[ aws . codeartifact ]

get-domain-permissions-policy

Description

Returns the resource policy attached to the specified domain.

Note

The policy is a resource-based policy, not an identity-based policy. For more information, see Identity-based policies and resource-based policies in the AWS Identity and Access Management User Guide .

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  get-domain-permissions-policy
--domain <value>
[--domain-owner <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--domain (string)

The name of the domain to which the resource policy is attached.

--domain-owner (string)

The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Examples

To get the permissions policy document for a domain

The following get-domain-permissions-policy example gets the permission policy attached to a domain named test-domain.

aws codeartifact get-domain-permissions-policy \
    --domain test-domain

Output:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "BasicDomainPolicy",
            "Action": [
                "codeartifact:GetDomainPermissionsPolicy",
                "codeartifact:ListRepositoriesInDomain",
                "codeartifact:GetAuthorizationToken",
                "codeartifact:CreateRepository"
            ],
            "Effect": "Allow",
            "Resource": "*",
            "Principal": {
                "AWS": "arn:aws:iam::111122223333:root"
            }
        }
    ]
}

For more information, see Read a domain policy in the AWS CodeArtifact User Guide.

Output

policy -> (structure)

The returned resource policy.

resourceArn -> (string)

The ARN of the resource associated with the resource policy

revision -> (string)

The current revision of the resource policy.

document -> (string)

The resource policy formatted in JSON.