AWS CloudFormation
User Guide (Version )

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

AWS::CodeBuild::SourceCredential

Information about the credentials for a GitHub, GitHub Enterprise, or Bitbucket repository. We strongly recommend that you use AWS Secrets Manager to store your credentials or the NoEcho parameter to mask your credentials. If you use Secrets Manager, you must have secrets in your secrets manager. For more information, see Using Dynamic References to Specify Template Values.

Important

For security purposes, do not use plain text in your CloudFormation template to store your credentials.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::CodeBuild::SourceCredential", "Properties" : { "AuthType" : String, "ServerType" : String, "Token" : String, "Username" : String } }

YAML

Type: AWS::CodeBuild::SourceCredential Properties: AuthType: String ServerType: String Token: String Username: String

Properties

AuthType

The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, or PERSONAL_ACCESS_TOKEN.

Required: Yes

Type: String

Allowed Values: BASIC_AUTH | OAUTH | PERSONAL_ACCESS_TOKEN

Update requires: No interruption

ServerType

The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

Required: Yes

Type: String

Allowed Values: BITBUCKET | GITHUB | GITHUB_ENTERPRISE

Update requires: Replacement

Token

For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is the app password.

Required: Yes

Type: String

Minimum: 1

Update requires: No interruption

Username

The Bitbucket username when the authType is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.

Required: No

Type: String

Minimum: 1

Update requires: No interruption

Examples

Create Bitbucket source credentials using AWS Secrets Manager

YAML

CodeBuildSourceCredential: Type: 'AWS::CodeBuild::SourceCredential' Properties: Token: '{{resolve:secretsmanager:bitbucket:SecretString:token}}' ServerType: BITBUCKET Username: '{{resolve:secretsmanager:bitbucket:SecretString:username}}' AuthType: BASIC_AUTH

JSON

{ "CodeBuildSourceCredential": { "Type": "AWS::CodeBuild::SourceCredential", "Properties": { "Token": "{{resolve:secretsmanager:bitbucket:SecretString:token}}", "ServerType": "BITBUCKET", "Username": "{{resolve:secretsmanager:bitbucket:SecretString:username}}", "AuthType": "BASIC_AUTH" } } }

Create GitHub Enterprise source credentials using AWS Secrets Manager

YAML

Resources: CodeBuildSourceCredential: Type: 'AWS::CodeBuild::SourceCredential' Properties: Token: '{{resolve:secretsmanager:github_enterprise:SecretString:token}}' ServerType: GITHUB_ENTERPRISE AuthType: PERSONAL_ACCESS_TOKEN

JSON

{ "Resources": { "CodeBuildSourceCredential": { "Type": "AWS::CodeBuild::SourceCredential", "Properties": { "Token": "{{resolve:secretsmanager:github_enterprise:SecretString:token}}", "ServerType": "GITHUB_ENTERPRISE", "AuthType": "PERSONAL_ACCESS_TOKEN" } } } }

Create GitHub source credentials using AWS Secrets Manager

YAML

Resources: CodeBuildSourceCredential: Type: 'AWS::CodeBuild::SourceCredential' Properties: Token: '{{resolve:secretsmanager:github:SecretString:token}}' ServerType: GITHUB AuthType: PERSONAL_ACCESS_TOKEN

JSON

{ "Resources": { "CodeBuildSourceCredential": { "Type": "AWS::CodeBuild::SourceCredential", "Properties": { "Token": "{{resolve:secretsmanager:github:SecretString:token}}", "ServerType": "GITHUB", "AuthType": "PERSONAL_ACCESS_TOKEN" } } } }

Create Bitbucket source credentials using NoEcho

YAML

Parameters: BitbucketToken: Type: String NoEcho: true BitbucketUsername: Type: String NoEcho: true Resources: CodeBuildSourceCredential: Type: AWS::CodeBuild::SourceCredential Properties: Token: !Ref BitbucketToken Username: !Ref BitbucketUsername ServerType: BITBUCKET AuthType: BASIC_AUTH

JSON

{ "Parameters": { "BitbucketToken": { "Type": "String", "NoEcho": true }, "BitbucketUsername": { "Type": "String", "NoEcho": true } }, "Resources": { "CodeBuildSourceCredential": { "Type": "AWS::CodeBuild::SourceCredential", "Properties": { "Token": { "Ref" : "BitbucketToken" }, "Username": { "Ref" : "BitbucketUsername" }, "ServerType": "BITBUCKET", "AuthType": "BASIC_AUTH" } } } }

Create GitHub Enterprise source credentials using NoEcho

YAML

Parameters: GitHubEnterpriseToken: Type: String NoEcho: true Resources: CodeBuildSourceCredential: Type: 'AWS::CodeBuild::SourceCredential' Properties: Token: !Ref GitHubEnterpriseToken ServerType: GITHUB_ENTERPRISE AuthType: PERSONAL_ACCESS_TOKEN

JSON

{ "Parameters": { "GitHubEnterpriseToken": { "Type": "String", "NoEcho": true } }, "Resources": { "CodeBuildSourceCredential": { "Type": "AWS::CodeBuild::SourceCredential", "Properties": { "Token": { "Ref" : "GitHubEnterpriseToken" }, "ServerType": "GITHUB_ENTERPRISE", "AuthType": "PERSONAL_ACCESS_TOKEN" } } } }

Create GitHub source credentials using NoEcho

YAML

Parameters: GitHubToken: Type: String NoEcho: true Resources: CodeBuildSourceCredential: Type: 'AWS::CodeBuild::SourceCredential' Properties: Token: !Ref GitHubToken ServerType: GITHUB AuthType: PERSONAL_ACCESS_TOKEN

JSON

{ "Parameters": { "GitHubToken": { "Type": "String", "NoEcho": true } }, "Resources": { "CodeBuildSourceCredential": { "Type": "AWS::CodeBuild::SourceCredential", "Properties": { "Token": { "Ref" : "GitHubToken" }, "ServerType": "GITHUB", "AuthType": "PERSONAL_ACCESS_TOKEN" } } } }

On this page: