From 558236bb9df51b5fa5bc618df24e754cecf2f1f4 Mon Sep 17 00:00:00 2001 From: AWS <> Date: Wed, 11 Aug 2021 18:07:07 +0000 Subject: [PATCH] AWS CodeBuild Update: CodeBuild now allows you to make the build results for your build projects available to the public without requiring access to an AWS account. --- .../feature-AWSCodeBuild-ca35569.json | 6 + .../codegen-resources/service-2.json | 337 +++++++++++------- 2 files changed, 206 insertions(+), 137 deletions(-) create mode 100644 .changes/next-release/feature-AWSCodeBuild-ca35569.json diff --git a/.changes/next-release/feature-AWSCodeBuild-ca35569.json b/.changes/next-release/feature-AWSCodeBuild-ca35569.json new file mode 100644 index 000000000000..953229977e6b --- /dev/null +++ b/.changes/next-release/feature-AWSCodeBuild-ca35569.json @@ -0,0 +1,6 @@ +{ + "type": "feature", + "category": "AWS CodeBuild", + "contributor": "", + "description": "CodeBuild now allows you to make the build results for your build projects available to the public without requiring access to an AWS account." +} diff --git a/services/codebuild/src/main/resources/codegen-resources/service-2.json b/services/codebuild/src/main/resources/codegen-resources/service-2.json index e94e574acd22..e057574a5d32 100644 --- a/services/codebuild/src/main/resources/codegen-resources/service-2.json +++ b/services/codebuild/src/main/resources/codegen-resources/service-2.json @@ -134,7 +134,7 @@ {"shape":"ResourceAlreadyExistsException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"
For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables AWS CodeBuild to start rebuilding the source code every time a code change is pushed to the repository.
If you enable webhooks for an AWS CodeBuild project, and the project is used as a build step in AWS CodePipeline, then two identical builds are created for each commit. One build is triggered through webhooks, and one through AWS CodePipeline. Because billing is on a per-build basis, you are billed for both builds. Therefore, if you are using AWS CodePipeline, we recommend that you disable webhooks in AWS CodeBuild. In the AWS CodeBuild console, clear the Webhook box. For more information, see step 5 in Change a Build Project's Settings.
For an existing CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables CodeBuild to start rebuilding the source code every time a code change is pushed to the repository.
If you enable webhooks for an CodeBuild project, and the project is used as a build step in CodePipeline, then two identical builds are created for each commit. One build is triggered through webhooks, and one through CodePipeline. Because billing is on a per-build basis, you are billed for both builds. Therefore, if you are using CodePipeline, we recommend that you disable webhooks in CodeBuild. In the CodeBuild console, clear the Webhook box. For more information, see step 5 in Change a Build Project's Settings.
For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops AWS CodeBuild from rebuilding the source code every time a code change is pushed to the repository.
" + "documentation":"For an existing CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops CodeBuild from rebuilding the source code every time a code change is pushed to the repository.
" }, "DescribeCodeCoverages":{ "name":"DescribeCodeCoverages", @@ -298,7 +298,7 @@ {"shape":"AccountLimitExceededException"}, {"shape":"ResourceAlreadyExistsException"} ], - "documentation":"Imports the source repository credentials for an AWS CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, or Bitbucket repository.
" + "documentation":"Imports the source repository credentials for an CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, or Bitbucket repository.
" }, "InvalidateProjectCache":{ "name":"InvalidateProjectCache", @@ -376,7 +376,7 @@ }, "input":{"shape":"ListCuratedEnvironmentImagesInput"}, "output":{"shape":"ListCuratedEnvironmentImagesOutput"}, - "documentation":"Gets information about Docker images that are managed by AWS CodeBuild.
" + "documentation":"Gets information about Docker images that are managed by CodeBuild.
" }, "ListProjects":{ "name":"ListProjects", @@ -402,7 +402,7 @@ "errors":[ {"shape":"InvalidInputException"} ], - "documentation":"Gets a list ARNs for the report groups in the current AWS account.
" + "documentation":"Gets a list ARNs for the report groups in the current Amazon Web Services account.
" }, "ListReports":{ "name":"ListReports", @@ -415,7 +415,7 @@ "errors":[ {"shape":"InvalidInputException"} ], - "documentation":"Returns a list of ARNs for the reports in the current AWS account.
" + "documentation":"Returns a list of ARNs for the reports in the current Amazon Web Services account.
" }, "ListReportsForReportGroup":{ "name":"ListReportsForReportGroup", @@ -442,7 +442,7 @@ "errors":[ {"shape":"InvalidInputException"} ], - "documentation":"Gets a list of projects that are shared with other AWS accounts or users.
" + "documentation":"Gets a list of projects that are shared with other Amazon Web Services accounts or users.
" }, "ListSharedReportGroups":{ "name":"ListSharedReportGroups", @@ -455,7 +455,7 @@ "errors":[ {"shape":"InvalidInputException"} ], - "documentation":"Gets a list of report groups that are shared with other AWS accounts or users.
" + "documentation":"Gets a list of report groups that are shared with other Amazon Web Services accounts or users.
" }, "ListSourceCredentials":{ "name":"ListSourceCredentials", @@ -584,6 +584,20 @@ ], "documentation":"Changes the settings of a build project.
" }, + "UpdateProjectVisibility":{ + "name":"UpdateProjectVisibility", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdateProjectVisibilityInput"}, + "output":{"shape":"UpdateProjectVisibilityOutput"}, + "errors":[ + {"shape":"InvalidInputException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"Changes the public visibility for a project. The project's build results, logs, and artifacts are available to the general public. For more information, see Public build projects in the CodeBuild User Guide.
The following should be kept in mind when making your projects public:
All of a project's build results, logs, and artifacts, including builds that were run when the project was private, are available to the general public.
All build logs and artifacts are available to the public. Environment variables, source code, and other sensitive information may have been output to the build logs and artifacts. You must be careful about what information is output to the build logs. Some best practice are:
Do not store sensitive values, especially Amazon Web Services access key IDs and secret access keys, in environment variables. We recommend that you use an Amazon EC2 Systems Manager Parameter Store or Secrets Manager to store sensitive values.
Follow Best practices for using webhooks in the CodeBuild User Guide to limit which entities can trigger a build, and do not store the buildspec in the project itself, to ensure that your webhooks are as secure as possible.
A malicious user can use public builds to distribute malicious artifacts. We recommend that you review all pull requests to verify that the pull request is a legitimate change. We also recommend that you validate any artifacts with their checksums to make sure that the correct artifacts are being downloaded.
Updates the webhook associated with an AWS CodeBuild build project.
If you use Bitbucket for your repository, rotateSecret
is ignored.
Updates the webhook associated with an CodeBuild build project.
If you use Bitbucket for your repository, rotateSecret
is ignored.
An AWS service limit was exceeded for the calling AWS account.
", + "documentation":"An Amazon Web Services service limit was exceeded for the calling Amazon Web Services account.
", "exception":true }, "ArtifactNamespace":{ @@ -727,7 +741,7 @@ "members":{ "names":{ "shape":"ProjectNames", - "documentation":"The names or ARNs of the build projects. To get information about a project shared with your AWS account, its ARN must be specified. You cannot specify a shared project using its name.
" + "documentation":"The names or ARNs of the build projects. To get information about a project shared with your Amazon Web Services account, its ARN must be specified. You cannot specify a shared project using its name.
" } } }, @@ -799,7 +813,7 @@ }, "computeTypesAllowed":{ "shape":"ComputeTypesAllowed", - "documentation":"An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the AWS CodeBuild User Guide for these values.
" + "documentation":"An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
" } }, "documentation":"Specifies restrictions for the batch build.
" @@ -807,7 +821,7 @@ "Boolean":{"type":"boolean"}, "BucketOwnerAccess":{ "type":"string", - "documentation":"Specifies the access for objects that are uploaded to an Amazon S3 bucket that is owned by another account.
By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
The bucket owner does not have access to the objects. This is the default.
The bucket owner has read only access to the objects. The uploading account retains ownership of the objects.
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
To use this property, your CodeBuild service role must have the s3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.
This property can be one of the following values:
The bucket owner does not have access to the objects. This is the default.
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
Any version identifier for the version of the source code to be built. If sourceVersion
is specified at the project level, then this sourceVersion
(at the build level) takes precedence.
For more information, see Source Version Sample with CodeBuild in the AWS CodeBuild User Guide.
" + "documentation":"Any version identifier for the version of the source code to be built. If sourceVersion
is specified at the project level, then this sourceVersion
(at the build level) takes precedence.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
" }, "resolvedSourceVersion":{ "shape":"NonEmptyString", - "documentation":"An identifier for the version of this build's source code.
For AWS CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
For AWS CodePipeline, the source revision provided by AWS CodePipeline.
For Amazon S3, this does not apply.
An identifier for the version of this build's source code.
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
For CodePipeline, the source revision provided by CodePipeline.
For Amazon S3, this does not apply.
The name of the AWS CodeBuild project.
" + "documentation":"The name of the CodeBuild project.
" }, "phases":{ "shape":"BuildPhases", @@ -871,7 +885,7 @@ }, "secondarySourceVersions":{ "shape":"ProjectSecondarySourceVersions", - "documentation":" An array of ProjectSourceVersion
objects. Each ProjectSourceVersion
must be one of:
For AWS CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example, pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
An array of ProjectSourceVersion
objects. Each ProjectSourceVersion
must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example, pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
Information about the build's logs in Amazon CloudWatch Logs.
" + "documentation":"Information about the build's logs in CloudWatch Logs.
" }, "timeoutInMinutes":{ "shape":"WrapperInt", - "documentation":"How long, in minutes, for AWS CodeBuild to wait before timing out this build if it does not get marked as completed.
" + "documentation":"How long, in minutes, for CodeBuild to wait before timing out this build if it does not get marked as completed.
" }, "queuedTimeoutInMinutes":{ "shape":"WrapperInt", @@ -911,11 +925,11 @@ }, "initiator":{ "shape":"String", - "documentation":"The entity that started the build. Valid values include:
If AWS CodePipeline started the build, the pipeline's name (for example, codepipeline/my-demo-pipeline
).
If an AWS Identity and Access Management (IAM) user started the build, the user's name (for example, MyUserName
).
If the Jenkins plugin for AWS CodeBuild started the build, the string CodeBuild-Jenkins-Plugin
.
The entity that started the build. Valid values include:
If CodePipeline started the build, the pipeline's name (for example, codepipeline/my-demo-pipeline
).
If an IAM user started the build, the user's name (for example, MyUserName
).
If the Jenkins plugin for CodeBuild started the build, the string CodeBuild-Jenkins-Plugin
.
If your AWS CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.
" + "documentation":"If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.
" }, "networkInterface":{ "shape":"NetworkInterface", @@ -923,11 +937,11 @@ }, "encryptionKey":{ "shape":"NonEmptyString", - "documentation":"The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
A list of exported environment variables for this build.
Exported environment variables are used in conjunction with AWS CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the AWS CodePipeline User Guide.
" + "documentation":"A list of exported environment variables for this build.
Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.
" }, "reportArns":{ "shape":"BuildReportArns", @@ -1018,7 +1032,7 @@ }, "resolvedSourceVersion":{ "shape":"NonEmptyString", - "documentation":"The identifier of the resolved version of this batch build's source code.
For AWS CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
For AWS CodePipeline, the source revision provided by AWS CodePipeline.
For Amazon S3, this does not apply.
The identifier of the resolved version of this batch build's source code.
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
For CodePipeline, the source revision provided by CodePipeline.
For Amazon S3, this does not apply.
An array of ProjectSourceVersion
objects. Each ProjectSourceVersion
must be one of:
For AWS CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example, pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
An array of ProjectSourceVersion
objects. Each ProjectSourceVersion
must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example, pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
The entity that started the batch build. Valid values include:
If AWS CodePipeline started the build, the pipeline's name (for example, codepipeline/my-demo-pipeline
).
If an AWS Identity and Access Management (IAM) user started the build, the user's name.
If the Jenkins plugin for AWS CodeBuild started the build, the string CodeBuild-Jenkins-Plugin
.
The entity that started the batch build. Valid values include:
If CodePipeline started the build, the pipeline's name (for example, codepipeline/my-demo-pipeline
).
If an IAM user started the build, the user's name.
If the Jenkins plugin for CodeBuild started the build, the string CodeBuild-Jenkins-Plugin
.
The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the batch build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
This parameter is used for the url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation.
This parameter is used for the target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
Contains information that defines how the AWS CodeBuild build project reports the build status to the source provider.
" + "documentation":"Contains information that defines how the CodeBuild build project reports the build status to the source provider.
" }, "BuildSummaries":{ "type":"list", @@ -1339,18 +1353,18 @@ "members":{ "status":{ "shape":"LogsConfigStatusType", - "documentation":"The current status of the logs in Amazon CloudWatch Logs for a build project. Valid values are:
ENABLED
: Amazon CloudWatch Logs are enabled for this build project.
DISABLED
: Amazon CloudWatch Logs are not enabled for this build project.
The current status of the logs in CloudWatch Logs for a build project. Valid values are:
ENABLED
: CloudWatch Logs are enabled for this build project.
DISABLED
: CloudWatch Logs are not enabled for this build project.
The group name of the logs in Amazon CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
" + "documentation":"The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
" }, "streamName":{ "shape":"String", - "documentation":"The prefix of the stream name of the Amazon CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
" + "documentation":"The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
" } }, - "documentation":"Information about Amazon CloudWatch Logs for a build project.
" + "documentation":"Information about CloudWatch Logs for a build project.
" }, "CodeCoverage":{ "type":"structure", @@ -1473,7 +1487,7 @@ }, "sourceVersion":{ "shape":"String", - "documentation":"A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For AWS CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the build level, then that version takes precedence over this sourceVersion
(at the project level).
For more information, see Source Version Sample with CodeBuild in the AWS CodeBuild User Guide.
" + "documentation":"A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the build level, then that version takes precedence over this sourceVersion
(at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
" }, "secondarySourceVersions":{ "shape":"ProjectSecondarySourceVersions", @@ -1497,11 +1511,11 @@ }, "serviceRole":{ "shape":"NonEmptyString", - "documentation":"The ARN of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
" + "documentation":"The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
" }, "timeoutInMinutes":{ "shape":"TimeOut", - "documentation":"How long, in minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait before it times out any build that has not been marked as completed. The default is 60 minutes.
" + "documentation":"How long, in minutes, from 5 to 480 (8 hours), for CodeBuild to wait before it times out any build that has not been marked as completed. The default is 60 minutes.
" }, "queuedTimeoutInMinutes":{ "shape":"TimeOut", @@ -1509,15 +1523,15 @@ }, "encryptionKey":{ "shape":"NonEmptyString", - "documentation":"The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
A list of tag key and value pairs associated with this build project.
These tags are available for use by AWS services that support AWS CodeBuild build project tags.
" + "documentation":"A list of tag key and value pairs associated with this build project.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
" }, "vpcConfig":{ "shape":"VpcConfig", - "documentation":"VpcConfig enables AWS CodeBuild to access resources in an Amazon VPC.
" + "documentation":"VpcConfig enables CodeBuild to access resources in an Amazon VPC.
" }, "badgeEnabled":{ "shape":"WrapperBoolean", @@ -1525,7 +1539,7 @@ }, "logsConfig":{ "shape":"LogsConfig", - "documentation":"Information about logs for the build project. These can be logs in Amazon CloudWatch Logs, logs uploaded to a specified S3 bucket, or both.
" + "documentation":"Information about logs for the build project. These can be logs in CloudWatch Logs, logs uploaded to a specified S3 bucket, or both.
" }, "fileSystemLocations":{ "shape":"ProjectFileSystemLocations", @@ -1572,7 +1586,7 @@ }, "tags":{ "shape":"TagList", - "documentation":"A list of tag key and value pairs associated with this report group.
These tags are available for use by AWS services that support AWS CodeBuild report group tags.
" + "documentation":"A list of tag key and value pairs associated with this report group.
These tags are available for use by Amazon Web Services services that support CodeBuild report group tags.
" } } }, @@ -1591,7 +1605,7 @@ "members":{ "projectName":{ "shape":"ProjectName", - "documentation":"The name of the AWS CodeBuild project.
" + "documentation":"The name of the CodeBuild project.
" }, "branchFilter":{ "shape":"String", @@ -1612,7 +1626,7 @@ "members":{ "webhook":{ "shape":"Webhook", - "documentation":"Information about a webhook that connects repository events to a build project in AWS CodeBuild.
" + "documentation":"Information about a webhook that connects repository events to a build project in CodeBuild.
" } } }, @@ -1750,7 +1764,7 @@ "members":{ "projectName":{ "shape":"ProjectName", - "documentation":"The name of the AWS CodeBuild project.
" + "documentation":"The name of the CodeBuild project.
" } } }, @@ -1857,7 +1871,7 @@ "documentation":"A list of environment image versions.
" } }, - "documentation":"Information about a Docker image that is managed by AWS CodeBuild.
" + "documentation":"Information about a Docker image that is managed by CodeBuild.
" }, "EnvironmentImages":{ "type":"list", @@ -1875,7 +1889,7 @@ "documentation":"The list of Docker images that are related by the specified programming language.
" } }, - "documentation":"A set of Docker images that are related by programming language and are managed by AWS CodeBuild.
" + "documentation":"A set of Docker images that are related by programming language and are managed by CodeBuild.
" }, "EnvironmentLanguages":{ "type":"list", @@ -1893,7 +1907,7 @@ "documentation":"The list of programming languages that are available for the specified platform.
" } }, - "documentation":"A set of Docker images that are related by platform and are managed by AWS CodeBuild.
" + "documentation":"A set of Docker images that are related by platform and are managed by CodeBuild.
" }, "EnvironmentPlatforms":{ "type":"list", @@ -1922,11 +1936,11 @@ }, "value":{ "shape":"String", - "documentation":"The value of the environment variable.
We strongly discourage the use of PLAINTEXT
environment variables to store sensitive values, especially AWS secret key IDs and secret access keys. PLAINTEXT
environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS Command Line Interface (AWS CLI). For sensitive values, we recommend you use an environment variable of type PARAMETER_STORE
or SECRETS_MANAGER
.
The value of the environment variable.
We strongly discourage the use of PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs and secret access keys. PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type PARAMETER_STORE
or SECRETS_MANAGER
.
The type of environment variable. Valid values include:
PARAMETER_STORE
: An environment variable stored in Amazon EC2 Systems Manager Parameter Store. To learn how to specify a parameter store environment variable, see env/parameter-store in the AWS CodeBuild User Guide.
PLAINTEXT
: An environment variable in plain text format. This is the default value.
SECRETS_MANAGER
: An environment variable stored in AWS Secrets Manager. To learn how to specify a secrets manager environment variable, see env/secrets-manager in the AWS CodeBuild User Guide.
The type of environment variable. Valid values include:
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. To learn how to specify a parameter store environment variable, see env/parameter-store in the CodeBuild User Guide.
PLAINTEXT
: An environment variable in plain text format. This is the default value.
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. To learn how to specify a secrets manager environment variable, see env/secrets-manager in the CodeBuild User Guide.
Information about an environment variable for a build project or a build.
" @@ -1955,7 +1969,7 @@ "documentation":"The value assigned to the exported environment variable.
" } }, - "documentation":"Contains information about an exported environment variable.
Exported environment variables are used in conjunction with AWS CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the AWS CodePipeline User Guide.
During a build, the value of a variable is available starting with the install
phase. It can be updated between the start of the install
phase and the end of the post_build
phase. After the post_build
phase ends, the value of exported variables cannot change.
Contains information about an exported environment variable.
Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.
During a build, the value of a variable is available starting with the install
phase. It can be updated between the start of the install
phase and the end of the post_build
phase. After the post_build
phase ends, the value of exported variables cannot change.
Set to true to fetch Git submodules for your AWS CodeBuild build project.
" + "documentation":"Set to true to fetch Git submodules for your CodeBuild build project.
" } }, - "documentation":"Information about the Git submodules configuration for an AWS CodeBuild build project.
" + "documentation":"Information about the Git submodules configuration for an CodeBuild build project.
" }, "Identifiers":{ "type":"list", @@ -2078,7 +2092,7 @@ }, "authType":{ "shape":"AuthType", - "documentation":"The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API and must be created using the AWS CodeBuild console.
" + "documentation":"The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API and must be created using the CodeBuild console.
" }, "shouldOverwrite":{ "shape":"WrapperBoolean", @@ -2108,7 +2122,7 @@ "members":{ "projectName":{ "shape":"NonEmptyString", - "documentation":"The name of the AWS CodeBuild build project that the cache is reset for.
" + "documentation":"The name of the CodeBuild build project that the cache is reset for.
" } } }, @@ -2216,7 +2230,7 @@ "members":{ "projectName":{ "shape":"NonEmptyString", - "documentation":"The name of the AWS CodeBuild project.
" + "documentation":"The name of the CodeBuild project.
" }, "sortOrder":{ "shape":"SortOrderType", @@ -2277,7 +2291,7 @@ "members":{ "platforms":{ "shape":"EnvironmentPlatforms", - "documentation":"Information about supported platforms for Docker images that are managed by AWS CodeBuild.
" + "documentation":"Information about supported platforms for Docker images that are managed by CodeBuild.
" } } }, @@ -2341,7 +2355,7 @@ }, "reportGroups":{ "shape":"ReportGroupArns", - "documentation":"The list of ARNs for the report groups in the current AWS account.
" + "documentation":"The list of ARNs for the report groups in the current Amazon Web Services account.
" } } }, @@ -2414,7 +2428,7 @@ }, "reports":{ "shape":"ReportArns", - "documentation":"The list of returned ARNs for the reports in the current AWS account.
" + "documentation":"The list of returned ARNs for the reports in the current Amazon Web Services account.
" } } }, @@ -2423,7 +2437,7 @@ "members":{ "sortBy":{ "shape":"SharedResourceSortByType", - "documentation":"The criterion to be used to list build projects shared with the current AWS account or user. Valid values include:
ARN
: List based on the ARN.
MODIFIED_TIME
: List based on when information about the shared project was last changed.
The criterion to be used to list build projects shared with the current Amazon Web Services account or user. Valid values include:
ARN
: List based on the ARN.
MODIFIED_TIME
: List based on when information about the shared project was last changed.
The list of ARNs for the build projects shared with the current AWS account or user.
" + "documentation":"The list of ARNs for the build projects shared with the current Amazon Web Services account or user.
" } } }, @@ -2461,7 +2475,7 @@ }, "sortBy":{ "shape":"SharedResourceSortByType", - "documentation":"The criterion to be used to list report groups shared with the current AWS account or user. Valid values include:
ARN
: List based on the ARN.
MODIFIED_TIME
: List based on when information about the shared report group was last changed.
The criterion to be used to list report groups shared with the current Amazon Web Services account or user. Valid values include:
ARN
: List based on the ARN.
MODIFIED_TIME
: List based on when information about the shared report group was last changed.
The list of ARNs for the report groups shared with the current AWS account or user.
" + "documentation":"The list of ARNs for the report groups shared with the current Amazon Web Services account or user.
" } } }, @@ -2505,14 +2519,14 @@ "members":{ "cloudWatchLogs":{ "shape":"CloudWatchLogsConfig", - "documentation":"Information about Amazon CloudWatch Logs for a build project. Amazon CloudWatch Logs are enabled by default.
" + "documentation":"Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
" }, "s3Logs":{ "shape":"S3LogsConfig", "documentation":"Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
" } }, - "documentation":"Information about logs for a build project. These can be logs in Amazon CloudWatch Logs, built in a specified S3 bucket, or both.
" + "documentation":"Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both.
" }, "LogsConfigStatusType":{ "type":"string", @@ -2526,15 +2540,15 @@ "members":{ "groupName":{ "shape":"String", - "documentation":"The name of the Amazon CloudWatch Logs group for the build logs.
" + "documentation":"The name of the CloudWatch Logs group for the build logs.
" }, "streamName":{ "shape":"String", - "documentation":"The name of the Amazon CloudWatch Logs stream for the build logs.
" + "documentation":"The name of the CloudWatch Logs stream for the build logs.
" }, "deepLink":{ "shape":"String", - "documentation":"The URL to an individual build log in Amazon CloudWatch Logs.
" + "documentation":"The URL to an individual build log in CloudWatch Logs.
" }, "s3DeepLink":{ "shape":"String", @@ -2542,7 +2556,7 @@ }, "cloudWatchLogsArn":{ "shape":"String", - "documentation":" The ARN of Amazon CloudWatch Logs for a build project. Its format is arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}
. For more information, see Resources Defined by Amazon CloudWatch Logs.
The ARN of CloudWatch Logs for a build project. Its format is arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}
. For more information, see Resources Defined by CloudWatch Logs.
Information about Amazon CloudWatch Logs for a build project.
" + "documentation":"Information about CloudWatch Logs for a build project.
" }, "s3Logs":{ "shape":"S3LogsConfig", "documentation":"Information about S3 logs for a build project.
" } }, - "documentation":"Information about build logs in Amazon CloudWatch Logs.
" + "documentation":"Information about build logs in CloudWatch Logs.
" }, "NetworkInterface":{ "type":"structure", @@ -2650,7 +2664,7 @@ }, "sourceVersion":{ "shape":"String", - "documentation":"A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For AWS CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the build level, then that version takes precedence over this sourceVersion
(at the project level).
For more information, see Source Version Sample with CodeBuild in the AWS CodeBuild User Guide.
" + "documentation":"A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the build level, then that version takes precedence over this sourceVersion
(at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
" }, "secondarySourceVersions":{ "shape":"ProjectSecondarySourceVersions", @@ -2674,11 +2688,11 @@ }, "serviceRole":{ "shape":"NonEmptyString", - "documentation":"The ARN of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
" + "documentation":"The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
" }, "timeoutInMinutes":{ "shape":"TimeOut", - "documentation":"How long, in minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.
" + "documentation":"How long, in minutes, from 5 to 480 (8 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.
" }, "queuedTimeoutInMinutes":{ "shape":"TimeOut", @@ -2686,11 +2700,11 @@ }, "encryptionKey":{ "shape":"NonEmptyString", - "documentation":"The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).
A list of tag key and value pairs associated with this build project.
These tags are available for use by AWS services that support AWS CodeBuild build project tags.
" + "documentation":"A list of tag key and value pairs associated with this build project.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
" }, "created":{ "shape":"Timestamp", @@ -2702,11 +2716,11 @@ }, "webhook":{ "shape":"Webhook", - "documentation":"Information about a webhook that connects repository events to a build project in AWS CodeBuild.
" + "documentation":"Information about a webhook that connects repository events to a build project in CodeBuild.
" }, "vpcConfig":{ "shape":"VpcConfig", - "documentation":"Information about the VPC configuration that AWS CodeBuild accesses.
" + "documentation":"Information about the VPC configuration that CodeBuild accesses.
" }, "badge":{ "shape":"ProjectBadge", @@ -2714,7 +2728,7 @@ }, "logsConfig":{ "shape":"LogsConfig", - "documentation":"Information about logs for the build project. A project can create logs in Amazon CloudWatch Logs, an S3 bucket, or both.
" + "documentation":"Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.
" }, "fileSystemLocations":{ "shape":"ProjectFileSystemLocations", @@ -2727,6 +2741,15 @@ "concurrentBuildLimit":{ "shape":"WrapperInt", "documentation":"The maximum number of concurrent builds that are allowed for this project.
New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.
" + }, + "projectVisibility":{"shape":"ProjectVisibilityType"}, + "publicProjectAlias":{ + "shape":"NonEmptyString", + "documentation":"Contains the project identifier used with the public build APIs.
" + }, + "resourceAccessRole":{ + "shape":"NonEmptyString", + "documentation":"The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.
" } }, "documentation":"Information about a build project.
" @@ -2743,27 +2766,27 @@ "members":{ "type":{ "shape":"ArtifactsType", - "documentation":"The type of build output artifact. Valid values include:
CODEPIPELINE
: The build project has build output generated through AWS CodePipeline.
The CODEPIPELINE
type is not supported for secondaryArtifacts
.
NO_ARTIFACTS
: The build project does not produce any build output.
S3
: The build project stores build output in Amazon S3.
The type of build output artifact. Valid values include:
CODEPIPELINE
: The build project has build output generated through CodePipeline.
The CODEPIPELINE
type is not supported for secondaryArtifacts
.
NO_ARTIFACTS
: The build project does not produce any build output.
S3
: The build project stores build output in Amazon S3.
Information about the build output artifact location:
If type
is set to CODEPIPELINE
, AWS CodePipeline ignores this value if specified. This is because AWS CodePipeline manages its build output locations instead of AWS CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, this is the name of the output bucket.
Information about the build output artifact location:
If type
is set to CODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, this is the name of the output bucket.
Along with namespaceType
and name
, the pattern that AWS CodeBuild uses to name and store the output artifact:
If type
is set to CODEPIPELINE
, AWS CodePipeline ignores this value if specified. This is because AWS CodePipeline manages its build output names instead of AWS CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, this is the path to the output artifact. If path
is not specified, path
is not used.
For example, if path
is set to MyArtifacts
, namespaceType
is set to NONE
, and name
is set to MyArtifact.zip
, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip
.
Along with namespaceType
and name
, the pattern that CodeBuild uses to name and store the output artifact:
If type
is set to CODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, this is the path to the output artifact. If path
is not specified, path
is not used.
For example, if path
is set to MyArtifacts
, namespaceType
is set to NONE
, and name
is set to MyArtifact.zip
, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip
.
Along with path
and name
, the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:
If type
is set to CODEPIPELINE
, AWS CodePipeline ignores this value if specified. This is because AWS CodePipeline manages its build output names instead of AWS CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, valid values include:
BUILD_ID
: Include the build ID in the location of the build output artifact.
NONE
: Do not include the build ID. This is the default if namespaceType
is not specified.
For example, if path
is set to MyArtifacts
, namespaceType
is set to BUILD_ID
, and name
is set to MyArtifact.zip
, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip
.
Along with path
and name
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:
If type
is set to CODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, valid values include:
BUILD_ID
: Include the build ID in the location of the build output artifact.
NONE
: Do not include the build ID. This is the default if namespaceType
is not specified.
For example, if path
is set to MyArtifacts
, namespaceType
is set to BUILD_ID
, and name
is set to MyArtifact.zip
, the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip
.
Along with path
and namespaceType
, the pattern that AWS CodeBuild uses to name and store the output artifact:
If type
is set to CODEPIPELINE
, AWS CodePipeline ignores this value if specified. This is because AWS CodePipeline manages its build output names instead of AWS CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.
For example:
If path
is set to MyArtifacts
, namespaceType
is set to BUILD_ID
, and name
is set to MyArtifact.zip
, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip
.
If path
is empty, namespaceType
is set to NONE
, and name
is set to \"/
\", the output artifact is stored in the root of the output bucket.
If path
is set to MyArtifacts
, namespaceType
is set to BUILD_ID
, and name
is set to \"/
\", the output artifact is stored in MyArtifacts/<build-ID>
.
Along with path
and namespaceType
, the pattern that CodeBuild uses to name and store the output artifact:
If type
is set to CODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.
For example:
If path
is set to MyArtifacts
, namespaceType
is set to BUILD_ID
, and name
is set to MyArtifact.zip
, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip
.
If path
is empty, namespaceType
is set to NONE
, and name
is set to \"/
\", the output artifact is stored in the root of the output bucket.
If path
is set to MyArtifacts
, namespaceType
is set to BUILD_ID
, and name
is set to \"/
\", the output artifact is stored in MyArtifacts/<build-ID>
.
The type of build output artifact to create:
If type
is set to CODEPIPELINE
, AWS CodePipeline ignores this value if specified. This is because AWS CodePipeline manages its build output artifacts instead of AWS CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, valid values include:
NONE
: AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging
is not specified.
ZIP
: AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.
The type of build output artifact to create:
If type
is set to CODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild.
If type
is set to NO_ARTIFACTS
, this value is ignored if specified, because no build output is produced.
If type
is set to S3
, valid values include:
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default if packaging
is not specified.
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
The type of build environment to use for related builds.
The environment type ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).
The environment type LINUX_CONTAINER
with compute type build.general1.2xlarge
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).
The environment type LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
The type of build environment to use for related builds.
The environment type ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).
The environment type LINUX_CONTAINER
with compute type build.general1.2xlarge
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).
The environment type LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
The environment types WINDOWS_CONTAINER
and WINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
For more information, see Build environment compute types in the CodeBuild user guide.
" }, "image":{ "shape":"NonEmptyString", - "documentation":"The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
For an image tag: <registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0
.
For an image digest: <registry>/<repository>@<digest>
. For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
For an image tag: <registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0
.
For an image digest: <registry>/<repository>@<digest>
. For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
" }, "computeType":{ "shape":"ComputeType", - "documentation":"Information about the compute resources the build project uses. Available values include:
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds.
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds.
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
If you use BUILD_GENERAL1_LARGE
:
For environment type LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds.
For environment type LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.
For environment type ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
For more information, see Build Environment Compute Types in the AWS CodeBuild User Guide.
" + "documentation":"Information about the compute resources the build project uses. Available values include:
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds.
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds.
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
If you use BUILD_GENERAL1_LARGE
:
For environment type LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds.
For environment type LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.
For environment type ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
For more information, see Build Environment Compute Types in the CodeBuild User Guide.
" }, "environmentVariables":{ "shape":"EnvironmentVariables", @@ -2881,7 +2904,7 @@ }, "certificate":{ "shape":"String", - "documentation":"The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the AWS CodeBuild User Guide.
" + "documentation":"The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
" }, "registryCredential":{ "shape":"RegistryCredential", @@ -2889,7 +2912,7 @@ }, "imagePullCredentialsType":{ "shape":"ImagePullCredentialsType", - "documentation":"The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:
CODEBUILD
specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild's service principal.
SERVICE_ROLE
specifies that AWS CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.
" + "documentation":"The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal.
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
" } }, "documentation":"Information about the build environment of the build project.
" @@ -2903,7 +2926,7 @@ }, "location":{ "shape":"String", - "documentation":"A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the AWS EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory is my-efs-mount-directory
, then the location
is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.
The directory path in the format efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.
A string that specifies the location of the file system created by Amazon EFS. Its format is efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is fs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory is my-efs-mount-directory
, then the location
is fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.
The directory path in the format efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.
The mount options for a file system created by AWS EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System?
" @@ -2956,11 +2979,11 @@ "members":{ "type":{ "shape":"SourceType", - "documentation":"The type of repository that contains the source code to be built. Valid values include:
BITBUCKET
: The source code is in a Bitbucket repository.
CODECOMMIT
: The source code is in an AWS CodeCommit repository.
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in AWS CodePipeline.
GITHUB
: The source code is in a GitHub or GitHub Enterprise Cloud repository.
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository.
NO_SOURCE
: The project does not have input source code.
S3
: The source code is in an Amazon S3 bucket.
The type of repository that contains the source code to be built. Valid values include:
BITBUCKET
: The source code is in a Bitbucket repository.
CODECOMMIT
: The source code is in an CodeCommit repository.
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline.
GITHUB
: The source code is in a GitHub or GitHub Enterprise Cloud repository.
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository.
NO_SOURCE
: The project does not have input source code.
S3
: The source code is in an Amazon S3 bucket.
Information about the location of the source code to be built. Valid values include:
For source code settings that are specified in the source action of a pipeline in AWS CodePipeline, location
should not be specified. If it is specified, AWS CodePipeline ignores it. This is because AWS CodePipeline uses the settings in a pipeline's source action instead of this value.
For source code in an AWS CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
).
For source code in an Amazon S3 input bucket, one of the following.
The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip
).
The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/
).
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow AWS CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the source
object, set the auth
object's type
value to OAUTH
.
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the source
object, set the auth
object's type
value to OAUTH
.
Information about the location of the source code to be built. Valid values include:
For source code settings that are specified in the source action of a pipeline in CodePipeline, location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
).
For source code in an Amazon S3 input bucket, one of the following.
The path to the ZIP file that contains the source code (for example, <bucket-name>/<path>/<object-name>.zip
).
The path to the folder that contains the source code (for example, <bucket-name>/<path-to-source-code>/<folder>/
).
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source
object, set the auth
object's type
value to OAUTH
.
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the source
object, set the auth
object's type
value to OAUTH
.
If you specify CODEPIPELINE
for the Type
property, don't specify this property. For all of the other types, you must specify Location
.
The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same AWS Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
Information about the authorization settings for AWS CodeBuild to access the source code to be built.
This information is for the AWS CodeBuild console's use only. Your code should not get or set this information directly.
" + "documentation":"Information about the authorization settings for CodeBuild to access the source code to be built.
This information is for the CodeBuild console's use only. Your code should not get or set this information directly.
" }, "reportBuildStatus":{ "shape":"WrapperBoolean", - "documentation":" Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, or Bitbucket. If this is set and you use a different source provider, an invalidInputException
is thrown.
To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the AWS CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, or Bitbucket. If this is set and you use a different source provider, an invalidInputException
is thrown.
To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
The source version for the corresponding source identifier. If specified, must be one of:
For AWS CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example, pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the AWS CodeBuild User Guide.
" + "documentation":"The source version for the corresponding source identifier. If specified, must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example, pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
" } }, "documentation":"A source identifier and its corresponding version.
" @@ -3021,6 +3044,14 @@ "max":12, "min":0 }, + "ProjectVisibilityType":{ + "type":"string", + "documentation":"Specifies the visibility of the project's builds. Possible values are:
The project builds are visible to the public.
The project builds are not visible to the public.
A JSON-formatted resource policy. For more information, see Sharing a Project and Sharing a Report Group in the AWS CodeBuild User Guide.
" + "documentation":"A JSON-formatted resource policy. For more information, see Sharing a Project and Sharing a Report Group in the CodeBuild User Guide.
" }, "resourceArn":{ "shape":"NonEmptyString", @@ -3060,14 +3091,14 @@ "members":{ "credential":{ "shape":"NonEmptyString", - "documentation":"The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager.
The credential
can use the name of the credentials only if they exist in your current AWS Region.
The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
The credential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.
The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager.
" + "documentation":"The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
" } }, - "documentation":"Information about credentials that provide access to a private Docker registry. When this is set:
imagePullCredentialsType
must be set to SERVICE_ROLE
.
images cannot be curated or an Amazon ECR image.
For more information, see Private Registry with AWS Secrets Manager Sample for AWS CodeBuild.
" + "documentation":"Information about credentials that provide access to a private Docker registry. When this is set:
imagePullCredentialsType
must be set to SERVICE_ROLE
.
images cannot be curated or an Amazon ECR image.
For more information, see Private Registry with Secrets Manager Sample for CodeBuild.
" }, "Report":{ "type":"structure", @@ -3196,7 +3227,7 @@ }, "tags":{ "shape":"TagList", - "documentation":"A list of tag key and value pairs associated with this report group.
These tags are available for use by AWS services that support AWS CodeBuild report group tags.
" + "documentation":"A list of tag key and value pairs associated with this report group.
These tags are available for use by Amazon Web Services services that support CodeBuild report group tags.
" }, "status":{ "shape":"ReportGroupStatusType", @@ -3338,7 +3369,7 @@ "documentation":"The identifier of the artifact.
" } }, - "documentation":"Represents a resolved build artifact. A resolve artifact is an artifact that is built and deployed to the destination, such as Amazon S3.
" + "documentation":"Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3.
" }, "ResolvedSecondaryArtifacts":{ "type":"list", @@ -3348,14 +3379,14 @@ "type":"structure", "members":{ }, - "documentation":"The specified AWS resource cannot be created, because an AWS resource with the same settings already exists.
", + "documentation":"The specified Amazon Web Services resource cannot be created, because an Amazon Web Services resource with the same settings already exists.
", "exception":true }, "ResourceNotFoundException":{ "type":"structure", "members":{ }, - "documentation":"The specified AWS resource cannot be found.
", + "documentation":"The specified Amazon Web Services resource cannot be found.
", "exception":true }, "RetryBuildBatchInput":{ @@ -3367,7 +3398,7 @@ }, "idempotencyToken":{ "shape":"String", - "documentation":"A unique, case sensitive identifier you provide to ensure the idempotency of the RetryBuildBatch
request. The token is included in the RetryBuildBatch
request and is valid for five minutes. If you repeat the RetryBuildBatch
request with the same token, but change a parameter, AWS CodeBuild returns a parameter mismatch error.
A unique, case sensitive identifier you provide to ensure the idempotency of the RetryBuildBatch
request. The token is included in the RetryBuildBatch
request and is valid for five minutes. If you repeat the RetryBuildBatch
request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.
A unique, case sensitive identifier you provide to ensure the idempotency of the RetryBuild
request. The token is included in the RetryBuild
request and is valid for five minutes. If you repeat the RetryBuild
request with the same token, but change a parameter, AWS CodeBuild returns a parameter mismatch error.
A unique, case sensitive identifier you provide to ensure the idempotency of the RetryBuild
request. The token is included in the RetryBuild
request and is valid for five minutes. If you repeat the RetryBuild
request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.
The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.
" + "documentation":"The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.
" }, "path":{ "shape":"String", @@ -3444,7 +3475,7 @@ }, "packaging":{ "shape":"ReportPackagingType", - "documentation":"The type of build output artifact to create. Valid values include:
NONE
: AWS CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.
ZIP
: AWS CodeBuild creates a ZIP file with the raw data in the output bucket.
The type of build output artifact to create. Valid values include:
NONE
: CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.
ZIP
: CodeBuild creates a ZIP file with the raw data in the output bucket.
The resource value that applies to the specified authorization type.
" } }, - "documentation":"Information about the authorization settings for AWS CodeBuild to access the source code to be built.
This information is for the AWS CodeBuild console's use only. Your code should not get or set this information directly.
" + "documentation":"Information about the authorization settings for CodeBuild to access the source code to be built.
This information is for the CodeBuild console's use only. Your code should not get or set this information directly.
" }, "SourceAuthType":{ "type":"string", @@ -3560,7 +3591,7 @@ }, "sourceVersion":{ "shape":"String", - "documentation":"The version of the batch build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:
The commit ID, branch, or Git tag to use.
The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the project level, then this sourceVersion
(at the build level) takes precedence.
For more information, see Source Version Sample with CodeBuild in the AWS CodeBuild User Guide.
" + "documentation":"The version of the batch build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:
The commit ID, branch, or Git tag to use.
The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the project level, then this sourceVersion
(at the build level) takes precedence.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
" }, "artifactsOverride":{ "shape":"ProjectArtifacts", @@ -3596,7 +3627,7 @@ }, "buildspecOverride":{ "shape":"String", - "documentation":"A buildspec file declaration that overrides, for this build only, the latest one already defined in the build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same AWS Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
A buildspec file declaration that overrides, for this build only, the latest one already defined in the build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
The AWS Key Management Service (AWS KMS) customer master key (CMK) that overrides the one specified in the batch build project. The CMK key encrypts the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
The Key Management Service customer master key (CMK) that overrides the one specified in the batch build project. The CMK key encrypts the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
A unique, case sensitive identifier you provide to ensure the idempotency of the StartBuildBatch
request. The token is included in the StartBuildBatch
request and is valid for five minutes. If you repeat the StartBuildBatch
request with the same token, but change a parameter, AWS CodeBuild returns a parameter mismatch error.
A unique, case sensitive identifier you provide to ensure the idempotency of the StartBuildBatch
request. The token is included in the StartBuildBatch
request and is valid for five minutes. If you repeat the StartBuildBatch
request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.
The type of credentials AWS CodeBuild uses to pull images in your batch build. There are two valid values:
Specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild's service principal.
Specifies that AWS CodeBuild uses your build project's service role.
When using a cross-account or private registry image, you must use SERVICE_ROLE
credentials. When using an AWS CodeBuild curated image, you must use CODEBUILD
credentials.
The type of credentials CodeBuild uses to pull images in your batch build. There are two valid values:
Specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild's service principal.
Specifies that CodeBuild uses your build project's service role.
When using a cross-account or private registry image, you must use SERVICE_ROLE
credentials. When using an CodeBuild curated image, you must use CODEBUILD
credentials.
The name of the AWS CodeBuild build project to start running a build.
" + "documentation":"The name of the CodeBuild build project to start running a build.
" }, "secondarySourcesOverride":{ "shape":"ProjectSources", @@ -3699,7 +3730,7 @@ }, "sourceVersion":{ "shape":"String", - "documentation":"The version of the build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:
The commit ID, branch, or Git tag to use.
The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the project level, then this sourceVersion
(at the build level) takes precedence.
For more information, see Source Version Sample with CodeBuild in the AWS CodeBuild User Guide.
" + "documentation":"The version of the build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:
The commit ID, branch, or Git tag to use.
The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the project level, then this sourceVersion
(at the build level) takes precedence.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
" }, "artifactsOverride":{ "shape":"ProjectArtifacts", @@ -3731,11 +3762,11 @@ }, "gitSubmodulesConfigOverride":{ "shape":"GitSubmodulesConfig", - "documentation":"Information about the Git submodules configuration for this build of an AWS CodeBuild build project.
" + "documentation":"Information about the Git submodules configuration for this build of an CodeBuild build project.
" }, "buildspecOverride":{ "shape":"String", - "documentation":"A buildspec file declaration that overrides, for this build only, the latest one already defined in the build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same AWS Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
A buildspec file declaration that overrides, for this build only, the latest one already defined in the build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
Set to true to report to your source provider the status of a build's start and completion. If you use this option with a source provider other than GitHub, GitHub Enterprise, or Bitbucket, an invalidInputException
is thrown.
To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the AWS CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
Set to true to report to your source provider the status of a build's start and completion. If you use this option with a source provider other than GitHub, GitHub Enterprise, or Bitbucket, an invalidInputException
is thrown.
To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
The AWS Key Management Service (AWS KMS) customer master key (CMK) that overrides the one specified in the build project. The CMK key encrypts the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
The Key Management Service customer master key (CMK) that overrides the one specified in the build project. The CMK key encrypts the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
A unique, case sensitive identifier you provide to ensure the idempotency of the StartBuild request. The token is included in the StartBuild request and is valid for 5 minutes. If you repeat the StartBuild request with the same token, but change a parameter, AWS CodeBuild returns a parameter mismatch error.
" + "documentation":"A unique, case sensitive identifier you provide to ensure the idempotency of the StartBuild request. The token is included in the StartBuild request and is valid for 5 minutes. If you repeat the StartBuild request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.
" }, "logsConfigOverride":{ "shape":"LogsConfig", @@ -3803,7 +3834,7 @@ }, "imagePullCredentialsTypeOverride":{ "shape":"ImagePullCredentialsType", - "documentation":"The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:
Specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild's service principal.
Specifies that AWS CodeBuild uses your build project's service role.
When using a cross-account or private registry image, you must use SERVICE_ROLE
credentials. When using an AWS CodeBuild curated image, you must use CODEBUILD
credentials.
The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
Specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild's service principal.
Specifies that CodeBuild uses your build project's service role.
When using a cross-account or private registry image, you must use SERVICE_ROLE
credentials. When using an CodeBuild curated image, you must use CODEBUILD
credentials.
The tag's value.
" } }, - "documentation":"A tag, consisting of a key and a value.
This tag is available for use by AWS services that support tags in AWS CodeBuild.
" + "documentation":"A tag, consisting of a key and a value.
This tag is available for use by Amazon Web Services services that support tags in CodeBuild.
" }, "TagList":{ "type":"list", @@ -3999,7 +4030,7 @@ }, "sourceVersion":{ "shape":"String", - "documentation":"A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For AWS CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the build level, then that version takes precedence over this sourceVersion
(at the project level).
For more information, see Source Version Sample with CodeBuild in the AWS CodeBuild User Guide.
" + "documentation":"A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID
(for example pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion
is specified at the build level, then that version takes precedence over this sourceVersion
(at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
" }, "secondarySourceVersions":{ "shape":"ProjectSecondarySourceVersions", @@ -4023,11 +4054,11 @@ }, "serviceRole":{ "shape":"NonEmptyString", - "documentation":"The replacement ARN of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
" + "documentation":"The replacement ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
" }, "timeoutInMinutes":{ "shape":"TimeOut", - "documentation":"The replacement value in minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed.
" + "documentation":"The replacement value in minutes, from 5 to 480 (8 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed.
" }, "queuedTimeoutInMinutes":{ "shape":"TimeOut", @@ -4035,15 +4066,15 @@ }, "encryptionKey":{ "shape":"NonEmptyString", - "documentation":"The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>
).
An updated list of tag key and value pairs associated with this build project.
These tags are available for use by AWS services that support AWS CodeBuild build project tags.
" + "documentation":"An updated list of tag key and value pairs associated with this build project.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
" }, "vpcConfig":{ "shape":"VpcConfig", - "documentation":"VpcConfig enables AWS CodeBuild to access resources in an Amazon VPC.
" + "documentation":"VpcConfig enables CodeBuild to access resources in an Amazon VPC.
" }, "badgeEnabled":{ "shape":"WrapperBoolean", @@ -4051,7 +4082,7 @@ }, "logsConfig":{ "shape":"LogsConfig", - "documentation":"Information about logs for the build project. A project can create logs in Amazon CloudWatch Logs, logs in an S3 bucket, or both.
" + "documentation":"Information about logs for the build project. A project can create logs in CloudWatch Logs, logs in an S3 bucket, or both.
" }, "fileSystemLocations":{ "shape":"ProjectFileSystemLocations", @@ -4073,6 +4104,38 @@ } } }, + "UpdateProjectVisibilityInput":{ + "type":"structure", + "required":[ + "projectArn", + "projectVisibility" + ], + "members":{ + "projectArn":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Resource Name (ARN) of the build project.
" + }, + "projectVisibility":{"shape":"ProjectVisibilityType"}, + "resourceAccessRole":{ + "shape":"NonEmptyString", + "documentation":"The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.
" + } + } + }, + "UpdateProjectVisibilityOutput":{ + "type":"structure", + "members":{ + "projectArn":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Resource Name (ARN) of the build project.
" + }, + "publicProjectAlias":{ + "shape":"NonEmptyString", + "documentation":"Contains the project identifier used with the public build APIs.
" + }, + "projectVisibility":{"shape":"ProjectVisibilityType"} + } + }, "UpdateReportGroupInput":{ "type":"structure", "required":["arn"], @@ -4087,7 +4150,7 @@ }, "tags":{ "shape":"TagList", - "documentation":"An updated list of tag key and value pairs associated with this report group.
These tags are available for use by AWS services that support AWS CodeBuild report group tags.
" + "documentation":"An updated list of tag key and value pairs associated with this report group.
These tags are available for use by Amazon Web Services services that support CodeBuild report group tags.
" } } }, @@ -4106,7 +4169,7 @@ "members":{ "projectName":{ "shape":"ProjectName", - "documentation":"The name of the AWS CodeBuild project.
" + "documentation":"The name of the CodeBuild project.
" }, "branchFilter":{ "shape":"String", @@ -4131,7 +4194,7 @@ "members":{ "webhook":{ "shape":"Webhook", - "documentation":"Information about a repository's webhook that is associated with a project in AWS CodeBuild.
" + "documentation":"Information about a repository's webhook that is associated with a project in CodeBuild.
" } } }, @@ -4157,7 +4220,7 @@ "documentation":"A list of one or more security groups IDs in your Amazon VPC.
" } }, - "documentation":"Information about the VPC configuration that AWS CodeBuild accesses.
" + "documentation":"Information about the VPC configuration that CodeBuild accesses.
" }, "Webhook":{ "type":"structure", @@ -4168,7 +4231,7 @@ }, "payloadUrl":{ "shape":"NonEmptyString", - "documentation":"The AWS CodeBuild endpoint where webhook events are sent.
" + "documentation":"The CodeBuild endpoint where webhook events are sent.
" }, "secret":{ "shape":"NonEmptyString", @@ -4191,7 +4254,7 @@ "documentation":"A timestamp that indicates the last time a repository's secret token was modified.
" } }, - "documentation":"Information about a webhook that connects repository events to a build project in AWS CodeBuild.
" + "documentation":"Information about a webhook that connects repository events to a build project in CodeBuild.
" }, "WebhookBuildType":{ "type":"string", @@ -4237,5 +4300,5 @@ "WrapperInt":{"type":"integer"}, "WrapperLong":{"type":"long"} }, - "documentation":"AWS CodeBuild is a fully managed build service in the cloud. AWS CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. AWS CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for the most popular programming languages and build tools, such as Apache Maven, Gradle, and more. You can also fully customize build environments in AWS CodeBuild to use your own build tools. AWS CodeBuild scales automatically to meet peak build requests. You pay only for the build time you consume. For more information about AWS CodeBuild, see the AWS CodeBuild User Guide.
" + "documentation":"CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for the most popular programming languages and build tools, such as Apache Maven, Gradle, and more. You can also fully customize build environments in CodeBuild to use your own build tools. CodeBuild scales automatically to meet peak build requests. You pay only for the build time you consume. For more information about CodeBuild, see the CodeBuild User Guide.
" }