AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS CodeBuild Project Environment

Environment is a property of the AWS::CodeBuild::Project resource that specifies the environment for an AWS CodeBuild project.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Certificate" : String, "ComputeType" : String, "EnvironmentVariables" : [ EnvironmentVariable ], "Image" : String, "ImagePullCredentialsType" : String, "PrivilegedMode" : Boolean, "RegistryCredential" : RegistryCredential, "Type" : String }

Properties

Certificate

The certificate to use with the build project.

Required: No

Type: String

ComputeType

The type of compute environment, such as BUILD_GENERAL1_SMALL. The compute type determines the number of CPU cores and memory the build environment uses. For valid values, see the computeType field in the AWS CodeBuild User Guide.

Required: Yes

Type: String

EnvironmentVariables

The environment variables that your builds can use. For more information, see the environmentVariables field in the AWS CodeBuild User Guide.

Required: No

Type: List of EnvironmentVariable

Image

The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

  • For an image tag: registry/repository:tag. For example, to specify an image with the tag "latest," use registry/repository:latest.

  • For an image digest: registry/repository@digest. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use registry/repository@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

For more information, see the image field in the AWS CodeBuild User Guide.

Required: Yes

Type: String

ImagePullCredentialsType

The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:

  • CODEBUILD specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust the AWS CodeBuild service principal.

  • SERVICE_ROLE specifies that AWS CodeBuild uses your build project's service role.

When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.

The Docker image identifier that the build environment uses. For more information, see the imagePullCredentialsType field in the AWS CodeBuild User Guide.

Required: Yes

Type: String

PrivilegedMode

Indicates how the project builds Docker images. Specify true to enable running the Docker daemon inside a Docker container.

This value must be set to true only if this build project will be used to build Docker images, and the specified build environment image is not one provided by AWS CodeBuild with Docker support. Otherwise, all associated builds that attempt to interact with the Docker daemon will fail. For more information, see the privilegedMode field in the AWS CodeBuild User Guide.

Required: No

Type: Boolean

RegistryCredential

RegistryCredential is a property of the AWS::CodeBuild::Project resource that specifies information about credentials that provide access to a private Docker registry. When this is set:

  • imagePullCredentialsType must be set to SERVICE_ROLE.

  • images cannot be curated or an Amazon ECR image.

For more information, see the RegistryCredential field in the AWS CodeBuild User Guide.

Required: No

Type: RegistryCredential

Type

The type of build environment. For valid values, see the environment-type field in the AWS CodeBuild User Guide.

Required: Yes

Type: String

On this page: