I would like to setup CodeArtifact to be easy to use for Windows developers. Problem is it appears CodeArtifact relies on an token that expires, and I can't get rid of this token. I would prefer to not use an authentication token and instead restrict the repositories to our companies ip address, and control access via policy. Our builds get published to S3 and I control access this way, works great. I've applied the policy condition as a test but I still need to use the authentication token
This is the policy I'm testing with, ip addresses have been replaced:
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "*",
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"255.255.255.255/32",
"255.255.255.255/32",
"255.255.255.255/32"
]
}
}
}
]
}
Part of my goal is to have things setup so the process is transparent to the developers. I can add a line to requirements.txt such as --extra-index-url <CodeArtifact endpoint> <package>==<version> and have it work without them having to have an IAM account and setup the credentials.
I know CodeArtifact is new so perhaps this isn't supported yet. Or maybe this isn't the right tool and I should just use S3 instead.
