the [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) or SDK to publish and download package contents.

## Next steps
<a name="getting-started-install-package-manager-next-steps"></a>

Your next steps will depend on which package type or types you are using with CodeArtifact, and the state of your CodeArtifact resources.

If you are getting started with CodeArtifact for the first time for yourself, your team, or organization, see the following documentation for general getting started information and help creating the resources you will need.
+ [Getting started using the console](getting-started-console.md)
+ [Getting started using the AWS CLI](getting-started-cli.md)

If your resources have already been created and you are ready to configure your package manager to push packages to or install packages from a CodeArtifact repository, see the documentation that corresponds to your package type or package manager.
+ [Using CodeArtifact with npm](using-npm.md)
+ [Using CodeArtifact with Python](using-python.md)
+ [Using CodeArtifact with Maven](using-maven.md)
+ [Using CodeArtifact with NuGet](using-nuget.md)
+ [Using CodeArtifact with generic packages](using-generic.md)