Private NPM registry with Google Artifact Registry

If you’re here, it’s reasonable to presume you’re familiar with NPM and may have your reasons for not hosting your packages in the public npm registry or purchasing the offering from npm. So, without further ado, let’s do it one step at a time.

Before proceeding with the video, ensure that you have the gcloud SDK installed on your laptop; instructions may be found here.

Setting up an IAM account with the right privileges and an artifact project

First and foremost. If you are a manager, you may delegate the registry setup to a developer. As we all know, IAM roles manage everything in the cloud console. As a result, you would need to provide the developer with a minimal set of permissions in order for them to experiment with the repository.

Google gives you a basic set of roles with specified rights that you may utilise right away. However, if you want to provide users with additional fine-grained restrictions, you may examine all available permission settings here.

The out of box provided roles are:
1. Artifact Registry Administrator: Artifact Registry Administrator
Create and manage repositories and artifacts
2. Artifact Registry Reader:
Artifact Registry Repository Administrator
Read, write, and delete artifacts
3. Artifact Registry Repository Administrator:
Artifact Registry Writer Read and write artifacts
4. Artifact Registry Writer:
Artifact Registry Reader
View and get artifacts

For our demo project, we’ve chosen Artifact Registry Administrator for our demo user.

Giving IAM privileges to users.

Head over to the artifact registry page and click create a repository. Enter the name, choose npm as a format specify the location type and you are good to go.

Publishing your first package

I’ll assume you have your package setup, if not you can clone this project to follow along.

Step 1: Create a .npmrc file in the root directory of your project.
Step 2: In the google cloud console open your artifact project, on the top panel click setup instructions and copy the script given to the .npmrc file.

Step 3: Replace the SCOPE in the .npmrc with the required npm package scope.
Step 4. Name your package appropriately in the pacakge.json and copy the script ar-login from the below snippet to your pacakge.json

{“name”: “@quillbot/demo-repo”,“version”: “1.0.0”,“description”: “”,“main”: “index.js”,“scripts”: {“test”: “echo \”Error: no test specified\” && exit 1",“ar-login”: “npx google-artifactregistry-auth — repo-config=./.npmrc”},“license”: “ISC”}

Step 5. Run gcloud init to log in to the project and set up your machine.
Step 6: Run npm run ar-login to configure the package and refresh tokens to access the registry. You should see a success message when you’re logged in successfully.
Step 7: Run npm publish to push your code to the artifact registry.

Hurraaaaaaaaaaay and you’ve hosted your very own artifact registry!!!!!!!


  1. To use the package in your projects run steps 1–4 in the repo you want to use the package, run npm i [pacakge-name] to download the package.
  2. Due to restrictions from npm, you’ll have to update the version on your npm package if you have to publish an update to the package.




Sometimes it is the people no one can imagine anything of, do the things no one can imagine.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Build Your Web Development Portfolio || The Yes No API Challenge

5 Different Ways of Iterating With JavaScript Loops

Froot Loops

How to Create a Javascript HTML Generator

How to set up E2E browser testing for your GitHub project

Javascript fundamental, you should know it

Scope Concept in JavaScript

Create a Minesweeper Game Clone with Vanilla Javascript

JavaScript #3 — Hello, World!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Sometimes it is the people no one can imagine anything of, do the things no one can imagine.

More from Medium

How to Enable Multi Factor Authentication for AWS Account with Microsoft Authenticator App on your…

Sign-up/Sign-in user with Cognito AWS

Search Engine

API Gateway — Custom Authorizer arn changes not reflecting — Authorizer Error