pulumi-aws-kotlin/com.pulumi.aws.codebuild.kotlin/Project

Project

class Project : KotlinCustomResource

Provides a CodeBuild Project resource. See also the aws.codebuild.Webhook resource, which manages the webhook to the source (e.g., the "rebuild every time a code change is pushed" option in the CodeBuild web console).

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicy;
import com.pulumi.aws.iam.RolePolicyArgs;
import com.pulumi.aws.codebuild.Project;
import com.pulumi.aws.codebuild.ProjectArgs;
import com.pulumi.aws.codebuild.inputs.ProjectArtifactsArgs;
import com.pulumi.aws.codebuild.inputs.ProjectCacheArgs;
import com.pulumi.aws.codebuild.inputs.ProjectEnvironmentArgs;
import com.pulumi.aws.codebuild.inputs.ProjectLogsConfigArgs;
import com.pulumi.aws.codebuild.inputs.ProjectLogsConfigCloudwatchLogsArgs;
import com.pulumi.aws.codebuild.inputs.ProjectLogsConfigS3LogsArgs;
import com.pulumi.aws.codebuild.inputs.ProjectSourceArgs;
import com.pulumi.aws.codebuild.inputs.ProjectSourceGitSubmodulesConfigArgs;
import com.pulumi.aws.codebuild.inputs.ProjectVpcConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleBucketV2 = new BucketV2("exampleBucketV2");
        var exampleBucketAclV2 = new BucketAclV2("exampleBucketAclV2", BucketAclV2Args.builder()
            .bucket(exampleBucketV2.id())
            .acl("private")
            .build());
        final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("Service")
                    .identifiers("codebuild.amazonaws.com")
                    .build())
                .actions("sts:AssumeRole")
                .build())
            .build());
        var exampleRole = new Role("exampleRole", RoleArgs.builder()
            .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());
        final var examplePolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(
                        "logs:CreateLogGroup",
                        "logs:CreateLogStream",
                        "logs:PutLogEvents")
                    .resources("*")
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(
                        "ec2:CreateNetworkInterface",
                        "ec2:DescribeDhcpOptions",
                        "ec2:DescribeNetworkInterfaces",
                        "ec2:DeleteNetworkInterface",
                        "ec2:DescribeSubnets",
                        "ec2:DescribeSecurityGroups",
                        "ec2:DescribeVpcs")
                    .resources("*")
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions("ec2:CreateNetworkInterfacePermission")
                    .resources("arn:aws:ec2:us-east-1:123456789012:network-interface/*")
                    .conditions(
                        GetPolicyDocumentStatementConditionArgs.builder()
                            .test("StringEquals")
                            .variable("ec2:Subnet")
                            .values(
                                aws_subnet.example1().arn(),
                                aws_subnet.example2().arn())
                            .build(),
                        GetPolicyDocumentStatementConditionArgs.builder()
                            .test("StringEquals")
                            .variable("ec2:AuthorizedService")
                            .values("codebuild.amazonaws.com")
                            .build())
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions("s3:*")
                    .resources(
                        exampleBucketV2.arn(),
                        exampleBucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
                    .build())
            .build());
        var exampleRolePolicy = new RolePolicy("exampleRolePolicy", RolePolicyArgs.builder()
            .role(exampleRole.name())
            .policy(examplePolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(examplePolicyDocument -> examplePolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
            .build());
        var exampleProject = new Project("exampleProject", ProjectArgs.builder()
            .description("test_codebuild_project")
            .buildTimeout("5")
            .serviceRole(exampleRole.arn())
            .artifacts(ProjectArtifactsArgs.builder()
                .type("NO_ARTIFACTS")
                .build())
            .cache(ProjectCacheArgs.builder()
                .type("S3")
                .location(exampleBucketV2.bucket())
                .build())
            .environment(ProjectEnvironmentArgs.builder()
                .computeType("BUILD_GENERAL1_SMALL")
                .image("aws/codebuild/standard:1.0")
                .type("LINUX_CONTAINER")
                .imagePullCredentialsType("CODEBUILD")
                .environmentVariables(
                    ProjectEnvironmentEnvironmentVariableArgs.builder()
                        .name("SOME_KEY1")
                        .value("SOME_VALUE1")
                        .build(),
                    ProjectEnvironmentEnvironmentVariableArgs.builder()
                        .name("SOME_KEY2")
                        .value("SOME_VALUE2")
                        .type("PARAMETER_STORE")
                        .build())
                .build())
            .logsConfig(ProjectLogsConfigArgs.builder()
                .cloudwatchLogs(ProjectLogsConfigCloudwatchLogsArgs.builder()
                    .groupName("log-group")
                    .streamName("log-stream")
                    .build())
                .s3Logs(ProjectLogsConfigS3LogsArgs.builder()
                    .status("ENABLED")
                    .location(exampleBucketV2.id().applyValue(id -> String.format("%s/build-log", id)))
                    .build())
                .build())
            .source(ProjectSourceArgs.builder()
                .type("GITHUB")
                .location("https://github.com/mitchellh/packer.git")
                .gitCloneDepth(1)
                .gitSubmodulesConfig(ProjectSourceGitSubmodulesConfigArgs.builder()
                    .fetchSubmodules(true)
                    .build())
                .build())
            .sourceVersion("master")
            .vpcConfig(ProjectVpcConfigArgs.builder()
                .vpcId(aws_vpc.example().id())
                .subnets(
                    aws_subnet.example1().id(),
                    aws_subnet.example2().id())
                .securityGroupIds(
                    aws_security_group.example1().id(),
                    aws_security_group.example2().id())
                .build())
            .tags(Map.of("Environment", "Test"))
            .build());
        var project_with_cache = new Project("project-with-cache", ProjectArgs.builder()
            .description("test_codebuild_project_cache")
            .buildTimeout("5")
            .queuedTimeout("5")
            .serviceRole(exampleRole.arn())
            .artifacts(ProjectArtifactsArgs.builder()
                .type("NO_ARTIFACTS")
                .build())
            .cache(ProjectCacheArgs.builder()
                .type("LOCAL")
                .modes(
                    "LOCAL_DOCKER_LAYER_CACHE",
                    "LOCAL_SOURCE_CACHE")
                .build())
            .environment(ProjectEnvironmentArgs.builder()
                .computeType("BUILD_GENERAL1_SMALL")
                .image("aws/codebuild/standard:1.0")
                .type("LINUX_CONTAINER")
                .imagePullCredentialsType("CODEBUILD")
                .environmentVariables(ProjectEnvironmentEnvironmentVariableArgs.builder()
                    .name("SOME_KEY1")
                    .value("SOME_VALUE1")
                    .build())
                .build())
            .source(ProjectSourceArgs.builder()
                .type("GITHUB")
                .location("https://github.com/mitchellh/packer.git")
                .gitCloneDepth(1)
                .build())
            .tags(Map.of("Environment", "Test"))
            .build());
    }
}
Content copied to clipboard

Import

CodeBuild Project can be imported using the name, e.g.,

$ pulumi import aws:codebuild/project:Project name project-name
Content copied to clipboard

//

Properties

Link copied to clipboard
val arn: Output<String>

ARN of the CodeBuild project.

Link copied to clipboard
val artifacts: Output<ProjectArtifacts>

Configuration block. Detailed below.

Link copied to clipboard
val badgeEnabled: Output<Boolean>?

Generates a publicly-accessible URL for the projects build badge. Available as badge_url attribute when enabled.

Link copied to clipboard
val badgeUrl: Output<String>

URL of the build badge when badge_enabled is enabled.

Link copied to clipboard
val buildBatchConfig: Output<ProjectBuildBatchConfig>?

Defines the batch build options for the project.

Link copied to clipboard
val buildTimeout: Output<Int>?

Number of minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes.

Link copied to clipboard
val cache: Output<ProjectCache>?

Configuration block. Detailed below.

Link copied to clipboard
val concurrentBuildLimit: Output<Int>?

Specify a maximum number of concurrent builds for the project. The value specified must be greater than 0 and less than the account concurrent running builds limit.

Link copied to clipboard
val description: Output<String>

Short description of the project.

Link copied to clipboard
val encryptionKey: Output<String>

AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.

Link copied to clipboard
val environment: Output<ProjectEnvironment>

Configuration block. Detailed below.

Link copied to clipboard
val fileSystemLocations: Output<List<ProjectFileSystemLocation>>?

A set of file system locations to mount inside the build. File system locations are documented below.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val logsConfig: Output<ProjectLogsConfig>?

Configuration block. Detailed below.

Link copied to clipboard
val name: Output<String>

Project's name.

Link copied to clipboard
val projectVisibility: Output<String>?

Specifies the visibility of the project's builds. Possible values are: PUBLIC_READ and PRIVATE. Default value is PRIVATE.

Link copied to clipboard
val publicProjectAlias: Output<String>

The project identifier used with the public build APIs.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val queuedTimeout: Output<Int>?

Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours.

Link copied to clipboard
val resourceAccessRole: Output<String>?

The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.

Link copied to clipboard
val secondaryArtifacts: Output<List<ProjectSecondaryArtifact>>?

Configuration block. Detailed below.

Link copied to clipboard
val secondarySources: Output<List<ProjectSecondarySource>>?

Configuration block. Detailed below.

Link copied to clipboard
val secondarySourceVersions: Output<List<ProjectSecondarySourceVersion>>?

Configuration block. Detailed below.

Link copied to clipboard
val serviceRole: Output<String>

Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.

Link copied to clipboard
val source: Output<ProjectSource>

Configuration block. Detailed below. The following arguments are optional:

Link copied to clipboard
val sourceVersion: Output<String>?

Version of the build input to be built for this project. If not specified, the latest version is used.

Link copied to clipboard
val tags: Output<Map<String, String>>?

Map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Link copied to clipboard
val tagsAll: Output<Map<String, String>>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Link copied to clipboard
val urn: Output<String>
Link copied to clipboard
val vpcConfig: Output<ProjectVpcConfig>?

Configuration block. Detailed below.