AWS CodeBuild Project

This page shows how to write Terraform and CloudFormation for CodeBuild Project and write them securely.

aws_codebuild_project (Terraform)

The Project in CodeBuild can be configured in Terraform with the resource name aws_codebuild_project. The following sections describe 4 examples of how to use the resource and its parameters.

Example Usage from GitHub

codebuild_project_test.tf#L9
resource "aws_codebuild_project" "my_project_noUsage" {
  name        = "test-project-cache"
  description = "test_codebuild_project_cache"

  service_role = ""

aws_codebuild_project_encryption_allowed.tf#L1
resource "aws_codebuild_project" "allowed" {
  artifacts {
    type = "NO_ARTIFACTS"
  }
}

aws_codebuild_project_encryption_denied.tf#L1
resource "aws_codebuild_project" "denied" {
  artifacts {
    type = "S3"
    encryption_disabled = true
  }
}
cicd-pipeline.tf#L1
resource "aws_codebuild_project" "tf-plan" {
  name         = "tf-cicd-plan2"
  description  = "Plan stage for terraform"
  service_role = aws_iam_role.tf-codebuild-role.arn

  artifacts {

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Security Best Practices for aws_codebuild_project

There is 1 setting in aws_codebuild_project that should be taken care of for security reasons. The following section explain an overview and example code.

risk-label

Ensure to enable encryption of CodeBuild artifacts

It's better to protect CodeBuild project artifacts with default encryption.

Review your AWS CodeBuild settings

You can check if the aws_codebuild_project setting in your .tf file is correct in 3 min with Shisho Cloud.

Parameters

Explanation in Terraform Registry

Provides a CodeBuild Project resource. See also the aws_codebuild_webhook resource, which manages the webhook to the source (e.g., the "rebuild every time a code change is pushed" option in the CodeBuild web console).

AWS::CodeBuild::Project (CloudFormation)

The Project in CodeBuild can be configured in CloudFormation with the resource name AWS::CodeBuild::Project. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

Explanation in CloudFormation Registry

The AWS::CodeBuild::Project resource configures how AWS CodeBuild builds your source code. For example, it tells CodeBuild where to get the source code and which build environment to use.

Frequently asked questions

What is AWS CodeBuild Project?

AWS CodeBuild Project is a resource for CodeBuild of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS CodeBuild Project?

For Terraform, the gilyas/infracost, snyk-labs/infrastructure-as-code-goof and snyk-labs/infrastructure-as-code-goof source code examples are useful. See the Terraform Example section for further details.