How do I enable users to install Python artifacts from CodeArtifact?

Question

I was able to use CodeBuild to build a Python package and publish that package to CodeArtifact. Now I need to enable users from the outside to install the package via pip. Is this approach possible?

According to Configure clients with the login command and Configure pip without the login command , I can configure access. In both approaches, an authorization token has to be generated somehow. I suppose, for each unique user, I would have to create some sort of IAM account and manage the permissions and access? Is this understanding correct?

I also ran into devpi, and it has user management, but I am not sure if these users are to install packages and/or adminstrate the server itself.

It would be nice if somehow, I can give the user some credential, and they can pass that into pip when they install and specify my CodeArtifact repository. Is this possible with CodeArtifact?

A similar question in regards to Java artifacts has been raised, but without an accepted answer.

Answer 1

yes, your users will need to have some sort of IAM user/role so that they can use the AWS CLI to run the aws codeartifact login command so that pip configuration can be updated to use your CodeArtifact repository.

The IAM resource will need to be associated with an IAM policy that allows the appropriate CodeArtifact permissions.