Project
data class ProjectArgs(val artifacts: Output<ProjectArtifactsArgs>? = null, val badgeEnabled: Output<Boolean>? = null, val buildBatchConfig: Output<ProjectBuildBatchConfigArgs>? = null, val buildTimeout: Output<Int>? = null, val cache: Output<ProjectCacheArgs>? = null, val concurrentBuildLimit: Output<Int>? = null, val description: Output<String>? = null, val encryptionKey: Output<String>? = null, val environment: Output<ProjectEnvironmentArgs>? = null, val fileSystemLocations: Output<List<ProjectFileSystemLocationArgs>>? = null, val logsConfig: Output<ProjectLogsConfigArgs>? = null, val name: Output<String>? = null, val projectVisibility: Output<String>? = null, val queuedTimeout: Output<Int>? = null, val resourceAccessRole: Output<String>? = null, val secondaryArtifacts: Output<List<ProjectSecondaryArtifactArgs>>? = null, val secondarySourceVersions: Output<List<ProjectSecondarySourceVersionArgs>>? = null, val secondarySources: Output<List<ProjectSecondarySourceArgs>>? = null, val serviceRole: Output<String>? = null, val source: Output<ProjectSourceArgs>? = null, val sourceVersion: Output<String>? = null, val tags: Output<Map<String, String>>? = null, val vpcConfig: Output<ProjectVpcConfigArgs>? = null) : ConvertibleToJava<ProjectArgs>
Provides a CodeBuild Project resource. See also the aws.codebuild.Webhook resource, which manages the webhook to the source (e.g., the "rebuild every time a code change is pushed" option in the CodeBuild web console).
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicy;
import com.pulumi.aws.iam.RolePolicyArgs;
import com.pulumi.aws.codebuild.Project;
import com.pulumi.aws.codebuild.ProjectArgs;
import com.pulumi.aws.codebuild.inputs.ProjectArtifactsArgs;
import com.pulumi.aws.codebuild.inputs.ProjectCacheArgs;
import com.pulumi.aws.codebuild.inputs.ProjectEnvironmentArgs;
import com.pulumi.aws.codebuild.inputs.ProjectLogsConfigArgs;
import com.pulumi.aws.codebuild.inputs.ProjectLogsConfigCloudwatchLogsArgs;
import com.pulumi.aws.codebuild.inputs.ProjectLogsConfigS3LogsArgs;
import com.pulumi.aws.codebuild.inputs.ProjectSourceArgs;
import com.pulumi.aws.codebuild.inputs.ProjectSourceGitSubmodulesConfigArgs;
import com.pulumi.aws.codebuild.inputs.ProjectVpcConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleBucketV2 = new BucketV2("exampleBucketV2");
var exampleBucketAclV2 = new BucketAclV2("exampleBucketAclV2", BucketAclV2Args.builder()
.bucket(exampleBucketV2.id())
.acl("private")
.build());
final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("codebuild.amazonaws.com")
.build())
.actions("sts:AssumeRole")
.build())
.build());
var exampleRole = new Role("exampleRole", RoleArgs.builder()
.assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
.build());
final var examplePolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents")
.resources("*")
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"ec2:CreateNetworkInterface",
"ec2:DescribeDhcpOptions",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVpcs")
.resources("*")
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions("ec2:CreateNetworkInterfacePermission")
.resources("arn:aws:ec2:us-east-1:123456789012:network-interface/*")
.conditions(
GetPolicyDocumentStatementConditionArgs.builder()
.test("StringEquals")
.variable("ec2:Subnet")
.values(
aws_subnet.example1().arn(),
aws_subnet.example2().arn())
.build(),
GetPolicyDocumentStatementConditionArgs.builder()
.test("StringEquals")
.variable("ec2:AuthorizedService")
.values("codebuild.amazonaws.com")
.build())
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions("s3:*")
.resources(
exampleBucketV2.arn(),
exampleBucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
.build())
.build());
var exampleRolePolicy = new RolePolicy("exampleRolePolicy", RolePolicyArgs.builder()
.role(exampleRole.name())
.policy(examplePolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(examplePolicyDocument -> examplePolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
.build());
var exampleProject = new Project("exampleProject", ProjectArgs.builder()
.description("test_codebuild_project")
.buildTimeout("5")
.serviceRole(exampleRole.arn())
.artifacts(ProjectArtifactsArgs.builder()
.type("NO_ARTIFACTS")
.build())
.cache(ProjectCacheArgs.builder()
.type("S3")
.location(exampleBucketV2.bucket())
.build())
.environment(ProjectEnvironmentArgs.builder()
.computeType("BUILD_GENERAL1_SMALL")
.image("aws/codebuild/standard:1.0")
.type("LINUX_CONTAINER")
.imagePullCredentialsType("CODEBUILD")
.environmentVariables(
ProjectEnvironmentEnvironmentVariableArgs.builder()
.name("SOME_KEY1")
.value("SOME_VALUE1")
.build(),
ProjectEnvironmentEnvironmentVariableArgs.builder()
.name("SOME_KEY2")
.value("SOME_VALUE2")
.type("PARAMETER_STORE")
.build())
.build())
.logsConfig(ProjectLogsConfigArgs.builder()
.cloudwatchLogs(ProjectLogsConfigCloudwatchLogsArgs.builder()
.groupName("log-group")
.streamName("log-stream")
.build())
.s3Logs(ProjectLogsConfigS3LogsArgs.builder()
.status("ENABLED")
.location(exampleBucketV2.id().applyValue(id -> String.format("%s/build-log", id)))
.build())
.build())
.source(ProjectSourceArgs.builder()
.type("GITHUB")
.location("https://github.com/mitchellh/packer.git")
.gitCloneDepth(1)
.gitSubmodulesConfig(ProjectSourceGitSubmodulesConfigArgs.builder()
.fetchSubmodules(true)
.build())
.build())
.sourceVersion("master")
.vpcConfig(ProjectVpcConfigArgs.builder()
.vpcId(aws_vpc.example().id())
.subnets(
aws_subnet.example1().id(),
aws_subnet.example2().id())
.securityGroupIds(
aws_security_group.example1().id(),
aws_security_group.example2().id())
.build())
.tags(Map.of("Environment", "Test"))
.build());
var project_with_cache = new Project("project-with-cache", ProjectArgs.builder()
.description("test_codebuild_project_cache")
.buildTimeout("5")
.queuedTimeout("5")
.serviceRole(exampleRole.arn())
.artifacts(ProjectArtifactsArgs.builder()
.type("NO_ARTIFACTS")
.build())
.cache(ProjectCacheArgs.builder()
.type("LOCAL")
.modes(
"LOCAL_DOCKER_LAYER_CACHE",
"LOCAL_SOURCE_CACHE")
.build())
.environment(ProjectEnvironmentArgs.builder()
.computeType("BUILD_GENERAL1_SMALL")
.image("aws/codebuild/standard:1.0")
.type("LINUX_CONTAINER")
.imagePullCredentialsType("CODEBUILD")
.environmentVariables(ProjectEnvironmentEnvironmentVariableArgs.builder()
.name("SOME_KEY1")
.value("SOME_VALUE1")
.build())
.build())
.source(ProjectSourceArgs.builder()
.type("GITHUB")
.location("https://github.com/mitchellh/packer.git")
.gitCloneDepth(1)
.build())
.tags(Map.of("Environment", "Test"))
.build());
}
}Content copied to clipboard
Import
CodeBuild Project can be imported using the name, e.g.,
$ pulumi import aws:codebuild/project:Project name project-nameContent copied to clipboard
Constructors
Link copied to clipboard
constructor(artifacts: Output<ProjectArtifactsArgs>? = null, badgeEnabled: Output<Boolean>? = null, buildBatchConfig: Output<ProjectBuildBatchConfigArgs>? = null, buildTimeout: Output<Int>? = null, cache: Output<ProjectCacheArgs>? = null, concurrentBuildLimit: Output<Int>? = null, description: Output<String>? = null, encryptionKey: Output<String>? = null, environment: Output<ProjectEnvironmentArgs>? = null, fileSystemLocations: Output<List<ProjectFileSystemLocationArgs>>? = null, logsConfig: Output<ProjectLogsConfigArgs>? = null, name: Output<String>? = null, projectVisibility: Output<String>? = null, queuedTimeout: Output<Int>? = null, resourceAccessRole: Output<String>? = null, secondaryArtifacts: Output<List<ProjectSecondaryArtifactArgs>>? = null, secondarySourceVersions: Output<List<ProjectSecondarySourceVersionArgs>>? = null, secondarySources: Output<List<ProjectSecondarySourceArgs>>? = null, serviceRole: Output<String>? = null, source: Output<ProjectSourceArgs>? = null, sourceVersion: Output<String>? = null, tags: Output<Map<String, String>>? = null, vpcConfig: Output<ProjectVpcConfigArgs>? = null)
Properties
Link copied to clipboard
Configuration block. Detailed below.
Link copied to clipboard
Generates a publicly-accessible URL for the projects build badge. Available as badge_url attribute when enabled.
Link copied to clipboard
Defines the batch build options for the project.
Link copied to clipboard
Number of minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes.
Link copied to clipboard
Configuration block. Detailed below.
Link copied to clipboard
Specify a maximum number of concurrent builds for the project. The value specified must be greater than 0 and less than the account concurrent running builds limit.
Link copied to clipboard
Short description of the project.
Link copied to clipboard
AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.
Link copied to clipboard
Configuration block. Detailed below.
Link copied to clipboard
A set of file system locations to mount inside the build. File system locations are documented below.
Link copied to clipboard
Configuration block. Detailed below.
Link copied to clipboard
Specifies the visibility of the project's builds. Possible values are: PUBLIC_READ and PRIVATE. Default value is PRIVATE.
Link copied to clipboard
Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours.
Link copied to clipboard
The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.
Link copied to clipboard
Configuration block. Detailed below.
Link copied to clipboard
Configuration block. Detailed below.
Link copied to clipboard
Configuration block. Detailed below.
Link copied to clipboard
Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
Link copied to clipboard
Configuration block. Detailed below. The following arguments are optional:
Link copied to clipboard
Version of the build input to be built for this project. If not specified, the latest version is used.
Link copied to clipboard
Configuration block. Detailed below. //