Creates a CodeBuild with supporting resources, including assuming an IAM Role and exporting the credentials into the environment (this works around the default credentials for a CodeBuild not being accessible within a container running Terraform).
| Name | Version |
|---|---|
| aws | 4.29.0 |
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.default | resource |
| aws_codebuild_project.default | resource |
| aws_iam_policy.default | resource |
| aws_iam_policy.vpc_access | resource |
| aws_iam_role.default | resource |
| aws_iam_role_policy_attachment.default | resource |
| aws_iam_role_policy_attachment.vpc_access | resource |
| aws_iam_policy_document.assume_role_policy | data source |
| aws_iam_policy_document.default | data source |
| aws_iam_policy_document.vpc_access | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| artifacts_bucket_arn | ARN of the bucket for storing codepipeline artifacts | string |
n/a | yes |
| build_commands | Commands to run in the build phase | list(any) |
[] |
no |
| build_compute_type | Information about the compute resources the build project will use. Valid values: BUILD_GENERAL1_SMALL, BUILD_GENERAL1_MEDIUM, BUILD_GENERAL1_LARGE, BUILD_GENERAL1_2XLARGE. BUILD_GENERAL1_SMALL is only valid if type is set to LINUX_CONTAINER. When type is set to LINUX_GPU_CONTAINER, compute_type must be BUILD_GENERAL1_LARGE |
string |
"BUILD_GENERAL1_SMALL" |
no |
| build_container_type | Type of build environment to use for related builds. | string |
"LINUX_CONTAINER" |
no |
| build_image | Docker image to use for this build project. | string |
"aws/codebuild/amazonlinux2-x86_64-standard:3.0" |
no |
| build_image_pull_credentials_type | Type of credentials AWS CodeBuild uses to pull images in your build. Valid values: CODEBUILD, SERVICE_ROLE. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CodeBuild credentials. Defaults to CODEBUILD |
string |
"CODEBUILD" |
no |
| container_privileged_mode | Whether to enable running the Docker daemon inside a Docker container. | bool |
true |
no |
| file_artifacts | Files to list in the artefacts > files section of the buildspec. | list(string) |
[] |
no |
| name | Name of the build | string |
n/a | yes |
| role_arn | The ARN of the IAM role to assume for the build | string |
"" |
no |
| vpc_config | Configuration for the builds to run inside a VPC. | any |
{} |
no |
| Name | Description |
|---|---|
| project_arn | The ARN of the CodeBuild project |
| project_name | The name of the CodeBuild Project |
Generation of this README and formatting of Terraform code is done via a Git pre-commit hook. To install run:
scripts/install-hooks.sh
To run the tests you need to login to AWS (use the "Infra Testing" account) and run ./test.sh.
Releases are published (after running the tests) by pushing a semver tag (e.g. v1.2.3).