@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
652 lines (651 loc) • 24.3 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* Provides a CodeBuild Project resource. See also the
* `aws.codebuild.Webhook` resource, which manages the webhook to the
* source (e.g., the "rebuild every time a code change is pushed" option in the CodeBuild web console).
*
* ## Example Usage
*
* ### Basic Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const exampleBucket = new aws.s3.Bucket("example", {bucket: "example"});
* const exampleBucketAcl = new aws.s3.BucketAcl("example", {
* bucket: exampleBucket.id,
* acl: "private",
* });
* const assumeRole = aws.iam.getPolicyDocument({
* statements: [{
* effect: "Allow",
* principals: [{
* type: "Service",
* identifiers: ["codebuild.amazonaws.com"],
* }],
* actions: ["sts:AssumeRole"],
* }],
* });
* const exampleRole = new aws.iam.Role("example", {
* name: "example",
* assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json),
* });
* const example = pulumi.all([exampleBucket.arn, exampleBucket.arn]).apply(([exampleBucketArn, exampleBucketArn1]) => aws.iam.getPolicyDocumentOutput({
* statements: [
* {
* effect: "Allow",
* actions: [
* "logs:CreateLogGroup",
* "logs:CreateLogStream",
* "logs:PutLogEvents",
* ],
* resources: ["*"],
* },
* {
* effect: "Allow",
* actions: [
* "ec2:CreateNetworkInterface",
* "ec2:DescribeDhcpOptions",
* "ec2:DescribeNetworkInterfaces",
* "ec2:DeleteNetworkInterface",
* "ec2:DescribeSubnets",
* "ec2:DescribeSecurityGroups",
* "ec2:DescribeVpcs",
* ],
* resources: ["*"],
* },
* {
* effect: "Allow",
* actions: ["ec2:CreateNetworkInterfacePermission"],
* resources: ["arn:aws:ec2:us-east-1:123456789012:network-interface/*"],
* conditions: [
* {
* test: "StringEquals",
* variable: "ec2:Subnet",
* values: [
* example1.arn,
* example2.arn,
* ],
* },
* {
* test: "StringEquals",
* variable: "ec2:AuthorizedService",
* values: ["codebuild.amazonaws.com"],
* },
* ],
* },
* {
* effect: "Allow",
* actions: ["s3:*"],
* resources: [
* exampleBucketArn,
* `${exampleBucketArn1}/*`,
* ],
* },
* {
* effect: "Allow",
* actions: [
* "codeconnections:GetConnectionToken",
* "codeconnections:GetConnection",
* ],
* resources: ["arn:aws:codestar-connections:us-east-1:123456789012:connection/guid-string"],
* },
* ],
* }));
* const exampleRolePolicy = new aws.iam.RolePolicy("example", {
* role: exampleRole.name,
* policy: example.apply(example => example.json),
* });
* const exampleProject = new aws.codebuild.Project("example", {
* name: "test-project",
* description: "test_codebuild_project",
* buildTimeout: 5,
* serviceRole: exampleRole.arn,
* artifacts: {
* type: "NO_ARTIFACTS",
* },
* cache: {
* type: "S3",
* location: exampleBucket.bucket,
* },
* environment: {
* computeType: "BUILD_GENERAL1_SMALL",
* image: "aws/codebuild/amazonlinux2-x86_64-standard:4.0",
* type: "LINUX_CONTAINER",
* imagePullCredentialsType: "CODEBUILD",
* environmentVariables: [
* {
* name: "SOME_KEY1",
* value: "SOME_VALUE1",
* },
* {
* name: "SOME_KEY2",
* value: "SOME_VALUE2",
* type: "PARAMETER_STORE",
* },
* ],
* },
* logsConfig: {
* cloudwatchLogs: {
* groupName: "log-group",
* streamName: "log-stream",
* },
* s3Logs: {
* status: "ENABLED",
* location: pulumi.interpolate`${exampleBucket.id}/build-log`,
* },
* },
* source: {
* type: "GITHUB",
* location: "https://github.com/mitchellh/packer.git",
* gitCloneDepth: 1,
* gitSubmodulesConfig: {
* fetchSubmodules: true,
* },
* },
* sourceVersion: "master",
* vpcConfig: {
* vpcId: exampleAwsVpc.id,
* subnets: [
* example1.id,
* example2.id,
* ],
* securityGroupIds: [
* example1AwsSecurityGroup.id,
* example2AwsSecurityGroup.id,
* ],
* },
* tags: {
* Environment: "Test",
* },
* });
* const project_with_cache = new aws.codebuild.Project("project-with-cache", {
* name: "test-project-cache",
* description: "test_codebuild_project_cache",
* buildTimeout: 5,
* queuedTimeout: 5,
* serviceRole: exampleRole.arn,
* artifacts: {
* type: "NO_ARTIFACTS",
* },
* cache: {
* type: "LOCAL",
* modes: [
* "LOCAL_DOCKER_LAYER_CACHE",
* "LOCAL_SOURCE_CACHE",
* ],
* },
* environment: {
* computeType: "BUILD_GENERAL1_SMALL",
* image: "aws/codebuild/amazonlinux2-x86_64-standard:4.0",
* type: "LINUX_CONTAINER",
* imagePullCredentialsType: "CODEBUILD",
* environmentVariables: [{
* name: "SOME_KEY1",
* value: "SOME_VALUE1",
* }],
* },
* source: {
* type: "GITHUB",
* location: "https://github.com/mitchellh/packer.git",
* gitCloneDepth: 1,
* },
* tags: {
* Environment: "Test",
* },
* });
* const project_using_github_app = new aws.codebuild.Project("project-using-github-app", {
* name: "project-using-github-app",
* description: "gets_source_from_github_via_the_github_app",
* serviceRole: exampleRole.arn,
* artifacts: {
* type: "NO_ARTIFACTS",
* },
* environment: {
* computeType: "BUILD_GENERAL1_SMALL",
* image: "aws/codebuild/amazonlinux2-x86_64-standard:4.0",
* type: "LINUX_CONTAINER",
* imagePullCredentialsType: "CODEBUILD",
* },
* source: {
* type: "GITHUB",
* location: "https://github.com/example/example.git",
* auth: {
* type: "CODECONNECTIONS",
* resource: "arn:aws:codestar-connections:us-east-1:123456789012:connection/guid-string",
* },
* },
* });
* ```
*
* ### Runner Project
*
* While no special configuration is required for `aws.codebuild.Project` to create a project as a Runner Project, an `aws.codebuild.Webhook` resource with an appropriate `filterGroup` is required.
* See the `aws.codebuild.Webhook` resource documentation example for more details.
*
* ## Import
*
* Using `pulumi import`, import CodeBuild Project using the `name`. For example:
*
* ```sh
* $ pulumi import aws:codebuild/project:Project name project-name
* ```
*/
export declare class Project extends pulumi.CustomResource {
/**
* Get an existing Project resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProjectState, opts?: pulumi.CustomResourceOptions): Project;
/**
* Returns true if the given object is an instance of Project. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Project;
/**
* ARN of the CodeBuild project.
*/
readonly arn: pulumi.Output<string>;
/**
* Configuration block. Detailed below.
*/
readonly artifacts: pulumi.Output<outputs.codebuild.ProjectArtifacts>;
/**
* Generates a publicly-accessible URL for the projects build badge. Available as
* `badgeUrl` attribute when enabled.
*/
readonly badgeEnabled: pulumi.Output<boolean | undefined>;
/**
* URL of the build badge when `badgeEnabled` is enabled.
*/
readonly badgeUrl: pulumi.Output<string>;
/**
* Defines the batch build options for the project.
*/
readonly buildBatchConfig: pulumi.Output<outputs.codebuild.ProjectBuildBatchConfig | undefined>;
/**
* Number of minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait until timing out
* any related build that does not get marked as completed. The default is 60 minutes. The `buildTimeout` property is
* not available on the `Lambda` compute type.
*/
readonly buildTimeout: pulumi.Output<number | undefined>;
/**
* Configuration block. Detailed below.
*/
readonly cache: pulumi.Output<outputs.codebuild.ProjectCache | undefined>;
/**
* Specify a maximum number of concurrent builds for the project. The value
* specified must be greater than 0 and less than the account concurrent running builds limit.
*/
readonly concurrentBuildLimit: pulumi.Output<number | undefined>;
/**
* Short description of the project.
*/
readonly description: pulumi.Output<string>;
/**
* AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting
* the build project's build output artifacts.
*/
readonly encryptionKey: pulumi.Output<string>;
/**
* Configuration block. Detailed below.
*/
readonly environment: pulumi.Output<outputs.codebuild.ProjectEnvironment>;
/**
* A set of file system locations to mount inside the build. File system locations
* are documented below.
*/
readonly fileSystemLocations: pulumi.Output<outputs.codebuild.ProjectFileSystemLocation[] | undefined>;
/**
* Configuration block. Detailed below.
*/
readonly logsConfig: pulumi.Output<outputs.codebuild.ProjectLogsConfig | undefined>;
/**
* Project's name.
*/
readonly name: pulumi.Output<string>;
/**
* Specifies the visibility of the project's builds. Possible values are: `PUBLIC_READ`
* and `PRIVATE`. Default value is `PRIVATE`.
*/
readonly projectVisibility: pulumi.Output<string | undefined>;
/**
* The project identifier used with the public build APIs.
*/
readonly publicProjectAlias: pulumi.Output<string>;
/**
* Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it
* times out. The default is 8 hours. The `queuedTimeout` property is not available on the `Lambda` compute type.
*/
readonly queuedTimeout: pulumi.Output<number | undefined>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
readonly region: pulumi.Output<string>;
/**
* The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and
* Amazon S3 artifacts for the project's builds in order to display them publicly. Only applicable if
* `projectVisibility` is `PUBLIC_READ`.
*/
readonly resourceAccessRole: pulumi.Output<string | undefined>;
/**
* Configuration block. Detailed below.
*/
readonly secondaryArtifacts: pulumi.Output<outputs.codebuild.ProjectSecondaryArtifact[] | undefined>;
/**
* Configuration block. Detailed below.
*/
readonly secondarySourceVersions: pulumi.Output<outputs.codebuild.ProjectSecondarySourceVersion[] | undefined>;
/**
* Configuration block. Detailed below.
*/
readonly secondarySources: pulumi.Output<outputs.codebuild.ProjectSecondarySource[] | undefined>;
/**
* Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that
* enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
*/
readonly serviceRole: pulumi.Output<string>;
/**
* Configuration block. Detailed below.
*
* The following arguments are optional:
*/
readonly source: pulumi.Output<outputs.codebuild.ProjectSource>;
/**
* Version of the build input to be built for this project. If not specified, the latest
* version is used.
*/
readonly sourceVersion: pulumi.Output<string | undefined>;
/**
* Map of tags to assign to the resource. If configured with a provider
* `defaultTags` configuration block
* present, tags with matching keys will overwrite those defined at the provider-level.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* A map of tags assigned to the resource, including those inherited from the provider
* `defaultTags` configuration block.
*/
readonly tagsAll: pulumi.Output<{
[key: string]: string;
}>;
/**
* Configuration block. Detailed below.
*/
readonly vpcConfig: pulumi.Output<outputs.codebuild.ProjectVpcConfig | undefined>;
/**
* Create a Project resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: ProjectArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Project resources.
*/
export interface ProjectState {
/**
* ARN of the CodeBuild project.
*/
arn?: pulumi.Input<string>;
/**
* Configuration block. Detailed below.
*/
artifacts?: pulumi.Input<inputs.codebuild.ProjectArtifacts>;
/**
* Generates a publicly-accessible URL for the projects build badge. Available as
* `badgeUrl` attribute when enabled.
*/
badgeEnabled?: pulumi.Input<boolean>;
/**
* URL of the build badge when `badgeEnabled` is enabled.
*/
badgeUrl?: pulumi.Input<string>;
/**
* Defines the batch build options for the project.
*/
buildBatchConfig?: pulumi.Input<inputs.codebuild.ProjectBuildBatchConfig>;
/**
* Number of minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait until timing out
* any related build that does not get marked as completed. The default is 60 minutes. The `buildTimeout` property is
* not available on the `Lambda` compute type.
*/
buildTimeout?: pulumi.Input<number>;
/**
* Configuration block. Detailed below.
*/
cache?: pulumi.Input<inputs.codebuild.ProjectCache>;
/**
* Specify a maximum number of concurrent builds for the project. The value
* specified must be greater than 0 and less than the account concurrent running builds limit.
*/
concurrentBuildLimit?: pulumi.Input<number>;
/**
* Short description of the project.
*/
description?: pulumi.Input<string>;
/**
* AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting
* the build project's build output artifacts.
*/
encryptionKey?: pulumi.Input<string>;
/**
* Configuration block. Detailed below.
*/
environment?: pulumi.Input<inputs.codebuild.ProjectEnvironment>;
/**
* A set of file system locations to mount inside the build. File system locations
* are documented below.
*/
fileSystemLocations?: pulumi.Input<pulumi.Input<inputs.codebuild.ProjectFileSystemLocation>[]>;
/**
* Configuration block. Detailed below.
*/
logsConfig?: pulumi.Input<inputs.codebuild.ProjectLogsConfig>;
/**
* Project's name.
*/
name?: pulumi.Input<string>;
/**
* Specifies the visibility of the project's builds. Possible values are: `PUBLIC_READ`
* and `PRIVATE`. Default value is `PRIVATE`.
*/
projectVisibility?: pulumi.Input<string>;
/**
* The project identifier used with the public build APIs.
*/
publicProjectAlias?: pulumi.Input<string>;
/**
* Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it
* times out. The default is 8 hours. The `queuedTimeout` property is not available on the `Lambda` compute type.
*/
queuedTimeout?: pulumi.Input<number>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and
* Amazon S3 artifacts for the project's builds in order to display them publicly. Only applicable if
* `projectVisibility` is `PUBLIC_READ`.
*/
resourceAccessRole?: pulumi.Input<string>;
/**
* Configuration block. Detailed below.
*/
secondaryArtifacts?: pulumi.Input<pulumi.Input<inputs.codebuild.ProjectSecondaryArtifact>[]>;
/**
* Configuration block. Detailed below.
*/
secondarySourceVersions?: pulumi.Input<pulumi.Input<inputs.codebuild.ProjectSecondarySourceVersion>[]>;
/**
* Configuration block. Detailed below.
*/
secondarySources?: pulumi.Input<pulumi.Input<inputs.codebuild.ProjectSecondarySource>[]>;
/**
* Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that
* enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
*/
serviceRole?: pulumi.Input<string>;
/**
* Configuration block. Detailed below.
*
* The following arguments are optional:
*/
source?: pulumi.Input<inputs.codebuild.ProjectSource>;
/**
* Version of the build input to be built for this project. If not specified, the latest
* version is used.
*/
sourceVersion?: pulumi.Input<string>;
/**
* Map of tags to assign to the resource. If configured with a provider
* `defaultTags` configuration block
* present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* A map of tags assigned to the resource, including those inherited from the provider
* `defaultTags` configuration block.
*/
tagsAll?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Configuration block. Detailed below.
*/
vpcConfig?: pulumi.Input<inputs.codebuild.ProjectVpcConfig>;
}
/**
* The set of arguments for constructing a Project resource.
*/
export interface ProjectArgs {
/**
* Configuration block. Detailed below.
*/
artifacts: pulumi.Input<inputs.codebuild.ProjectArtifacts>;
/**
* Generates a publicly-accessible URL for the projects build badge. Available as
* `badgeUrl` attribute when enabled.
*/
badgeEnabled?: pulumi.Input<boolean>;
/**
* Defines the batch build options for the project.
*/
buildBatchConfig?: pulumi.Input<inputs.codebuild.ProjectBuildBatchConfig>;
/**
* Number of minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait until timing out
* any related build that does not get marked as completed. The default is 60 minutes. The `buildTimeout` property is
* not available on the `Lambda` compute type.
*/
buildTimeout?: pulumi.Input<number>;
/**
* Configuration block. Detailed below.
*/
cache?: pulumi.Input<inputs.codebuild.ProjectCache>;
/**
* Specify a maximum number of concurrent builds for the project. The value
* specified must be greater than 0 and less than the account concurrent running builds limit.
*/
concurrentBuildLimit?: pulumi.Input<number>;
/**
* Short description of the project.
*/
description?: pulumi.Input<string>;
/**
* AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting
* the build project's build output artifacts.
*/
encryptionKey?: pulumi.Input<string>;
/**
* Configuration block. Detailed below.
*/
environment: pulumi.Input<inputs.codebuild.ProjectEnvironment>;
/**
* A set of file system locations to mount inside the build. File system locations
* are documented below.
*/
fileSystemLocations?: pulumi.Input<pulumi.Input<inputs.codebuild.ProjectFileSystemLocation>[]>;
/**
* Configuration block. Detailed below.
*/
logsConfig?: pulumi.Input<inputs.codebuild.ProjectLogsConfig>;
/**
* Project's name.
*/
name?: pulumi.Input<string>;
/**
* Specifies the visibility of the project's builds. Possible values are: `PUBLIC_READ`
* and `PRIVATE`. Default value is `PRIVATE`.
*/
projectVisibility?: pulumi.Input<string>;
/**
* Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it
* times out. The default is 8 hours. The `queuedTimeout` property is not available on the `Lambda` compute type.
*/
queuedTimeout?: pulumi.Input<number>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and
* Amazon S3 artifacts for the project's builds in order to display them publicly. Only applicable if
* `projectVisibility` is `PUBLIC_READ`.
*/
resourceAccessRole?: pulumi.Input<string>;
/**
* Configuration block. Detailed below.
*/
secondaryArtifacts?: pulumi.Input<pulumi.Input<inputs.codebuild.ProjectSecondaryArtifact>[]>;
/**
* Configuration block. Detailed below.
*/
secondarySourceVersions?: pulumi.Input<pulumi.Input<inputs.codebuild.ProjectSecondarySourceVersion>[]>;
/**
* Configuration block. Detailed below.
*/
secondarySources?: pulumi.Input<pulumi.Input<inputs.codebuild.ProjectSecondarySource>[]>;
/**
* Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that
* enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
*/
serviceRole: pulumi.Input<string>;
/**
* Configuration block. Detailed below.
*
* The following arguments are optional:
*/
source: pulumi.Input<inputs.codebuild.ProjectSource>;
/**
* Version of the build input to be built for this project. If not specified, the latest
* version is used.
*/
sourceVersion?: pulumi.Input<string>;
/**
* Map of tags to assign to the resource. If configured with a provider
* `defaultTags` configuration block
* present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Configuration block. Detailed below.
*/
vpcConfig?: pulumi.Input<inputs.codebuild.ProjectVpcConfig>;
}