AWS CodeBuild

2024/10/25 - AWS CodeBuild - 7 updated api methods

Changes  AWS CodeBuild now supports automatically retrying failed builds

BatchGetBuilds (updated) Link ¶
Changes (response)
{'builds': {'autoRetryConfig': {'autoRetryLimit': 'integer',
                                'autoRetryNumber': 'integer',
                                'nextAutoRetry': 'string',
                                'previousAutoRetry': 'string'}}}

Gets information about one or more builds.

See also: AWS API Documentation

Request Syntax

client.batch_get_builds(
    ids=[
        'string',
    ]
)
type ids:

list

param ids:

[REQUIRED]

The IDs of the builds.

  • (string) --

rtype:

dict

returns:

Response Syntax

{
    'builds': [
        {
            'id': 'string',
            'arn': 'string',
            'buildNumber': 123,
            'startTime': datetime(2015, 1, 1),
            'endTime': datetime(2015, 1, 1),
            'currentPhase': 'string',
            'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED',
            'sourceVersion': 'string',
            'resolvedSourceVersion': 'string',
            'projectName': 'string',
            'phases': [
                {
                    'phaseType': 'SUBMITTED'|'QUEUED'|'PROVISIONING'|'DOWNLOAD_SOURCE'|'INSTALL'|'PRE_BUILD'|'BUILD'|'POST_BUILD'|'UPLOAD_ARTIFACTS'|'FINALIZING'|'COMPLETED',
                    'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED',
                    'startTime': datetime(2015, 1, 1),
                    'endTime': datetime(2015, 1, 1),
                    'durationInSeconds': 123,
                    'contexts': [
                        {
                            'statusCode': 'string',
                            'message': 'string'
                        },
                    ]
                },
            ],
            'source': {
                'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                'location': 'string',
                'gitCloneDepth': 123,
                'gitSubmodulesConfig': {
                    'fetchSubmodules': True|False
                },
                'buildspec': 'string',
                'auth': {
                    'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                    'resource': 'string'
                },
                'reportBuildStatus': True|False,
                'buildStatusConfig': {
                    'context': 'string',
                    'targetUrl': 'string'
                },
                'insecureSsl': True|False,
                'sourceIdentifier': 'string'
            },
            'secondarySources': [
                {
                    'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                    'location': 'string',
                    'gitCloneDepth': 123,
                    'gitSubmodulesConfig': {
                        'fetchSubmodules': True|False
                    },
                    'buildspec': 'string',
                    'auth': {
                        'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                        'resource': 'string'
                    },
                    'reportBuildStatus': True|False,
                    'buildStatusConfig': {
                        'context': 'string',
                        'targetUrl': 'string'
                    },
                    'insecureSsl': True|False,
                    'sourceIdentifier': 'string'
                },
            ],
            'secondarySourceVersions': [
                {
                    'sourceIdentifier': 'string',
                    'sourceVersion': 'string'
                },
            ],
            'artifacts': {
                'location': 'string',
                'sha256sum': 'string',
                'md5sum': 'string',
                'overrideArtifactName': True|False,
                'encryptionDisabled': True|False,
                'artifactIdentifier': 'string',
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            },
            'secondaryArtifacts': [
                {
                    'location': 'string',
                    'sha256sum': 'string',
                    'md5sum': 'string',
                    'overrideArtifactName': True|False,
                    'encryptionDisabled': True|False,
                    'artifactIdentifier': 'string',
                    'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
                },
            ],
            'cache': {
                'type': 'NO_CACHE'|'S3'|'LOCAL',
                'location': 'string',
                'modes': [
                    'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
                ]
            },
            'environment': {
                'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
                'image': 'string',
                'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
                'fleet': {
                    'fleetArn': 'string'
                },
                'environmentVariables': [
                    {
                        'name': 'string',
                        'value': 'string',
                        'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
                    },
                ],
                'privilegedMode': True|False,
                'certificate': 'string',
                'registryCredential': {
                    'credential': 'string',
                    'credentialProvider': 'SECRETS_MANAGER'
                },
                'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
            },
            'serviceRole': 'string',
            'logs': {
                'groupName': 'string',
                'streamName': 'string',
                'deepLink': 'string',
                's3DeepLink': 'string',
                'cloudWatchLogsArn': 'string',
                's3LogsArn': 'string',
                'cloudWatchLogs': {
                    'status': 'ENABLED'|'DISABLED',
                    'groupName': 'string',
                    'streamName': 'string'
                },
                's3Logs': {
                    'status': 'ENABLED'|'DISABLED',
                    'location': 'string',
                    'encryptionDisabled': True|False,
                    'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
                }
            },
            'timeoutInMinutes': 123,
            'queuedTimeoutInMinutes': 123,
            'buildComplete': True|False,
            'initiator': 'string',
            'vpcConfig': {
                'vpcId': 'string',
                'subnets': [
                    'string',
                ],
                'securityGroupIds': [
                    'string',
                ]
            },
            'networkInterface': {
                'subnetId': 'string',
                'networkInterfaceId': 'string'
            },
            'encryptionKey': 'string',
            'exportedEnvironmentVariables': [
                {
                    'name': 'string',
                    'value': 'string'
                },
            ],
            'reportArns': [
                'string',
            ],
            'fileSystemLocations': [
                {
                    'type': 'EFS',
                    'location': 'string',
                    'mountPoint': 'string',
                    'identifier': 'string',
                    'mountOptions': 'string'
                },
            ],
            'debugSession': {
                'sessionEnabled': True|False,
                'sessionTarget': 'string'
            },
            'buildBatchArn': 'string',
            'autoRetryConfig': {
                'autoRetryLimit': 123,
                'autoRetryNumber': 123,
                'nextAutoRetry': 'string',
                'previousAutoRetry': 'string'
            }
        },
    ],
    'buildsNotFound': [
        'string',
    ]
}

Response Structure

  • (dict) --

    • builds (list) --

      Information about the requested builds.

      • (dict) --

        Information about a build.

        • id (string) --

          The unique ID for the build.

        • arn (string) --

          The Amazon Resource Name (ARN) of the build.

        • buildNumber (integer) --

          The number of the build. For each project, the buildNumber of its first build is 1. The buildNumber of each subsequent build is incremented by 1. If a build is deleted, the buildNumber of other builds does not change.

        • startTime (datetime) --

          When the build process started, expressed in Unix time format.

        • endTime (datetime) --

          When the build process ended, expressed in Unix time format.

        • currentPhase (string) --

          The current build phase.

        • buildStatus (string) --

          The current status of the build. Valid values include:

          • FAILED: The build failed.

          • FAULT: The build faulted.

          • IN_PROGRESS: The build is still in progress.

          • STOPPED: The build stopped.

          • SUCCEEDED: The build succeeded.

          • TIMED_OUT: The build timed out.

        • sourceVersion (string) --

          Any version identifier for the version of the source code to be built. If sourceVersion is specified at the project level, then this sourceVersion (at the build level) takes precedence.

          For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

        • resolvedSourceVersion (string) --

          An identifier for the version of this build's source code.

          • For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.

          • For CodePipeline, the source revision provided by CodePipeline.

          • For Amazon S3, this does not apply.

        • projectName (string) --

          The name of the CodeBuild project.

        • phases (list) --

          Information about all previous build phases that are complete and information about any current build phase that is not yet complete.

          • (dict) --

            Information about a stage for a build.

            • phaseType (string) --

              The name of the build phase. Valid values include:

              BUILD

              Core build activities typically occur in this build phase.

              COMPLETED

              The build has been completed.

              DOWNLOAD_SOURCE

              Source code is being downloaded in this build phase.

              FINALIZING

              The build process is completing in this build phase.

              INSTALL

              Installation activities typically occur in this build phase.

              POST_BUILD

              Post-build activities typically occur in this build phase.

              PRE_BUILD

              Pre-build activities typically occur in this build phase.

              PROVISIONING

              The build environment is being set up.

              QUEUED

              The build has been submitted and is queued behind other submitted builds.

              SUBMITTED

              The build has been submitted.

              UPLOAD_ARTIFACTS

              Build output artifacts are being uploaded to the output location.

            • phaseStatus (string) --

              The current status of the build phase. Valid values include:

              FAILED

              The build phase failed.

              FAULT

              The build phase faulted.

              IN_PROGRESS

              The build phase is still in progress.

              STOPPED

              The build phase stopped.

              SUCCEEDED

              The build phase succeeded.

              TIMED_OUT

              The build phase timed out.

            • startTime (datetime) --

              When the build phase started, expressed in Unix time format.

            • endTime (datetime) --

              When the build phase ended, expressed in Unix time format.

            • durationInSeconds (integer) --

              How long, in seconds, between the starting and ending times of the build's phase.

            • contexts (list) --

              Additional information about a build phase, especially to help troubleshoot a failed build.

              • (dict) --

                Additional information about a build phase that has an error. You can use this information for troubleshooting.

                • statusCode (string) --

                  The status code for the context of the build phase.

                • message (string) --

                  An explanation of the build phase's context. This might include a command ID and an exit code.

        • source (dict) --

          Information about the source code to be built.

          • type (string) --

            The type of repository that contains the source code to be built. Valid values include:

            • BITBUCKET: The source code is in a Bitbucket repository.

            • CODECOMMIT: The source code is in an CodeCommit repository.

            • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

            • GITHUB: The source code is in a GitHub repository.

            • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

            • GITLAB: The source code is in a GitLab repository.

            • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

            • NO_SOURCE: The project does not have input source code.

            • S3: The source code is in an Amazon S3 bucket.

          • location (string) --

            Information about the location of the source code to be built. Valid values include:

            • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

            • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

            • For source code in an Amazon S3 input bucket, one of the following.

              • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

              • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

            • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

            • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

          • gitCloneDepth (integer) --

            Information about the Git clone depth for the build project.

          • gitSubmodulesConfig (dict) --

            Information about the Git submodules configuration for the build project.

            • fetchSubmodules (boolean) --

              Set to true to fetch Git submodules for your CodeBuild build project.

          • buildspec (string) --

            The buildspec file declaration to use for the builds in this build project.

            If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

          • auth (dict) --

            Information about the authorization settings for CodeBuild to access the source code to be built.

            • type (string) --

              The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

            • resource (string) --

              The resource value that applies to the specified authorization type.

          • reportBuildStatus (boolean) --

            Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

            To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

            The status of a build triggered by a webhook is always reported to your source provider.

            If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

          • buildStatusConfig (dict) --

            Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

            • context (string) --

              Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • targetUrl (string) --

              Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • insecureSsl (boolean) --

            Enable this flag to ignore SSL warnings while connecting to the project source code.

          • sourceIdentifier (string) --

            An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

        • secondarySources (list) --

          An array of ProjectSource objects.

          • (dict) --

            Information about the build input source code for the build project.

            • type (string) --

              The type of repository that contains the source code to be built. Valid values include:

              • BITBUCKET: The source code is in a Bitbucket repository.

              • CODECOMMIT: The source code is in an CodeCommit repository.

              • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

              • GITHUB: The source code is in a GitHub repository.

              • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

              • GITLAB: The source code is in a GitLab repository.

              • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

              • NO_SOURCE: The project does not have input source code.

              • S3: The source code is in an Amazon S3 bucket.

            • location (string) --

              Information about the location of the source code to be built. Valid values include:

              • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

              • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

              • For source code in an Amazon S3 input bucket, one of the following.

                • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

                • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

              • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

              • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

              • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

              If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

            • gitCloneDepth (integer) --

              Information about the Git clone depth for the build project.

            • gitSubmodulesConfig (dict) --

              Information about the Git submodules configuration for the build project.

              • fetchSubmodules (boolean) --

                Set to true to fetch Git submodules for your CodeBuild build project.

            • buildspec (string) --

              The buildspec file declaration to use for the builds in this build project.

              If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

            • auth (dict) --

              Information about the authorization settings for CodeBuild to access the source code to be built.

              • type (string) --

                The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

              • resource (string) --

                The resource value that applies to the specified authorization type.

            • reportBuildStatus (boolean) --

              Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

              To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

              The status of a build triggered by a webhook is always reported to your source provider.

              If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

            • buildStatusConfig (dict) --

              Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

              • context (string) --

                Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

                Bitbucket

                This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

                GitHub/GitHub Enterprise Server

                This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

              • targetUrl (string) --

                Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

                Bitbucket

                This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

                GitHub/GitHub Enterprise Server

                This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • insecureSsl (boolean) --

              Enable this flag to ignore SSL warnings while connecting to the project source code.

            • sourceIdentifier (string) --

              An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

        • secondarySourceVersions (list) --

          An array of ProjectSourceVersion objects. Each ProjectSourceVersion must be one of:

          • For CodeCommit: the commit ID, branch, or Git tag to use.

          • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

          • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

          • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

          • (dict) --

            A source identifier and its corresponding version.

            • sourceIdentifier (string) --

              An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

            • sourceVersion (string) --

              The source version for the corresponding source identifier. If specified, must be one of:

              • For CodeCommit: the commit ID, branch, or Git tag to use.

              • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

              • For GitLab: the commit ID, branch, or Git tag to use.

              • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

              • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

              For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

        • artifacts (dict) --

          Information about the output artifacts for the build.

          • location (string) --

            Information about the location of the build artifacts.

          • sha256sum (string) --

            The SHA-256 hash of the build artifact.

            You can use this hash along with a checksum tool to confirm file integrity and authenticity.

          • md5sum (string) --

            The MD5 hash of the build artifact.

            You can use this hash along with a checksum tool to confirm file integrity and authenticity.

          • overrideArtifactName (boolean) --

            If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

          • encryptionDisabled (boolean) --

            Information that tells you if encryption for build artifacts is disabled.

          • artifactIdentifier (string) --

            An identifier for this artifact definition.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

        • secondaryArtifacts (list) --

          An array of ProjectArtifacts objects.

          • (dict) --

            Information about build output artifacts.

            • location (string) --

              Information about the location of the build artifacts.

            • sha256sum (string) --

              The SHA-256 hash of the build artifact.

              You can use this hash along with a checksum tool to confirm file integrity and authenticity.

            • md5sum (string) --

              The MD5 hash of the build artifact.

              You can use this hash along with a checksum tool to confirm file integrity and authenticity.

            • overrideArtifactName (boolean) --

              If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

            • encryptionDisabled (boolean) --

              Information that tells you if encryption for build artifacts is disabled.

            • artifactIdentifier (string) --

              An identifier for this artifact definition.

            • bucketOwnerAccess (string) --

              Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

              This property can be one of the following values:

              NONE

              The bucket owner does not have access to the objects. This is the default.

              READ_ONLY

              The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

              FULL

              The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

              • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

              • Otherwise, the uploading account retains ownership of the objects.

              For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

        • cache (dict) --

          Information about the cache for the build.

          • type (string) --

            The type of cache used by the build project. Valid values include:

            • NO_CACHE: The build project does not use any cache.

            • S3: The build project reads and writes from and to S3.

            • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

          • location (string) --

            Information about the cache location:

            • NO_CACHE or LOCAL: This value is ignored.

            • S3: This is the S3 bucket name/prefix.

          • modes (list) --

            An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

            Possible values are:

            LOCAL_SOURCE_CACHE

            Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

            LOCAL_DOCKER_LAYER_CACHE

            Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

            Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

            • Only directories can be specified for caching. You cannot specify individual files.

            • Symlinks are used to reference cached directories.

            • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

            • (string) --

        • environment (dict) --

          Information about the build environment for this build.

          • type (string) --

            The type of build environment to use for related builds.

            • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

            • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

            • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

            • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

            • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

            For more information, see Build environment compute types in the CodeBuild user guide.

          • image (string) --

            The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

            • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

            • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

            For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

          • computeType (string) --

            Information about the compute resources the build project uses. Available values include:

            • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

            • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

            • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

            • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

            • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

            • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            If you use BUILD_GENERAL1_SMALL:

            • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

            • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

            • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

            If you use BUILD_GENERAL1_LARGE:

            • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

            • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

            • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

            For more information, see Build Environment Compute Types in the CodeBuild User Guide.

          • fleet (dict) --

            A ProjectFleet object to use for this build project.

            • fleetArn (string) --

              Specifies the compute fleet ARN for the build project.

          • environmentVariables (list) --

            A set of environment variables to make available to builds for this build project.

            • (dict) --

              Information about an environment variable for a build project or a build.

              • name (string) --

                The name or key of the environment variable.

              • value (string) --

                The value of the environment variable.

              • type (string) --

                The type of environment variable. Valid values include:

                • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

                • PLAINTEXT: An environment variable in plain text format. This is the default value.

                • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

          • privilegedMode (boolean) --

            Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

            You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

            If the operating system's base image is Ubuntu Linux:

            - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

            - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

            If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

            - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

            - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

          • certificate (string) --

            The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

          • registryCredential (dict) --

            The credentials for access to a private registry.

            • credential (string) --

              The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

            • credentialProvider (string) --

              The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

          • imagePullCredentialsType (string) --

            The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

            • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

            • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

            When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

        • serviceRole (string) --

          The name of a service role used for this build.

        • logs (dict) --

          Information about the build's logs in CloudWatch Logs.

          • groupName (string) --

            The name of the CloudWatch Logs group for the build logs.

          • streamName (string) --

            The name of the CloudWatch Logs stream for the build logs.

          • deepLink (string) --

            The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the deeplink will not be valid until it is created.

          • s3DeepLink (string) --

            The URL to a build log in an S3 bucket.

          • cloudWatchLogsArn (string) --

            The ARN of the CloudWatch Logs stream for a build execution. Its format is arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}. The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs.

          • s3LogsArn (string) --

            The ARN of S3 logs for a build project. Its format is arn:${Partition}:s3:::${BucketName}/${ObjectName}. For more information, see Resources Defined by Amazon S3.

          • cloudWatchLogs (dict) --

            Information about CloudWatch Logs for a build project.

            • status (string) --

              The current status of the logs in CloudWatch Logs for a build project. Valid values are:

              • ENABLED: CloudWatch Logs are enabled for this build project.

              • DISABLED: CloudWatch Logs are not enabled for this build project.

            • groupName (string) --

              The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

            • streamName (string) --

              The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

          • s3Logs (dict) --

            Information about S3 logs for a build project.

            • status (string) --

              The current status of the S3 build logs. Valid values are:

              • ENABLED: S3 build logs are enabled for this build project.

              • DISABLED: S3 build logs are not enabled for this build project.

            • location (string) --

              The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

            • encryptionDisabled (boolean) --

              Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

            • bucketOwnerAccess (string) --

              Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

              This property can be one of the following values:

              NONE

              The bucket owner does not have access to the objects. This is the default.

              READ_ONLY

              The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

              FULL

              The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

              • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

              • Otherwise, the uploading account retains ownership of the objects.

              For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

        • timeoutInMinutes (integer) --

          How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.

        • queuedTimeoutInMinutes (integer) --

          The number of minutes a build is allowed to be queued before it times out.

        • buildComplete (boolean) --

          Whether the build is complete. True if complete; otherwise, false.

        • initiator (string) --

          The entity that started the build. Valid values include:

          • If CodePipeline started the build, the pipeline's name (for example, codepipeline/my-demo-pipeline).

          • If a user started the build, the user's name (for example, MyUserName).

          • If the Jenkins plugin for CodeBuild started the build, the string CodeBuild-Jenkins-Plugin.

        • vpcConfig (dict) --

          If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.

          • vpcId (string) --

            The ID of the Amazon VPC.

          • subnets (list) --

            A list of one or more subnet IDs in your Amazon VPC.

            • (string) --

          • securityGroupIds (list) --

            A list of one or more security groups IDs in your Amazon VPC.

            • (string) --

        • networkInterface (dict) --

          Describes a network interface.

          • subnetId (string) --

            The ID of the subnet.

          • networkInterfaceId (string) --

            The ID of the network interface.

        • encryptionKey (string) --

          The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

          You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).

        • exportedEnvironmentVariables (list) --

          A list of exported environment variables for this build.

          Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.

          • (dict) --

            Contains information about an exported environment variable.

            Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.

            • name (string) --

              The name of the exported environment variable.

            • value (string) --

              The value assigned to the exported environment variable.

        • reportArns (list) --

          An array of the ARNs associated with this build's reports.

          • (string) --

        • fileSystemLocations (list) --

          An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

          • (dict) --

            Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

            • type (string) --

              The type of the file system. The one supported type is EFS.

            • location (string) --

              A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

              The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

            • mountPoint (string) --

              The location in the container where you mount the file system.

            • identifier (string) --

              The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

              The identifier is used to mount your file system.

            • mountOptions (string) --

              The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

        • debugSession (dict) --

          Contains information about the debug session for this build.

          • sessionEnabled (boolean) --

            Specifies if session debugging is enabled for this build.

          • sessionTarget (string) --

            Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.

        • buildBatchArn (string) --

          The ARN of the batch build that this build is a member of, if applicable.

        • autoRetryConfig (dict) --

          Information about the auto-retry configuration for the build.

          • autoRetryLimit (integer) --

            The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

          • autoRetryNumber (integer) --

            The number of times that the build has been retried. The initial build will have an auto-retry number of 0.

          • nextAutoRetry (string) --

            The build ARN of the auto-retried build triggered by the current build. The next auto-retry will be null for builds that don't trigger an auto-retry.

          • previousAutoRetry (string) --

            The build ARN of the build that triggered the current auto-retry build. The previous auto-retry will be null for the initial build.

    • buildsNotFound (list) --

      The IDs of builds for which information could not be found.

      • (string) --

BatchGetProjects (updated) Link ¶
Changes (response)
{'projects': {'autoRetryLimit': 'integer'}}

Gets information about one or more build projects.

See also: AWS API Documentation

Request Syntax

client.batch_get_projects(
    names=[
        'string',
    ]
)
type names:

list

param names:

[REQUIRED]

The names or ARNs of the build projects. To get information about a project shared with your Amazon Web Services account, its ARN must be specified. You cannot specify a shared project using its name.

  • (string) --

rtype:

dict

returns:

Response Syntax

{
    'projects': [
        {
            'name': 'string',
            'arn': 'string',
            'description': 'string',
            'source': {
                'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                'location': 'string',
                'gitCloneDepth': 123,
                'gitSubmodulesConfig': {
                    'fetchSubmodules': True|False
                },
                'buildspec': 'string',
                'auth': {
                    'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                    'resource': 'string'
                },
                'reportBuildStatus': True|False,
                'buildStatusConfig': {
                    'context': 'string',
                    'targetUrl': 'string'
                },
                'insecureSsl': True|False,
                'sourceIdentifier': 'string'
            },
            'secondarySources': [
                {
                    'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                    'location': 'string',
                    'gitCloneDepth': 123,
                    'gitSubmodulesConfig': {
                        'fetchSubmodules': True|False
                    },
                    'buildspec': 'string',
                    'auth': {
                        'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                        'resource': 'string'
                    },
                    'reportBuildStatus': True|False,
                    'buildStatusConfig': {
                        'context': 'string',
                        'targetUrl': 'string'
                    },
                    'insecureSsl': True|False,
                    'sourceIdentifier': 'string'
                },
            ],
            'sourceVersion': 'string',
            'secondarySourceVersions': [
                {
                    'sourceIdentifier': 'string',
                    'sourceVersion': 'string'
                },
            ],
            'artifacts': {
                'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
                'location': 'string',
                'path': 'string',
                'namespaceType': 'NONE'|'BUILD_ID',
                'name': 'string',
                'packaging': 'NONE'|'ZIP',
                'overrideArtifactName': True|False,
                'encryptionDisabled': True|False,
                'artifactIdentifier': 'string',
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            },
            'secondaryArtifacts': [
                {
                    'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
                    'location': 'string',
                    'path': 'string',
                    'namespaceType': 'NONE'|'BUILD_ID',
                    'name': 'string',
                    'packaging': 'NONE'|'ZIP',
                    'overrideArtifactName': True|False,
                    'encryptionDisabled': True|False,
                    'artifactIdentifier': 'string',
                    'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
                },
            ],
            'cache': {
                'type': 'NO_CACHE'|'S3'|'LOCAL',
                'location': 'string',
                'modes': [
                    'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
                ]
            },
            'environment': {
                'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
                'image': 'string',
                'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
                'fleet': {
                    'fleetArn': 'string'
                },
                'environmentVariables': [
                    {
                        'name': 'string',
                        'value': 'string',
                        'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
                    },
                ],
                'privilegedMode': True|False,
                'certificate': 'string',
                'registryCredential': {
                    'credential': 'string',
                    'credentialProvider': 'SECRETS_MANAGER'
                },
                'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
            },
            'serviceRole': 'string',
            'timeoutInMinutes': 123,
            'queuedTimeoutInMinutes': 123,
            'encryptionKey': 'string',
            'tags': [
                {
                    'key': 'string',
                    'value': 'string'
                },
            ],
            'created': datetime(2015, 1, 1),
            'lastModified': datetime(2015, 1, 1),
            'webhook': {
                'url': 'string',
                'payloadUrl': 'string',
                'secret': 'string',
                'branchFilter': 'string',
                'filterGroups': [
                    [
                        {
                            'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME',
                            'pattern': 'string',
                            'excludeMatchedPattern': True|False
                        },
                    ],
                ],
                'buildType': 'BUILD'|'BUILD_BATCH',
                'manualCreation': True|False,
                'lastModifiedSecret': datetime(2015, 1, 1),
                'scopeConfiguration': {
                    'name': 'string',
                    'domain': 'string',
                    'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP'
                }
            },
            'vpcConfig': {
                'vpcId': 'string',
                'subnets': [
                    'string',
                ],
                'securityGroupIds': [
                    'string',
                ]
            },
            'badge': {
                'badgeEnabled': True|False,
                'badgeRequestUrl': 'string'
            },
            'logsConfig': {
                'cloudWatchLogs': {
                    'status': 'ENABLED'|'DISABLED',
                    'groupName': 'string',
                    'streamName': 'string'
                },
                's3Logs': {
                    'status': 'ENABLED'|'DISABLED',
                    'location': 'string',
                    'encryptionDisabled': True|False,
                    'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
                }
            },
            'fileSystemLocations': [
                {
                    'type': 'EFS',
                    'location': 'string',
                    'mountPoint': 'string',
                    'identifier': 'string',
                    'mountOptions': 'string'
                },
            ],
            'buildBatchConfig': {
                'serviceRole': 'string',
                'combineArtifacts': True|False,
                'restrictions': {
                    'maximumBuildsAllowed': 123,
                    'computeTypesAllowed': [
                        'string',
                    ]
                },
                'timeoutInMins': 123,
                'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH'
            },
            'concurrentBuildLimit': 123,
            'projectVisibility': 'PUBLIC_READ'|'PRIVATE',
            'publicProjectAlias': 'string',
            'resourceAccessRole': 'string',
            'autoRetryLimit': 123
        },
    ],
    'projectsNotFound': [
        'string',
    ]
}

Response Structure

  • (dict) --

    • projects (list) --

      Information about the requested build projects.

      • (dict) --

        Information about a build project.

        • name (string) --

          The name of the build project.

        • arn (string) --

          The Amazon Resource Name (ARN) of the build project.

        • description (string) --

          A description that makes the build project easy to identify.

        • source (dict) --

          Information about the build input source code for this build project.

          • type (string) --

            The type of repository that contains the source code to be built. Valid values include:

            • BITBUCKET: The source code is in a Bitbucket repository.

            • CODECOMMIT: The source code is in an CodeCommit repository.

            • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

            • GITHUB: The source code is in a GitHub repository.

            • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

            • GITLAB: The source code is in a GitLab repository.

            • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

            • NO_SOURCE: The project does not have input source code.

            • S3: The source code is in an Amazon S3 bucket.

          • location (string) --

            Information about the location of the source code to be built. Valid values include:

            • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

            • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

            • For source code in an Amazon S3 input bucket, one of the following.

              • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

              • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

            • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

            • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

          • gitCloneDepth (integer) --

            Information about the Git clone depth for the build project.

          • gitSubmodulesConfig (dict) --

            Information about the Git submodules configuration for the build project.

            • fetchSubmodules (boolean) --

              Set to true to fetch Git submodules for your CodeBuild build project.

          • buildspec (string) --

            The buildspec file declaration to use for the builds in this build project.

            If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

          • auth (dict) --

            Information about the authorization settings for CodeBuild to access the source code to be built.

            • type (string) --

              The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

            • resource (string) --

              The resource value that applies to the specified authorization type.

          • reportBuildStatus (boolean) --

            Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

            To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

            The status of a build triggered by a webhook is always reported to your source provider.

            If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

          • buildStatusConfig (dict) --

            Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

            • context (string) --

              Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • targetUrl (string) --

              Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • insecureSsl (boolean) --

            Enable this flag to ignore SSL warnings while connecting to the project source code.

          • sourceIdentifier (string) --

            An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

        • secondarySources (list) --

          An array of ProjectSource objects.

          • (dict) --

            Information about the build input source code for the build project.

            • type (string) --

              The type of repository that contains the source code to be built. Valid values include:

              • BITBUCKET: The source code is in a Bitbucket repository.

              • CODECOMMIT: The source code is in an CodeCommit repository.

              • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

              • GITHUB: The source code is in a GitHub repository.

              • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

              • GITLAB: The source code is in a GitLab repository.

              • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

              • NO_SOURCE: The project does not have input source code.

              • S3: The source code is in an Amazon S3 bucket.

            • location (string) --

              Information about the location of the source code to be built. Valid values include:

              • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

              • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

              • For source code in an Amazon S3 input bucket, one of the following.

                • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

                • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

              • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

              • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

              • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

              If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

            • gitCloneDepth (integer) --

              Information about the Git clone depth for the build project.

            • gitSubmodulesConfig (dict) --

              Information about the Git submodules configuration for the build project.

              • fetchSubmodules (boolean) --

                Set to true to fetch Git submodules for your CodeBuild build project.

            • buildspec (string) --

              The buildspec file declaration to use for the builds in this build project.

              If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

            • auth (dict) --

              Information about the authorization settings for CodeBuild to access the source code to be built.

              • type (string) --

                The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

              • resource (string) --

                The resource value that applies to the specified authorization type.

            • reportBuildStatus (boolean) --

              Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

              To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

              The status of a build triggered by a webhook is always reported to your source provider.

              If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

            • buildStatusConfig (dict) --

              Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

              • context (string) --

                Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

                Bitbucket

                This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

                GitHub/GitHub Enterprise Server

                This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

              • targetUrl (string) --

                Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

                Bitbucket

                This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

                GitHub/GitHub Enterprise Server

                This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • insecureSsl (boolean) --

              Enable this flag to ignore SSL warnings while connecting to the project source code.

            • sourceIdentifier (string) --

              An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

        • sourceVersion (string) --

          A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:

          • For CodeCommit: the commit ID, branch, or Git tag to use.

          • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

          • For GitLab: the commit ID, branch, or Git tag to use.

          • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

          • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

          If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).

          For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

        • secondarySourceVersions (list) --

          An array of ProjectSourceVersion objects. If secondarySourceVersions is specified at the build level, then they take over these secondarySourceVersions (at the project level).

          • (dict) --

            A source identifier and its corresponding version.

            • sourceIdentifier (string) --

              An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

            • sourceVersion (string) --

              The source version for the corresponding source identifier. If specified, must be one of:

              • For CodeCommit: the commit ID, branch, or Git tag to use.

              • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

              • For GitLab: the commit ID, branch, or Git tag to use.

              • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

              • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

              For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

        • artifacts (dict) --

          Information about the build output artifacts for the build project.

          • type (string) --

            The type of build output artifact. Valid values include:

            • CODEPIPELINE: The build project has build output generated through CodePipeline.

            • NO_ARTIFACTS: The build project does not produce any build output.

            • S3: The build project stores build output in Amazon S3.

          • location (string) --

            Information about the build output artifact location:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the name of the output bucket.

          • path (string) --

            Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

            For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

          • namespaceType (string) --

            Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, valid values include:

              • BUILD_ID: Include the build ID in the location of the build output artifact.

              • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

            For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

          • name (string) --

            Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

            For example:

            • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

            • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

            • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

          • packaging (string) --

            The type of build output artifact to create:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, valid values include:

              • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

              • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

          • overrideArtifactName (boolean) --

            If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

          • encryptionDisabled (boolean) --

            Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

          • artifactIdentifier (string) --

            An identifier for this artifact definition.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

        • secondaryArtifacts (list) --

          An array of ProjectArtifacts objects.

          • (dict) --

            Information about the build output artifacts for the build project.

            • type (string) --

              The type of build output artifact. Valid values include:

              • CODEPIPELINE: The build project has build output generated through CodePipeline.

              • NO_ARTIFACTS: The build project does not produce any build output.

              • S3: The build project stores build output in Amazon S3.

            • location (string) --

              Information about the build output artifact location:

              • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

              • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

              • If type is set to S3, this is the name of the output bucket.

            • path (string) --

              Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

              • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

              • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

              • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

              For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

            • namespaceType (string) --

              Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

              • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

              • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

              • If type is set to S3, valid values include:

                • BUILD_ID: Include the build ID in the location of the build output artifact.

                • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

              For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

            • name (string) --

              Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

              • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

              • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

              • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

              For example:

              • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

              • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

              • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

            • packaging (string) --

              The type of build output artifact to create:

              • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

              • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

              • If type is set to S3, valid values include:

                • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

                • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

            • overrideArtifactName (boolean) --

              If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

            • encryptionDisabled (boolean) --

              Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

            • artifactIdentifier (string) --

              An identifier for this artifact definition.

            • bucketOwnerAccess (string) --

              Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

              This property can be one of the following values:

              NONE

              The bucket owner does not have access to the objects. This is the default.

              READ_ONLY

              The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

              FULL

              The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

              • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

              • Otherwise, the uploading account retains ownership of the objects.

              For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

        • cache (dict) --

          Information about the cache for the build project.

          • type (string) --

            The type of cache used by the build project. Valid values include:

            • NO_CACHE: The build project does not use any cache.

            • S3: The build project reads and writes from and to S3.

            • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

          • location (string) --

            Information about the cache location:

            • NO_CACHE or LOCAL: This value is ignored.

            • S3: This is the S3 bucket name/prefix.

          • modes (list) --

            An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

            Possible values are:

            LOCAL_SOURCE_CACHE

            Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

            LOCAL_DOCKER_LAYER_CACHE

            Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

            Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

            • Only directories can be specified for caching. You cannot specify individual files.

            • Symlinks are used to reference cached directories.

            • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

            • (string) --

        • environment (dict) --

          Information about the build environment for this build project.

          • type (string) --

            The type of build environment to use for related builds.

            • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

            • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

            • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

            • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

            • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

            For more information, see Build environment compute types in the CodeBuild user guide.

          • image (string) --

            The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

            • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

            • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

            For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

          • computeType (string) --

            Information about the compute resources the build project uses. Available values include:

            • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

            • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

            • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

            • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

            • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

            • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

            If you use BUILD_GENERAL1_SMALL:

            • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

            • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

            • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

            If you use BUILD_GENERAL1_LARGE:

            • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

            • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

            • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

            For more information, see Build Environment Compute Types in the CodeBuild User Guide.

          • fleet (dict) --

            A ProjectFleet object to use for this build project.

            • fleetArn (string) --

              Specifies the compute fleet ARN for the build project.

          • environmentVariables (list) --

            A set of environment variables to make available to builds for this build project.

            • (dict) --

              Information about an environment variable for a build project or a build.

              • name (string) --

                The name or key of the environment variable.

              • value (string) --

                The value of the environment variable.

              • type (string) --

                The type of environment variable. Valid values include:

                • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

                • PLAINTEXT: An environment variable in plain text format. This is the default value.

                • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

          • privilegedMode (boolean) --

            Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

            You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

            If the operating system's base image is Ubuntu Linux:

            - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

            - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

            If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

            - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

            - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

          • certificate (string) --

            The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

          • registryCredential (dict) --

            The credentials for access to a private registry.

            • credential (string) --

              The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

            • credentialProvider (string) --

              The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

          • imagePullCredentialsType (string) --

            The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

            • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

            • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

            When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

        • serviceRole (string) --

          The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.

        • timeoutInMinutes (integer) --

          How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.

        • queuedTimeoutInMinutes (integer) --

          The number of minutes a build is allowed to be queued before it times out.

        • encryptionKey (string) --

          The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

          You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).

        • tags (list) --

          A list of tag key and value pairs associated with this build project.

          These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.

          • (dict) --

            A tag, consisting of a key and a value.

            This tag is available for use by Amazon Web Services services that support tags in CodeBuild.

            • key (string) --

              The tag's key.

            • value (string) --

              The tag's value.

        • created (datetime) --

          When the build project was created, expressed in Unix time format.

        • lastModified (datetime) --

          When the build project's settings were last modified, expressed in Unix time format.

        • webhook (dict) --

          Information about a webhook that connects repository events to a build project in CodeBuild.

          • url (string) --

            The URL to the webhook.

          • payloadUrl (string) --

            The CodeBuild endpoint where webhook events are sent.

          • secret (string) --

            The secret token of the associated repository.

          • branchFilter (string) --

            A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If branchFilter is empty, then all branches are built.

          • filterGroups (list) --

            An array of arrays of WebhookFilter objects used to determine which webhooks are triggered. At least one WebhookFilter in the array must specify EVENT as its type.

            For a build to be triggered, at least one filter group in the filterGroups array must pass. For a filter group to pass, each of its filters must pass.

            • (list) --

              • (dict) --

                A filter used to determine which webhooks trigger a build.

                • type (string) --

                  The type of webhook filter. There are nine webhook filter types: EVENT, ACTOR_ACCOUNT_ID, HEAD_REF, BASE_REF, FILE_PATH, COMMIT_MESSAGE, TAG_NAME, RELEASE_NAME, and WORKFLOW_NAME.

                  • EVENT

                    • A webhook event triggers a build when the provided pattern matches one of nine event types: PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, PULL_REQUEST_CLOSED, PULL_REQUEST_REOPENED, PULL_REQUEST_MERGED, RELEASED, PRERELEASED, and WORKFLOW_JOB_QUEUED. The EVENT patterns are specified as a comma-separated string. For example, PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters all push, pull request created, and pull request updated events.

                  • ACTOR_ACCOUNT_ID

                    • A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression pattern.

                  • HEAD_REF

                    • A webhook event triggers a build when the head reference matches the regular expression pattern. For example, refs/heads/branch-name and refs/tags/tag-name.

                  • BASE_REF

                    • A webhook event triggers a build when the base reference matches the regular expression pattern. For example, refs/heads/branch-name.

                  • FILE_PATH

                    • A webhook triggers a build when the path of a changed file matches the regular expression pattern.

                  • COMMIT_MESSAGE

                    • A webhook triggers a build when the head commit message matches the regular expression pattern.

                  • TAG_NAME

                    • A webhook triggers a build when the tag name of the release matches the regular expression pattern.

                  • RELEASE_NAME

                    • A webhook triggers a build when the release name matches the regular expression pattern.

                  • REPOSITORY_NAME

                    • A webhook triggers a build when the repository name matches the regular expression pattern.

                  • WORKFLOW_NAME

                    • A webhook triggers a build when the workflow name matches the regular expression pattern.

                • pattern (string) --

                  For a WebHookFilter that uses EVENT type, a comma-separated string that specifies one or more events. For example, the webhook filter PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED allows all push, pull request created, and pull request updated events to trigger a build.

                  For a WebHookFilter that uses any of the other filter types, a regular expression pattern. For example, a WebHookFilter that uses HEAD_REF for its type and the pattern ^refs/heads/ triggers a build when the head reference is a branch with a reference name refs/heads/branch-name.

                • excludeMatchedPattern (boolean) --

                  Used to indicate that the pattern determines which webhook events do not trigger a build. If true, then a webhook event that does not match the pattern triggers a build. If false, then a webhook event that matches the pattern triggers a build.

          • buildType (string) --

            Specifies the type of build this webhook will trigger.

          • manualCreation (boolean) --

            If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns payloadUrl and secret values for the webhook. The payloadUrl and secret values in the output can be used to manually create a webhook within GitHub.

          • lastModifiedSecret (datetime) --

            A timestamp that indicates the last time a repository's secret token was modified.

          • scopeConfiguration (dict) --

            The scope configuration for global or organization webhooks.

            • name (string) --

              The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook.

            • domain (string) --

              The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED.

            • scope (string) --

              The type of scope for a GitHub or GitLab webhook.

        • vpcConfig (dict) --

          Information about the VPC configuration that CodeBuild accesses.

          • vpcId (string) --

            The ID of the Amazon VPC.

          • subnets (list) --

            A list of one or more subnet IDs in your Amazon VPC.

            • (string) --

          • securityGroupIds (list) --

            A list of one or more security groups IDs in your Amazon VPC.

            • (string) --

        • badge (dict) --

          Information about the build badge for the build project.

          • badgeEnabled (boolean) --

            Set this to true to generate a publicly accessible URL for your project's build badge.

          • badgeRequestUrl (string) --

            The publicly-accessible URL through which you can access the build badge for your project.

        • logsConfig (dict) --

          Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.

          • cloudWatchLogs (dict) --

            Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.

            • status (string) --

              The current status of the logs in CloudWatch Logs for a build project. Valid values are:

              • ENABLED: CloudWatch Logs are enabled for this build project.

              • DISABLED: CloudWatch Logs are not enabled for this build project.

            • groupName (string) --

              The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

            • streamName (string) --

              The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

          • s3Logs (dict) --

            Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.

            • status (string) --

              The current status of the S3 build logs. Valid values are:

              • ENABLED: S3 build logs are enabled for this build project.

              • DISABLED: S3 build logs are not enabled for this build project.

            • location (string) --

              The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

            • encryptionDisabled (boolean) --

              Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

            • bucketOwnerAccess (string) --

              Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

              This property can be one of the following values:

              NONE

              The bucket owner does not have access to the objects. This is the default.

              READ_ONLY

              The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

              FULL

              The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

              • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

              • Otherwise, the uploading account retains ownership of the objects.

              For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

        • fileSystemLocations (list) --

          An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

          • (dict) --

            Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

            • type (string) --

              The type of the file system. The one supported type is EFS.

            • location (string) --

              A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

              The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

            • mountPoint (string) --

              The location in the container where you mount the file system.

            • identifier (string) --

              The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

              The identifier is used to mount your file system.

            • mountOptions (string) --

              The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

        • buildBatchConfig (dict) --

          A ProjectBuildBatchConfig object that defines the batch build options for the project.

          • serviceRole (string) --

            Specifies the service role ARN for the batch build project.

          • combineArtifacts (boolean) --

            Specifies if the build artifacts for the batch build should be combined into a single artifact location.

          • restrictions (dict) --

            A BatchRestrictions object that specifies the restrictions for the batch build.

            • maximumBuildsAllowed (integer) --

              Specifies the maximum number of builds allowed.

            • computeTypesAllowed (list) --

              An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.

              • (string) --

          • timeoutInMins (integer) --

            Specifies the maximum amount of time, in minutes, that the batch build must be completed in.

          • batchReportMode (string) --

            Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.

            REPORT_AGGREGATED_BATCH

            (Default) Aggregate all of the build statuses into a single status report.

            REPORT_INDIVIDUAL_BUILDS

            Send a separate status report for each individual build.

        • concurrentBuildLimit (integer) --

          The maximum number of concurrent builds that are allowed for this project.

          New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.

        • projectVisibility (string) --

          Specifies the visibility of the project's builds. Possible values are:

          PUBLIC_READ

          The project builds are visible to the public.

          PRIVATE

          The project builds are not visible to the public.

        • publicProjectAlias (string) --

          Contains the project identifier used with the public build APIs.

        • resourceAccessRole (string) --

          The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.

        • autoRetryLimit (integer) --

          The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

    • projectsNotFound (list) --

      The names of build projects for which information could not be found.

      • (string) --

CreateProject (updated) Link ¶
Changes (request, response)
Request
{'autoRetryLimit': 'integer'}
Response
{'project': {'autoRetryLimit': 'integer'}}

Creates a build project.

See also: AWS API Documentation

Request Syntax

client.create_project(
    name='string',
    description='string',
    source={
        'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
        'location': 'string',
        'gitCloneDepth': 123,
        'gitSubmodulesConfig': {
            'fetchSubmodules': True|False
        },
        'buildspec': 'string',
        'auth': {
            'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
            'resource': 'string'
        },
        'reportBuildStatus': True|False,
        'buildStatusConfig': {
            'context': 'string',
            'targetUrl': 'string'
        },
        'insecureSsl': True|False,
        'sourceIdentifier': 'string'
    },
    secondarySources=[
        {
            'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
            'location': 'string',
            'gitCloneDepth': 123,
            'gitSubmodulesConfig': {
                'fetchSubmodules': True|False
            },
            'buildspec': 'string',
            'auth': {
                'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                'resource': 'string'
            },
            'reportBuildStatus': True|False,
            'buildStatusConfig': {
                'context': 'string',
                'targetUrl': 'string'
            },
            'insecureSsl': True|False,
            'sourceIdentifier': 'string'
        },
    ],
    sourceVersion='string',
    secondarySourceVersions=[
        {
            'sourceIdentifier': 'string',
            'sourceVersion': 'string'
        },
    ],
    artifacts={
        'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
        'location': 'string',
        'path': 'string',
        'namespaceType': 'NONE'|'BUILD_ID',
        'name': 'string',
        'packaging': 'NONE'|'ZIP',
        'overrideArtifactName': True|False,
        'encryptionDisabled': True|False,
        'artifactIdentifier': 'string',
        'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
    },
    secondaryArtifacts=[
        {
            'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
            'location': 'string',
            'path': 'string',
            'namespaceType': 'NONE'|'BUILD_ID',
            'name': 'string',
            'packaging': 'NONE'|'ZIP',
            'overrideArtifactName': True|False,
            'encryptionDisabled': True|False,
            'artifactIdentifier': 'string',
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        },
    ],
    cache={
        'type': 'NO_CACHE'|'S3'|'LOCAL',
        'location': 'string',
        'modes': [
            'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
        ]
    },
    environment={
        'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
        'image': 'string',
        'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
        'fleet': {
            'fleetArn': 'string'
        },
        'environmentVariables': [
            {
                'name': 'string',
                'value': 'string',
                'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
            },
        ],
        'privilegedMode': True|False,
        'certificate': 'string',
        'registryCredential': {
            'credential': 'string',
            'credentialProvider': 'SECRETS_MANAGER'
        },
        'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
    },
    serviceRole='string',
    timeoutInMinutes=123,
    queuedTimeoutInMinutes=123,
    encryptionKey='string',
    tags=[
        {
            'key': 'string',
            'value': 'string'
        },
    ],
    vpcConfig={
        'vpcId': 'string',
        'subnets': [
            'string',
        ],
        'securityGroupIds': [
            'string',
        ]
    },
    badgeEnabled=True|False,
    logsConfig={
        'cloudWatchLogs': {
            'status': 'ENABLED'|'DISABLED',
            'groupName': 'string',
            'streamName': 'string'
        },
        's3Logs': {
            'status': 'ENABLED'|'DISABLED',
            'location': 'string',
            'encryptionDisabled': True|False,
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        }
    },
    fileSystemLocations=[
        {
            'type': 'EFS',
            'location': 'string',
            'mountPoint': 'string',
            'identifier': 'string',
            'mountOptions': 'string'
        },
    ],
    buildBatchConfig={
        'serviceRole': 'string',
        'combineArtifacts': True|False,
        'restrictions': {
            'maximumBuildsAllowed': 123,
            'computeTypesAllowed': [
                'string',
            ]
        },
        'timeoutInMins': 123,
        'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH'
    },
    concurrentBuildLimit=123,
    autoRetryLimit=123
)
type name:

string

param name:

[REQUIRED]

The name of the build project.

type description:

string

param description:

A description that makes the build project easy to identify.

type source:

dict

param source:

[REQUIRED]

Information about the build input source code for the build project.

  • type (string) -- [REQUIRED]

    The type of repository that contains the source code to be built. Valid values include:

    • BITBUCKET: The source code is in a Bitbucket repository.

    • CODECOMMIT: The source code is in an CodeCommit repository.

    • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

    • GITHUB: The source code is in a GitHub repository.

    • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

    • GITLAB: The source code is in a GitLab repository.

    • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

    • NO_SOURCE: The project does not have input source code.

    • S3: The source code is in an Amazon S3 bucket.

  • location (string) --

    Information about the location of the source code to be built. Valid values include:

    • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

    • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

    • For source code in an Amazon S3 input bucket, one of the following.

      • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

      • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

    • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

    • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

    • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

    If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

  • gitCloneDepth (integer) --

    Information about the Git clone depth for the build project.

  • gitSubmodulesConfig (dict) --

    Information about the Git submodules configuration for the build project.

    • fetchSubmodules (boolean) -- [REQUIRED]

      Set to true to fetch Git submodules for your CodeBuild build project.

  • buildspec (string) --

    The buildspec file declaration to use for the builds in this build project.

    If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

  • auth (dict) --

    Information about the authorization settings for CodeBuild to access the source code to be built.

    • type (string) -- [REQUIRED]

      The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

    • resource (string) --

      The resource value that applies to the specified authorization type.

  • reportBuildStatus (boolean) --

    Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

    To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

    The status of a build triggered by a webhook is always reported to your source provider.

    If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

  • buildStatusConfig (dict) --

    Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

    • context (string) --

      Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

      Bitbucket

      This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

      GitHub/GitHub Enterprise Server

      This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

    • targetUrl (string) --

      Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

      Bitbucket

      This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

      GitHub/GitHub Enterprise Server

      This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

  • insecureSsl (boolean) --

    Enable this flag to ignore SSL warnings while connecting to the project source code.

  • sourceIdentifier (string) --

    An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

type secondarySources:

list

param secondarySources:

An array of ProjectSource objects.

  • (dict) --

    Information about the build input source code for the build project.

    • type (string) -- [REQUIRED]

      The type of repository that contains the source code to be built. Valid values include:

      • BITBUCKET: The source code is in a Bitbucket repository.

      • CODECOMMIT: The source code is in an CodeCommit repository.

      • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

      • GITHUB: The source code is in a GitHub repository.

      • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

      • GITLAB: The source code is in a GitLab repository.

      • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

      • NO_SOURCE: The project does not have input source code.

      • S3: The source code is in an Amazon S3 bucket.

    • location (string) --

      Information about the location of the source code to be built. Valid values include:

      • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

      • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

      • For source code in an Amazon S3 input bucket, one of the following.

        • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

        • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

      • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

      • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

      • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

      If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

    • gitCloneDepth (integer) --

      Information about the Git clone depth for the build project.

    • gitSubmodulesConfig (dict) --

      Information about the Git submodules configuration for the build project.

      • fetchSubmodules (boolean) -- [REQUIRED]

        Set to true to fetch Git submodules for your CodeBuild build project.

    • buildspec (string) --

      The buildspec file declaration to use for the builds in this build project.

      If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

    • auth (dict) --

      Information about the authorization settings for CodeBuild to access the source code to be built.

      • type (string) -- [REQUIRED]

        The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

      • resource (string) --

        The resource value that applies to the specified authorization type.

    • reportBuildStatus (boolean) --

      Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

      To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

      The status of a build triggered by a webhook is always reported to your source provider.

      If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

    • buildStatusConfig (dict) --

      Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

      • context (string) --

        Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

        Bitbucket

        This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

        GitHub/GitHub Enterprise Server

        This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

      • targetUrl (string) --

        Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

        Bitbucket

        This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

        GitHub/GitHub Enterprise Server

        This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

    • insecureSsl (boolean) --

      Enable this flag to ignore SSL warnings while connecting to the project source code.

    • sourceIdentifier (string) --

      An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

type sourceVersion:

string

param sourceVersion:

A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:

  • For CodeCommit: the commit ID, branch, or Git tag to use.

  • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

  • For GitLab: the commit ID, branch, or Git tag to use.

  • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

  • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).

For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

type secondarySourceVersions:

list

param secondarySourceVersions:

An array of ProjectSourceVersion objects. If secondarySourceVersions is specified at the build level, then they take precedence over these secondarySourceVersions (at the project level).

  • (dict) --

    A source identifier and its corresponding version.

    • sourceIdentifier (string) -- [REQUIRED]

      An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

    • sourceVersion (string) -- [REQUIRED]

      The source version for the corresponding source identifier. If specified, must be one of:

      • For CodeCommit: the commit ID, branch, or Git tag to use.

      • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

      • For GitLab: the commit ID, branch, or Git tag to use.

      • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

      • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

      For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

type artifacts:

dict

param artifacts:

[REQUIRED]

Information about the build output artifacts for the build project.

  • type (string) -- [REQUIRED]

    The type of build output artifact. Valid values include:

    • CODEPIPELINE: The build project has build output generated through CodePipeline.

    • NO_ARTIFACTS: The build project does not produce any build output.

    • S3: The build project stores build output in Amazon S3.

  • location (string) --

    Information about the build output artifact location:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the name of the output bucket.

  • path (string) --

    Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

    For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

  • namespaceType (string) --

    Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, valid values include:

      • BUILD_ID: Include the build ID in the location of the build output artifact.

      • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

    For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

  • name (string) --

    Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

    For example:

    • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

    • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

    • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

  • packaging (string) --

    The type of build output artifact to create:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, valid values include:

      • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

      • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

  • overrideArtifactName (boolean) --

    If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

  • encryptionDisabled (boolean) --

    Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

  • artifactIdentifier (string) --

    An identifier for this artifact definition.

  • bucketOwnerAccess (string) --

    Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

    This property can be one of the following values:

    NONE

    The bucket owner does not have access to the objects. This is the default.

    READ_ONLY

    The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

    FULL

    The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

    • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

    • Otherwise, the uploading account retains ownership of the objects.

    For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type secondaryArtifacts:

list

param secondaryArtifacts:

An array of ProjectArtifacts objects.

  • (dict) --

    Information about the build output artifacts for the build project.

    • type (string) -- [REQUIRED]

      The type of build output artifact. Valid values include:

      • CODEPIPELINE: The build project has build output generated through CodePipeline.

      • NO_ARTIFACTS: The build project does not produce any build output.

      • S3: The build project stores build output in Amazon S3.

    • location (string) --

      Information about the build output artifact location:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the name of the output bucket.

    • path (string) --

      Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

      For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

    • namespaceType (string) --

      Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, valid values include:

        • BUILD_ID: Include the build ID in the location of the build output artifact.

        • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

      For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

    • name (string) --

      Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

      For example:

      • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

      • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

      • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

    • packaging (string) --

      The type of build output artifact to create:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, valid values include:

        • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

        • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

    • overrideArtifactName (boolean) --

      If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

    • encryptionDisabled (boolean) --

      Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

    • artifactIdentifier (string) --

      An identifier for this artifact definition.

    • bucketOwnerAccess (string) --

      Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

      This property can be one of the following values:

      NONE

      The bucket owner does not have access to the objects. This is the default.

      READ_ONLY

      The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

      FULL

      The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

      • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

      • Otherwise, the uploading account retains ownership of the objects.

      For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type cache:

dict

param cache:

Stores recently used information so that it can be quickly accessed at a later time.

  • type (string) -- [REQUIRED]

    The type of cache used by the build project. Valid values include:

    • NO_CACHE: The build project does not use any cache.

    • S3: The build project reads and writes from and to S3.

    • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

  • location (string) --

    Information about the cache location:

    • NO_CACHE or LOCAL: This value is ignored.

    • S3: This is the S3 bucket name/prefix.

  • modes (list) --

    An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

    Possible values are:

    LOCAL_SOURCE_CACHE

    Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

    LOCAL_DOCKER_LAYER_CACHE

    Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

    Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

    • Only directories can be specified for caching. You cannot specify individual files.

    • Symlinks are used to reference cached directories.

    • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

    • (string) --

type environment:

dict

param environment:

[REQUIRED]

Information about the build environment for the build project.

  • type (string) -- [REQUIRED]

    The type of build environment to use for related builds.

    • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

    • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

    • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

    • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

    • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

    For more information, see Build environment compute types in the CodeBuild user guide.

  • image (string) -- [REQUIRED]

    The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

    • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

    • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

    For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

  • computeType (string) -- [REQUIRED]

    Information about the compute resources the build project uses. Available values include:

    • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

    • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

    • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

    • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

    • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

    • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    If you use BUILD_GENERAL1_SMALL:

    • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

    • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

    • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

    If you use BUILD_GENERAL1_LARGE:

    • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

    • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

    • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

    For more information, see Build Environment Compute Types in the CodeBuild User Guide.

  • fleet (dict) --

    A ProjectFleet object to use for this build project.

    • fleetArn (string) --

      Specifies the compute fleet ARN for the build project.

  • environmentVariables (list) --

    A set of environment variables to make available to builds for this build project.

    • (dict) --

      Information about an environment variable for a build project or a build.

      • name (string) -- [REQUIRED]

        The name or key of the environment variable.

      • value (string) -- [REQUIRED]

        The value of the environment variable.

      • type (string) --

        The type of environment variable. Valid values include:

        • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

        • PLAINTEXT: An environment variable in plain text format. This is the default value.

        • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

  • privilegedMode (boolean) --

    Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

    You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

    If the operating system's base image is Ubuntu Linux:

    - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

    - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

    If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

    - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

    - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

  • certificate (string) --

    The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

  • registryCredential (dict) --

    The credentials for access to a private registry.

    • credential (string) -- [REQUIRED]

      The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

    • credentialProvider (string) -- [REQUIRED]

      The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

  • imagePullCredentialsType (string) --

    The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

    • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

    • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

    When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

type serviceRole:

string

param serviceRole:

[REQUIRED]

The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.

type timeoutInMinutes:

integer

param timeoutInMinutes:

How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before it times out any build that has not been marked as completed. The default is 60 minutes.

type queuedTimeoutInMinutes:

integer

param queuedTimeoutInMinutes:

The number of minutes a build is allowed to be queued before it times out.

type encryptionKey:

string

param encryptionKey:

The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).

type tags:

list

param tags:

A list of tag key and value pairs associated with this build project.

These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.

  • (dict) --

    A tag, consisting of a key and a value.

    This tag is available for use by Amazon Web Services services that support tags in CodeBuild.

    • key (string) --

      The tag's key.

    • value (string) --

      The tag's value.

type vpcConfig:

dict

param vpcConfig:

VpcConfig enables CodeBuild to access resources in an Amazon VPC.

  • vpcId (string) --

    The ID of the Amazon VPC.

  • subnets (list) --

    A list of one or more subnet IDs in your Amazon VPC.

    • (string) --

  • securityGroupIds (list) --

    A list of one or more security groups IDs in your Amazon VPC.

    • (string) --

type badgeEnabled:

boolean

param badgeEnabled:

Set this to true to generate a publicly accessible URL for your project's build badge.

type logsConfig:

dict

param logsConfig:

Information about logs for the build project. These can be logs in CloudWatch Logs, logs uploaded to a specified S3 bucket, or both.

  • cloudWatchLogs (dict) --

    Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.

    • status (string) -- [REQUIRED]

      The current status of the logs in CloudWatch Logs for a build project. Valid values are:

      • ENABLED: CloudWatch Logs are enabled for this build project.

      • DISABLED: CloudWatch Logs are not enabled for this build project.

    • groupName (string) --

      The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

    • streamName (string) --

      The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

  • s3Logs (dict) --

    Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.

    • status (string) -- [REQUIRED]

      The current status of the S3 build logs. Valid values are:

      • ENABLED: S3 build logs are enabled for this build project.

      • DISABLED: S3 build logs are not enabled for this build project.

    • location (string) --

      The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

    • encryptionDisabled (boolean) --

      Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

    • bucketOwnerAccess (string) --

      Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

      This property can be one of the following values:

      NONE

      The bucket owner does not have access to the objects. This is the default.

      READ_ONLY

      The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

      FULL

      The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

      • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

      • Otherwise, the uploading account retains ownership of the objects.

      For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type fileSystemLocations:

list

param fileSystemLocations:

An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

  • (dict) --

    Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

    • type (string) --

      The type of the file system. The one supported type is EFS.

    • location (string) --

      A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

      The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

    • mountPoint (string) --

      The location in the container where you mount the file system.

    • identifier (string) --

      The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

      The identifier is used to mount your file system.

    • mountOptions (string) --

      The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

type buildBatchConfig:

dict

param buildBatchConfig:

A ProjectBuildBatchConfig object that defines the batch build options for the project.

  • serviceRole (string) --

    Specifies the service role ARN for the batch build project.

  • combineArtifacts (boolean) --

    Specifies if the build artifacts for the batch build should be combined into a single artifact location.

  • restrictions (dict) --

    A BatchRestrictions object that specifies the restrictions for the batch build.

    • maximumBuildsAllowed (integer) --

      Specifies the maximum number of builds allowed.

    • computeTypesAllowed (list) --

      An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.

      • (string) --

  • timeoutInMins (integer) --

    Specifies the maximum amount of time, in minutes, that the batch build must be completed in.

  • batchReportMode (string) --

    Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.

    REPORT_AGGREGATED_BATCH

    (Default) Aggregate all of the build statuses into a single status report.

    REPORT_INDIVIDUAL_BUILDS

    Send a separate status report for each individual build.

type concurrentBuildLimit:

integer

param concurrentBuildLimit:

The maximum number of concurrent builds that are allowed for this project.

New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.

type autoRetryLimit:

integer

param autoRetryLimit:

The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

rtype:

dict

returns:

Response Syntax

{
    'project': {
        'name': 'string',
        'arn': 'string',
        'description': 'string',
        'source': {
            'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
            'location': 'string',
            'gitCloneDepth': 123,
            'gitSubmodulesConfig': {
                'fetchSubmodules': True|False
            },
            'buildspec': 'string',
            'auth': {
                'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                'resource': 'string'
            },
            'reportBuildStatus': True|False,
            'buildStatusConfig': {
                'context': 'string',
                'targetUrl': 'string'
            },
            'insecureSsl': True|False,
            'sourceIdentifier': 'string'
        },
        'secondarySources': [
            {
                'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                'location': 'string',
                'gitCloneDepth': 123,
                'gitSubmodulesConfig': {
                    'fetchSubmodules': True|False
                },
                'buildspec': 'string',
                'auth': {
                    'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                    'resource': 'string'
                },
                'reportBuildStatus': True|False,
                'buildStatusConfig': {
                    'context': 'string',
                    'targetUrl': 'string'
                },
                'insecureSsl': True|False,
                'sourceIdentifier': 'string'
            },
        ],
        'sourceVersion': 'string',
        'secondarySourceVersions': [
            {
                'sourceIdentifier': 'string',
                'sourceVersion': 'string'
            },
        ],
        'artifacts': {
            'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
            'location': 'string',
            'path': 'string',
            'namespaceType': 'NONE'|'BUILD_ID',
            'name': 'string',
            'packaging': 'NONE'|'ZIP',
            'overrideArtifactName': True|False,
            'encryptionDisabled': True|False,
            'artifactIdentifier': 'string',
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        },
        'secondaryArtifacts': [
            {
                'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
                'location': 'string',
                'path': 'string',
                'namespaceType': 'NONE'|'BUILD_ID',
                'name': 'string',
                'packaging': 'NONE'|'ZIP',
                'overrideArtifactName': True|False,
                'encryptionDisabled': True|False,
                'artifactIdentifier': 'string',
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            },
        ],
        'cache': {
            'type': 'NO_CACHE'|'S3'|'LOCAL',
            'location': 'string',
            'modes': [
                'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
            ]
        },
        'environment': {
            'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
            'image': 'string',
            'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
            'fleet': {
                'fleetArn': 'string'
            },
            'environmentVariables': [
                {
                    'name': 'string',
                    'value': 'string',
                    'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
                },
            ],
            'privilegedMode': True|False,
            'certificate': 'string',
            'registryCredential': {
                'credential': 'string',
                'credentialProvider': 'SECRETS_MANAGER'
            },
            'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
        },
        'serviceRole': 'string',
        'timeoutInMinutes': 123,
        'queuedTimeoutInMinutes': 123,
        'encryptionKey': 'string',
        'tags': [
            {
                'key': 'string',
                'value': 'string'
            },
        ],
        'created': datetime(2015, 1, 1),
        'lastModified': datetime(2015, 1, 1),
        'webhook': {
            'url': 'string',
            'payloadUrl': 'string',
            'secret': 'string',
            'branchFilter': 'string',
            'filterGroups': [
                [
                    {
                        'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME',
                        'pattern': 'string',
                        'excludeMatchedPattern': True|False
                    },
                ],
            ],
            'buildType': 'BUILD'|'BUILD_BATCH',
            'manualCreation': True|False,
            'lastModifiedSecret': datetime(2015, 1, 1),
            'scopeConfiguration': {
                'name': 'string',
                'domain': 'string',
                'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP'
            }
        },
        'vpcConfig': {
            'vpcId': 'string',
            'subnets': [
                'string',
            ],
            'securityGroupIds': [
                'string',
            ]
        },
        'badge': {
            'badgeEnabled': True|False,
            'badgeRequestUrl': 'string'
        },
        'logsConfig': {
            'cloudWatchLogs': {
                'status': 'ENABLED'|'DISABLED',
                'groupName': 'string',
                'streamName': 'string'
            },
            's3Logs': {
                'status': 'ENABLED'|'DISABLED',
                'location': 'string',
                'encryptionDisabled': True|False,
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            }
        },
        'fileSystemLocations': [
            {
                'type': 'EFS',
                'location': 'string',
                'mountPoint': 'string',
                'identifier': 'string',
                'mountOptions': 'string'
            },
        ],
        'buildBatchConfig': {
            'serviceRole': 'string',
            'combineArtifacts': True|False,
            'restrictions': {
                'maximumBuildsAllowed': 123,
                'computeTypesAllowed': [
                    'string',
                ]
            },
            'timeoutInMins': 123,
            'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH'
        },
        'concurrentBuildLimit': 123,
        'projectVisibility': 'PUBLIC_READ'|'PRIVATE',
        'publicProjectAlias': 'string',
        'resourceAccessRole': 'string',
        'autoRetryLimit': 123
    }
}

Response Structure

  • (dict) --

    • project (dict) --

      Information about the build project that was created.

      • name (string) --

        The name of the build project.

      • arn (string) --

        The Amazon Resource Name (ARN) of the build project.

      • description (string) --

        A description that makes the build project easy to identify.

      • source (dict) --

        Information about the build input source code for this build project.

        • type (string) --

          The type of repository that contains the source code to be built. Valid values include:

          • BITBUCKET: The source code is in a Bitbucket repository.

          • CODECOMMIT: The source code is in an CodeCommit repository.

          • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

          • GITHUB: The source code is in a GitHub repository.

          • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

          • GITLAB: The source code is in a GitLab repository.

          • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

          • NO_SOURCE: The project does not have input source code.

          • S3: The source code is in an Amazon S3 bucket.

        • location (string) --

          Information about the location of the source code to be built. Valid values include:

          • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

          • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

          • For source code in an Amazon S3 input bucket, one of the following.

            • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

            • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

          • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

          • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

        • gitCloneDepth (integer) --

          Information about the Git clone depth for the build project.

        • gitSubmodulesConfig (dict) --

          Information about the Git submodules configuration for the build project.

          • fetchSubmodules (boolean) --

            Set to true to fetch Git submodules for your CodeBuild build project.

        • buildspec (string) --

          The buildspec file declaration to use for the builds in this build project.

          If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

        • auth (dict) --

          Information about the authorization settings for CodeBuild to access the source code to be built.

          • type (string) --

            The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

          • resource (string) --

            The resource value that applies to the specified authorization type.

        • reportBuildStatus (boolean) --

          Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

          To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

          The status of a build triggered by a webhook is always reported to your source provider.

          If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

        • buildStatusConfig (dict) --

          Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

          • context (string) --

            Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • targetUrl (string) --

            Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

        • insecureSsl (boolean) --

          Enable this flag to ignore SSL warnings while connecting to the project source code.

        • sourceIdentifier (string) --

          An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • secondarySources (list) --

        An array of ProjectSource objects.

        • (dict) --

          Information about the build input source code for the build project.

          • type (string) --

            The type of repository that contains the source code to be built. Valid values include:

            • BITBUCKET: The source code is in a Bitbucket repository.

            • CODECOMMIT: The source code is in an CodeCommit repository.

            • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

            • GITHUB: The source code is in a GitHub repository.

            • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

            • GITLAB: The source code is in a GitLab repository.

            • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

            • NO_SOURCE: The project does not have input source code.

            • S3: The source code is in an Amazon S3 bucket.

          • location (string) --

            Information about the location of the source code to be built. Valid values include:

            • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

            • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

            • For source code in an Amazon S3 input bucket, one of the following.

              • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

              • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

            • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

            • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

          • gitCloneDepth (integer) --

            Information about the Git clone depth for the build project.

          • gitSubmodulesConfig (dict) --

            Information about the Git submodules configuration for the build project.

            • fetchSubmodules (boolean) --

              Set to true to fetch Git submodules for your CodeBuild build project.

          • buildspec (string) --

            The buildspec file declaration to use for the builds in this build project.

            If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

          • auth (dict) --

            Information about the authorization settings for CodeBuild to access the source code to be built.

            • type (string) --

              The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

            • resource (string) --

              The resource value that applies to the specified authorization type.

          • reportBuildStatus (boolean) --

            Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

            To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

            The status of a build triggered by a webhook is always reported to your source provider.

            If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

          • buildStatusConfig (dict) --

            Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

            • context (string) --

              Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • targetUrl (string) --

              Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • insecureSsl (boolean) --

            Enable this flag to ignore SSL warnings while connecting to the project source code.

          • sourceIdentifier (string) --

            An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • sourceVersion (string) --

        A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:

        • For CodeCommit: the commit ID, branch, or Git tag to use.

        • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For GitLab: the commit ID, branch, or Git tag to use.

        • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

        If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).

        For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • secondarySourceVersions (list) --

        An array of ProjectSourceVersion objects. If secondarySourceVersions is specified at the build level, then they take over these secondarySourceVersions (at the project level).

        • (dict) --

          A source identifier and its corresponding version.

          • sourceIdentifier (string) --

            An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

          • sourceVersion (string) --

            The source version for the corresponding source identifier. If specified, must be one of:

            • For CodeCommit: the commit ID, branch, or Git tag to use.

            • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For GitLab: the commit ID, branch, or Git tag to use.

            • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

            For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • artifacts (dict) --

        Information about the build output artifacts for the build project.

        • type (string) --

          The type of build output artifact. Valid values include:

          • CODEPIPELINE: The build project has build output generated through CodePipeline.

          • NO_ARTIFACTS: The build project does not produce any build output.

          • S3: The build project stores build output in Amazon S3.

        • location (string) --

          Information about the build output artifact location:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, this is the name of the output bucket.

        • path (string) --

          Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

          For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

        • namespaceType (string) --

          Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, valid values include:

            • BUILD_ID: Include the build ID in the location of the build output artifact.

            • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

          For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

        • name (string) --

          Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

          For example:

          • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

          • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

          • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

        • packaging (string) --

          The type of build output artifact to create:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, valid values include:

            • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

            • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

        • overrideArtifactName (boolean) --

          If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

        • encryptionDisabled (boolean) --

          Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

        • artifactIdentifier (string) --

          An identifier for this artifact definition.

        • bucketOwnerAccess (string) --

          Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

          This property can be one of the following values:

          NONE

          The bucket owner does not have access to the objects. This is the default.

          READ_ONLY

          The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

          FULL

          The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

          • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

          • Otherwise, the uploading account retains ownership of the objects.

          For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • secondaryArtifacts (list) --

        An array of ProjectArtifacts objects.

        • (dict) --

          Information about the build output artifacts for the build project.

          • type (string) --

            The type of build output artifact. Valid values include:

            • CODEPIPELINE: The build project has build output generated through CodePipeline.

            • NO_ARTIFACTS: The build project does not produce any build output.

            • S3: The build project stores build output in Amazon S3.

          • location (string) --

            Information about the build output artifact location:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the name of the output bucket.

          • path (string) --

            Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

            For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

          • namespaceType (string) --

            Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, valid values include:

              • BUILD_ID: Include the build ID in the location of the build output artifact.

              • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

            For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

          • name (string) --

            Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

            For example:

            • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

            • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

            • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

          • packaging (string) --

            The type of build output artifact to create:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, valid values include:

              • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

              • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

          • overrideArtifactName (boolean) --

            If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

          • encryptionDisabled (boolean) --

            Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

          • artifactIdentifier (string) --

            An identifier for this artifact definition.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • cache (dict) --

        Information about the cache for the build project.

        • type (string) --

          The type of cache used by the build project. Valid values include:

          • NO_CACHE: The build project does not use any cache.

          • S3: The build project reads and writes from and to S3.

          • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

        • location (string) --

          Information about the cache location:

          • NO_CACHE or LOCAL: This value is ignored.

          • S3: This is the S3 bucket name/prefix.

        • modes (list) --

          An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

          Possible values are:

          LOCAL_SOURCE_CACHE

          Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

          LOCAL_DOCKER_LAYER_CACHE

          Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

          Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

          • Only directories can be specified for caching. You cannot specify individual files.

          • Symlinks are used to reference cached directories.

          • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

          • (string) --

      • environment (dict) --

        Information about the build environment for this build project.

        • type (string) --

          The type of build environment to use for related builds.

          • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

          • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

          • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

          • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

          • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

          For more information, see Build environment compute types in the CodeBuild user guide.

        • image (string) --

          The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

          • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

          • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

          For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

        • computeType (string) --

          Information about the compute resources the build project uses. Available values include:

          • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

          • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

          • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

          • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          If you use BUILD_GENERAL1_SMALL:

          • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

          • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

          If you use BUILD_GENERAL1_LARGE:

          • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

          • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

          For more information, see Build Environment Compute Types in the CodeBuild User Guide.

        • fleet (dict) --

          A ProjectFleet object to use for this build project.

          • fleetArn (string) --

            Specifies the compute fleet ARN for the build project.

        • environmentVariables (list) --

          A set of environment variables to make available to builds for this build project.

          • (dict) --

            Information about an environment variable for a build project or a build.

            • name (string) --

              The name or key of the environment variable.

            • value (string) --

              The value of the environment variable.

            • type (string) --

              The type of environment variable. Valid values include:

              • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

              • PLAINTEXT: An environment variable in plain text format. This is the default value.

              • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

        • privilegedMode (boolean) --

          Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

          You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

          If the operating system's base image is Ubuntu Linux:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

          If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

        • certificate (string) --

          The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

        • registryCredential (dict) --

          The credentials for access to a private registry.

          • credential (string) --

            The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

          • credentialProvider (string) --

            The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

        • imagePullCredentialsType (string) --

          The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

          • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

          • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

          When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

      • serviceRole (string) --

        The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.

      • timeoutInMinutes (integer) --

        How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.

      • queuedTimeoutInMinutes (integer) --

        The number of minutes a build is allowed to be queued before it times out.

      • encryptionKey (string) --

        The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

        You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).

      • tags (list) --

        A list of tag key and value pairs associated with this build project.

        These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.

        • (dict) --

          A tag, consisting of a key and a value.

          This tag is available for use by Amazon Web Services services that support tags in CodeBuild.

          • key (string) --

            The tag's key.

          • value (string) --

            The tag's value.

      • created (datetime) --

        When the build project was created, expressed in Unix time format.

      • lastModified (datetime) --

        When the build project's settings were last modified, expressed in Unix time format.

      • webhook (dict) --

        Information about a webhook that connects repository events to a build project in CodeBuild.

        • url (string) --

          The URL to the webhook.

        • payloadUrl (string) --

          The CodeBuild endpoint where webhook events are sent.

        • secret (string) --

          The secret token of the associated repository.

        • branchFilter (string) --

          A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If branchFilter is empty, then all branches are built.

        • filterGroups (list) --

          An array of arrays of WebhookFilter objects used to determine which webhooks are triggered. At least one WebhookFilter in the array must specify EVENT as its type.

          For a build to be triggered, at least one filter group in the filterGroups array must pass. For a filter group to pass, each of its filters must pass.

          • (list) --

            • (dict) --

              A filter used to determine which webhooks trigger a build.

              • type (string) --

                The type of webhook filter. There are nine webhook filter types: EVENT, ACTOR_ACCOUNT_ID, HEAD_REF, BASE_REF, FILE_PATH, COMMIT_MESSAGE, TAG_NAME, RELEASE_NAME, and WORKFLOW_NAME.

                • EVENT

                  • A webhook event triggers a build when the provided pattern matches one of nine event types: PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, PULL_REQUEST_CLOSED, PULL_REQUEST_REOPENED, PULL_REQUEST_MERGED, RELEASED, PRERELEASED, and WORKFLOW_JOB_QUEUED. The EVENT patterns are specified as a comma-separated string. For example, PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters all push, pull request created, and pull request updated events.

                • ACTOR_ACCOUNT_ID

                  • A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression pattern.

                • HEAD_REF

                  • A webhook event triggers a build when the head reference matches the regular expression pattern. For example, refs/heads/branch-name and refs/tags/tag-name.

                • BASE_REF

                  • A webhook event triggers a build when the base reference matches the regular expression pattern. For example, refs/heads/branch-name.

                • FILE_PATH

                  • A webhook triggers a build when the path of a changed file matches the regular expression pattern.

                • COMMIT_MESSAGE

                  • A webhook triggers a build when the head commit message matches the regular expression pattern.

                • TAG_NAME

                  • A webhook triggers a build when the tag name of the release matches the regular expression pattern.

                • RELEASE_NAME

                  • A webhook triggers a build when the release name matches the regular expression pattern.

                • REPOSITORY_NAME

                  • A webhook triggers a build when the repository name matches the regular expression pattern.

                • WORKFLOW_NAME

                  • A webhook triggers a build when the workflow name matches the regular expression pattern.

              • pattern (string) --

                For a WebHookFilter that uses EVENT type, a comma-separated string that specifies one or more events. For example, the webhook filter PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED allows all push, pull request created, and pull request updated events to trigger a build.

                For a WebHookFilter that uses any of the other filter types, a regular expression pattern. For example, a WebHookFilter that uses HEAD_REF for its type and the pattern ^refs/heads/ triggers a build when the head reference is a branch with a reference name refs/heads/branch-name.

              • excludeMatchedPattern (boolean) --

                Used to indicate that the pattern determines which webhook events do not trigger a build. If true, then a webhook event that does not match the pattern triggers a build. If false, then a webhook event that matches the pattern triggers a build.

        • buildType (string) --

          Specifies the type of build this webhook will trigger.

        • manualCreation (boolean) --

          If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns payloadUrl and secret values for the webhook. The payloadUrl and secret values in the output can be used to manually create a webhook within GitHub.

        • lastModifiedSecret (datetime) --

          A timestamp that indicates the last time a repository's secret token was modified.

        • scopeConfiguration (dict) --

          The scope configuration for global or organization webhooks.

          • name (string) --

            The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook.

          • domain (string) --

            The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED.

          • scope (string) --

            The type of scope for a GitHub or GitLab webhook.

      • vpcConfig (dict) --

        Information about the VPC configuration that CodeBuild accesses.

        • vpcId (string) --

          The ID of the Amazon VPC.

        • subnets (list) --

          A list of one or more subnet IDs in your Amazon VPC.

          • (string) --

        • securityGroupIds (list) --

          A list of one or more security groups IDs in your Amazon VPC.

          • (string) --

      • badge (dict) --

        Information about the build badge for the build project.

        • badgeEnabled (boolean) --

          Set this to true to generate a publicly accessible URL for your project's build badge.

        • badgeRequestUrl (string) --

          The publicly-accessible URL through which you can access the build badge for your project.

      • logsConfig (dict) --

        Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.

        • cloudWatchLogs (dict) --

          Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.

          • status (string) --

            The current status of the logs in CloudWatch Logs for a build project. Valid values are:

            • ENABLED: CloudWatch Logs are enabled for this build project.

            • DISABLED: CloudWatch Logs are not enabled for this build project.

          • groupName (string) --

            The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

          • streamName (string) --

            The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

        • s3Logs (dict) --

          Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.

          • status (string) --

            The current status of the S3 build logs. Valid values are:

            • ENABLED: S3 build logs are enabled for this build project.

            • DISABLED: S3 build logs are not enabled for this build project.

          • location (string) --

            The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

          • encryptionDisabled (boolean) --

            Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • fileSystemLocations (list) --

        An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

        • (dict) --

          Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

          • type (string) --

            The type of the file system. The one supported type is EFS.

          • location (string) --

            A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

            The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

          • mountPoint (string) --

            The location in the container where you mount the file system.

          • identifier (string) --

            The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

            The identifier is used to mount your file system.

          • mountOptions (string) --

            The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

      • buildBatchConfig (dict) --

        A ProjectBuildBatchConfig object that defines the batch build options for the project.

        • serviceRole (string) --

          Specifies the service role ARN for the batch build project.

        • combineArtifacts (boolean) --

          Specifies if the build artifacts for the batch build should be combined into a single artifact location.

        • restrictions (dict) --

          A BatchRestrictions object that specifies the restrictions for the batch build.

          • maximumBuildsAllowed (integer) --

            Specifies the maximum number of builds allowed.

          • computeTypesAllowed (list) --

            An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.

            • (string) --

        • timeoutInMins (integer) --

          Specifies the maximum amount of time, in minutes, that the batch build must be completed in.

        • batchReportMode (string) --

          Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.

          REPORT_AGGREGATED_BATCH

          (Default) Aggregate all of the build statuses into a single status report.

          REPORT_INDIVIDUAL_BUILDS

          Send a separate status report for each individual build.

      • concurrentBuildLimit (integer) --

        The maximum number of concurrent builds that are allowed for this project.

        New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.

      • projectVisibility (string) --

        Specifies the visibility of the project's builds. Possible values are:

        PUBLIC_READ

        The project builds are visible to the public.

        PRIVATE

        The project builds are not visible to the public.

      • publicProjectAlias (string) --

        Contains the project identifier used with the public build APIs.

      • resourceAccessRole (string) --

        The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.

      • autoRetryLimit (integer) --

        The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

RetryBuild (updated) Link ¶
Changes (response)
{'build': {'autoRetryConfig': {'autoRetryLimit': 'integer',
                               'autoRetryNumber': 'integer',
                               'nextAutoRetry': 'string',
                               'previousAutoRetry': 'string'}}}

Restarts a build.

See also: AWS API Documentation

Request Syntax

client.retry_build(
    id='string',
    idempotencyToken='string'
)
type id:

string

param id:

Specifies the identifier of the build to restart.

type idempotencyToken:

string

param idempotencyToken:

A unique, case sensitive identifier you provide to ensure the idempotency of the RetryBuild request. The token is included in the RetryBuild request and is valid for five minutes. If you repeat the RetryBuild request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.

rtype:

dict

returns:

Response Syntax

{
    'build': {
        'id': 'string',
        'arn': 'string',
        'buildNumber': 123,
        'startTime': datetime(2015, 1, 1),
        'endTime': datetime(2015, 1, 1),
        'currentPhase': 'string',
        'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED',
        'sourceVersion': 'string',
        'resolvedSourceVersion': 'string',
        'projectName': 'string',
        'phases': [
            {
                'phaseType': 'SUBMITTED'|'QUEUED'|'PROVISIONING'|'DOWNLOAD_SOURCE'|'INSTALL'|'PRE_BUILD'|'BUILD'|'POST_BUILD'|'UPLOAD_ARTIFACTS'|'FINALIZING'|'COMPLETED',
                'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED',
                'startTime': datetime(2015, 1, 1),
                'endTime': datetime(2015, 1, 1),
                'durationInSeconds': 123,
                'contexts': [
                    {
                        'statusCode': 'string',
                        'message': 'string'
                    },
                ]
            },
        ],
        'source': {
            'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
            'location': 'string',
            'gitCloneDepth': 123,
            'gitSubmodulesConfig': {
                'fetchSubmodules': True|False
            },
            'buildspec': 'string',
            'auth': {
                'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                'resource': 'string'
            },
            'reportBuildStatus': True|False,
            'buildStatusConfig': {
                'context': 'string',
                'targetUrl': 'string'
            },
            'insecureSsl': True|False,
            'sourceIdentifier': 'string'
        },
        'secondarySources': [
            {
                'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                'location': 'string',
                'gitCloneDepth': 123,
                'gitSubmodulesConfig': {
                    'fetchSubmodules': True|False
                },
                'buildspec': 'string',
                'auth': {
                    'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                    'resource': 'string'
                },
                'reportBuildStatus': True|False,
                'buildStatusConfig': {
                    'context': 'string',
                    'targetUrl': 'string'
                },
                'insecureSsl': True|False,
                'sourceIdentifier': 'string'
            },
        ],
        'secondarySourceVersions': [
            {
                'sourceIdentifier': 'string',
                'sourceVersion': 'string'
            },
        ],
        'artifacts': {
            'location': 'string',
            'sha256sum': 'string',
            'md5sum': 'string',
            'overrideArtifactName': True|False,
            'encryptionDisabled': True|False,
            'artifactIdentifier': 'string',
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        },
        'secondaryArtifacts': [
            {
                'location': 'string',
                'sha256sum': 'string',
                'md5sum': 'string',
                'overrideArtifactName': True|False,
                'encryptionDisabled': True|False,
                'artifactIdentifier': 'string',
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            },
        ],
        'cache': {
            'type': 'NO_CACHE'|'S3'|'LOCAL',
            'location': 'string',
            'modes': [
                'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
            ]
        },
        'environment': {
            'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
            'image': 'string',
            'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
            'fleet': {
                'fleetArn': 'string'
            },
            'environmentVariables': [
                {
                    'name': 'string',
                    'value': 'string',
                    'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
                },
            ],
            'privilegedMode': True|False,
            'certificate': 'string',
            'registryCredential': {
                'credential': 'string',
                'credentialProvider': 'SECRETS_MANAGER'
            },
            'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
        },
        'serviceRole': 'string',
        'logs': {
            'groupName': 'string',
            'streamName': 'string',
            'deepLink': 'string',
            's3DeepLink': 'string',
            'cloudWatchLogsArn': 'string',
            's3LogsArn': 'string',
            'cloudWatchLogs': {
                'status': 'ENABLED'|'DISABLED',
                'groupName': 'string',
                'streamName': 'string'
            },
            's3Logs': {
                'status': 'ENABLED'|'DISABLED',
                'location': 'string',
                'encryptionDisabled': True|False,
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            }
        },
        'timeoutInMinutes': 123,
        'queuedTimeoutInMinutes': 123,
        'buildComplete': True|False,
        'initiator': 'string',
        'vpcConfig': {
            'vpcId': 'string',
            'subnets': [
                'string',
            ],
            'securityGroupIds': [
                'string',
            ]
        },
        'networkInterface': {
            'subnetId': 'string',
            'networkInterfaceId': 'string'
        },
        'encryptionKey': 'string',
        'exportedEnvironmentVariables': [
            {
                'name': 'string',
                'value': 'string'
            },
        ],
        'reportArns': [
            'string',
        ],
        'fileSystemLocations': [
            {
                'type': 'EFS',
                'location': 'string',
                'mountPoint': 'string',
                'identifier': 'string',
                'mountOptions': 'string'
            },
        ],
        'debugSession': {
            'sessionEnabled': True|False,
            'sessionTarget': 'string'
        },
        'buildBatchArn': 'string',
        'autoRetryConfig': {
            'autoRetryLimit': 123,
            'autoRetryNumber': 123,
            'nextAutoRetry': 'string',
            'previousAutoRetry': 'string'
        }
    }
}

Response Structure

  • (dict) --

    • build (dict) --

      Information about a build.

      • id (string) --

        The unique ID for the build.

      • arn (string) --

        The Amazon Resource Name (ARN) of the build.

      • buildNumber (integer) --

        The number of the build. For each project, the buildNumber of its first build is 1. The buildNumber of each subsequent build is incremented by 1. If a build is deleted, the buildNumber of other builds does not change.

      • startTime (datetime) --

        When the build process started, expressed in Unix time format.

      • endTime (datetime) --

        When the build process ended, expressed in Unix time format.

      • currentPhase (string) --

        The current build phase.

      • buildStatus (string) --

        The current status of the build. Valid values include:

        • FAILED: The build failed.

        • FAULT: The build faulted.

        • IN_PROGRESS: The build is still in progress.

        • STOPPED: The build stopped.

        • SUCCEEDED: The build succeeded.

        • TIMED_OUT: The build timed out.

      • sourceVersion (string) --

        Any version identifier for the version of the source code to be built. If sourceVersion is specified at the project level, then this sourceVersion (at the build level) takes precedence.

        For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • resolvedSourceVersion (string) --

        An identifier for the version of this build's source code.

        • For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.

        • For CodePipeline, the source revision provided by CodePipeline.

        • For Amazon S3, this does not apply.

      • projectName (string) --

        The name of the CodeBuild project.

      • phases (list) --

        Information about all previous build phases that are complete and information about any current build phase that is not yet complete.

        • (dict) --

          Information about a stage for a build.

          • phaseType (string) --

            The name of the build phase. Valid values include:

            BUILD

            Core build activities typically occur in this build phase.

            COMPLETED

            The build has been completed.

            DOWNLOAD_SOURCE

            Source code is being downloaded in this build phase.

            FINALIZING

            The build process is completing in this build phase.

            INSTALL

            Installation activities typically occur in this build phase.

            POST_BUILD

            Post-build activities typically occur in this build phase.

            PRE_BUILD

            Pre-build activities typically occur in this build phase.

            PROVISIONING

            The build environment is being set up.

            QUEUED

            The build has been submitted and is queued behind other submitted builds.

            SUBMITTED

            The build has been submitted.

            UPLOAD_ARTIFACTS

            Build output artifacts are being uploaded to the output location.

          • phaseStatus (string) --

            The current status of the build phase. Valid values include:

            FAILED

            The build phase failed.

            FAULT

            The build phase faulted.

            IN_PROGRESS

            The build phase is still in progress.

            STOPPED

            The build phase stopped.

            SUCCEEDED

            The build phase succeeded.

            TIMED_OUT

            The build phase timed out.

          • startTime (datetime) --

            When the build phase started, expressed in Unix time format.

          • endTime (datetime) --

            When the build phase ended, expressed in Unix time format.

          • durationInSeconds (integer) --

            How long, in seconds, between the starting and ending times of the build's phase.

          • contexts (list) --

            Additional information about a build phase, especially to help troubleshoot a failed build.

            • (dict) --

              Additional information about a build phase that has an error. You can use this information for troubleshooting.

              • statusCode (string) --

                The status code for the context of the build phase.

              • message (string) --

                An explanation of the build phase's context. This might include a command ID and an exit code.

      • source (dict) --

        Information about the source code to be built.

        • type (string) --

          The type of repository that contains the source code to be built. Valid values include:

          • BITBUCKET: The source code is in a Bitbucket repository.

          • CODECOMMIT: The source code is in an CodeCommit repository.

          • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

          • GITHUB: The source code is in a GitHub repository.

          • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

          • GITLAB: The source code is in a GitLab repository.

          • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

          • NO_SOURCE: The project does not have input source code.

          • S3: The source code is in an Amazon S3 bucket.

        • location (string) --

          Information about the location of the source code to be built. Valid values include:

          • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

          • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

          • For source code in an Amazon S3 input bucket, one of the following.

            • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

            • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

          • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

          • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

        • gitCloneDepth (integer) --

          Information about the Git clone depth for the build project.

        • gitSubmodulesConfig (dict) --

          Information about the Git submodules configuration for the build project.

          • fetchSubmodules (boolean) --

            Set to true to fetch Git submodules for your CodeBuild build project.

        • buildspec (string) --

          The buildspec file declaration to use for the builds in this build project.

          If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

        • auth (dict) --

          Information about the authorization settings for CodeBuild to access the source code to be built.

          • type (string) --

            The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

          • resource (string) --

            The resource value that applies to the specified authorization type.

        • reportBuildStatus (boolean) --

          Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

          To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

          The status of a build triggered by a webhook is always reported to your source provider.

          If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

        • buildStatusConfig (dict) --

          Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

          • context (string) --

            Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • targetUrl (string) --

            Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

        • insecureSsl (boolean) --

          Enable this flag to ignore SSL warnings while connecting to the project source code.

        • sourceIdentifier (string) --

          An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • secondarySources (list) --

        An array of ProjectSource objects.

        • (dict) --

          Information about the build input source code for the build project.

          • type (string) --

            The type of repository that contains the source code to be built. Valid values include:

            • BITBUCKET: The source code is in a Bitbucket repository.

            • CODECOMMIT: The source code is in an CodeCommit repository.

            • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

            • GITHUB: The source code is in a GitHub repository.

            • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

            • GITLAB: The source code is in a GitLab repository.

            • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

            • NO_SOURCE: The project does not have input source code.

            • S3: The source code is in an Amazon S3 bucket.

          • location (string) --

            Information about the location of the source code to be built. Valid values include:

            • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

            • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

            • For source code in an Amazon S3 input bucket, one of the following.

              • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

              • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

            • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

            • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

          • gitCloneDepth (integer) --

            Information about the Git clone depth for the build project.

          • gitSubmodulesConfig (dict) --

            Information about the Git submodules configuration for the build project.

            • fetchSubmodules (boolean) --

              Set to true to fetch Git submodules for your CodeBuild build project.

          • buildspec (string) --

            The buildspec file declaration to use for the builds in this build project.

            If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

          • auth (dict) --

            Information about the authorization settings for CodeBuild to access the source code to be built.

            • type (string) --

              The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

            • resource (string) --

              The resource value that applies to the specified authorization type.

          • reportBuildStatus (boolean) --

            Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

            To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

            The status of a build triggered by a webhook is always reported to your source provider.

            If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

          • buildStatusConfig (dict) --

            Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

            • context (string) --

              Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • targetUrl (string) --

              Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • insecureSsl (boolean) --

            Enable this flag to ignore SSL warnings while connecting to the project source code.

          • sourceIdentifier (string) --

            An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • secondarySourceVersions (list) --

        An array of ProjectSourceVersion objects. Each ProjectSourceVersion must be one of:

        • For CodeCommit: the commit ID, branch, or Git tag to use.

        • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

        • (dict) --

          A source identifier and its corresponding version.

          • sourceIdentifier (string) --

            An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

          • sourceVersion (string) --

            The source version for the corresponding source identifier. If specified, must be one of:

            • For CodeCommit: the commit ID, branch, or Git tag to use.

            • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For GitLab: the commit ID, branch, or Git tag to use.

            • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

            For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • artifacts (dict) --

        Information about the output artifacts for the build.

        • location (string) --

          Information about the location of the build artifacts.

        • sha256sum (string) --

          The SHA-256 hash of the build artifact.

          You can use this hash along with a checksum tool to confirm file integrity and authenticity.

        • md5sum (string) --

          The MD5 hash of the build artifact.

          You can use this hash along with a checksum tool to confirm file integrity and authenticity.

        • overrideArtifactName (boolean) --

          If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

        • encryptionDisabled (boolean) --

          Information that tells you if encryption for build artifacts is disabled.

        • artifactIdentifier (string) --

          An identifier for this artifact definition.

        • bucketOwnerAccess (string) --

          Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

          This property can be one of the following values:

          NONE

          The bucket owner does not have access to the objects. This is the default.

          READ_ONLY

          The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

          FULL

          The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

          • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

          • Otherwise, the uploading account retains ownership of the objects.

          For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • secondaryArtifacts (list) --

        An array of ProjectArtifacts objects.

        • (dict) --

          Information about build output artifacts.

          • location (string) --

            Information about the location of the build artifacts.

          • sha256sum (string) --

            The SHA-256 hash of the build artifact.

            You can use this hash along with a checksum tool to confirm file integrity and authenticity.

          • md5sum (string) --

            The MD5 hash of the build artifact.

            You can use this hash along with a checksum tool to confirm file integrity and authenticity.

          • overrideArtifactName (boolean) --

            If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

          • encryptionDisabled (boolean) --

            Information that tells you if encryption for build artifacts is disabled.

          • artifactIdentifier (string) --

            An identifier for this artifact definition.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • cache (dict) --

        Information about the cache for the build.

        • type (string) --

          The type of cache used by the build project. Valid values include:

          • NO_CACHE: The build project does not use any cache.

          • S3: The build project reads and writes from and to S3.

          • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

        • location (string) --

          Information about the cache location:

          • NO_CACHE or LOCAL: This value is ignored.

          • S3: This is the S3 bucket name/prefix.

        • modes (list) --

          An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

          Possible values are:

          LOCAL_SOURCE_CACHE

          Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

          LOCAL_DOCKER_LAYER_CACHE

          Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

          Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

          • Only directories can be specified for caching. You cannot specify individual files.

          • Symlinks are used to reference cached directories.

          • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

          • (string) --

      • environment (dict) --

        Information about the build environment for this build.

        • type (string) --

          The type of build environment to use for related builds.

          • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

          • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

          • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

          • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

          • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

          For more information, see Build environment compute types in the CodeBuild user guide.

        • image (string) --

          The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

          • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

          • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

          For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

        • computeType (string) --

          Information about the compute resources the build project uses. Available values include:

          • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

          • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

          • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

          • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          If you use BUILD_GENERAL1_SMALL:

          • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

          • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

          If you use BUILD_GENERAL1_LARGE:

          • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

          • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

          For more information, see Build Environment Compute Types in the CodeBuild User Guide.

        • fleet (dict) --

          A ProjectFleet object to use for this build project.

          • fleetArn (string) --

            Specifies the compute fleet ARN for the build project.

        • environmentVariables (list) --

          A set of environment variables to make available to builds for this build project.

          • (dict) --

            Information about an environment variable for a build project or a build.

            • name (string) --

              The name or key of the environment variable.

            • value (string) --

              The value of the environment variable.

            • type (string) --

              The type of environment variable. Valid values include:

              • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

              • PLAINTEXT: An environment variable in plain text format. This is the default value.

              • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

        • privilegedMode (boolean) --

          Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

          You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

          If the operating system's base image is Ubuntu Linux:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

          If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

        • certificate (string) --

          The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

        • registryCredential (dict) --

          The credentials for access to a private registry.

          • credential (string) --

            The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

          • credentialProvider (string) --

            The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

        • imagePullCredentialsType (string) --

          The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

          • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

          • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

          When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

      • serviceRole (string) --

        The name of a service role used for this build.

      • logs (dict) --

        Information about the build's logs in CloudWatch Logs.

        • groupName (string) --

          The name of the CloudWatch Logs group for the build logs.

        • streamName (string) --

          The name of the CloudWatch Logs stream for the build logs.

        • deepLink (string) --

          The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the deeplink will not be valid until it is created.

        • s3DeepLink (string) --

          The URL to a build log in an S3 bucket.

        • cloudWatchLogsArn (string) --

          The ARN of the CloudWatch Logs stream for a build execution. Its format is arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}. The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs.

        • s3LogsArn (string) --

          The ARN of S3 logs for a build project. Its format is arn:${Partition}:s3:::${BucketName}/${ObjectName}. For more information, see Resources Defined by Amazon S3.

        • cloudWatchLogs (dict) --

          Information about CloudWatch Logs for a build project.

          • status (string) --

            The current status of the logs in CloudWatch Logs for a build project. Valid values are:

            • ENABLED: CloudWatch Logs are enabled for this build project.

            • DISABLED: CloudWatch Logs are not enabled for this build project.

          • groupName (string) --

            The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

          • streamName (string) --

            The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

        • s3Logs (dict) --

          Information about S3 logs for a build project.

          • status (string) --

            The current status of the S3 build logs. Valid values are:

            • ENABLED: S3 build logs are enabled for this build project.

            • DISABLED: S3 build logs are not enabled for this build project.

          • location (string) --

            The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

          • encryptionDisabled (boolean) --

            Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • timeoutInMinutes (integer) --

        How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.

      • queuedTimeoutInMinutes (integer) --

        The number of minutes a build is allowed to be queued before it times out.

      • buildComplete (boolean) --

        Whether the build is complete. True if complete; otherwise, false.

      • initiator (string) --

        The entity that started the build. Valid values include:

        • If CodePipeline started the build, the pipeline's name (for example, codepipeline/my-demo-pipeline).

        • If a user started the build, the user's name (for example, MyUserName).

        • If the Jenkins plugin for CodeBuild started the build, the string CodeBuild-Jenkins-Plugin.

      • vpcConfig (dict) --

        If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.

        • vpcId (string) --

          The ID of the Amazon VPC.

        • subnets (list) --

          A list of one or more subnet IDs in your Amazon VPC.

          • (string) --

        • securityGroupIds (list) --

          A list of one or more security groups IDs in your Amazon VPC.

          • (string) --

      • networkInterface (dict) --

        Describes a network interface.

        • subnetId (string) --

          The ID of the subnet.

        • networkInterfaceId (string) --

          The ID of the network interface.

      • encryptionKey (string) --

        The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

        You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).

      • exportedEnvironmentVariables (list) --

        A list of exported environment variables for this build.

        Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.

        • (dict) --

          Contains information about an exported environment variable.

          Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.

          • name (string) --

            The name of the exported environment variable.

          • value (string) --

            The value assigned to the exported environment variable.

      • reportArns (list) --

        An array of the ARNs associated with this build's reports.

        • (string) --

      • fileSystemLocations (list) --

        An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

        • (dict) --

          Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

          • type (string) --

            The type of the file system. The one supported type is EFS.

          • location (string) --

            A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

            The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

          • mountPoint (string) --

            The location in the container where you mount the file system.

          • identifier (string) --

            The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

            The identifier is used to mount your file system.

          • mountOptions (string) --

            The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

      • debugSession (dict) --

        Contains information about the debug session for this build.

        • sessionEnabled (boolean) --

          Specifies if session debugging is enabled for this build.

        • sessionTarget (string) --

          Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.

      • buildBatchArn (string) --

        The ARN of the batch build that this build is a member of, if applicable.

      • autoRetryConfig (dict) --

        Information about the auto-retry configuration for the build.

        • autoRetryLimit (integer) --

          The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

        • autoRetryNumber (integer) --

          The number of times that the build has been retried. The initial build will have an auto-retry number of 0.

        • nextAutoRetry (string) --

          The build ARN of the auto-retried build triggered by the current build. The next auto-retry will be null for builds that don't trigger an auto-retry.

        • previousAutoRetry (string) --

          The build ARN of the build that triggered the current auto-retry build. The previous auto-retry will be null for the initial build.

StartBuild (updated) Link ¶
Changes (request, response)
Request
{'autoRetryLimitOverride': 'integer'}
Response
{'build': {'autoRetryConfig': {'autoRetryLimit': 'integer',
                               'autoRetryNumber': 'integer',
                               'nextAutoRetry': 'string',
                               'previousAutoRetry': 'string'}}}

Starts running a build with the settings defined in the project. These setting include: how to run a build, where to get the source code, which build environment to use, which build commands to run, and where to store the build output.

You can also start a build run by overriding some of the build settings in the project. The overrides only apply for that specific start build request. The settings in the project are unaltered.

See also: AWS API Documentation

Request Syntax

client.start_build(
    projectName='string',
    secondarySourcesOverride=[
        {
            'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
            'location': 'string',
            'gitCloneDepth': 123,
            'gitSubmodulesConfig': {
                'fetchSubmodules': True|False
            },
            'buildspec': 'string',
            'auth': {
                'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                'resource': 'string'
            },
            'reportBuildStatus': True|False,
            'buildStatusConfig': {
                'context': 'string',
                'targetUrl': 'string'
            },
            'insecureSsl': True|False,
            'sourceIdentifier': 'string'
        },
    ],
    secondarySourcesVersionOverride=[
        {
            'sourceIdentifier': 'string',
            'sourceVersion': 'string'
        },
    ],
    sourceVersion='string',
    artifactsOverride={
        'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
        'location': 'string',
        'path': 'string',
        'namespaceType': 'NONE'|'BUILD_ID',
        'name': 'string',
        'packaging': 'NONE'|'ZIP',
        'overrideArtifactName': True|False,
        'encryptionDisabled': True|False,
        'artifactIdentifier': 'string',
        'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
    },
    secondaryArtifactsOverride=[
        {
            'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
            'location': 'string',
            'path': 'string',
            'namespaceType': 'NONE'|'BUILD_ID',
            'name': 'string',
            'packaging': 'NONE'|'ZIP',
            'overrideArtifactName': True|False,
            'encryptionDisabled': True|False,
            'artifactIdentifier': 'string',
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        },
    ],
    environmentVariablesOverride=[
        {
            'name': 'string',
            'value': 'string',
            'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
        },
    ],
    sourceTypeOverride='CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
    sourceLocationOverride='string',
    sourceAuthOverride={
        'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
        'resource': 'string'
    },
    gitCloneDepthOverride=123,
    gitSubmodulesConfigOverride={
        'fetchSubmodules': True|False
    },
    buildspecOverride='string',
    insecureSslOverride=True|False,
    reportBuildStatusOverride=True|False,
    buildStatusConfigOverride={
        'context': 'string',
        'targetUrl': 'string'
    },
    environmentTypeOverride='WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
    imageOverride='string',
    computeTypeOverride='BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
    certificateOverride='string',
    cacheOverride={
        'type': 'NO_CACHE'|'S3'|'LOCAL',
        'location': 'string',
        'modes': [
            'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
        ]
    },
    serviceRoleOverride='string',
    privilegedModeOverride=True|False,
    timeoutInMinutesOverride=123,
    queuedTimeoutInMinutesOverride=123,
    encryptionKeyOverride='string',
    idempotencyToken='string',
    logsConfigOverride={
        'cloudWatchLogs': {
            'status': 'ENABLED'|'DISABLED',
            'groupName': 'string',
            'streamName': 'string'
        },
        's3Logs': {
            'status': 'ENABLED'|'DISABLED',
            'location': 'string',
            'encryptionDisabled': True|False,
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        }
    },
    registryCredentialOverride={
        'credential': 'string',
        'credentialProvider': 'SECRETS_MANAGER'
    },
    imagePullCredentialsTypeOverride='CODEBUILD'|'SERVICE_ROLE',
    debugSessionEnabled=True|False,
    fleetOverride={
        'fleetArn': 'string'
    },
    autoRetryLimitOverride=123
)
type projectName:

string

param projectName:

[REQUIRED]

The name of the CodeBuild build project to start running a build.

type secondarySourcesOverride:

list

param secondarySourcesOverride:

An array of ProjectSource objects.

  • (dict) --

    Information about the build input source code for the build project.

    • type (string) -- [REQUIRED]

      The type of repository that contains the source code to be built. Valid values include:

      • BITBUCKET: The source code is in a Bitbucket repository.

      • CODECOMMIT: The source code is in an CodeCommit repository.

      • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

      • GITHUB: The source code is in a GitHub repository.

      • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

      • GITLAB: The source code is in a GitLab repository.

      • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

      • NO_SOURCE: The project does not have input source code.

      • S3: The source code is in an Amazon S3 bucket.

    • location (string) --

      Information about the location of the source code to be built. Valid values include:

      • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

      • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

      • For source code in an Amazon S3 input bucket, one of the following.

        • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

        • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

      • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

      • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

      • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

      If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

    • gitCloneDepth (integer) --

      Information about the Git clone depth for the build project.

    • gitSubmodulesConfig (dict) --

      Information about the Git submodules configuration for the build project.

      • fetchSubmodules (boolean) -- [REQUIRED]

        Set to true to fetch Git submodules for your CodeBuild build project.

    • buildspec (string) --

      The buildspec file declaration to use for the builds in this build project.

      If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

    • auth (dict) --

      Information about the authorization settings for CodeBuild to access the source code to be built.

      • type (string) -- [REQUIRED]

        The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

      • resource (string) --

        The resource value that applies to the specified authorization type.

    • reportBuildStatus (boolean) --

      Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

      To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

      The status of a build triggered by a webhook is always reported to your source provider.

      If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

    • buildStatusConfig (dict) --

      Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

      • context (string) --

        Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

        Bitbucket

        This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

        GitHub/GitHub Enterprise Server

        This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

      • targetUrl (string) --

        Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

        Bitbucket

        This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

        GitHub/GitHub Enterprise Server

        This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

    • insecureSsl (boolean) --

      Enable this flag to ignore SSL warnings while connecting to the project source code.

    • sourceIdentifier (string) --

      An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

type secondarySourcesVersionOverride:

list

param secondarySourcesVersionOverride:

An array of ProjectSourceVersion objects that specify one or more versions of the project's secondary sources to be used for this build only.

  • (dict) --

    A source identifier and its corresponding version.

    • sourceIdentifier (string) -- [REQUIRED]

      An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

    • sourceVersion (string) -- [REQUIRED]

      The source version for the corresponding source identifier. If specified, must be one of:

      • For CodeCommit: the commit ID, branch, or Git tag to use.

      • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

      • For GitLab: the commit ID, branch, or Git tag to use.

      • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

      • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

      For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

type sourceVersion:

string

param sourceVersion:

The version of the build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:

CodeCommit

The commit ID, branch, or Git tag to use.

GitHub

The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

GitLab

The commit ID, branch, or Git tag to use.

Bitbucket

The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

Amazon S3

The version ID of the object that represents the build input ZIP file to use.

If sourceVersion is specified at the project level, then this sourceVersion (at the build level) takes precedence.

For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

type artifactsOverride:

dict

param artifactsOverride:

Build output artifact settings that override, for this build only, the latest ones already defined in the build project.

  • type (string) -- [REQUIRED]

    The type of build output artifact. Valid values include:

    • CODEPIPELINE: The build project has build output generated through CodePipeline.

    • NO_ARTIFACTS: The build project does not produce any build output.

    • S3: The build project stores build output in Amazon S3.

  • location (string) --

    Information about the build output artifact location:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the name of the output bucket.

  • path (string) --

    Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

    For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

  • namespaceType (string) --

    Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, valid values include:

      • BUILD_ID: Include the build ID in the location of the build output artifact.

      • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

    For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

  • name (string) --

    Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

    For example:

    • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

    • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

    • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

  • packaging (string) --

    The type of build output artifact to create:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, valid values include:

      • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

      • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

  • overrideArtifactName (boolean) --

    If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

  • encryptionDisabled (boolean) --

    Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

  • artifactIdentifier (string) --

    An identifier for this artifact definition.

  • bucketOwnerAccess (string) --

    Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

    This property can be one of the following values:

    NONE

    The bucket owner does not have access to the objects. This is the default.

    READ_ONLY

    The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

    FULL

    The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

    • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

    • Otherwise, the uploading account retains ownership of the objects.

    For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type secondaryArtifactsOverride:

list

param secondaryArtifactsOverride:

An array of ProjectArtifacts objects.

  • (dict) --

    Information about the build output artifacts for the build project.

    • type (string) -- [REQUIRED]

      The type of build output artifact. Valid values include:

      • CODEPIPELINE: The build project has build output generated through CodePipeline.

      • NO_ARTIFACTS: The build project does not produce any build output.

      • S3: The build project stores build output in Amazon S3.

    • location (string) --

      Information about the build output artifact location:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the name of the output bucket.

    • path (string) --

      Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

      For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

    • namespaceType (string) --

      Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, valid values include:

        • BUILD_ID: Include the build ID in the location of the build output artifact.

        • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

      For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

    • name (string) --

      Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

      For example:

      • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

      • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

      • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

    • packaging (string) --

      The type of build output artifact to create:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, valid values include:

        • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

        • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

    • overrideArtifactName (boolean) --

      If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

    • encryptionDisabled (boolean) --

      Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

    • artifactIdentifier (string) --

      An identifier for this artifact definition.

    • bucketOwnerAccess (string) --

      Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

      This property can be one of the following values:

      NONE

      The bucket owner does not have access to the objects. This is the default.

      READ_ONLY

      The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

      FULL

      The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

      • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

      • Otherwise, the uploading account retains ownership of the objects.

      For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type environmentVariablesOverride:

list

param environmentVariablesOverride:

A set of environment variables that overrides, for this build only, the latest ones already defined in the build project.

  • (dict) --

    Information about an environment variable for a build project or a build.

    • name (string) -- [REQUIRED]

      The name or key of the environment variable.

    • value (string) -- [REQUIRED]

      The value of the environment variable.

    • type (string) --

      The type of environment variable. Valid values include:

      • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

      • PLAINTEXT: An environment variable in plain text format. This is the default value.

      • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

type sourceTypeOverride:

string

param sourceTypeOverride:

A source input type, for this build, that overrides the source input defined in the build project.

type sourceLocationOverride:

string

param sourceLocationOverride:

A location that overrides, for this build, the source location for the one defined in the build project.

type sourceAuthOverride:

dict

param sourceAuthOverride:

An authorization type for this build that overrides the one defined in the build project. This override applies only if the build project's source is BitBucket, GitHub, GitLab, or GitLab Self Managed.

  • type (string) -- [REQUIRED]

    The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

  • resource (string) --

    The resource value that applies to the specified authorization type.

type gitCloneDepthOverride:

integer

param gitCloneDepthOverride:

The user-defined depth of history, with a minimum value of 0, that overrides, for this build only, any previous depth of history defined in the build project.

type gitSubmodulesConfigOverride:

dict

param gitSubmodulesConfigOverride:

Information about the Git submodules configuration for this build of an CodeBuild build project.

  • fetchSubmodules (boolean) -- [REQUIRED]

    Set to true to fetch Git submodules for your CodeBuild build project.

type buildspecOverride:

string

param buildspecOverride:

A buildspec file declaration that overrides the latest one defined in the build project, for this build only. The buildspec defined on the project is not changed.

If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

type insecureSslOverride:

boolean

param insecureSslOverride:

Enable this flag to override the insecure SSL setting that is specified in the build project. The insecure SSL setting determines whether to ignore SSL warnings while connecting to the project source code. This override applies only if the build's source is GitHub Enterprise.

type reportBuildStatusOverride:

boolean

param reportBuildStatusOverride:

Set to true to report to your source provider the status of a build's start and completion. If you use this option with a source provider other than GitHub, GitHub Enterprise, or Bitbucket, an invalidInputException is thrown.

To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

type buildStatusConfigOverride:

dict

param buildStatusConfigOverride:

Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

  • context (string) --

    Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

    Bitbucket

    This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

    GitHub/GitHub Enterprise Server

    This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

  • targetUrl (string) --

    Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

    Bitbucket

    This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

    GitHub/GitHub Enterprise Server

    This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

type environmentTypeOverride:

string

param environmentTypeOverride:

A container type for this build that overrides the one specified in the build project.

type imageOverride:

string

param imageOverride:

The name of an image for this build that overrides the one specified in the build project.

type computeTypeOverride:

string

param computeTypeOverride:

The name of a compute type for this build that overrides the one specified in the build project.

type certificateOverride:

string

param certificateOverride:

The name of a certificate for this build that overrides the one specified in the build project.

type cacheOverride:

dict

param cacheOverride:

A ProjectCache object specified for this build that overrides the one defined in the build project.

  • type (string) -- [REQUIRED]

    The type of cache used by the build project. Valid values include:

    • NO_CACHE: The build project does not use any cache.

    • S3: The build project reads and writes from and to S3.

    • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

  • location (string) --

    Information about the cache location:

    • NO_CACHE or LOCAL: This value is ignored.

    • S3: This is the S3 bucket name/prefix.

  • modes (list) --

    An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

    Possible values are:

    LOCAL_SOURCE_CACHE

    Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

    LOCAL_DOCKER_LAYER_CACHE

    Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

    Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

    • Only directories can be specified for caching. You cannot specify individual files.

    • Symlinks are used to reference cached directories.

    • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

    • (string) --

type serviceRoleOverride:

string

param serviceRoleOverride:

The name of a service role for this build that overrides the one specified in the build project.

type privilegedModeOverride:

boolean

param privilegedModeOverride:

Enable this flag to override privileged mode in the build project.

type timeoutInMinutesOverride:

integer

param timeoutInMinutesOverride:

The number of build timeout minutes, from 5 to 2160 (36 hours), that overrides, for this build only, the latest setting already defined in the build project.

type queuedTimeoutInMinutesOverride:

integer

param queuedTimeoutInMinutesOverride:

The number of minutes a build is allowed to be queued before it times out.

type encryptionKeyOverride:

string

param encryptionKeyOverride:

The Key Management Service customer master key (CMK) that overrides the one specified in the build project. The CMK key encrypts the build output artifacts.

You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).

type idempotencyToken:

string

param idempotencyToken:

A unique, case sensitive identifier you provide to ensure the idempotency of the StartBuild request. The token is included in the StartBuild request and is valid for 5 minutes. If you repeat the StartBuild request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.

type logsConfigOverride:

dict

param logsConfigOverride:

Log settings for this build that override the log settings defined in the build project.

  • cloudWatchLogs (dict) --

    Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.

    • status (string) -- [REQUIRED]

      The current status of the logs in CloudWatch Logs for a build project. Valid values are:

      • ENABLED: CloudWatch Logs are enabled for this build project.

      • DISABLED: CloudWatch Logs are not enabled for this build project.

    • groupName (string) --

      The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

    • streamName (string) --

      The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

  • s3Logs (dict) --

    Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.

    • status (string) -- [REQUIRED]

      The current status of the S3 build logs. Valid values are:

      • ENABLED: S3 build logs are enabled for this build project.

      • DISABLED: S3 build logs are not enabled for this build project.

    • location (string) --

      The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

    • encryptionDisabled (boolean) --

      Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

    • bucketOwnerAccess (string) --

      Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

      This property can be one of the following values:

      NONE

      The bucket owner does not have access to the objects. This is the default.

      READ_ONLY

      The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

      FULL

      The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

      • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

      • Otherwise, the uploading account retains ownership of the objects.

      For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type registryCredentialOverride:

dict

param registryCredentialOverride:

The credentials for access to a private registry.

  • credential (string) -- [REQUIRED]

    The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

  • credentialProvider (string) -- [REQUIRED]

    The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

type imagePullCredentialsTypeOverride:

string

param imagePullCredentialsTypeOverride:

The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

CODEBUILD

Specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild's service principal.

SERVICE_ROLE

Specifies that CodeBuild uses your build project's service role.

When using a cross-account or private registry image, you must use SERVICE_ROLE credentials. When using an CodeBuild curated image, you must use CODEBUILD credentials.

type debugSessionEnabled:

boolean

param debugSessionEnabled:

Specifies if session debugging is enabled for this build. For more information, see Viewing a running build in Session Manager.

type fleetOverride:

dict

param fleetOverride:

A ProjectFleet object specified for this build that overrides the one defined in the build project.

  • fleetArn (string) --

    Specifies the compute fleet ARN for the build project.

type autoRetryLimitOverride:

integer

param autoRetryLimitOverride:

The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

rtype:

dict

returns:

Response Syntax

{
    'build': {
        'id': 'string',
        'arn': 'string',
        'buildNumber': 123,
        'startTime': datetime(2015, 1, 1),
        'endTime': datetime(2015, 1, 1),
        'currentPhase': 'string',
        'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED',
        'sourceVersion': 'string',
        'resolvedSourceVersion': 'string',
        'projectName': 'string',
        'phases': [
            {
                'phaseType': 'SUBMITTED'|'QUEUED'|'PROVISIONING'|'DOWNLOAD_SOURCE'|'INSTALL'|'PRE_BUILD'|'BUILD'|'POST_BUILD'|'UPLOAD_ARTIFACTS'|'FINALIZING'|'COMPLETED',
                'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED',
                'startTime': datetime(2015, 1, 1),
                'endTime': datetime(2015, 1, 1),
                'durationInSeconds': 123,
                'contexts': [
                    {
                        'statusCode': 'string',
                        'message': 'string'
                    },
                ]
            },
        ],
        'source': {
            'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
            'location': 'string',
            'gitCloneDepth': 123,
            'gitSubmodulesConfig': {
                'fetchSubmodules': True|False
            },
            'buildspec': 'string',
            'auth': {
                'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                'resource': 'string'
            },
            'reportBuildStatus': True|False,
            'buildStatusConfig': {
                'context': 'string',
                'targetUrl': 'string'
            },
            'insecureSsl': True|False,
            'sourceIdentifier': 'string'
        },
        'secondarySources': [
            {
                'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                'location': 'string',
                'gitCloneDepth': 123,
                'gitSubmodulesConfig': {
                    'fetchSubmodules': True|False
                },
                'buildspec': 'string',
                'auth': {
                    'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                    'resource': 'string'
                },
                'reportBuildStatus': True|False,
                'buildStatusConfig': {
                    'context': 'string',
                    'targetUrl': 'string'
                },
                'insecureSsl': True|False,
                'sourceIdentifier': 'string'
            },
        ],
        'secondarySourceVersions': [
            {
                'sourceIdentifier': 'string',
                'sourceVersion': 'string'
            },
        ],
        'artifacts': {
            'location': 'string',
            'sha256sum': 'string',
            'md5sum': 'string',
            'overrideArtifactName': True|False,
            'encryptionDisabled': True|False,
            'artifactIdentifier': 'string',
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        },
        'secondaryArtifacts': [
            {
                'location': 'string',
                'sha256sum': 'string',
                'md5sum': 'string',
                'overrideArtifactName': True|False,
                'encryptionDisabled': True|False,
                'artifactIdentifier': 'string',
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            },
        ],
        'cache': {
            'type': 'NO_CACHE'|'S3'|'LOCAL',
            'location': 'string',
            'modes': [
                'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
            ]
        },
        'environment': {
            'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
            'image': 'string',
            'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
            'fleet': {
                'fleetArn': 'string'
            },
            'environmentVariables': [
                {
                    'name': 'string',
                    'value': 'string',
                    'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
                },
            ],
            'privilegedMode': True|False,
            'certificate': 'string',
            'registryCredential': {
                'credential': 'string',
                'credentialProvider': 'SECRETS_MANAGER'
            },
            'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
        },
        'serviceRole': 'string',
        'logs': {
            'groupName': 'string',
            'streamName': 'string',
            'deepLink': 'string',
            's3DeepLink': 'string',
            'cloudWatchLogsArn': 'string',
            's3LogsArn': 'string',
            'cloudWatchLogs': {
                'status': 'ENABLED'|'DISABLED',
                'groupName': 'string',
                'streamName': 'string'
            },
            's3Logs': {
                'status': 'ENABLED'|'DISABLED',
                'location': 'string',
                'encryptionDisabled': True|False,
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            }
        },
        'timeoutInMinutes': 123,
        'queuedTimeoutInMinutes': 123,
        'buildComplete': True|False,
        'initiator': 'string',
        'vpcConfig': {
            'vpcId': 'string',
            'subnets': [
                'string',
            ],
            'securityGroupIds': [
                'string',
            ]
        },
        'networkInterface': {
            'subnetId': 'string',
            'networkInterfaceId': 'string'
        },
        'encryptionKey': 'string',
        'exportedEnvironmentVariables': [
            {
                'name': 'string',
                'value': 'string'
            },
        ],
        'reportArns': [
            'string',
        ],
        'fileSystemLocations': [
            {
                'type': 'EFS',
                'location': 'string',
                'mountPoint': 'string',
                'identifier': 'string',
                'mountOptions': 'string'
            },
        ],
        'debugSession': {
            'sessionEnabled': True|False,
            'sessionTarget': 'string'
        },
        'buildBatchArn': 'string',
        'autoRetryConfig': {
            'autoRetryLimit': 123,
            'autoRetryNumber': 123,
            'nextAutoRetry': 'string',
            'previousAutoRetry': 'string'
        }
    }
}

Response Structure

  • (dict) --

    • build (dict) --

      Information about the build to be run.

      • id (string) --

        The unique ID for the build.

      • arn (string) --

        The Amazon Resource Name (ARN) of the build.

      • buildNumber (integer) --

        The number of the build. For each project, the buildNumber of its first build is 1. The buildNumber of each subsequent build is incremented by 1. If a build is deleted, the buildNumber of other builds does not change.

      • startTime (datetime) --

        When the build process started, expressed in Unix time format.

      • endTime (datetime) --

        When the build process ended, expressed in Unix time format.

      • currentPhase (string) --

        The current build phase.

      • buildStatus (string) --

        The current status of the build. Valid values include:

        • FAILED: The build failed.

        • FAULT: The build faulted.

        • IN_PROGRESS: The build is still in progress.

        • STOPPED: The build stopped.

        • SUCCEEDED: The build succeeded.

        • TIMED_OUT: The build timed out.

      • sourceVersion (string) --

        Any version identifier for the version of the source code to be built. If sourceVersion is specified at the project level, then this sourceVersion (at the build level) takes precedence.

        For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • resolvedSourceVersion (string) --

        An identifier for the version of this build's source code.

        • For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.

        • For CodePipeline, the source revision provided by CodePipeline.

        • For Amazon S3, this does not apply.

      • projectName (string) --

        The name of the CodeBuild project.

      • phases (list) --

        Information about all previous build phases that are complete and information about any current build phase that is not yet complete.

        • (dict) --

          Information about a stage for a build.

          • phaseType (string) --

            The name of the build phase. Valid values include:

            BUILD

            Core build activities typically occur in this build phase.

            COMPLETED

            The build has been completed.

            DOWNLOAD_SOURCE

            Source code is being downloaded in this build phase.

            FINALIZING

            The build process is completing in this build phase.

            INSTALL

            Installation activities typically occur in this build phase.

            POST_BUILD

            Post-build activities typically occur in this build phase.

            PRE_BUILD

            Pre-build activities typically occur in this build phase.

            PROVISIONING

            The build environment is being set up.

            QUEUED

            The build has been submitted and is queued behind other submitted builds.

            SUBMITTED

            The build has been submitted.

            UPLOAD_ARTIFACTS

            Build output artifacts are being uploaded to the output location.

          • phaseStatus (string) --

            The current status of the build phase. Valid values include:

            FAILED

            The build phase failed.

            FAULT

            The build phase faulted.

            IN_PROGRESS

            The build phase is still in progress.

            STOPPED

            The build phase stopped.

            SUCCEEDED

            The build phase succeeded.

            TIMED_OUT

            The build phase timed out.

          • startTime (datetime) --

            When the build phase started, expressed in Unix time format.

          • endTime (datetime) --

            When the build phase ended, expressed in Unix time format.

          • durationInSeconds (integer) --

            How long, in seconds, between the starting and ending times of the build's phase.

          • contexts (list) --

            Additional information about a build phase, especially to help troubleshoot a failed build.

            • (dict) --

              Additional information about a build phase that has an error. You can use this information for troubleshooting.

              • statusCode (string) --

                The status code for the context of the build phase.

              • message (string) --

                An explanation of the build phase's context. This might include a command ID and an exit code.

      • source (dict) --

        Information about the source code to be built.

        • type (string) --

          The type of repository that contains the source code to be built. Valid values include:

          • BITBUCKET: The source code is in a Bitbucket repository.

          • CODECOMMIT: The source code is in an CodeCommit repository.

          • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

          • GITHUB: The source code is in a GitHub repository.

          • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

          • GITLAB: The source code is in a GitLab repository.

          • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

          • NO_SOURCE: The project does not have input source code.

          • S3: The source code is in an Amazon S3 bucket.

        • location (string) --

          Information about the location of the source code to be built. Valid values include:

          • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

          • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

          • For source code in an Amazon S3 input bucket, one of the following.

            • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

            • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

          • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

          • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

        • gitCloneDepth (integer) --

          Information about the Git clone depth for the build project.

        • gitSubmodulesConfig (dict) --

          Information about the Git submodules configuration for the build project.

          • fetchSubmodules (boolean) --

            Set to true to fetch Git submodules for your CodeBuild build project.

        • buildspec (string) --

          The buildspec file declaration to use for the builds in this build project.

          If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

        • auth (dict) --

          Information about the authorization settings for CodeBuild to access the source code to be built.

          • type (string) --

            The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

          • resource (string) --

            The resource value that applies to the specified authorization type.

        • reportBuildStatus (boolean) --

          Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

          To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

          The status of a build triggered by a webhook is always reported to your source provider.

          If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

        • buildStatusConfig (dict) --

          Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

          • context (string) --

            Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • targetUrl (string) --

            Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

        • insecureSsl (boolean) --

          Enable this flag to ignore SSL warnings while connecting to the project source code.

        • sourceIdentifier (string) --

          An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • secondarySources (list) --

        An array of ProjectSource objects.

        • (dict) --

          Information about the build input source code for the build project.

          • type (string) --

            The type of repository that contains the source code to be built. Valid values include:

            • BITBUCKET: The source code is in a Bitbucket repository.

            • CODECOMMIT: The source code is in an CodeCommit repository.

            • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

            • GITHUB: The source code is in a GitHub repository.

            • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

            • GITLAB: The source code is in a GitLab repository.

            • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

            • NO_SOURCE: The project does not have input source code.

            • S3: The source code is in an Amazon S3 bucket.

          • location (string) --

            Information about the location of the source code to be built. Valid values include:

            • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

            • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

            • For source code in an Amazon S3 input bucket, one of the following.

              • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

              • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

            • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

            • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

          • gitCloneDepth (integer) --

            Information about the Git clone depth for the build project.

          • gitSubmodulesConfig (dict) --

            Information about the Git submodules configuration for the build project.

            • fetchSubmodules (boolean) --

              Set to true to fetch Git submodules for your CodeBuild build project.

          • buildspec (string) --

            The buildspec file declaration to use for the builds in this build project.

            If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

          • auth (dict) --

            Information about the authorization settings for CodeBuild to access the source code to be built.

            • type (string) --

              The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

            • resource (string) --

              The resource value that applies to the specified authorization type.

          • reportBuildStatus (boolean) --

            Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

            To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

            The status of a build triggered by a webhook is always reported to your source provider.

            If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

          • buildStatusConfig (dict) --

            Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

            • context (string) --

              Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • targetUrl (string) --

              Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • insecureSsl (boolean) --

            Enable this flag to ignore SSL warnings while connecting to the project source code.

          • sourceIdentifier (string) --

            An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • secondarySourceVersions (list) --

        An array of ProjectSourceVersion objects. Each ProjectSourceVersion must be one of:

        • For CodeCommit: the commit ID, branch, or Git tag to use.

        • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

        • (dict) --

          A source identifier and its corresponding version.

          • sourceIdentifier (string) --

            An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

          • sourceVersion (string) --

            The source version for the corresponding source identifier. If specified, must be one of:

            • For CodeCommit: the commit ID, branch, or Git tag to use.

            • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For GitLab: the commit ID, branch, or Git tag to use.

            • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

            For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • artifacts (dict) --

        Information about the output artifacts for the build.

        • location (string) --

          Information about the location of the build artifacts.

        • sha256sum (string) --

          The SHA-256 hash of the build artifact.

          You can use this hash along with a checksum tool to confirm file integrity and authenticity.

        • md5sum (string) --

          The MD5 hash of the build artifact.

          You can use this hash along with a checksum tool to confirm file integrity and authenticity.

        • overrideArtifactName (boolean) --

          If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

        • encryptionDisabled (boolean) --

          Information that tells you if encryption for build artifacts is disabled.

        • artifactIdentifier (string) --

          An identifier for this artifact definition.

        • bucketOwnerAccess (string) --

          Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

          This property can be one of the following values:

          NONE

          The bucket owner does not have access to the objects. This is the default.

          READ_ONLY

          The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

          FULL

          The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

          • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

          • Otherwise, the uploading account retains ownership of the objects.

          For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • secondaryArtifacts (list) --

        An array of ProjectArtifacts objects.

        • (dict) --

          Information about build output artifacts.

          • location (string) --

            Information about the location of the build artifacts.

          • sha256sum (string) --

            The SHA-256 hash of the build artifact.

            You can use this hash along with a checksum tool to confirm file integrity and authenticity.

          • md5sum (string) --

            The MD5 hash of the build artifact.

            You can use this hash along with a checksum tool to confirm file integrity and authenticity.

          • overrideArtifactName (boolean) --

            If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

          • encryptionDisabled (boolean) --

            Information that tells you if encryption for build artifacts is disabled.

          • artifactIdentifier (string) --

            An identifier for this artifact definition.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • cache (dict) --

        Information about the cache for the build.

        • type (string) --

          The type of cache used by the build project. Valid values include:

          • NO_CACHE: The build project does not use any cache.

          • S3: The build project reads and writes from and to S3.

          • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

        • location (string) --

          Information about the cache location:

          • NO_CACHE or LOCAL: This value is ignored.

          • S3: This is the S3 bucket name/prefix.

        • modes (list) --

          An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

          Possible values are:

          LOCAL_SOURCE_CACHE

          Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

          LOCAL_DOCKER_LAYER_CACHE

          Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

          Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

          • Only directories can be specified for caching. You cannot specify individual files.

          • Symlinks are used to reference cached directories.

          • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

          • (string) --

      • environment (dict) --

        Information about the build environment for this build.

        • type (string) --

          The type of build environment to use for related builds.

          • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

          • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

          • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

          • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

          • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

          For more information, see Build environment compute types in the CodeBuild user guide.

        • image (string) --

          The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

          • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

          • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

          For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

        • computeType (string) --

          Information about the compute resources the build project uses. Available values include:

          • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

          • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

          • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

          • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          If you use BUILD_GENERAL1_SMALL:

          • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

          • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

          If you use BUILD_GENERAL1_LARGE:

          • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

          • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

          For more information, see Build Environment Compute Types in the CodeBuild User Guide.

        • fleet (dict) --

          A ProjectFleet object to use for this build project.

          • fleetArn (string) --

            Specifies the compute fleet ARN for the build project.

        • environmentVariables (list) --

          A set of environment variables to make available to builds for this build project.

          • (dict) --

            Information about an environment variable for a build project or a build.

            • name (string) --

              The name or key of the environment variable.

            • value (string) --

              The value of the environment variable.

            • type (string) --

              The type of environment variable. Valid values include:

              • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

              • PLAINTEXT: An environment variable in plain text format. This is the default value.

              • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

        • privilegedMode (boolean) --

          Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

          You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

          If the operating system's base image is Ubuntu Linux:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

          If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

        • certificate (string) --

          The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

        • registryCredential (dict) --

          The credentials for access to a private registry.

          • credential (string) --

            The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

          • credentialProvider (string) --

            The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

        • imagePullCredentialsType (string) --

          The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

          • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

          • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

          When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

      • serviceRole (string) --

        The name of a service role used for this build.

      • logs (dict) --

        Information about the build's logs in CloudWatch Logs.

        • groupName (string) --

          The name of the CloudWatch Logs group for the build logs.

        • streamName (string) --

          The name of the CloudWatch Logs stream for the build logs.

        • deepLink (string) --

          The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the deeplink will not be valid until it is created.

        • s3DeepLink (string) --

          The URL to a build log in an S3 bucket.

        • cloudWatchLogsArn (string) --

          The ARN of the CloudWatch Logs stream for a build execution. Its format is arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}. The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs.

        • s3LogsArn (string) --

          The ARN of S3 logs for a build project. Its format is arn:${Partition}:s3:::${BucketName}/${ObjectName}. For more information, see Resources Defined by Amazon S3.

        • cloudWatchLogs (dict) --

          Information about CloudWatch Logs for a build project.

          • status (string) --

            The current status of the logs in CloudWatch Logs for a build project. Valid values are:

            • ENABLED: CloudWatch Logs are enabled for this build project.

            • DISABLED: CloudWatch Logs are not enabled for this build project.

          • groupName (string) --

            The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

          • streamName (string) --

            The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

        • s3Logs (dict) --

          Information about S3 logs for a build project.

          • status (string) --

            The current status of the S3 build logs. Valid values are:

            • ENABLED: S3 build logs are enabled for this build project.

            • DISABLED: S3 build logs are not enabled for this build project.

          • location (string) --

            The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

          • encryptionDisabled (boolean) --

            Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • timeoutInMinutes (integer) --

        How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.

      • queuedTimeoutInMinutes (integer) --

        The number of minutes a build is allowed to be queued before it times out.

      • buildComplete (boolean) --

        Whether the build is complete. True if complete; otherwise, false.

      • initiator (string) --

        The entity that started the build. Valid values include:

        • If CodePipeline started the build, the pipeline's name (for example, codepipeline/my-demo-pipeline).

        • If a user started the build, the user's name (for example, MyUserName).

        • If the Jenkins plugin for CodeBuild started the build, the string CodeBuild-Jenkins-Plugin.

      • vpcConfig (dict) --

        If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.

        • vpcId (string) --

          The ID of the Amazon VPC.

        • subnets (list) --

          A list of one or more subnet IDs in your Amazon VPC.

          • (string) --

        • securityGroupIds (list) --

          A list of one or more security groups IDs in your Amazon VPC.

          • (string) --

      • networkInterface (dict) --

        Describes a network interface.

        • subnetId (string) --

          The ID of the subnet.

        • networkInterfaceId (string) --

          The ID of the network interface.

      • encryptionKey (string) --

        The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

        You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).

      • exportedEnvironmentVariables (list) --

        A list of exported environment variables for this build.

        Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.

        • (dict) --

          Contains information about an exported environment variable.

          Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.

          • name (string) --

            The name of the exported environment variable.

          • value (string) --

            The value assigned to the exported environment variable.

      • reportArns (list) --

        An array of the ARNs associated with this build's reports.

        • (string) --

      • fileSystemLocations (list) --

        An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

        • (dict) --

          Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

          • type (string) --

            The type of the file system. The one supported type is EFS.

          • location (string) --

            A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

            The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

          • mountPoint (string) --

            The location in the container where you mount the file system.

          • identifier (string) --

            The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

            The identifier is used to mount your file system.

          • mountOptions (string) --

            The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

      • debugSession (dict) --

        Contains information about the debug session for this build.

        • sessionEnabled (boolean) --

          Specifies if session debugging is enabled for this build.

        • sessionTarget (string) --

          Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.

      • buildBatchArn (string) --

        The ARN of the batch build that this build is a member of, if applicable.

      • autoRetryConfig (dict) --

        Information about the auto-retry configuration for the build.

        • autoRetryLimit (integer) --

          The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

        • autoRetryNumber (integer) --

          The number of times that the build has been retried. The initial build will have an auto-retry number of 0.

        • nextAutoRetry (string) --

          The build ARN of the auto-retried build triggered by the current build. The next auto-retry will be null for builds that don't trigger an auto-retry.

        • previousAutoRetry (string) --

          The build ARN of the build that triggered the current auto-retry build. The previous auto-retry will be null for the initial build.

StopBuild (updated) Link ¶
Changes (response)
{'build': {'autoRetryConfig': {'autoRetryLimit': 'integer',
                               'autoRetryNumber': 'integer',
                               'nextAutoRetry': 'string',
                               'previousAutoRetry': 'string'}}}

Attempts to stop running a build.

See also: AWS API Documentation

Request Syntax

client.stop_build(
    id='string'
)
type id:

string

param id:

[REQUIRED]

The ID of the build.

rtype:

dict

returns:

Response Syntax

{
    'build': {
        'id': 'string',
        'arn': 'string',
        'buildNumber': 123,
        'startTime': datetime(2015, 1, 1),
        'endTime': datetime(2015, 1, 1),
        'currentPhase': 'string',
        'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED',
        'sourceVersion': 'string',
        'resolvedSourceVersion': 'string',
        'projectName': 'string',
        'phases': [
            {
                'phaseType': 'SUBMITTED'|'QUEUED'|'PROVISIONING'|'DOWNLOAD_SOURCE'|'INSTALL'|'PRE_BUILD'|'BUILD'|'POST_BUILD'|'UPLOAD_ARTIFACTS'|'FINALIZING'|'COMPLETED',
                'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED',
                'startTime': datetime(2015, 1, 1),
                'endTime': datetime(2015, 1, 1),
                'durationInSeconds': 123,
                'contexts': [
                    {
                        'statusCode': 'string',
                        'message': 'string'
                    },
                ]
            },
        ],
        'source': {
            'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
            'location': 'string',
            'gitCloneDepth': 123,
            'gitSubmodulesConfig': {
                'fetchSubmodules': True|False
            },
            'buildspec': 'string',
            'auth': {
                'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                'resource': 'string'
            },
            'reportBuildStatus': True|False,
            'buildStatusConfig': {
                'context': 'string',
                'targetUrl': 'string'
            },
            'insecureSsl': True|False,
            'sourceIdentifier': 'string'
        },
        'secondarySources': [
            {
                'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                'location': 'string',
                'gitCloneDepth': 123,
                'gitSubmodulesConfig': {
                    'fetchSubmodules': True|False
                },
                'buildspec': 'string',
                'auth': {
                    'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                    'resource': 'string'
                },
                'reportBuildStatus': True|False,
                'buildStatusConfig': {
                    'context': 'string',
                    'targetUrl': 'string'
                },
                'insecureSsl': True|False,
                'sourceIdentifier': 'string'
            },
        ],
        'secondarySourceVersions': [
            {
                'sourceIdentifier': 'string',
                'sourceVersion': 'string'
            },
        ],
        'artifacts': {
            'location': 'string',
            'sha256sum': 'string',
            'md5sum': 'string',
            'overrideArtifactName': True|False,
            'encryptionDisabled': True|False,
            'artifactIdentifier': 'string',
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        },
        'secondaryArtifacts': [
            {
                'location': 'string',
                'sha256sum': 'string',
                'md5sum': 'string',
                'overrideArtifactName': True|False,
                'encryptionDisabled': True|False,
                'artifactIdentifier': 'string',
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            },
        ],
        'cache': {
            'type': 'NO_CACHE'|'S3'|'LOCAL',
            'location': 'string',
            'modes': [
                'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
            ]
        },
        'environment': {
            'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
            'image': 'string',
            'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
            'fleet': {
                'fleetArn': 'string'
            },
            'environmentVariables': [
                {
                    'name': 'string',
                    'value': 'string',
                    'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
                },
            ],
            'privilegedMode': True|False,
            'certificate': 'string',
            'registryCredential': {
                'credential': 'string',
                'credentialProvider': 'SECRETS_MANAGER'
            },
            'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
        },
        'serviceRole': 'string',
        'logs': {
            'groupName': 'string',
            'streamName': 'string',
            'deepLink': 'string',
            's3DeepLink': 'string',
            'cloudWatchLogsArn': 'string',
            's3LogsArn': 'string',
            'cloudWatchLogs': {
                'status': 'ENABLED'|'DISABLED',
                'groupName': 'string',
                'streamName': 'string'
            },
            's3Logs': {
                'status': 'ENABLED'|'DISABLED',
                'location': 'string',
                'encryptionDisabled': True|False,
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            }
        },
        'timeoutInMinutes': 123,
        'queuedTimeoutInMinutes': 123,
        'buildComplete': True|False,
        'initiator': 'string',
        'vpcConfig': {
            'vpcId': 'string',
            'subnets': [
                'string',
            ],
            'securityGroupIds': [
                'string',
            ]
        },
        'networkInterface': {
            'subnetId': 'string',
            'networkInterfaceId': 'string'
        },
        'encryptionKey': 'string',
        'exportedEnvironmentVariables': [
            {
                'name': 'string',
                'value': 'string'
            },
        ],
        'reportArns': [
            'string',
        ],
        'fileSystemLocations': [
            {
                'type': 'EFS',
                'location': 'string',
                'mountPoint': 'string',
                'identifier': 'string',
                'mountOptions': 'string'
            },
        ],
        'debugSession': {
            'sessionEnabled': True|False,
            'sessionTarget': 'string'
        },
        'buildBatchArn': 'string',
        'autoRetryConfig': {
            'autoRetryLimit': 123,
            'autoRetryNumber': 123,
            'nextAutoRetry': 'string',
            'previousAutoRetry': 'string'
        }
    }
}

Response Structure

  • (dict) --

    • build (dict) --

      Information about the build.

      • id (string) --

        The unique ID for the build.

      • arn (string) --

        The Amazon Resource Name (ARN) of the build.

      • buildNumber (integer) --

        The number of the build. For each project, the buildNumber of its first build is 1. The buildNumber of each subsequent build is incremented by 1. If a build is deleted, the buildNumber of other builds does not change.

      • startTime (datetime) --

        When the build process started, expressed in Unix time format.

      • endTime (datetime) --

        When the build process ended, expressed in Unix time format.

      • currentPhase (string) --

        The current build phase.

      • buildStatus (string) --

        The current status of the build. Valid values include:

        • FAILED: The build failed.

        • FAULT: The build faulted.

        • IN_PROGRESS: The build is still in progress.

        • STOPPED: The build stopped.

        • SUCCEEDED: The build succeeded.

        • TIMED_OUT: The build timed out.

      • sourceVersion (string) --

        Any version identifier for the version of the source code to be built. If sourceVersion is specified at the project level, then this sourceVersion (at the build level) takes precedence.

        For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • resolvedSourceVersion (string) --

        An identifier for the version of this build's source code.

        • For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.

        • For CodePipeline, the source revision provided by CodePipeline.

        • For Amazon S3, this does not apply.

      • projectName (string) --

        The name of the CodeBuild project.

      • phases (list) --

        Information about all previous build phases that are complete and information about any current build phase that is not yet complete.

        • (dict) --

          Information about a stage for a build.

          • phaseType (string) --

            The name of the build phase. Valid values include:

            BUILD

            Core build activities typically occur in this build phase.

            COMPLETED

            The build has been completed.

            DOWNLOAD_SOURCE

            Source code is being downloaded in this build phase.

            FINALIZING

            The build process is completing in this build phase.

            INSTALL

            Installation activities typically occur in this build phase.

            POST_BUILD

            Post-build activities typically occur in this build phase.

            PRE_BUILD

            Pre-build activities typically occur in this build phase.

            PROVISIONING

            The build environment is being set up.

            QUEUED

            The build has been submitted and is queued behind other submitted builds.

            SUBMITTED

            The build has been submitted.

            UPLOAD_ARTIFACTS

            Build output artifacts are being uploaded to the output location.

          • phaseStatus (string) --

            The current status of the build phase. Valid values include:

            FAILED

            The build phase failed.

            FAULT

            The build phase faulted.

            IN_PROGRESS

            The build phase is still in progress.

            STOPPED

            The build phase stopped.

            SUCCEEDED

            The build phase succeeded.

            TIMED_OUT

            The build phase timed out.

          • startTime (datetime) --

            When the build phase started, expressed in Unix time format.

          • endTime (datetime) --

            When the build phase ended, expressed in Unix time format.

          • durationInSeconds (integer) --

            How long, in seconds, between the starting and ending times of the build's phase.

          • contexts (list) --

            Additional information about a build phase, especially to help troubleshoot a failed build.

            • (dict) --

              Additional information about a build phase that has an error. You can use this information for troubleshooting.

              • statusCode (string) --

                The status code for the context of the build phase.

              • message (string) --

                An explanation of the build phase's context. This might include a command ID and an exit code.

      • source (dict) --

        Information about the source code to be built.

        • type (string) --

          The type of repository that contains the source code to be built. Valid values include:

          • BITBUCKET: The source code is in a Bitbucket repository.

          • CODECOMMIT: The source code is in an CodeCommit repository.

          • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

          • GITHUB: The source code is in a GitHub repository.

          • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

          • GITLAB: The source code is in a GitLab repository.

          • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

          • NO_SOURCE: The project does not have input source code.

          • S3: The source code is in an Amazon S3 bucket.

        • location (string) --

          Information about the location of the source code to be built. Valid values include:

          • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

          • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

          • For source code in an Amazon S3 input bucket, one of the following.

            • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

            • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

          • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

          • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

        • gitCloneDepth (integer) --

          Information about the Git clone depth for the build project.

        • gitSubmodulesConfig (dict) --

          Information about the Git submodules configuration for the build project.

          • fetchSubmodules (boolean) --

            Set to true to fetch Git submodules for your CodeBuild build project.

        • buildspec (string) --

          The buildspec file declaration to use for the builds in this build project.

          If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

        • auth (dict) --

          Information about the authorization settings for CodeBuild to access the source code to be built.

          • type (string) --

            The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

          • resource (string) --

            The resource value that applies to the specified authorization type.

        • reportBuildStatus (boolean) --

          Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

          To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

          The status of a build triggered by a webhook is always reported to your source provider.

          If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

        • buildStatusConfig (dict) --

          Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

          • context (string) --

            Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • targetUrl (string) --

            Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

        • insecureSsl (boolean) --

          Enable this flag to ignore SSL warnings while connecting to the project source code.

        • sourceIdentifier (string) --

          An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • secondarySources (list) --

        An array of ProjectSource objects.

        • (dict) --

          Information about the build input source code for the build project.

          • type (string) --

            The type of repository that contains the source code to be built. Valid values include:

            • BITBUCKET: The source code is in a Bitbucket repository.

            • CODECOMMIT: The source code is in an CodeCommit repository.

            • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

            • GITHUB: The source code is in a GitHub repository.

            • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

            • GITLAB: The source code is in a GitLab repository.

            • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

            • NO_SOURCE: The project does not have input source code.

            • S3: The source code is in an Amazon S3 bucket.

          • location (string) --

            Information about the location of the source code to be built. Valid values include:

            • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

            • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

            • For source code in an Amazon S3 input bucket, one of the following.

              • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

              • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

            • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

            • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

          • gitCloneDepth (integer) --

            Information about the Git clone depth for the build project.

          • gitSubmodulesConfig (dict) --

            Information about the Git submodules configuration for the build project.

            • fetchSubmodules (boolean) --

              Set to true to fetch Git submodules for your CodeBuild build project.

          • buildspec (string) --

            The buildspec file declaration to use for the builds in this build project.

            If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

          • auth (dict) --

            Information about the authorization settings for CodeBuild to access the source code to be built.

            • type (string) --

              The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

            • resource (string) --

              The resource value that applies to the specified authorization type.

          • reportBuildStatus (boolean) --

            Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

            To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

            The status of a build triggered by a webhook is always reported to your source provider.

            If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

          • buildStatusConfig (dict) --

            Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

            • context (string) --

              Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • targetUrl (string) --

              Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • insecureSsl (boolean) --

            Enable this flag to ignore SSL warnings while connecting to the project source code.

          • sourceIdentifier (string) --

            An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • secondarySourceVersions (list) --

        An array of ProjectSourceVersion objects. Each ProjectSourceVersion must be one of:

        • For CodeCommit: the commit ID, branch, or Git tag to use.

        • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

        • (dict) --

          A source identifier and its corresponding version.

          • sourceIdentifier (string) --

            An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

          • sourceVersion (string) --

            The source version for the corresponding source identifier. If specified, must be one of:

            • For CodeCommit: the commit ID, branch, or Git tag to use.

            • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For GitLab: the commit ID, branch, or Git tag to use.

            • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

            For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • artifacts (dict) --

        Information about the output artifacts for the build.

        • location (string) --

          Information about the location of the build artifacts.

        • sha256sum (string) --

          The SHA-256 hash of the build artifact.

          You can use this hash along with a checksum tool to confirm file integrity and authenticity.

        • md5sum (string) --

          The MD5 hash of the build artifact.

          You can use this hash along with a checksum tool to confirm file integrity and authenticity.

        • overrideArtifactName (boolean) --

          If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

        • encryptionDisabled (boolean) --

          Information that tells you if encryption for build artifacts is disabled.

        • artifactIdentifier (string) --

          An identifier for this artifact definition.

        • bucketOwnerAccess (string) --

          Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

          This property can be one of the following values:

          NONE

          The bucket owner does not have access to the objects. This is the default.

          READ_ONLY

          The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

          FULL

          The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

          • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

          • Otherwise, the uploading account retains ownership of the objects.

          For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • secondaryArtifacts (list) --

        An array of ProjectArtifacts objects.

        • (dict) --

          Information about build output artifacts.

          • location (string) --

            Information about the location of the build artifacts.

          • sha256sum (string) --

            The SHA-256 hash of the build artifact.

            You can use this hash along with a checksum tool to confirm file integrity and authenticity.

          • md5sum (string) --

            The MD5 hash of the build artifact.

            You can use this hash along with a checksum tool to confirm file integrity and authenticity.

          • overrideArtifactName (boolean) --

            If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

          • encryptionDisabled (boolean) --

            Information that tells you if encryption for build artifacts is disabled.

          • artifactIdentifier (string) --

            An identifier for this artifact definition.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • cache (dict) --

        Information about the cache for the build.

        • type (string) --

          The type of cache used by the build project. Valid values include:

          • NO_CACHE: The build project does not use any cache.

          • S3: The build project reads and writes from and to S3.

          • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

        • location (string) --

          Information about the cache location:

          • NO_CACHE or LOCAL: This value is ignored.

          • S3: This is the S3 bucket name/prefix.

        • modes (list) --

          An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

          Possible values are:

          LOCAL_SOURCE_CACHE

          Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

          LOCAL_DOCKER_LAYER_CACHE

          Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

          Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

          • Only directories can be specified for caching. You cannot specify individual files.

          • Symlinks are used to reference cached directories.

          • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

          • (string) --

      • environment (dict) --

        Information about the build environment for this build.

        • type (string) --

          The type of build environment to use for related builds.

          • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

          • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

          • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

          • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

          • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

          For more information, see Build environment compute types in the CodeBuild user guide.

        • image (string) --

          The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

          • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

          • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

          For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

        • computeType (string) --

          Information about the compute resources the build project uses. Available values include:

          • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

          • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

          • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

          • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          If you use BUILD_GENERAL1_SMALL:

          • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

          • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

          If you use BUILD_GENERAL1_LARGE:

          • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

          • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

          For more information, see Build Environment Compute Types in the CodeBuild User Guide.

        • fleet (dict) --

          A ProjectFleet object to use for this build project.

          • fleetArn (string) --

            Specifies the compute fleet ARN for the build project.

        • environmentVariables (list) --

          A set of environment variables to make available to builds for this build project.

          • (dict) --

            Information about an environment variable for a build project or a build.

            • name (string) --

              The name or key of the environment variable.

            • value (string) --

              The value of the environment variable.

            • type (string) --

              The type of environment variable. Valid values include:

              • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

              • PLAINTEXT: An environment variable in plain text format. This is the default value.

              • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

        • privilegedMode (boolean) --

          Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

          You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

          If the operating system's base image is Ubuntu Linux:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

          If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

        • certificate (string) --

          The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

        • registryCredential (dict) --

          The credentials for access to a private registry.

          • credential (string) --

            The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

          • credentialProvider (string) --

            The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

        • imagePullCredentialsType (string) --

          The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

          • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

          • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

          When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

      • serviceRole (string) --

        The name of a service role used for this build.

      • logs (dict) --

        Information about the build's logs in CloudWatch Logs.

        • groupName (string) --

          The name of the CloudWatch Logs group for the build logs.

        • streamName (string) --

          The name of the CloudWatch Logs stream for the build logs.

        • deepLink (string) --

          The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the deeplink will not be valid until it is created.

        • s3DeepLink (string) --

          The URL to a build log in an S3 bucket.

        • cloudWatchLogsArn (string) --

          The ARN of the CloudWatch Logs stream for a build execution. Its format is arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}. The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs.

        • s3LogsArn (string) --

          The ARN of S3 logs for a build project. Its format is arn:${Partition}:s3:::${BucketName}/${ObjectName}. For more information, see Resources Defined by Amazon S3.

        • cloudWatchLogs (dict) --

          Information about CloudWatch Logs for a build project.

          • status (string) --

            The current status of the logs in CloudWatch Logs for a build project. Valid values are:

            • ENABLED: CloudWatch Logs are enabled for this build project.

            • DISABLED: CloudWatch Logs are not enabled for this build project.

          • groupName (string) --

            The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

          • streamName (string) --

            The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

        • s3Logs (dict) --

          Information about S3 logs for a build project.

          • status (string) --

            The current status of the S3 build logs. Valid values are:

            • ENABLED: S3 build logs are enabled for this build project.

            • DISABLED: S3 build logs are not enabled for this build project.

          • location (string) --

            The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

          • encryptionDisabled (boolean) --

            Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • timeoutInMinutes (integer) --

        How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.

      • queuedTimeoutInMinutes (integer) --

        The number of minutes a build is allowed to be queued before it times out.

      • buildComplete (boolean) --

        Whether the build is complete. True if complete; otherwise, false.

      • initiator (string) --

        The entity that started the build. Valid values include:

        • If CodePipeline started the build, the pipeline's name (for example, codepipeline/my-demo-pipeline).

        • If a user started the build, the user's name (for example, MyUserName).

        • If the Jenkins plugin for CodeBuild started the build, the string CodeBuild-Jenkins-Plugin.

      • vpcConfig (dict) --

        If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.

        • vpcId (string) --

          The ID of the Amazon VPC.

        • subnets (list) --

          A list of one or more subnet IDs in your Amazon VPC.

          • (string) --

        • securityGroupIds (list) --

          A list of one or more security groups IDs in your Amazon VPC.

          • (string) --

      • networkInterface (dict) --

        Describes a network interface.

        • subnetId (string) --

          The ID of the subnet.

        • networkInterfaceId (string) --

          The ID of the network interface.

      • encryptionKey (string) --

        The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

        You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).

      • exportedEnvironmentVariables (list) --

        A list of exported environment variables for this build.

        Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.

        • (dict) --

          Contains information about an exported environment variable.

          Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.

          • name (string) --

            The name of the exported environment variable.

          • value (string) --

            The value assigned to the exported environment variable.

      • reportArns (list) --

        An array of the ARNs associated with this build's reports.

        • (string) --

      • fileSystemLocations (list) --

        An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

        • (dict) --

          Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

          • type (string) --

            The type of the file system. The one supported type is EFS.

          • location (string) --

            A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

            The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

          • mountPoint (string) --

            The location in the container where you mount the file system.

          • identifier (string) --

            The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

            The identifier is used to mount your file system.

          • mountOptions (string) --

            The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

      • debugSession (dict) --

        Contains information about the debug session for this build.

        • sessionEnabled (boolean) --

          Specifies if session debugging is enabled for this build.

        • sessionTarget (string) --

          Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.

      • buildBatchArn (string) --

        The ARN of the batch build that this build is a member of, if applicable.

      • autoRetryConfig (dict) --

        Information about the auto-retry configuration for the build.

        • autoRetryLimit (integer) --

          The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

        • autoRetryNumber (integer) --

          The number of times that the build has been retried. The initial build will have an auto-retry number of 0.

        • nextAutoRetry (string) --

          The build ARN of the auto-retried build triggered by the current build. The next auto-retry will be null for builds that don't trigger an auto-retry.

        • previousAutoRetry (string) --

          The build ARN of the build that triggered the current auto-retry build. The previous auto-retry will be null for the initial build.

UpdateProject (updated) Link ¶
Changes (request, response)
Request
{'autoRetryLimit': 'integer'}
Response
{'project': {'autoRetryLimit': 'integer'}}

Changes the settings of a build project.

See also: AWS API Documentation

Request Syntax

client.update_project(
    name='string',
    description='string',
    source={
        'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
        'location': 'string',
        'gitCloneDepth': 123,
        'gitSubmodulesConfig': {
            'fetchSubmodules': True|False
        },
        'buildspec': 'string',
        'auth': {
            'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
            'resource': 'string'
        },
        'reportBuildStatus': True|False,
        'buildStatusConfig': {
            'context': 'string',
            'targetUrl': 'string'
        },
        'insecureSsl': True|False,
        'sourceIdentifier': 'string'
    },
    secondarySources=[
        {
            'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
            'location': 'string',
            'gitCloneDepth': 123,
            'gitSubmodulesConfig': {
                'fetchSubmodules': True|False
            },
            'buildspec': 'string',
            'auth': {
                'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                'resource': 'string'
            },
            'reportBuildStatus': True|False,
            'buildStatusConfig': {
                'context': 'string',
                'targetUrl': 'string'
            },
            'insecureSsl': True|False,
            'sourceIdentifier': 'string'
        },
    ],
    sourceVersion='string',
    secondarySourceVersions=[
        {
            'sourceIdentifier': 'string',
            'sourceVersion': 'string'
        },
    ],
    artifacts={
        'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
        'location': 'string',
        'path': 'string',
        'namespaceType': 'NONE'|'BUILD_ID',
        'name': 'string',
        'packaging': 'NONE'|'ZIP',
        'overrideArtifactName': True|False,
        'encryptionDisabled': True|False,
        'artifactIdentifier': 'string',
        'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
    },
    secondaryArtifacts=[
        {
            'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
            'location': 'string',
            'path': 'string',
            'namespaceType': 'NONE'|'BUILD_ID',
            'name': 'string',
            'packaging': 'NONE'|'ZIP',
            'overrideArtifactName': True|False,
            'encryptionDisabled': True|False,
            'artifactIdentifier': 'string',
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        },
    ],
    cache={
        'type': 'NO_CACHE'|'S3'|'LOCAL',
        'location': 'string',
        'modes': [
            'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
        ]
    },
    environment={
        'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
        'image': 'string',
        'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
        'fleet': {
            'fleetArn': 'string'
        },
        'environmentVariables': [
            {
                'name': 'string',
                'value': 'string',
                'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
            },
        ],
        'privilegedMode': True|False,
        'certificate': 'string',
        'registryCredential': {
            'credential': 'string',
            'credentialProvider': 'SECRETS_MANAGER'
        },
        'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
    },
    serviceRole='string',
    timeoutInMinutes=123,
    queuedTimeoutInMinutes=123,
    encryptionKey='string',
    tags=[
        {
            'key': 'string',
            'value': 'string'
        },
    ],
    vpcConfig={
        'vpcId': 'string',
        'subnets': [
            'string',
        ],
        'securityGroupIds': [
            'string',
        ]
    },
    badgeEnabled=True|False,
    logsConfig={
        'cloudWatchLogs': {
            'status': 'ENABLED'|'DISABLED',
            'groupName': 'string',
            'streamName': 'string'
        },
        's3Logs': {
            'status': 'ENABLED'|'DISABLED',
            'location': 'string',
            'encryptionDisabled': True|False,
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        }
    },
    fileSystemLocations=[
        {
            'type': 'EFS',
            'location': 'string',
            'mountPoint': 'string',
            'identifier': 'string',
            'mountOptions': 'string'
        },
    ],
    buildBatchConfig={
        'serviceRole': 'string',
        'combineArtifacts': True|False,
        'restrictions': {
            'maximumBuildsAllowed': 123,
            'computeTypesAllowed': [
                'string',
            ]
        },
        'timeoutInMins': 123,
        'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH'
    },
    concurrentBuildLimit=123,
    autoRetryLimit=123
)
type name:

string

param name:

[REQUIRED]

The name of the build project.

type description:

string

param description:

A new or replacement description of the build project.

type source:

dict

param source:

Information to be changed about the build input source code for the build project.

  • type (string) -- [REQUIRED]

    The type of repository that contains the source code to be built. Valid values include:

    • BITBUCKET: The source code is in a Bitbucket repository.

    • CODECOMMIT: The source code is in an CodeCommit repository.

    • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

    • GITHUB: The source code is in a GitHub repository.

    • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

    • GITLAB: The source code is in a GitLab repository.

    • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

    • NO_SOURCE: The project does not have input source code.

    • S3: The source code is in an Amazon S3 bucket.

  • location (string) --

    Information about the location of the source code to be built. Valid values include:

    • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

    • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

    • For source code in an Amazon S3 input bucket, one of the following.

      • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

      • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

    • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

    • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

    • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

    If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

  • gitCloneDepth (integer) --

    Information about the Git clone depth for the build project.

  • gitSubmodulesConfig (dict) --

    Information about the Git submodules configuration for the build project.

    • fetchSubmodules (boolean) -- [REQUIRED]

      Set to true to fetch Git submodules for your CodeBuild build project.

  • buildspec (string) --

    The buildspec file declaration to use for the builds in this build project.

    If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

  • auth (dict) --

    Information about the authorization settings for CodeBuild to access the source code to be built.

    • type (string) -- [REQUIRED]

      The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

    • resource (string) --

      The resource value that applies to the specified authorization type.

  • reportBuildStatus (boolean) --

    Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

    To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

    The status of a build triggered by a webhook is always reported to your source provider.

    If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

  • buildStatusConfig (dict) --

    Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

    • context (string) --

      Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

      Bitbucket

      This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

      GitHub/GitHub Enterprise Server

      This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

    • targetUrl (string) --

      Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

      Bitbucket

      This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

      GitHub/GitHub Enterprise Server

      This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

  • insecureSsl (boolean) --

    Enable this flag to ignore SSL warnings while connecting to the project source code.

  • sourceIdentifier (string) --

    An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

type secondarySources:

list

param secondarySources:

An array of ProjectSource objects.

  • (dict) --

    Information about the build input source code for the build project.

    • type (string) -- [REQUIRED]

      The type of repository that contains the source code to be built. Valid values include:

      • BITBUCKET: The source code is in a Bitbucket repository.

      • CODECOMMIT: The source code is in an CodeCommit repository.

      • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

      • GITHUB: The source code is in a GitHub repository.

      • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

      • GITLAB: The source code is in a GitLab repository.

      • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

      • NO_SOURCE: The project does not have input source code.

      • S3: The source code is in an Amazon S3 bucket.

    • location (string) --

      Information about the location of the source code to be built. Valid values include:

      • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

      • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

      • For source code in an Amazon S3 input bucket, one of the following.

        • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

        • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

      • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

      • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

      • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

      If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

    • gitCloneDepth (integer) --

      Information about the Git clone depth for the build project.

    • gitSubmodulesConfig (dict) --

      Information about the Git submodules configuration for the build project.

      • fetchSubmodules (boolean) -- [REQUIRED]

        Set to true to fetch Git submodules for your CodeBuild build project.

    • buildspec (string) --

      The buildspec file declaration to use for the builds in this build project.

      If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

    • auth (dict) --

      Information about the authorization settings for CodeBuild to access the source code to be built.

      • type (string) -- [REQUIRED]

        The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

      • resource (string) --

        The resource value that applies to the specified authorization type.

    • reportBuildStatus (boolean) --

      Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

      To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

      The status of a build triggered by a webhook is always reported to your source provider.

      If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

    • buildStatusConfig (dict) --

      Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

      • context (string) --

        Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

        Bitbucket

        This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

        GitHub/GitHub Enterprise Server

        This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

      • targetUrl (string) --

        Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

        Bitbucket

        This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

        GitHub/GitHub Enterprise Server

        This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

    • insecureSsl (boolean) --

      Enable this flag to ignore SSL warnings while connecting to the project source code.

    • sourceIdentifier (string) --

      An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

type sourceVersion:

string

param sourceVersion:

A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:

  • For CodeCommit: the commit ID, branch, or Git tag to use.

  • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

  • For GitLab: the commit ID, branch, or Git tag to use.

  • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

  • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).

For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

type secondarySourceVersions:

list

param secondarySourceVersions:

An array of ProjectSourceVersion objects. If secondarySourceVersions is specified at the build level, then they take over these secondarySourceVersions (at the project level).

  • (dict) --

    A source identifier and its corresponding version.

    • sourceIdentifier (string) -- [REQUIRED]

      An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

    • sourceVersion (string) -- [REQUIRED]

      The source version for the corresponding source identifier. If specified, must be one of:

      • For CodeCommit: the commit ID, branch, or Git tag to use.

      • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

      • For GitLab: the commit ID, branch, or Git tag to use.

      • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

      • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

      For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

type artifacts:

dict

param artifacts:

Information to be changed about the build output artifacts for the build project.

  • type (string) -- [REQUIRED]

    The type of build output artifact. Valid values include:

    • CODEPIPELINE: The build project has build output generated through CodePipeline.

    • NO_ARTIFACTS: The build project does not produce any build output.

    • S3: The build project stores build output in Amazon S3.

  • location (string) --

    Information about the build output artifact location:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the name of the output bucket.

  • path (string) --

    Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

    For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

  • namespaceType (string) --

    Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, valid values include:

      • BUILD_ID: Include the build ID in the location of the build output artifact.

      • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

    For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

  • name (string) --

    Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

    For example:

    • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

    • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

    • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

  • packaging (string) --

    The type of build output artifact to create:

    • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

    • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

    • If type is set to S3, valid values include:

      • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

      • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

  • overrideArtifactName (boolean) --

    If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

  • encryptionDisabled (boolean) --

    Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

  • artifactIdentifier (string) --

    An identifier for this artifact definition.

  • bucketOwnerAccess (string) --

    Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

    This property can be one of the following values:

    NONE

    The bucket owner does not have access to the objects. This is the default.

    READ_ONLY

    The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

    FULL

    The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

    • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

    • Otherwise, the uploading account retains ownership of the objects.

    For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type secondaryArtifacts:

list

param secondaryArtifacts:

An array of ProjectArtifact objects.

  • (dict) --

    Information about the build output artifacts for the build project.

    • type (string) -- [REQUIRED]

      The type of build output artifact. Valid values include:

      • CODEPIPELINE: The build project has build output generated through CodePipeline.

      • NO_ARTIFACTS: The build project does not produce any build output.

      • S3: The build project stores build output in Amazon S3.

    • location (string) --

      Information about the build output artifact location:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the name of the output bucket.

    • path (string) --

      Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

      For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

    • namespaceType (string) --

      Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, valid values include:

        • BUILD_ID: Include the build ID in the location of the build output artifact.

        • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

      For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

    • name (string) --

      Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

      For example:

      • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

      • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

      • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

    • packaging (string) --

      The type of build output artifact to create:

      • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

      • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

      • If type is set to S3, valid values include:

        • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

        • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

    • overrideArtifactName (boolean) --

      If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

    • encryptionDisabled (boolean) --

      Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

    • artifactIdentifier (string) --

      An identifier for this artifact definition.

    • bucketOwnerAccess (string) --

      Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

      This property can be one of the following values:

      NONE

      The bucket owner does not have access to the objects. This is the default.

      READ_ONLY

      The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

      FULL

      The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

      • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

      • Otherwise, the uploading account retains ownership of the objects.

      For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type cache:

dict

param cache:

Stores recently used information so that it can be quickly accessed at a later time.

  • type (string) -- [REQUIRED]

    The type of cache used by the build project. Valid values include:

    • NO_CACHE: The build project does not use any cache.

    • S3: The build project reads and writes from and to S3.

    • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

  • location (string) --

    Information about the cache location:

    • NO_CACHE or LOCAL: This value is ignored.

    • S3: This is the S3 bucket name/prefix.

  • modes (list) --

    An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

    Possible values are:

    LOCAL_SOURCE_CACHE

    Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

    LOCAL_DOCKER_LAYER_CACHE

    Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

    Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

    • Only directories can be specified for caching. You cannot specify individual files.

    • Symlinks are used to reference cached directories.

    • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

    • (string) --

type environment:

dict

param environment:

Information to be changed about the build environment for the build project.

  • type (string) -- [REQUIRED]

    The type of build environment to use for related builds.

    • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

    • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

    • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

    • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

    • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

    For more information, see Build environment compute types in the CodeBuild user guide.

  • image (string) -- [REQUIRED]

    The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

    • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

    • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

    For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

  • computeType (string) -- [REQUIRED]

    Information about the compute resources the build project uses. Available values include:

    • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

    • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

    • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

    • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

    • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

    • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

    If you use BUILD_GENERAL1_SMALL:

    • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

    • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

    • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

    If you use BUILD_GENERAL1_LARGE:

    • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

    • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

    • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

    For more information, see Build Environment Compute Types in the CodeBuild User Guide.

  • fleet (dict) --

    A ProjectFleet object to use for this build project.

    • fleetArn (string) --

      Specifies the compute fleet ARN for the build project.

  • environmentVariables (list) --

    A set of environment variables to make available to builds for this build project.

    • (dict) --

      Information about an environment variable for a build project or a build.

      • name (string) -- [REQUIRED]

        The name or key of the environment variable.

      • value (string) -- [REQUIRED]

        The value of the environment variable.

      • type (string) --

        The type of environment variable. Valid values include:

        • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

        • PLAINTEXT: An environment variable in plain text format. This is the default value.

        • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

  • privilegedMode (boolean) --

    Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

    You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

    If the operating system's base image is Ubuntu Linux:

    - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

    - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

    If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

    - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

    - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

  • certificate (string) --

    The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

  • registryCredential (dict) --

    The credentials for access to a private registry.

    • credential (string) -- [REQUIRED]

      The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

    • credentialProvider (string) -- [REQUIRED]

      The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

  • imagePullCredentialsType (string) --

    The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

    • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

    • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

    When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

type serviceRole:

string

param serviceRole:

The replacement ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.

type timeoutInMinutes:

integer

param timeoutInMinutes:

The replacement value in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed.

type queuedTimeoutInMinutes:

integer

param queuedTimeoutInMinutes:

The number of minutes a build is allowed to be queued before it times out.

type encryptionKey:

string

param encryptionKey:

The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).

type tags:

list

param tags:

An updated list of tag key and value pairs associated with this build project.

These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.

  • (dict) --

    A tag, consisting of a key and a value.

    This tag is available for use by Amazon Web Services services that support tags in CodeBuild.

    • key (string) --

      The tag's key.

    • value (string) --

      The tag's value.

type vpcConfig:

dict

param vpcConfig:

VpcConfig enables CodeBuild to access resources in an Amazon VPC.

  • vpcId (string) --

    The ID of the Amazon VPC.

  • subnets (list) --

    A list of one or more subnet IDs in your Amazon VPC.

    • (string) --

  • securityGroupIds (list) --

    A list of one or more security groups IDs in your Amazon VPC.

    • (string) --

type badgeEnabled:

boolean

param badgeEnabled:

Set this to true to generate a publicly accessible URL for your project's build badge.

type logsConfig:

dict

param logsConfig:

Information about logs for the build project. A project can create logs in CloudWatch Logs, logs in an S3 bucket, or both.

  • cloudWatchLogs (dict) --

    Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.

    • status (string) -- [REQUIRED]

      The current status of the logs in CloudWatch Logs for a build project. Valid values are:

      • ENABLED: CloudWatch Logs are enabled for this build project.

      • DISABLED: CloudWatch Logs are not enabled for this build project.

    • groupName (string) --

      The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

    • streamName (string) --

      The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

  • s3Logs (dict) --

    Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.

    • status (string) -- [REQUIRED]

      The current status of the S3 build logs. Valid values are:

      • ENABLED: S3 build logs are enabled for this build project.

      • DISABLED: S3 build logs are not enabled for this build project.

    • location (string) --

      The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

    • encryptionDisabled (boolean) --

      Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

    • bucketOwnerAccess (string) --

      Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

      This property can be one of the following values:

      NONE

      The bucket owner does not have access to the objects. This is the default.

      READ_ONLY

      The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

      FULL

      The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

      • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

      • Otherwise, the uploading account retains ownership of the objects.

      For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

type fileSystemLocations:

list

param fileSystemLocations:

An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

  • (dict) --

    Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

    • type (string) --

      The type of the file system. The one supported type is EFS.

    • location (string) --

      A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

      The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

    • mountPoint (string) --

      The location in the container where you mount the file system.

    • identifier (string) --

      The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

      The identifier is used to mount your file system.

    • mountOptions (string) --

      The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

type buildBatchConfig:

dict

param buildBatchConfig:

Contains configuration information about a batch build project.

  • serviceRole (string) --

    Specifies the service role ARN for the batch build project.

  • combineArtifacts (boolean) --

    Specifies if the build artifacts for the batch build should be combined into a single artifact location.

  • restrictions (dict) --

    A BatchRestrictions object that specifies the restrictions for the batch build.

    • maximumBuildsAllowed (integer) --

      Specifies the maximum number of builds allowed.

    • computeTypesAllowed (list) --

      An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.

      • (string) --

  • timeoutInMins (integer) --

    Specifies the maximum amount of time, in minutes, that the batch build must be completed in.

  • batchReportMode (string) --

    Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.

    REPORT_AGGREGATED_BATCH

    (Default) Aggregate all of the build statuses into a single status report.

    REPORT_INDIVIDUAL_BUILDS

    Send a separate status report for each individual build.

type concurrentBuildLimit:

integer

param concurrentBuildLimit:

The maximum number of concurrent builds that are allowed for this project.

New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.

To remove this limit, set this value to -1.

type autoRetryLimit:

integer

param autoRetryLimit:

The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.

rtype:

dict

returns:

Response Syntax

{
    'project': {
        'name': 'string',
        'arn': 'string',
        'description': 'string',
        'source': {
            'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
            'location': 'string',
            'gitCloneDepth': 123,
            'gitSubmodulesConfig': {
                'fetchSubmodules': True|False
            },
            'buildspec': 'string',
            'auth': {
                'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                'resource': 'string'
            },
            'reportBuildStatus': True|False,
            'buildStatusConfig': {
                'context': 'string',
                'targetUrl': 'string'
            },
            'insecureSsl': True|False,
            'sourceIdentifier': 'string'
        },
        'secondarySources': [
            {
                'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE',
                'location': 'string',
                'gitCloneDepth': 123,
                'gitSubmodulesConfig': {
                    'fetchSubmodules': True|False
                },
                'buildspec': 'string',
                'auth': {
                    'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER',
                    'resource': 'string'
                },
                'reportBuildStatus': True|False,
                'buildStatusConfig': {
                    'context': 'string',
                    'targetUrl': 'string'
                },
                'insecureSsl': True|False,
                'sourceIdentifier': 'string'
            },
        ],
        'sourceVersion': 'string',
        'secondarySourceVersions': [
            {
                'sourceIdentifier': 'string',
                'sourceVersion': 'string'
            },
        ],
        'artifacts': {
            'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
            'location': 'string',
            'path': 'string',
            'namespaceType': 'NONE'|'BUILD_ID',
            'name': 'string',
            'packaging': 'NONE'|'ZIP',
            'overrideArtifactName': True|False,
            'encryptionDisabled': True|False,
            'artifactIdentifier': 'string',
            'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
        },
        'secondaryArtifacts': [
            {
                'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS',
                'location': 'string',
                'path': 'string',
                'namespaceType': 'NONE'|'BUILD_ID',
                'name': 'string',
                'packaging': 'NONE'|'ZIP',
                'overrideArtifactName': True|False,
                'encryptionDisabled': True|False,
                'artifactIdentifier': 'string',
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            },
        ],
        'cache': {
            'type': 'NO_CACHE'|'S3'|'LOCAL',
            'location': 'string',
            'modes': [
                'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE',
            ]
        },
        'environment': {
            'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'MAC_ARM',
            'image': 'string',
            'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB',
            'fleet': {
                'fleetArn': 'string'
            },
            'environmentVariables': [
                {
                    'name': 'string',
                    'value': 'string',
                    'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER'
                },
            ],
            'privilegedMode': True|False,
            'certificate': 'string',
            'registryCredential': {
                'credential': 'string',
                'credentialProvider': 'SECRETS_MANAGER'
            },
            'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE'
        },
        'serviceRole': 'string',
        'timeoutInMinutes': 123,
        'queuedTimeoutInMinutes': 123,
        'encryptionKey': 'string',
        'tags': [
            {
                'key': 'string',
                'value': 'string'
            },
        ],
        'created': datetime(2015, 1, 1),
        'lastModified': datetime(2015, 1, 1),
        'webhook': {
            'url': 'string',
            'payloadUrl': 'string',
            'secret': 'string',
            'branchFilter': 'string',
            'filterGroups': [
                [
                    {
                        'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME',
                        'pattern': 'string',
                        'excludeMatchedPattern': True|False
                    },
                ],
            ],
            'buildType': 'BUILD'|'BUILD_BATCH',
            'manualCreation': True|False,
            'lastModifiedSecret': datetime(2015, 1, 1),
            'scopeConfiguration': {
                'name': 'string',
                'domain': 'string',
                'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP'
            }
        },
        'vpcConfig': {
            'vpcId': 'string',
            'subnets': [
                'string',
            ],
            'securityGroupIds': [
                'string',
            ]
        },
        'badge': {
            'badgeEnabled': True|False,
            'badgeRequestUrl': 'string'
        },
        'logsConfig': {
            'cloudWatchLogs': {
                'status': 'ENABLED'|'DISABLED',
                'groupName': 'string',
                'streamName': 'string'
            },
            's3Logs': {
                'status': 'ENABLED'|'DISABLED',
                'location': 'string',
                'encryptionDisabled': True|False,
                'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL'
            }
        },
        'fileSystemLocations': [
            {
                'type': 'EFS',
                'location': 'string',
                'mountPoint': 'string',
                'identifier': 'string',
                'mountOptions': 'string'
            },
        ],
        'buildBatchConfig': {
            'serviceRole': 'string',
            'combineArtifacts': True|False,
            'restrictions': {
                'maximumBuildsAllowed': 123,
                'computeTypesAllowed': [
                    'string',
                ]
            },
            'timeoutInMins': 123,
            'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH'
        },
        'concurrentBuildLimit': 123,
        'projectVisibility': 'PUBLIC_READ'|'PRIVATE',
        'publicProjectAlias': 'string',
        'resourceAccessRole': 'string',
        'autoRetryLimit': 123
    }
}

Response Structure

  • (dict) --

    • project (dict) --

      Information about the build project that was changed.

      • name (string) --

        The name of the build project.

      • arn (string) --

        The Amazon Resource Name (ARN) of the build project.

      • description (string) --

        A description that makes the build project easy to identify.

      • source (dict) --

        Information about the build input source code for this build project.

        • type (string) --

          The type of repository that contains the source code to be built. Valid values include:

          • BITBUCKET: The source code is in a Bitbucket repository.

          • CODECOMMIT: The source code is in an CodeCommit repository.

          • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

          • GITHUB: The source code is in a GitHub repository.

          • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

          • GITLAB: The source code is in a GitLab repository.

          • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

          • NO_SOURCE: The project does not have input source code.

          • S3: The source code is in an Amazon S3 bucket.

        • location (string) --

          Information about the location of the source code to be built. Valid values include:

          • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

          • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

          • For source code in an Amazon S3 input bucket, one of the following.

            • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

            • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

          • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

          • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

          If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

        • gitCloneDepth (integer) --

          Information about the Git clone depth for the build project.

        • gitSubmodulesConfig (dict) --

          Information about the Git submodules configuration for the build project.

          • fetchSubmodules (boolean) --

            Set to true to fetch Git submodules for your CodeBuild build project.

        • buildspec (string) --

          The buildspec file declaration to use for the builds in this build project.

          If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

        • auth (dict) --

          Information about the authorization settings for CodeBuild to access the source code to be built.

          • type (string) --

            The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

          • resource (string) --

            The resource value that applies to the specified authorization type.

        • reportBuildStatus (boolean) --

          Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

          To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

          The status of a build triggered by a webhook is always reported to your source provider.

          If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

        • buildStatusConfig (dict) --

          Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

          • context (string) --

            Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • targetUrl (string) --

            Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

            Bitbucket

            This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

            GitHub/GitHub Enterprise Server

            This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

        • insecureSsl (boolean) --

          Enable this flag to ignore SSL warnings while connecting to the project source code.

        • sourceIdentifier (string) --

          An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • secondarySources (list) --

        An array of ProjectSource objects.

        • (dict) --

          Information about the build input source code for the build project.

          • type (string) --

            The type of repository that contains the source code to be built. Valid values include:

            • BITBUCKET: The source code is in a Bitbucket repository.

            • CODECOMMIT: The source code is in an CodeCommit repository.

            • CODEPIPELINE: The source code settings are specified in the source action of a pipeline in CodePipeline.

            • GITHUB: The source code is in a GitHub repository.

            • GITHUB_ENTERPRISE: The source code is in a GitHub Enterprise Server repository.

            • GITLAB: The source code is in a GitLab repository.

            • GITLAB_SELF_MANAGED: The source code is in a self-managed GitLab repository.

            • NO_SOURCE: The project does not have input source code.

            • S3: The source code is in an Amazon S3 bucket.

          • location (string) --

            Information about the location of the source code to be built. Valid values include:

            • For source code settings that are specified in the source action of a pipeline in CodePipeline, location should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.

            • For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>).

            • For source code in an Amazon S3 input bucket, one of the following.

              • The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip).

              • The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/).

            • For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            • For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the auth object's type value to CODECONNECTIONS in the source object.

            • For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source object, set the auth object's type value to OAUTH.

            If you specify CODEPIPELINE for the Type property, don't specify this property. For all of the other types, you must specify Location.

          • gitCloneDepth (integer) --

            Information about the Git clone depth for the build project.

          • gitSubmodulesConfig (dict) --

            Information about the Git submodules configuration for the build project.

            • fetchSubmodules (boolean) --

              Set to true to fetch Git submodules for your CodeBuild build project.

          • buildspec (string) --

            The buildspec file declaration to use for the builds in this build project.

            If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.

          • auth (dict) --

            Information about the authorization settings for CodeBuild to access the source code to be built.

            • type (string) --

              The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.

            • resource (string) --

              The resource value that applies to the specified authorization type.

          • reportBuildStatus (boolean) --

            Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an invalidInputException is thrown.

            To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.

            The status of a build triggered by a webhook is always reported to your source provider.

            If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.

          • buildStatusConfig (dict) --

            Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GITHUB, GITHUB_ENTERPRISE, or BITBUCKET.

            • context (string) --

              Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the name parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the context parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

            • targetUrl (string) --

              Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.

              Bitbucket

              This parameter is used for the url parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.

              GitHub/GitHub Enterprise Server

              This parameter is used for the target_url parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.

          • insecureSsl (boolean) --

            Enable this flag to ignore SSL warnings while connecting to the project source code.

          • sourceIdentifier (string) --

            An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

      • sourceVersion (string) --

        A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:

        • For CodeCommit: the commit ID, branch, or Git tag to use.

        • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For GitLab: the commit ID, branch, or Git tag to use.

        • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

        • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

        If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).

        For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • secondarySourceVersions (list) --

        An array of ProjectSourceVersion objects. If secondarySourceVersions is specified at the build level, then they take over these secondarySourceVersions (at the project level).

        • (dict) --

          A source identifier and its corresponding version.

          • sourceIdentifier (string) --

            An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.

          • sourceVersion (string) --

            The source version for the corresponding source identifier. If specified, must be one of:

            • For CodeCommit: the commit ID, branch, or Git tag to use.

            • For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For GitLab: the commit ID, branch, or Git tag to use.

            • For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.

            • For Amazon S3: the version ID of the object that represents the build input ZIP file to use.

            For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.

      • artifacts (dict) --

        Information about the build output artifacts for the build project.

        • type (string) --

          The type of build output artifact. Valid values include:

          • CODEPIPELINE: The build project has build output generated through CodePipeline.

          • NO_ARTIFACTS: The build project does not produce any build output.

          • S3: The build project stores build output in Amazon S3.

        • location (string) --

          Information about the build output artifact location:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, this is the name of the output bucket.

        • path (string) --

          Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

          For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

        • namespaceType (string) --

          Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, valid values include:

            • BUILD_ID: Include the build ID in the location of the build output artifact.

            • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

          For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

        • name (string) --

          Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

          For example:

          • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

          • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

          • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

        • packaging (string) --

          The type of build output artifact to create:

          • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

          • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

          • If type is set to S3, valid values include:

            • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

            • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

        • overrideArtifactName (boolean) --

          If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

        • encryptionDisabled (boolean) --

          Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

        • artifactIdentifier (string) --

          An identifier for this artifact definition.

        • bucketOwnerAccess (string) --

          Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

          This property can be one of the following values:

          NONE

          The bucket owner does not have access to the objects. This is the default.

          READ_ONLY

          The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

          FULL

          The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

          • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

          • Otherwise, the uploading account retains ownership of the objects.

          For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • secondaryArtifacts (list) --

        An array of ProjectArtifacts objects.

        • (dict) --

          Information about the build output artifacts for the build project.

          • type (string) --

            The type of build output artifact. Valid values include:

            • CODEPIPELINE: The build project has build output generated through CodePipeline.

            • NO_ARTIFACTS: The build project does not produce any build output.

            • S3: The build project stores build output in Amazon S3.

          • location (string) --

            Information about the build output artifact location:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the name of the output bucket.

          • path (string) --

            Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.

            For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.

          • namespaceType (string) --

            Along with path and name, the pattern that CodeBuild uses to determine the name and location to store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, valid values include:

              • BUILD_ID: Include the build ID in the location of the build output artifact.

              • NONE: Do not include the build ID. This is the default if namespaceType is not specified.

            For example, if path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

          • name (string) --

            Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.

            For example:

            • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.

            • If path is empty, namespaceType is set to NONE, and name is set to " /", the output artifact is stored in the root of the output bucket.

            • If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to " /", the output artifact is stored in MyArtifacts/<build-ID>.

          • packaging (string) --

            The type of build output artifact to create:

            • If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.

            • If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.

            • If type is set to S3, valid values include:

              • NONE: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging is not specified.

              • ZIP: CodeBuild creates in the output bucket a ZIP file that contains the build output.

          • overrideArtifactName (boolean) --

            If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.

          • encryptionDisabled (boolean) --

            Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.

          • artifactIdentifier (string) --

            An identifier for this artifact definition.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • cache (dict) --

        Information about the cache for the build project.

        • type (string) --

          The type of cache used by the build project. Valid values include:

          • NO_CACHE: The build project does not use any cache.

          • S3: The build project reads and writes from and to S3.

          • LOCAL: The build project stores a cache locally on a build host that is only available to that build host.

        • location (string) --

          Information about the cache location:

          • NO_CACHE or LOCAL: This value is ignored.

          • S3: This is the S3 bucket name/prefix.

        • modes (list) --

          An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for LOCAL cache types.

          Possible values are:

          LOCAL_SOURCE_CACHE

          Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.

          LOCAL_DOCKER_LAYER_CACHE

          Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.

          Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:

          • Only directories can be specified for caching. You cannot specify individual files.

          • Symlinks are used to reference cached directories.

          • Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.

          • (string) --

      • environment (dict) --

        Information about the build environment for this build project.

        • type (string) --

          The type of build environment to use for related builds.

          • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

          • The environment type LINUX_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

          • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

          • The environment types ARM_LAMBDA_CONTAINER and LINUX_LAMBDA_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).

          • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

          For more information, see Build environment compute types in the CodeBuild user guide.

        • image (string) --

          The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:

          • For an image tag: <registry>/<repository>:<tag>. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0.

          • For an image digest: <registry>/<repository>@<digest>. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf.

          For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.

        • computeType (string) --

          Information about the compute resources the build project uses. Available values include:

          • BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for builds.

          • BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds.

          • BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.

          • BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.

          • BUILD_LAMBDA_1GB: Use up to 1 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_2GB: Use up to 2 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_4GB: Use up to 4 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_8GB: Use up to 8 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          • BUILD_LAMBDA_10GB: Use up to 10 GB memory for builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.

          If you use BUILD_GENERAL1_SMALL:

          • For environment type LINUX_CONTAINER, you can use up to 3 GB memory and 2 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.

          • For environment type ARM_CONTAINER, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.

          If you use BUILD_GENERAL1_LARGE:

          • For environment type LINUX_CONTAINER, you can use up to 15 GB memory and 8 vCPUs for builds.

          • For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.

          • For environment type ARM_CONTAINER, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.

          For more information, see Build Environment Compute Types in the CodeBuild User Guide.

        • fleet (dict) --

          A ProjectFleet object to use for this build project.

          • fleetArn (string) --

            Specifies the compute fleet ARN for the build project.

        • environmentVariables (list) --

          A set of environment variables to make available to builds for this build project.

          • (dict) --

            Information about an environment variable for a build project or a build.

            • name (string) --

              The name or key of the environment variable.

            • value (string) --

              The value of the environment variable.

            • type (string) --

              The type of environment variable. Valid values include:

              • PARAMETER_STORE: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the value of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide.

              • PLAINTEXT: An environment variable in plain text format. This is the default value.

              • SECRETS_MANAGER: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the value of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.

        • privilegedMode (boolean) --

          Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false.

          You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

          If the operating system's base image is Ubuntu Linux:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

          If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout:

          - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

          - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"

        • certificate (string) --

          The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.

        • registryCredential (dict) --

          The credentials for access to a private registry.

          • credential (string) --

            The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.

          • credentialProvider (string) --

            The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.

        • imagePullCredentialsType (string) --

          The type of credentials CodeBuild uses to pull images in your build. There are two valid values:

          • CODEBUILD specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.

          • SERVICE_ROLE specifies that CodeBuild uses your build project's service role.

          When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.

      • serviceRole (string) --

        The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.

      • timeoutInMinutes (integer) --

        How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.

      • queuedTimeoutInMinutes (integer) --

        The number of minutes a build is allowed to be queued before it times out.

      • encryptionKey (string) --

        The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.

        You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).

      • tags (list) --

        A list of tag key and value pairs associated with this build project.

        These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.

        • (dict) --

          A tag, consisting of a key and a value.

          This tag is available for use by Amazon Web Services services that support tags in CodeBuild.

          • key (string) --

            The tag's key.

          • value (string) --

            The tag's value.

      • created (datetime) --

        When the build project was created, expressed in Unix time format.

      • lastModified (datetime) --

        When the build project's settings were last modified, expressed in Unix time format.

      • webhook (dict) --

        Information about a webhook that connects repository events to a build project in CodeBuild.

        • url (string) --

          The URL to the webhook.

        • payloadUrl (string) --

          The CodeBuild endpoint where webhook events are sent.

        • secret (string) --

          The secret token of the associated repository.

        • branchFilter (string) --

          A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If branchFilter is empty, then all branches are built.

        • filterGroups (list) --

          An array of arrays of WebhookFilter objects used to determine which webhooks are triggered. At least one WebhookFilter in the array must specify EVENT as its type.

          For a build to be triggered, at least one filter group in the filterGroups array must pass. For a filter group to pass, each of its filters must pass.

          • (list) --

            • (dict) --

              A filter used to determine which webhooks trigger a build.

              • type (string) --

                The type of webhook filter. There are nine webhook filter types: EVENT, ACTOR_ACCOUNT_ID, HEAD_REF, BASE_REF, FILE_PATH, COMMIT_MESSAGE, TAG_NAME, RELEASE_NAME, and WORKFLOW_NAME.

                • EVENT

                  • A webhook event triggers a build when the provided pattern matches one of nine event types: PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, PULL_REQUEST_CLOSED, PULL_REQUEST_REOPENED, PULL_REQUEST_MERGED, RELEASED, PRERELEASED, and WORKFLOW_JOB_QUEUED. The EVENT patterns are specified as a comma-separated string. For example, PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters all push, pull request created, and pull request updated events.

                • ACTOR_ACCOUNT_ID

                  • A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression pattern.

                • HEAD_REF

                  • A webhook event triggers a build when the head reference matches the regular expression pattern. For example, refs/heads/branch-name and refs/tags/tag-name.

                • BASE_REF

                  • A webhook event triggers a build when the base reference matches the regular expression pattern. For example, refs/heads/branch-name.

                • FILE_PATH

                  • A webhook triggers a build when the path of a changed file matches the regular expression pattern.

                • COMMIT_MESSAGE

                  • A webhook triggers a build when the head commit message matches the regular expression pattern.

                • TAG_NAME

                  • A webhook triggers a build when the tag name of the release matches the regular expression pattern.

                • RELEASE_NAME

                  • A webhook triggers a build when the release name matches the regular expression pattern.

                • REPOSITORY_NAME

                  • A webhook triggers a build when the repository name matches the regular expression pattern.

                • WORKFLOW_NAME

                  • A webhook triggers a build when the workflow name matches the regular expression pattern.

              • pattern (string) --

                For a WebHookFilter that uses EVENT type, a comma-separated string that specifies one or more events. For example, the webhook filter PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED allows all push, pull request created, and pull request updated events to trigger a build.

                For a WebHookFilter that uses any of the other filter types, a regular expression pattern. For example, a WebHookFilter that uses HEAD_REF for its type and the pattern ^refs/heads/ triggers a build when the head reference is a branch with a reference name refs/heads/branch-name.

              • excludeMatchedPattern (boolean) --

                Used to indicate that the pattern determines which webhook events do not trigger a build. If true, then a webhook event that does not match the pattern triggers a build. If false, then a webhook event that matches the pattern triggers a build.

        • buildType (string) --

          Specifies the type of build this webhook will trigger.

        • manualCreation (boolean) --

          If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns payloadUrl and secret values for the webhook. The payloadUrl and secret values in the output can be used to manually create a webhook within GitHub.

        • lastModifiedSecret (datetime) --

          A timestamp that indicates the last time a repository's secret token was modified.

        • scopeConfiguration (dict) --

          The scope configuration for global or organization webhooks.

          • name (string) --

            The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook.

          • domain (string) --

            The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED.

          • scope (string) --

            The type of scope for a GitHub or GitLab webhook.

      • vpcConfig (dict) --

        Information about the VPC configuration that CodeBuild accesses.

        • vpcId (string) --

          The ID of the Amazon VPC.

        • subnets (list) --

          A list of one or more subnet IDs in your Amazon VPC.

          • (string) --

        • securityGroupIds (list) --

          A list of one or more security groups IDs in your Amazon VPC.

          • (string) --

      • badge (dict) --

        Information about the build badge for the build project.

        • badgeEnabled (boolean) --

          Set this to true to generate a publicly accessible URL for your project's build badge.

        • badgeRequestUrl (string) --

          The publicly-accessible URL through which you can access the build badge for your project.

      • logsConfig (dict) --

        Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.

        • cloudWatchLogs (dict) --

          Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.

          • status (string) --

            The current status of the logs in CloudWatch Logs for a build project. Valid values are:

            • ENABLED: CloudWatch Logs are enabled for this build project.

            • DISABLED: CloudWatch Logs are not enabled for this build project.

          • groupName (string) --

            The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

          • streamName (string) --

            The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.

        • s3Logs (dict) --

          Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.

          • status (string) --

            The current status of the S3 build logs. Valid values are:

            • ENABLED: S3 build logs are enabled for this build project.

            • DISABLED: S3 build logs are not enabled for this build project.

          • location (string) --

            The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is my-bucket, and your path prefix is build-log, then acceptable formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.

          • encryptionDisabled (boolean) --

            Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.

          • bucketOwnerAccess (string) --

            Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.

            This property can be one of the following values:

            NONE

            The bucket owner does not have access to the objects. This is the default.

            READ_ONLY

            The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.

            FULL

            The bucket owner has full access to the objects. Object ownership is determined by the following criteria:

            • If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.

            • Otherwise, the uploading account retains ownership of the objects.

            For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.

      • fileSystemLocations (list) --

        An array of ProjectFileSystemLocation objects for a CodeBuild build project. A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint, and type of a file system created using Amazon Elastic File System.

        • (dict) --

          Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?

          • type (string) --

            The type of the file system. The one supported type is EFS.

          • location (string) --

            A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com, and its mount directory is my-efs-mount-directory, then the location is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory.

            The directory path in the format efs-dns-name:/directory-path is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.

          • mountPoint (string) --

            The location in the container where you mount the file system.

          • identifier (string) --

            The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD_. For example, if you specify my_efs for identifier, a new environment variable is create named CODEBUILD_MY_EFS.

            The identifier is used to mount your file system.

          • mountOptions (string) --

            The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2. For more information, see Recommended NFS Mount Options.

      • buildBatchConfig (dict) --

        A ProjectBuildBatchConfig object that defines the batch build options for the project.

        • serviceRole (string) --

          Specifies the service role ARN for the batch build project.

        • combineArtifacts (boolean) --

          Specifies if the build artifacts for the batch build should be combined into a single artifact location.

        • restrictions (dict) --

          A BatchRestrictions object that specifies the restrictions for the batch build.

          • maximumBuildsAllowed (integer) --

            Specifies the maximum number of builds allowed.

          • computeTypesAllowed (list) --

            An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.

            • (string) --

        • timeoutInMins (integer) --

          Specifies the maximum amount of time, in minutes, that the batch build must be completed in.

        • batchReportMode (string) --

          Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.

          REPORT_AGGREGATED_BATCH

          (Default) Aggregate all of the build statuses into a single status report.

          REPORT_INDIVIDUAL_BUILDS

          Send a separate status report for each individual build.

      • concurrentBuildLimit (integer) --

        The maximum number of concurrent builds that are allowed for this project.

        New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.

      • projectVisibility (string) --

        Specifies the visibility of the project's builds. Possible values are:

        PUBLIC_READ

        The project builds are visible to the public.

        PRIVATE

        The project builds are not visible to the public.

      • publicProjectAlias (string) --

        Contains the project identifier used with the public build APIs.

      • resourceAccessRole (string) --

        The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.

      • autoRetryLimit (integer) --

        The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the RetryBuild API to automatically retry your build for up to 2 additional times.