AWS policy grantig access to one CodeArtifact package

27 Views Asked by lgpasquale At 23 January 2024 at 16:43

I'm trying to create a policy granting read-only access to one python package on CodeArtifact.

This is what I've got so far, but it seems to be granting access to all packages in the repository (and not just myPackage1):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "sts:GetServiceBearerToken"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "codeartifact:GetAuthorizationToken"
            ],
            "Resource": [
                "arn:aws:codeartifact:eu-central-1:REDACTED:domain/REDACTED_DOMAIN"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "codeartifact:ReadFromRepository"
            ],
            "Resource": [
                "arn:aws:codeartifact:eu-central-1:REDACTED:repository/REDACTED_DOMAIN/REDACTED_REPO"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "codeartifact:DescribePackage",
                "codeartifact:GetPackageVersionReadme",
                "codeartifact:GetPackageVersionAsset"
            ],
            "Resource": [
                "arn:aws:codeartifact:eu-central-1:REDACTED:package/REDACTED_DOMAIN/REDACTED_REPO/pypi/*/myPackage1"
            ]
        }
    ]
}

What do I need to chage to limit acces to just one package?

Original Q&A

AWS policy grantig access to one CodeArtifact package

There are 0 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AWS-CODEARTIFACT

Related Questions in AWS-IAM-POLICY

Trending Questions

Popular # Hahtags

Popular Questions