Use AWS CodePipeline with AWS CodeBuild to test code and run builds - AWS CodeBuild

Use AWS CodePipeline with AWS CodeBuild to test code and run builds

You can automate your release process by using AWS CodePipeline to test your code and run your builds with AWS CodeBuild.

The following table lists tasks and the methods available for performing them. Using the AWS SDKs to accomplish these tasks is outside the scope of this topic.

Task Available approaches Approaches described in this topic
Create a continuous delivery (CD) pipeline with CodePipeline that automates builds with CodeBuild
  • CodePipeline console

  • AWS CLI

  • AWS SDKs

  • Use the CodePipeline console

  • Use the AWS CLI

  • You can adapt the information in this topic to use the AWS SDKs. For more information, see the create pipeline action documentation for your programming language in the SDKs section of Tools for Amazon Web Services or see CreatePipeline in the AWS CodePipeline API Reference.

Add test and build automation with CodeBuild to an existing pipeline in CodePipeline
  • CodePipeline console

  • AWS CLI

  • AWS SDKs

Prerequisites

  1. Answer the questions in Plan a build.

  2. If you are using an IAM user to access CodePipeline instead of an AWS root account or an administrator IAM user, attach the managed policy named AWSCodePipelineFullAccess to the user (or to the IAM group to which the user belongs). Using an AWS root account is not recommended. This policy grants the user permission to create the pipeline in CodePipeline. For more information, see Attaching managed policies in the IAM User Guide.

    Note

    The IAM entity that attaches the policy to the user (or to the IAM group to which the user belongs) must have permission in IAM to attach policies. For more information, see Delegating permissions to administer IAM users, groups, and credentials in the IAM User Guide.

  3. Create a CodePipeline service role, if you do not already have one available in your AWS account. CodePipeline uses this service role to interact with other AWS services, including AWS CodeBuild, on your behalf. For example, to use the AWS CLI to create a CodePipeline service role, run the IAM create-role command:

    For Linux, macOS, or Unix:

    aws iam create-role --role-name AWS-CodePipeline-CodeBuild-Service-Role --assume-role-policy-document '{"Version":"2012-10-17","Statement":{"Effect":"Allow","Principal":{"Service":"codepipeline.amazonaws.com"},"Action":"sts:AssumeRole"}}'

    For Windows:

    aws iam create-role --role-name AWS-CodePipeline-CodeBuild-Service-Role --assume-role-policy-document "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"codepipeline.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}}"
    Note

    The IAM entity that creates this CodePipeline service role must have permission in IAM to create service roles.

  4. After you create a CodePipeline service role or identify an existing one, you must add the default CodePipeline service role policy to the service role as described in Review the default CodePipeline service role policy in the AWS CodePipeline User Guide, if it isn't already a part of the policy for the role.

    Note

    The IAM entity that adds this CodePipeline service role policy must have permission in IAM to add service role policies to service roles.

  5. Create and upload the source code to a repository type supported by CodeBuild and CodePipeline, such as CodeCommit, Amazon S3, or GitHub. (CodePipeline does not currently support Bitbucket.) The source code should contain a buildspec file, but you can declare one when you define a build project later in this topic. For more information, see the Buildspec reference.

    Important

    If you plan to use the pipeline to deploy built source code, the build output artifact must be compatible with the deployment system you use.