Create a build project (AWS CLI)
For more information about using the AWS CLI with CodeBuild, see the Command line reference.
To create a CodeBuild build project using the AWS CLI, you create a JSON-formatted Project structure, fill in the structure, and call the create-project
command to create the project.
Create the JSON file
Create a skeleton JSON file with the create-project
command, using the
--generate-cli-skeleton
option:
aws codebuild create-project --generate-cli-skeleton >
<json-file>
This creates a JSON file with the path and file name specified by
<json-file>
.
Fill in the JSON file
Modify the JSON data as follows and save your results.
{ "name": "
<project-name>
", "description": "<description>
", "source": { "type": "CODECOMMIT" | "CODEPIPELINE" | "GITHUB" | "GITHUB_ENTERPRISE" | "BITBUCKET" | "S3" | "NO_SOURCE", "location": "<source-location>
", "gitCloneDepth": "<git-clone-depth>
", "buildspec": "<buildspec>
", "InsecureSsl": "<insecure-ssl>
", "reportBuildStatus": "<report-build-status>
", "buildStatusConfig": { "context": "<context>
", "targetUrl": "<target-url>
" }, "gitSubmodulesConfig": { "fetchSubmodules": "<fetch-submodules>
" }, "auth": { "type": "<auth-type>
", "resource": "<auth-resource>
" }, "sourceIdentifier": "<source-identifier>
" }, "secondarySources": [ { "type": "CODECOMMIT" | "CODEPIPELINE" | "GITHUB" | "GITHUB_ENTERPRISE" | "BITBUCKET" | "S3" | "NO_SOURCE", "location": "<source-location>
", "gitCloneDepth": "<git-clone-depth>
", "buildspec": "<buildspec>
", "InsecureSsl": "<insecure-ssl>
", "reportBuildStatus": "<report-build-status>
", "auth": { "type": "<auth-type>
", "resource": "<auth-resource>
" }, "sourceIdentifier": "<source-identifier>
" } ], "secondarySourceVersions": [ { "sourceIdentifier": "<secondary-source-identifier>
", "sourceVersion": "<secondary-source-version>
" } ], "sourceVersion": "<source-version>"
, "artifacts": { "type": "CODEPIPELINE" | "S3" | "NO_ARTIFACTS", "location": "<artifacts-location>
", "path": "<artifacts-path>
", "namespaceType": "<artifacts-namespacetype>
", "name": "<artifacts-name>
", "overrideArtifactName": "<override-artifact-name>
", "packaging": "<artifacts-packaging>
" }, "secondaryArtifacts": [ { "type": "CODEPIPELINE" | "S3" | "NO_ARTIFACTS", "location": "<secondary-artifact-location>
", "path": "<secondary-artifact-path>
", "namespaceType": "<secondary-artifact-namespaceType>
", "name": "<secondary-artifact-name>
", "packaging": "<secondary-artifact-packaging>
", "artifactIdentifier": "<secondary-artifact-identifier>
" } ], "cache": { "type": "<cache-type>
", "location": "<cache-location>
", "mode": [ "<cache-mode>
" ] }, "environment": { "type": "LINUX_CONTAINER" | "LINUX_GPU_CONTAINER" | "ARM_CONTAINER" | "WINDOWS_SERVER_2019_CONTAINER", "image": "<image>
", "computeType": "BUILD_GENERAL1_SMALL" | "BUILD_GENERAL1_MEDIUM" | "BUILD_GENERAL1_LARGE" | "BUILD_GENERAL1_2XLARGE", "certificate": "<certificate>
", "environmentVariables": [ { "name": "<environmentVariable-name>
", "value": "<environmentVariable-value>
", "type": "<environmentVariable-type>
" } ], "registryCredential": [ { "credential": "<credential-arn-or-name>
", "credentialProvider": "<credential-provider>
" } ], "imagePullCredentialsType": "CODEBUILD" | "SERVICE_ROLE", "privilegedMode": "<privileged-mode>
" }, "serviceRole": "<service-role>
", "timeoutInMinutes":<timeout>
, "queuedTimeoutInMinutes":<queued-timeout>
, "encryptionKey": "<encryption-key>
", "tags": [ { "key": "<tag-key>
", "value": "<tag-value>
" } ], "vpcConfig": { "securityGroupIds": [ "<security-group-id>
" ], "subnets": [ "<subnet-id>
" ], "vpcId": "<vpc-id>
" }, "badgeEnabled": "<badge-enabled>
", "logsConfig": { "cloudWatchLogs": { "status": "<cloudwatch-logs-status>
", "groupName": "<group-name>
", "streamName": "<stream-name>
" }, "s3Logs": { "status": "<s3-logs-status>
", "location": "<s3-logs-location>
", "encryptionDisabled": "<s3-logs-encryption-disabled>
" } }, "fileSystemLocations": [ { "type": "EFS", "location": "<EFS-DNS-name-1>
:/<directory-path>
", "mountPoint": "<mount-point>
", "identifier": "<efs-identifier>
", "mountOptions": "<efs-mount-options>
" } ], "buildBatchConfig": { "serviceRole": "<batch-service-role>
", "combineArtifacts":<combine-artifacts>
, "restrictions": { "maximumBuildsAllowed":<max-builds>
, "computeTypesAllowed": [ "<compute-type>
" ] }, "timeoutInMins":<batch-timeout>
, "batchReportMode": "REPORT_AGGREGATED_BATCH" | "REPORT_INDIVIDUAL_BUILDS" }, "concurrentBuildLimit":<concurrent-build-limit>
}
Replace the following:
name
Required. The name for this build project. This name must be unique across all of the build projects in your AWS account.
description
Optional. The description for this build project.
source
Required. A ProjectSource
object that contains information about this build project's source code settings.
After you add a source
object, you can add up to 12 more sources using
the secondarySources. These
settings include the following:
- source/type
-
Required. The type of repository that contains the source code to build. Valid values include:
-
CODECOMMIT
-
CODEPIPELINE
-
GITHUB
-
GITHUB_ENTERPRISE
-
BITBUCKET
-
S3
-
NO_SOURCE
If you use
NO_SOURCE
, the buildspec cannot be a file because the project does not have a source. Instead, you must use thebuildspec
attribute to specify a YAML-formatted string for your buildspec. For more information, see Project without a source sample. -
- source/location
-
Required unless you set
<source-type>
toCODEPIPELINE
. The location of the source code for the specified repository type.-
For CodeCommit, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.
).<region-id>
.amazonaws.com/v1/repos/<repo-name>
-
For Amazon S3, the build input bucket name, followed by the path and name of the ZIP file that contains the source code and the buildspec. For example:
-
For a ZIP file located at the root of the input bucket:
.<bucket-name>
/<object-name>
.zip -
For a ZIP file located in a subfolder in the input bucket:
.<bucket-name>
/<subfoler-path>
/<object-name>
.zip
-
-
For GitHub, the HTTPS clone URL to the repository that contains the source code and the buildspec file. The URL must contain github.com. You must connect your AWS account to your GitHub account. To do this, use the CodeBuild console to create a build project.
-
On the GitHub Authorize application page, in the Organization access section, choose Request access next to each repository you want CodeBuild to be able to access in the .
-
Choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can close the CodeBuild console.)
-
-
For GitHub Enterprise Server, the HTTP or HTTPS clone URL to the repository that contains the source code and the buildspec file. You must also connect your AWS account to your GitHub Enterprise Server account. To do this, use the CodeBuild console to create a build project.
-
Create a personal access token in GitHub Enterprise Server.
-
Copy this token to your clipboard so you can use it when you create your CodeBuild project. For more information, see Creating a personal access token for the command line
on the GitHub Help website. -
When you use the console to create your CodeBuild project, in Source, for Source provider, choose GitHub Enterprise.
-
For Personal Access Token, paste the token that was copied to your clipboard. Choose Save Token. Your CodeBuild account is now connected to your GitHub Enterprise Server account.
-
-
For Bitbucket, the HTTPS clone URL to the repository that contains the source code and the buildspec file. The URL must contain bitbucket.org. You must also connect your AWS account to your Bitbucket account. To do this, use the CodeBuild console to create a build project.
-
When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can close the CodeBuild console.)
-
-
For AWS CodePipeline, do not specify a
location
value forsource
. CodePipeline ignores this value because when you create a pipeline in CodePipeline, you specify the source code location in the Source stage of the pipeline.
-
- source/gitCloneDepth
-
Optional. The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.
- source/buildspec
-
Optional. The build specification definition or file to use. If this value is not provided or is set to an empty string, the source code must contain a
buildspec.yml
file in its root directory. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the root directory of your primary source, or the path to an S3 bucket. The bucket must be in the same AWS Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::
). For more information, see Buildspec file name and storage location.<my-codebuild-sample2>
/buildspec.yml - source/auth
-
Do not use. This object is used by the CodeBuild console only.
- source/reportBuildStatus
-
Specifies whether to send your source provider the status of a build's start and completion. If you set this with a source provider other than GitHub, GitHub Enterprise Server, or Bitbucket, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access.
- source/buildStatusConfig
-
Contains information that defines how the CodeBuild build project reports the build status to the source provider. This option is only used when the source type is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.- source/buildStatusConfig/context
-
For Bitbucket sources, this parameter is used for the
name
parameter in the Bitbucket commit status. For GitHub sources, this parameter is used for thecontext
parameter in the GitHub commit status.For example, you can have the
context
contain the build number and the webhook trigger using the CodeBuild environment variables:AWS CodeBuild sample-project Build #$CODEBUILD_BUILD_NUMBER - $CODEBUILD_WEBHOOK_TRIGGER
This results in the context appearing like this for build #24 triggered by a webhook pull request event:
AWS CodeBuild sample-project Build #24 - pr/8
- source/buildStatusConfig/targetUrl
-
For Bitbucket sources, this parameter is used for the
url
parameter in the Bitbucket commit status. For GitHub sources, this parameter is used for thetarget_url
parameter in the GitHub commit status.For example, you can set the
targetUrl
tohttps://aws.amazon.com/codebuild/
and the commit status will link to this URL.<path to build>
You can also include CodeBuild environment variables in the
targetUrl
to add additional information to the URL. For example, to add the build region to the URL, set thetargetUrl
to:"targetUrl": "https://aws.amazon.com/codebuild/
<path to build>
?region=$AWS_REGION"If the build region is
us-east-2
, this will expand to:https://aws.amazon.com/codebuild/
<path to build>
?region=us-east-2
- source/gitSubmodulesConfig
-
Optional. Information about the Git submodules configuration. Used with CodeCommit, GitHub, GitHub Enterprise Server, and Bitbucket only.
- source/gitSubmodulesConfig/fetchSubmodules
-
Set
fetchSubmodules
totrue
if you want to include the Git submodules in your repository. Git submodules that are included must be configured as HTTPS.
- source/InsecureSsl
-
Optional. Used with GitHub Enterprise Server only. Set this value to
true
to ignore TLS warnings while connecting to your GitHub Enterprise Server project repository. The default value isfalse
.InsecureSsl
should be used for testing purposes only. It should not be used in a production environment. - source/sourceIdentifier
-
A user-defined identifier for the project source. Optional for the primary source. Required for secondary sources.
secondarySources
Optional. An array of ProjectSource
objects that contain information about the secondary sources for a build project.
You can add up to 12 secondary sources. The secondarySources
objects
use the same properties used by the source object. In a secondary source object, the
sourceIdentifier
is required.
secondarySourceVersions
Optional. An array of ProjectSourceVersion objects. If secondarySourceVersions
is specified at the build level, then they take precedence over this.
sourceVersion
Optional. The version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
-
For CodeCommit, the commit ID, branch, or Git tag to use.
-
For GitHub, the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for examplepr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket, the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3, the version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the build level, then that version
takes precedence over this sourceVersion
(at the project level). For
more information, see Source version sample with AWS CodeBuild.
artifacts
Required. A ProjectArtifacts object that contains information about this build
project's output artifact settings. After you add an artifacts
object,
you can add up to 12 more artifacts using the secondaryArtifacts. These settings include the following:
- artifacts/type
-
Required. The type of build output artifact. Valid values are:
-
CODEPIPELINE
-
NO_ARTIFACTS
-
S3
-
- artifacts/location
-
Only used with the
S3
artifact type. Not used for other artifact types.The name of the output bucket you created or identified in the prerequisites.
- artifacts/path
-
Only used with the
S3
artifact type. Not used for other artifact types.The path in of the output bucket to place ZIP file or folder. If you do not specify a value for
path
, CodeBuild usesnamespaceType
(if specified) andname
to determine the path and name of the build output ZIP file or folder. For example, if you specifyMyPath
forpath
andMyArtifact.zip
forname
, the path and name would beMyPath/MyArtifact.zip
. - artifacts/namespaceType
-
Only used with the
S3
artifact type. Not used for other artifact types.The namespace of the build output ZIP file or folder. Valid values include
BUILD_ID
andNONE
. UseBUILD_ID
to insert the build ID into the path of the build output ZIP file or folder. Otherwise, useNONE
. If you do not specify a value fornamespaceType
, CodeBuild usespath
(if specified) andname
to determine the path and name of the build output ZIP file or folder. For example, if you specifyMyPath
forpath
,BUILD_ID
fornamespaceType
, andMyArtifact.zip
forname
, the path and name would beMyPath/
.build-ID
/MyArtifact.zip - artifacts/name
-
Only used with the
S3
artifact type. Not used for other artifact types.The name of the build output ZIP file or folder inside of
location
. For example, if you specifyMyPath
forpath
andMyArtifact.zip
forname
, the path and name would beMyPath/MyArtifact.zip
. - artifacts/overrideArtifactName
-
Only used with the S3 artifact type. Not used for other artifact types.
Optional. If set to
true
, the name specified in theartifacts
block of the buildspec file overridesname
. For more information, see Build specification reference for CodeBuild. - artifacts/packaging
-
Only used with the
S3
artifact type. Not used for other artifact types.Optional. Specifies how to package the artifacts. Allowed values are:
- NONE
-
Create a folder that contains the build artifacts. This is the default value.
- ZIP
-
Create a ZIP file that contains the build artifacts.
secondaryArtifacts
Optional. An array of ProjectArtifacts objects that contain information about the secondary
artifacts settings for a build project. You can add up to 12 secondary artifacts.
The secondaryArtifacts
uses many of the same settings used by the artifacts object.
cache
Required. A ProjectCache object that contains information about this build project's cache settings. For more information, see Build caching.
environment
Required. A ProjectEnvironment object that contains information about this project's build environment settings. These settings include:
- environment/type
-
Required. The type of build environment. For more information, see type in the CodeBuild API Reference.
- environment/image
-
Required. The Docker image identifier used by this build environment. Typically, this identifier is expressed as
image-name
:tag
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this could beaws/codebuild/standard:5.0
. In Docker Hub,maven:3.3.9-jdk-8
. In Amazon ECR,
. For more information, see Docker images provided by CodeBuild.account-id
.dkr.ecr.region-id
.amazonaws.com/your-Amazon-ECR-repo-name
:tag
- environment/computeType
-
Required. Specifies the compute resources used by this build environment. For more information, see computeType in the CodeBuild API Reference.
- environment/certificate
-
Optional. The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate. The object key can be either just the .pem file or a .zip file containing the PEM-encoded certificate. For example, if your Amazon S3 bucket name is
, your path prefix is<my-bucket>
, and your object key name is<cert>
, then acceptable formats for<certificate.pem>
certificate
are
or<my-bucket/cert/certificate.pem>
arn:aws:s3:::
.<my-bucket/cert/certificate.pem>
- environment/environmentVariables
-
Optional. An array of EnvironmentVariable objects that contains the environment variables you want to specify for this build environment. Each environment variable is expressed as an object that contains a
name
,value
, andtype
ofname
,value
, andtype
.Console and AWS CLI users can see all environment variables. If you have no concerns about the visibility of your environment variable, set
name
andvalue
, and settype
toPLAINTEXT
.We recommend you store environment variables with sensitive values, such as an AWS access key ID, an AWS secret access key, or a password, as a parameter in Amazon EC2 Systems Manager Parameter Store or AWS Secrets Manager. For
name
, for that stored parameter, set an identifier for CodeBuild to reference.If you use Amazon EC2 Systems Manager Parameter Store, for
value
, set the parameter's name as stored in the Parameter Store. Settype
toPARAMETER_STORE
. Using a parameter named/CodeBuild/dockerLoginPassword
as an example, setname
toLOGIN_PASSWORD
. Setvalue
to/CodeBuild/dockerLoginPassword
. Settype
toPARAMETER_STORE
.Important
If you use Amazon EC2 Systems Manager Parameter Store, we recommend that you store parameters with parameter names that start with
/CodeBuild/
(for example,/CodeBuild/dockerLoginPassword
). You can use the CodeBuild console to create a parameter in Amazon EC2 Systems Manager. Choose Create parameter, and then follow the instructions in the dialog box. (In that dialog box, for KMS key, you can specify the ARN of an AWS KMS key in your account. Amazon EC2 Systems Manager uses this key to encrypt the parameter's value during storage and decrypt it during retrieval.) If you use the CodeBuild console to create a parameter, the console starts the parameter name with/CodeBuild/
as it is being stored. For more information, see Systems Manager Parameter Store and Systems Manager Parameter Store Console Walkthrough in the Amazon EC2 Systems Manager User Guide.If your build project refers to parameters stored in Amazon EC2 Systems Manager Parameter Store, the build project's service role must allow the
ssm:GetParameters
action. If you chose New service role earlier, CodeBuild includes this action in the default service role for your build project. However, if you chose Existing service role, you must include this action to your service role separately.If your build project refers to parameters stored in Amazon EC2 Systems Manager Parameter Store with parameter names that do not start with
/CodeBuild/
, and you chose New service role, you must update that service role to allow access to parameter names that do not start with/CodeBuild/
. This is because that service role allows access only to parameter names that start with/CodeBuild/
.If you choose New service role, the service role includes permission to decrypt all parameters under the
/CodeBuild/
namespace in the Amazon EC2 Systems Manager Parameter Store.Environment variables you set replace existing environment variables. For example, if the Docker image already contains an environment variable named
MY_VAR
with a value ofmy_value
, and you set an environment variable namedMY_VAR
with a value ofother_value
, thenmy_value
is replaced byother_value
. Similarly, if the Docker image already contains an environment variable namedPATH
with a value of/usr/local/sbin:/usr/local/bin
, and you set an environment variable namedPATH
with a value of$PATH:/usr/share/ant/bin
, then/usr/local/sbin:/usr/local/bin
is replaced by the literal value$PATH:/usr/share/ant/bin
.Do not set any environment variable with a name that begins with
CODEBUILD_
. This prefix is reserved for internal use.If an environment variable with the same name is defined in multiple places, the value is determined as follows:
-
The value in the start build operation call takes highest precedence.
-
The value in the build project definition takes next precedence.
-
The value in the buildspec declaration takes lowest precedence.
If you use Secrets Manager, for
value
, set the parameter's name as stored in Secrets Manager. Settype
toSECRETS_MANAGER
. Using a secret named/CodeBuild/dockerLoginPassword
as an example, setname
toLOGIN_PASSWORD
. Setvalue
to/CodeBuild/dockerLoginPassword
. Settype
toSECRETS_MANAGER
.Important
If you use Secrets Manager, we recommend that you store secrets with names that start with
/CodeBuild/
(for example,/CodeBuild/dockerLoginPassword
). For more information, see What Is AWS Secrets Manager? in the AWS Secrets Manager User Guide.If your build project refers to secrets stored in Secrets Manager, the build project's service role must allow the
secretsmanager:GetSecretValue
action. If you chose New service role earlier, CodeBuild includes this action in the default service role for your build project. However, if you chose Existing service role, you must include this action to your service role separately.If your build project refers to secrets stored in Secrets Manager with secret names that do not start with
/CodeBuild/
, and you chose New service role, you must update the service role to allow access to secret names that do not start with/CodeBuild/
. This is because the service role allows access only to secret names that start with/CodeBuild/
.If you choose New service role, the service role includes permission to decrypt all secrets under the
/CodeBuild/
namespace in the Secrets Manager. -
- environment/registryCredential
-
Optional. A RegistryCredential object that specifies the credentials that provide access to a private Docker registry.
- environment/registryCredential/credential
-
Specifies the ARN or name of credentials created using AWS Managed Services. You can use the name of the credentials only if they exist in your current Region.
- environment/registryCredential/credentialProvider
-
The only valid value is
SECRETS_MANAGER
.
When this is set:
-
imagePullCredentials
must be set toSERVICE_ROLE
. -
The image cannot be a curated image or an Amazon ECR image.
- environment/imagePullCredentialsType
-
Optional. The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
- CODEBUILD
-
CODEBUILD
specifies that CodeBuild uses its own credentials. You must edit your Amazon ECR repository policy to trust the CodeBuild service principal. - SERVICE_ROLE
-
Specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use
SERVICE_ROLE
credentials. When you use a CodeBuild curated image, you must useCODEBUILD
credentials. - environment/privilegedMode
-
Set to
true
only if you plan to use this build project to build Docker images. Otherwise, all associated builds that attempt to interact with the Docker daemon fail. You must also start the Docker daemon so that your builds can interact with it. One way to do this is to initialize the Docker daemon in theinstall
phase of your buildspec file by running the following build commands. Do not run these commands if you specified a build environment image provided by CodeBuild with Docker support.Note
By default, Docker containers do not allow access to any devices. Privileged mode grants a build project's Docker container access to all devices. For more information, see Runtime Privilege and Linux Capabilities
on the Docker Docs website. Also, Windows does not support privileged mode. - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 --storage-driver=overlay2 & - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
serviceRole
Required. The ARN of the service role CodeBuild uses to interact with services on
behalf of the user (for example,
arn:aws:iam::
).account-id
:role/role-name
timeoutInMinutes
Optional. The number of minutes, between 5 to 480 (8 hours), after which CodeBuild
stops the build if it is not complete. If not specified, the default of 60 is used.
To determine if and when CodeBuild stopped a build due to a timeout, run the
batch-get-builds
command. To determine if the build has
stopped, look in the output for a buildStatus
value of
FAILED
. To determine when the build timed out, look in the output
for the endTime
value associated with a phaseStatus
value
of TIMED_OUT
.
queuedTimeoutInMinutes
Optional. The number of minutes, between 5 to 480 (8 hours), after which CodeBuild stops the build if it is is still queued. If not specified, the default of 60 is used.
encryptionKey
Optional. The alias or ARN of the AWS KMS key used by CodeBuild to encrypt the
build output. If you specify an alias, use the format
arn:aws:kms:
or, if an alias exists, use the format
region-ID
:account-ID
:key/key-ID
alias/
. If not specified,
the AWS-managed KMS key for Amazon S3 is used.key-alias
tags
Optional. An array of Tag objects that
provide the tags you want to associate with this build project. You can specify up
to 50 tags. These tags can be used by any AWS service that supports CodeBuild build
project tags. Each tag is expressed as an object with a key
and a
value
.
vpcConfig
Optional. A VpcConfig object that contains information information about the VPC configuration for your project. For more information, see Use AWS CodeBuild with Amazon Virtual Private Cloud.
These properties include:
- vpcId
-
Required. The VPC ID that CodeBuild uses. Run this command to get a list of all VPC IDs in your Region:
aws ec2 describe-vpcs --region
<region-ID>
- subnets
-
Required. An array of subnet IDs that include resources used by CodeBuild. Run this command to get these IDs:
aws ec2 describe-subnets --filters "Name=vpc-id,Values=<vpc-id>" --region
<region-ID>
- securityGroupIds
-
Required. An array of security group IDs used by CodeBuild to allow access to resources in the VPC. Run this command to get these IDs:
aws ec2 describe-security-groups --filters "Name=vpc-id,Values=
<vpc-id>
" --<region-ID>
badgeEnabled
Optional. Specifies whether to include build badges with your CodeBuild project. Set
to true
to enable build badges, or false
otherwise. For
more information, see Build badges sample with CodeBuild.
logsConfig
A LogsConfig object that contains information about where this build's logs are located.
- logsConfig/cloudWatchLogs
-
A CloudWatchLogsConfig object that contains information about pushing logs to CloudWatch Logs.
- logsConfig/s3Logs
-
An S3LogsConfig object that contains information about pushing logs to Amazon S3.
fileSystemLocations
Optional. An array of ProjectFileSystemsLocation objects that contains informationabout your Amazon EFS configuration.
buildBatchConfig
Optional. The buildBatchConfig
object is a ProjectBuildBatchConfig structure that contains the batch build
configuration information for the project.
- buildBatchConfig/serviceRole
-
The service role ARN for the batch build project.
- buildBatchConfig/combineArtifacts
-
A Boolean value that specifies whether to combine the build artifacts for the batch build into a single artifact location.
- buildBatchConfig/restrictions/maximumBuildsAllowed
-
The maximum number of builds allowed.
- buildBatchConfig/restrictions/computeTypesAllowed
-
An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types for these values.
- buildBatchConfig/timeoutInMinutes
-
The maximum amount of time, in minutes, that the batch build must be completed in.
- buildBatchConfig/batchReportMode
-
Specifies how build status reports are sent to the source provider for the batch build. Valid values include:
REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
concurrentBuildLimit
The maximum number of concurrent builds that are allowed for this project.
New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.
Create the project
To create the project, run the create-project
command again, passing your
JSON file:
aws codebuild create-project --cli-input-json file://
<json-file>
If successful, the JSON representation of a Project object appears in the console output. See the CreateProject Response Syntax for an example of this data.
Except for the build project name, you can change any of the build project's settings later. For more information, see Change a build project's settings (AWS CLI).
To start running a build, see Run a build (AWS CLI).
If your source code is stored in a GitHub repository, and you want CodeBuild to rebuild the source code every time a code change is pushed to the repository, see Start running builds automatically (AWS CLI).