AWS CodeBuild
User Guide (API Version 2016-10-06)

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Key Management

You can protect your content from unauthorized use through encryption. Store your encryption keys in AWS Secrets Manager, and then give CodeBuild permission to obtain the encryption keys from your Secrets Manager account. For more information, see Create and Configure an AWS KMS CMK for CodeBuild, Create a Build Project in CodeBuild, Run a Build in CodeBuild, and Tutorial: Storing and Retrieving a Secret.

Use the CODEBUILD_KMS_KEY environment variable in a build command for your AWS KMS key. For more information, see Environment Variables in Build Environments.

You can use Secrets Manager to protect credentials to a private registry that stores a Docker image used for your runtime environment. For more information, see Private Registry with AWS Secrets Manager Sample for CodeBuild.