CodeBuild ********* Client ====== class CodeBuild.Client A low-level client representing AWS CodeBuild CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for the most popular programming languages and build tools, such as Apache Maven, Gradle, and more. You can also fully customize build environments in CodeBuild to use your own build tools. CodeBuild scales automatically to meet peak build requests. You pay only for the build time you consume. For more information about CodeBuild, see the CodeBuild User Guide. import boto3 client = boto3.client('codebuild') These are the available methods: * batch_delete_builds * batch_get_build_batches * batch_get_builds * batch_get_command_executions * batch_get_fleets * batch_get_projects * batch_get_report_groups * batch_get_reports * batch_get_sandboxes * can_paginate * close * create_fleet * create_project * create_report_group * create_webhook * delete_build_batch * delete_fleet * delete_project * delete_report * delete_report_group * delete_resource_policy * delete_source_credentials * delete_webhook * describe_code_coverages * describe_test_cases * get_paginator * get_report_group_trend * get_resource_policy * get_waiter * import_source_credentials * invalidate_project_cache * list_build_batches * list_build_batches_for_project * list_builds * list_builds_for_project * list_command_executions_for_sandbox * list_curated_environment_images * list_fleets * list_projects * list_report_groups * list_reports * list_reports_for_report_group * list_sandboxes * list_sandboxes_for_project * list_shared_projects * list_shared_report_groups * list_source_credentials * put_resource_policy * retry_build * retry_build_batch * start_build * start_build_batch * start_command_execution * start_sandbox * start_sandbox_connection * stop_build * stop_build_batch * stop_sandbox * update_fleet * update_project * update_project_visibility * update_report_group * update_webhook Paginators ========== Paginators are available on a client instance via the "get_paginator" method. For more detailed instructions and examples on the usage of paginators, see the paginators user guide. The available paginators are: * DescribeCodeCoverages * DescribeTestCases * ListBuildBatches * ListBuildBatchesForProject * ListBuilds * ListBuildsForProject * ListCommandExecutionsForSandbox * ListProjects * ListReportGroups * ListReports * ListReportsForReportGroup * ListSandboxes * ListSandboxesForProject * ListSharedProjects * ListSharedReportGroups CodeBuild / Paginator / ListSharedReportGroups ListSharedReportGroups ********************** class CodeBuild.Paginator.ListSharedReportGroups paginator = client.get_paginator('list_shared_report_groups') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_shared_report_groups()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( sortOrder='ASCENDING'|'DESCENDING', sortBy='ARN'|'MODIFIED_TIME', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **sortOrder** (*string*) -- The order in which to list shared report groups. Valid values include: * "ASCENDING": List in ascending order. * "DESCENDING": List in descending order. * **sortBy** (*string*) -- The criterion to be used to list report groups shared with the current Amazon Web Services account or user. Valid values include: * "ARN": List based on the ARN. * "MODIFIED_TIME": List based on when information about the shared report group was last changed. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'reportGroups': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **reportGroups** *(list) --* The list of ARNs for the report groups shared with the current Amazon Web Services account or user. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListProjects ListProjects ************ class CodeBuild.Paginator.ListProjects paginator = client.get_paginator('list_projects') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_projects()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( sortBy='NAME'|'CREATED_TIME'|'LAST_MODIFIED_TIME', sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'StartingToken': 'string' } ) Parameters: * **sortBy** (*string*) -- The criterion to be used to list build project names. Valid values include: * "CREATED_TIME": List based on when each build project was created. * "LAST_MODIFIED_TIME": List based on when information about each build project was last changed. * "NAME": List based on each build project's name. Use "sortOrder" to specify in what order to list the build project names based on the preceding criteria. * **sortOrder** (*string*) -- The order in which to list build projects. Valid values include: * "ASCENDING": List in ascending order. * "DESCENDING": List in descending order. Use "sortBy" to specify the criterion to be used to list build project names. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'projects': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **projects** *(list) --* The list of build project names, with each build project name representing a single build project. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListBuildsForProject ListBuildsForProject ******************** class CodeBuild.Paginator.ListBuildsForProject paginator = client.get_paginator('list_builds_for_project') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_builds_for_project()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( projectName='string', sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'StartingToken': 'string' } ) Parameters: * **projectName** (*string*) -- **[REQUIRED]** The name of the CodeBuild project. * **sortOrder** (*string*) -- The order to sort the results in. The results are sorted by build number, not the build identifier. If this is not specified, the results are sorted in descending order. Valid values include: * "ASCENDING": List the build identifiers in ascending order, by build number. * "DESCENDING": List the build identifiers in descending order, by build number. If the project has more than 100 builds, setting the sort order will result in an error. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* A list of build identifiers for the specified build project, with each build ID representing a single build. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / DescribeTestCases DescribeTestCases ***************** class CodeBuild.Paginator.DescribeTestCases paginator = client.get_paginator('describe_test_cases') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.describe_test_cases()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( reportArn='string', filter={ 'status': 'string', 'keyword': 'string' }, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **reportArn** (*string*) -- **[REQUIRED]** The ARN of the report for which test cases are returned. * **filter** (*dict*) -- A "TestCaseFilter" object used to filter the returned reports. * **status** *(string) --* The status used to filter test cases. A "TestCaseFilter" can have one status. Valid values are: * "SUCCEEDED" * "FAILED" * "ERROR" * "SKIPPED" * "UNKNOWN" * **keyword** *(string) --* A keyword that is used to filter on the "name" or the "prefix" of the test cases. Only test cases where the keyword is a substring of the "name" or the "prefix" will be returned. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'testCases': [ { 'reportArn': 'string', 'testRawDataPath': 'string', 'prefix': 'string', 'name': 'string', 'status': 'string', 'durationInNanoSeconds': 123, 'message': 'string', 'expired': datetime(2015, 1, 1), 'testSuiteName': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **testCases** *(list) --* The returned list of test cases. * *(dict) --* Information about a test case created using a framework such as NUnit or Cucumber. A test case might be a unit test or a configuration test. * **reportArn** *(string) --* The ARN of the report to which the test case belongs. * **testRawDataPath** *(string) --* The path to the raw data file that contains the test result. * **prefix** *(string) --* A string that is applied to a series of related test cases. CodeBuild generates the prefix. The prefix depends on the framework used to generate the tests. * **name** *(string) --* The name of the test case. * **status** *(string) --* The status returned by the test case after it was run. Valid statuses are "SUCCEEDED", "FAILED", "ERROR", "SKIPPED", and "UNKNOWN". * **durationInNanoSeconds** *(integer) --* The number of nanoseconds it took to run this test case. * **message** *(string) --* A message associated with a test case. For example, an error message or stack trace. * **expired** *(datetime) --* The date and time a test case expires. A test case expires 30 days after it is created. An expired test case is not available to view in CodeBuild. * **testSuiteName** *(string) --* The name of the test suite that the test case is a part of. * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListBuildBatches ListBuildBatches **************** class CodeBuild.Paginator.ListBuildBatches paginator = client.get_paginator('list_build_batches') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_build_batches()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( filter={ 'status': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED' }, sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **filter** (*dict*) -- A "BuildBatchFilter" object that specifies the filters for the search. * **status** *(string) --* The status of the batch builds to retrieve. Only batch builds that have this status will be retrieved. * **sortOrder** (*string*) -- Specifies the sort order of the returned items. Valid values include: * "ASCENDING": List the batch build identifiers in ascending order by identifier. * "DESCENDING": List the batch build identifiers in descending order by identifier. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* An array of strings that contains the batch build identifiers. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListReports ListReports *********** class CodeBuild.Paginator.ListReports paginator = client.get_paginator('list_reports') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_reports()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( sortOrder='ASCENDING'|'DESCENDING', filter={ 'status': 'GENERATING'|'SUCCEEDED'|'FAILED'|'INCOMPLETE'|'DELETING' }, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **sortOrder** (*string*) -- Specifies the sort order for the list of returned reports. Valid values are: * "ASCENDING": return reports in chronological order based on their creation date. * "DESCENDING": return reports in the reverse chronological order based on their creation date. * **filter** (*dict*) -- A "ReportFilter" object used to filter the returned reports. * **status** *(string) --* The status used to filter reports. You can filter using one status only. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'reports': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **reports** *(list) --* The list of returned ARNs for the reports in the current Amazon Web Services account. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListReportGroups ListReportGroups **************** class CodeBuild.Paginator.ListReportGroups paginator = client.get_paginator('list_report_groups') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_report_groups()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( sortOrder='ASCENDING'|'DESCENDING', sortBy='NAME'|'CREATED_TIME'|'LAST_MODIFIED_TIME', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **sortOrder** (*string*) -- Used to specify the order to sort the list of returned report groups. Valid values are "ASCENDING" and "DESCENDING". * **sortBy** (*string*) -- The criterion to be used to list build report groups. Valid values include: * "CREATED_TIME": List based on when each report group was created. * "LAST_MODIFIED_TIME": List based on when each report group was last changed. * "NAME": List based on each report group's name. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'reportGroups': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **reportGroups** *(list) --* The list of ARNs for the report groups in the current Amazon Web Services account. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListCommandExecutionsForSandbox ListCommandExecutionsForSandbox ******************************* class CodeBuild.Paginator.ListCommandExecutionsForSandbox paginator = client.get_paginator('list_command_executions_for_sandbox') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_command_executions_for_sandbox()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( sandboxId='string', sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **sandboxId** (*string*) -- **[REQUIRED]** A "sandboxId" or "sandboxArn". * **sortOrder** (*string*) -- The order in which sandbox records should be retrieved. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'commandExecutions': [ { 'id': 'string', 'sandboxId': 'string', 'submitTime': datetime(2015, 1, 1), 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'status': 'string', 'command': 'string', 'type': 'SHELL', 'exitCode': 'string', 'standardOutputContent': 'string', 'standardErrContent': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'sandboxArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **commandExecutions** *(list) --* Information about the requested command executions. * *(dict) --* Contains command execution information. * **id** *(string) --* The ID of the command execution. * **sandboxId** *(string) --* A "sandboxId". * **submitTime** *(datetime) --* When the command execution process was initially submitted, expressed in Unix time format. * **startTime** *(datetime) --* When the command execution process started, expressed in Unix time format. * **endTime** *(datetime) --* When the command execution process ended, expressed in Unix time format. * **status** *(string) --* The status of the command execution. * **command** *(string) --* The command that needs to be executed. * **type** *(string) --* The command type. * **exitCode** *(string) --* The exit code to return upon completion. * **standardOutputContent** *(string) --* The text written by the command to stdout. * **standardErrContent** *(string) --* The text written by the command to stderr. * **logs** *(dict) --* Information about build logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectNa me}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my- bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **sandboxArn** *(string) --* A "sandboxArn". * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListSandboxesForProject ListSandboxesForProject *********************** class CodeBuild.Paginator.ListSandboxesForProject paginator = client.get_paginator('list_sandboxes_for_project') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_sandboxes_for_project()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( projectName='string', sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **projectName** (*string*) -- **[REQUIRED]** The CodeBuild project name. * **sortOrder** (*string*) -- The order in which sandbox records should be retrieved. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* Information about the requested sandbox IDs. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListBuildBatchesForProject ListBuildBatchesForProject ************************** class CodeBuild.Paginator.ListBuildBatchesForProject paginator = client.get_paginator('list_build_batches_for_project') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_build_batches_for_project()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( projectName='string', filter={ 'status': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED' }, sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **projectName** (*string*) -- The name of the project. * **filter** (*dict*) -- A "BuildBatchFilter" object that specifies the filters for the search. * **status** *(string) --* The status of the batch builds to retrieve. Only batch builds that have this status will be retrieved. * **sortOrder** (*string*) -- Specifies the sort order of the returned items. Valid values include: * "ASCENDING": List the batch build identifiers in ascending order by identifier. * "DESCENDING": List the batch build identifiers in descending order by identifier. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* An array of strings that contains the batch build identifiers. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListSandboxes ListSandboxes ************* class CodeBuild.Paginator.ListSandboxes paginator = client.get_paginator('list_sandboxes') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_sandboxes()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **sortOrder** (*string*) -- The order in which sandbox records should be retrieved. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* Information about the requested sandbox IDs. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / DescribeCodeCoverages DescribeCodeCoverages ********************* class CodeBuild.Paginator.DescribeCodeCoverages paginator = client.get_paginator('describe_code_coverages') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.describe_code_coverages()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( reportArn='string', sortOrder='ASCENDING'|'DESCENDING', sortBy='LINE_COVERAGE_PERCENTAGE'|'FILE_PATH', minLineCoveragePercentage=123.0, maxLineCoveragePercentage=123.0, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **reportArn** (*string*) -- **[REQUIRED]** The ARN of the report for which test cases are returned. * **sortOrder** (*string*) -- Specifies if the results are sorted in ascending or descending order. * **sortBy** (*string*) -- Specifies how the results are sorted. Possible values are: FILE_PATH The results are sorted by file path. LINE_COVERAGE_PERCENTAGE The results are sorted by the percentage of lines that are covered. * **minLineCoveragePercentage** (*float*) -- The minimum line coverage percentage to report. * **maxLineCoveragePercentage** (*float*) -- The maximum line coverage percentage to report. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'codeCoverages': [ { 'id': 'string', 'reportARN': 'string', 'filePath': 'string', 'lineCoveragePercentage': 123.0, 'linesCovered': 123, 'linesMissed': 123, 'branchCoveragePercentage': 123.0, 'branchesCovered': 123, 'branchesMissed': 123, 'expired': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **codeCoverages** *(list) --* An array of "CodeCoverage" objects that contain the results. * *(dict) --* Contains code coverage report information. Line coverage measures how many statements your tests cover. A statement is a single instruction, not including comments, conditionals, etc. Branch coverage determines if your tests cover every possible branch of a control structure, such as an "if" or "case" statement. * **id** *(string) --* The identifier of the code coverage report. * **reportARN** *(string) --* The ARN of the report. * **filePath** *(string) --* The path of the test report file. * **lineCoveragePercentage** *(float) --* The percentage of lines that are covered by your tests. * **linesCovered** *(integer) --* The number of lines that are covered by your tests. * **linesMissed** *(integer) --* The number of lines that are not covered by your tests. * **branchCoveragePercentage** *(float) --* The percentage of branches that are covered by your tests. * **branchesCovered** *(integer) --* The number of conditional branches that are covered by your tests. * **branchesMissed** *(integer) --* The number of conditional branches that are not covered by your tests. * **expired** *(datetime) --* The date and time that the tests were run. * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListBuilds ListBuilds ********** class CodeBuild.Paginator.ListBuilds paginator = client.get_paginator('list_builds') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_builds()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'StartingToken': 'string' } ) Parameters: * **sortOrder** (*string*) -- The order to list build IDs. Valid values include: * "ASCENDING": List the build IDs in ascending order by build ID. * "DESCENDING": List the build IDs in descending order by build ID. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* A list of build IDs, with each build ID representing a single build. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListReportsForReportGroup ListReportsForReportGroup ************************* class CodeBuild.Paginator.ListReportsForReportGroup paginator = client.get_paginator('list_reports_for_report_group') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_reports_for_report_group()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( reportGroupArn='string', sortOrder='ASCENDING'|'DESCENDING', filter={ 'status': 'GENERATING'|'SUCCEEDED'|'FAILED'|'INCOMPLETE'|'DELETING' }, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **reportGroupArn** (*string*) -- **[REQUIRED]** The ARN of the report group for which you want to return report ARNs. * **sortOrder** (*string*) -- Use to specify whether the results are returned in ascending or descending order. * **filter** (*dict*) -- A "ReportFilter" object used to filter the returned reports. * **status** *(string) --* The status used to filter reports. You can filter using one status only. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'reports': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **reports** *(list) --* The list of report ARNs. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Paginator / ListSharedProjects ListSharedProjects ****************** class CodeBuild.Paginator.ListSharedProjects paginator = client.get_paginator('list_shared_projects') paginate(**kwargs) Creates an iterator that will paginate through responses from "CodeBuild.Client.list_shared_projects()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( sortBy='ARN'|'MODIFIED_TIME', sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **sortBy** (*string*) -- The criterion to be used to list build projects shared with the current Amazon Web Services account or user. Valid values include: * "ARN": List based on the ARN. * "MODIFIED_TIME": List based on when information about the shared project was last changed. * **sortOrder** (*string*) -- The order in which to list shared build projects. Valid values include: * "ASCENDING": List in ascending order. * "DESCENDING": List in descending order. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'projects': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **projects** *(list) --* The list of ARNs for the build projects shared with the current Amazon Web Services account or user. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. CodeBuild / Client / get_paginator get_paginator ************* CodeBuild.Client.get_paginator(operation_name) Create a paginator for an operation. Parameters: **operation_name** (*string*) -- The operation name. This is the same name as the method name on the client. For example, if the method name is "create_foo", and you'd normally invoke the operation as "client.create_foo(**kwargs)", if the "create_foo" operation can be paginated, you can use the call "client.get_paginator("create_foo")". Raises: **OperationNotPageableError** -- Raised if the operation is not pageable. You can use the "client.can_paginate" method to check if an operation is pageable. Return type: "botocore.paginate.Paginator" Returns: A paginator object. CodeBuild / Client / list_build_batches list_build_batches ****************** CodeBuild.Client.list_build_batches(**kwargs) Retrieves the identifiers of your build batches in the current region. See also: AWS API Documentation **Request Syntax** response = client.list_build_batches( filter={ 'status': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED' }, maxResults=123, sortOrder='ASCENDING'|'DESCENDING', nextToken='string' ) Parameters: * **filter** (*dict*) -- A "BuildBatchFilter" object that specifies the filters for the search. * **status** *(string) --* The status of the batch builds to retrieve. Only batch builds that have this status will be retrieved. * **maxResults** (*integer*) -- The maximum number of results to return. * **sortOrder** (*string*) -- Specifies the sort order of the returned items. Valid values include: * "ASCENDING": List the batch build identifiers in ascending order by identifier. * "DESCENDING": List the batch build identifiers in descending order by identifier. * **nextToken** (*string*) -- The "nextToken" value returned from a previous call to "ListBuildBatches". This specifies the next item to return. To return the beginning of the list, exclude this parameter. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* An array of strings that contains the batch build identifiers. * *(string) --* * **nextToken** *(string) --* If there are more items to return, this contains a token that is passed to a subsequent call to "ListBuildBatches" to retrieve the next set of items. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / can_paginate can_paginate ************ CodeBuild.Client.can_paginate(operation_name) Check if an operation can be paginated. Parameters: **operation_name** (*string*) -- The operation name. This is the same name as the method name on the client. For example, if the method name is "create_foo", and you'd normally invoke the operation as "client.create_foo(**kwargs)", if the "create_foo" operation can be paginated, you can use the call "client.get_paginator("create_foo")". Returns: "True" if the operation can be paginated, "False" otherwise. CodeBuild / Client / delete_report_group delete_report_group ******************* CodeBuild.Client.delete_report_group(**kwargs) Deletes a report group. Before you delete a report group, you must delete its reports. See also: AWS API Documentation **Request Syntax** response = client.delete_report_group( arn='string', deleteReports=True|False ) Parameters: * **arn** (*string*) -- **[REQUIRED]** The ARN of the report group to delete. * **deleteReports** (*boolean*) -- If "true", deletes any reports that belong to a report group before deleting the report group. If "false", you must delete any reports in the report group. Use ListReportsForReportGroup to get the reports in a report group. Use DeleteReport to delete the reports. If you call "DeleteReportGroup" for a report group that contains one or more reports, an exception is thrown. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / list_builds_for_project list_builds_for_project *********************** CodeBuild.Client.list_builds_for_project(**kwargs) Gets a list of build identifiers for the specified build project, with each build identifier representing a single build. See also: AWS API Documentation **Request Syntax** response = client.list_builds_for_project( projectName='string', sortOrder='ASCENDING'|'DESCENDING', nextToken='string' ) Parameters: * **projectName** (*string*) -- **[REQUIRED]** The name of the CodeBuild project. * **sortOrder** (*string*) -- The order to sort the results in. The results are sorted by build number, not the build identifier. If this is not specified, the results are sorted in descending order. Valid values include: * "ASCENDING": List the build identifiers in ascending order, by build number. * "DESCENDING": List the build identifiers in descending order, by build number. If the project has more than 100 builds, setting the sort order will result in an error. * **nextToken** (*string*) -- During a previous call, if there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a *nextToken*. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* A list of build identifiers for the specified build project, with each build ID representing a single build. * *(string) --* * **nextToken** *(string) --* If there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a *nextToken*. To get the next batch of items in the list, call this operation again, adding the next token to the call. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / batch_get_report_groups batch_get_report_groups *********************** CodeBuild.Client.batch_get_report_groups(**kwargs) Returns an array of report groups. See also: AWS API Documentation **Request Syntax** response = client.batch_get_report_groups( reportGroupArns=[ 'string', ] ) Parameters: **reportGroupArns** (*list*) -- **[REQUIRED]** An array of report group ARNs that identify the report groups to return. * *(string) --* Return type: dict Returns: **Response Syntax** { 'reportGroups': [ { 'arn': 'string', 'name': 'string', 'type': 'TEST'|'CODE_COVERAGE', 'exportConfig': { 'exportConfigType': 'S3'|'NO_EXPORT', 's3Destination': { 'bucket': 'string', 'bucketOwner': 'string', 'path': 'string', 'packaging': 'ZIP'|'NONE', 'encryptionKey': 'string', 'encryptionDisabled': True|False } }, 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'tags': [ { 'key': 'string', 'value': 'string' }, ], 'status': 'ACTIVE'|'DELETING' }, ], 'reportGroupsNotFound': [ 'string', ] } **Response Structure** * *(dict) --* * **reportGroups** *(list) --* The array of report groups returned by "BatchGetReportGroups". * *(dict) --* A series of reports. Each report contains information about the results from running a series of test cases. You specify the test cases for a report group in the buildspec for a build project using one or more paths to the test case files. * **arn** *(string) --* The ARN of the "ReportGroup". * **name** *(string) --* The name of the "ReportGroup". * **type** *(string) --* The type of the "ReportGroup". This can be one of the following values: CODE_COVERAGE The report group contains code coverage reports. TEST The report group contains test reports. * **exportConfig** *(dict) --* Information about the destination where the raw data of this "ReportGroup" is exported. * **exportConfigType** *(string) --* The export configuration type. Valid values are: * "S3": The report results are exported to an S3 bucket. * "NO_EXPORT": The report results are not exported. * **s3Destination** *(dict) --* A "S3ReportExportConfig" object that contains information about the S3 bucket where the run of a report is exported. * **bucket** *(string) --* The name of the S3 bucket where the raw data of a report are exported. * **bucketOwner** *(string) --* The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build. * **path** *(string) --* The path to the exported report's raw data results. * **packaging** *(string) --* The type of build output artifact to create. Valid values include: * "NONE": CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. * "ZIP": CodeBuild creates a ZIP file with the raw data in the output bucket. * **encryptionKey** *(string) --* The encryption key for the report's encrypted raw data. * **encryptionDisabled** *(boolean) --* A boolean value that specifies if the results of a report are encrypted. * **created** *(datetime) --* The date and time this "ReportGroup" was created. * **lastModified** *(datetime) --* The date and time this "ReportGroup" was last modified. * **tags** *(list) --* A list of tag key and value pairs associated with this report group. These tags are available for use by Amazon Web Services services that support CodeBuild report group tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **status** *(string) --* The status of the report group. This property is read- only. This can be one of the following values: ACTIVE The report group is active. DELETING The report group is in the process of being deleted. * **reportGroupsNotFound** *(list) --* An array of ARNs passed to "BatchGetReportGroups" that are not associated with a "ReportGroup". * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / list_sandboxes list_sandboxes ************** CodeBuild.Client.list_sandboxes(**kwargs) Gets a list of sandboxes. See also: AWS API Documentation **Request Syntax** response = client.list_sandboxes( maxResults=123, sortOrder='ASCENDING'|'DESCENDING', nextToken='string' ) Parameters: * **maxResults** (*integer*) -- The maximum number of sandbox records to be retrieved. * **sortOrder** (*string*) -- The order in which sandbox records should be retrieved. * **nextToken** (*string*) -- The next token, if any, to get paginated results. You will get this value from previous execution of list sandboxes. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* Information about the requested sandbox IDs. * *(string) --* * **nextToken** *(string) --* Information about the next token to get paginated results. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / list_reports list_reports ************ CodeBuild.Client.list_reports(**kwargs) Returns a list of ARNs for the reports in the current Amazon Web Services account. See also: AWS API Documentation **Request Syntax** response = client.list_reports( sortOrder='ASCENDING'|'DESCENDING', nextToken='string', maxResults=123, filter={ 'status': 'GENERATING'|'SUCCEEDED'|'FAILED'|'INCOMPLETE'|'DELETING' } ) Parameters: * **sortOrder** (*string*) -- Specifies the sort order for the list of returned reports. Valid values are: * "ASCENDING": return reports in chronological order based on their creation date. * "DESCENDING": return reports in the reverse chronological order based on their creation date. * **nextToken** (*string*) -- During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **maxResults** (*integer*) -- The maximum number of paginated reports returned per response. Use "nextToken" to iterate pages in the list of returned "Report" objects. The default value is 100. * **filter** (*dict*) -- A "ReportFilter" object used to filter the returned reports. * **status** *(string) --* The status used to filter reports. You can filter using one status only. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'reports': [ 'string', ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **reports** *(list) --* The list of returned ARNs for the reports in the current Amazon Web Services account. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / start_command_execution start_command_execution *********************** CodeBuild.Client.start_command_execution(**kwargs) Starts a command execution. See also: AWS API Documentation **Request Syntax** response = client.start_command_execution( sandboxId='string', command='string', type='SHELL' ) Parameters: * **sandboxId** (*string*) -- **[REQUIRED]** A "sandboxId" or "sandboxArn". * **command** (*string*) -- **[REQUIRED]** The command that needs to be executed. * **type** (*string*) -- The command type. Return type: dict Returns: **Response Syntax** { 'commandExecution': { 'id': 'string', 'sandboxId': 'string', 'submitTime': datetime(2015, 1, 1), 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'status': 'string', 'command': 'string', 'type': 'SHELL', 'exitCode': 'string', 'standardOutputContent': 'string', 'standardErrContent': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'sandboxArn': 'string' } } **Response Structure** * *(dict) --* * **commandExecution** *(dict) --* Information about the requested command executions. * **id** *(string) --* The ID of the command execution. * **sandboxId** *(string) --* A "sandboxId". * **submitTime** *(datetime) --* When the command execution process was initially submitted, expressed in Unix time format. * **startTime** *(datetime) --* When the command execution process started, expressed in Unix time format. * **endTime** *(datetime) --* When the command execution process ended, expressed in Unix time format. * **status** *(string) --* The status of the command execution. * **command** *(string) --* The command that needs to be executed. * **type** *(string) --* The command type. * **exitCode** *(string) --* The exit code to return upon completion. * **standardOutputContent** *(string) --* The text written by the command to stdout. * **standardErrContent** *(string) --* The text written by the command to stderr. * **logs** *(dict) --* Information about build logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **sandboxArn** *(string) --* A "sandboxArn". **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / list_curated_environment_images list_curated_environment_images ******************************* CodeBuild.Client.list_curated_environment_images() Gets information about Docker images that are managed by CodeBuild. See also: AWS API Documentation **Request Syntax** response = client.list_curated_environment_images() Return type: dict Returns: **Response Syntax** { 'platforms': [ { 'platform': 'DEBIAN'|'AMAZON_LINUX'|'UBUNTU'|'WINDOWS_SERVER', 'languages': [ { 'language': 'JAVA'|'PYTHON'|'NODE_JS'|'RUBY'|'GOLANG'|'DOCKER'|'ANDROID'|'DOTNET'|'BASE'|'PHP', 'images': [ { 'name': 'string', 'description': 'string', 'versions': [ 'string', ] }, ] }, ] }, ] } **Response Structure** * *(dict) --* * **platforms** *(list) --* Information about supported platforms for Docker images that are managed by CodeBuild. * *(dict) --* A set of Docker images that are related by platform and are managed by CodeBuild. * **platform** *(string) --* The platform's name. * **languages** *(list) --* The list of programming languages that are available for the specified platform. * *(dict) --* A set of Docker images that are related by programming language and are managed by CodeBuild. * **language** *(string) --* The programming language for the Docker images. * **images** *(list) --* The list of Docker images that are related by the specified programming language. * *(dict) --* Information about a Docker image that is managed by CodeBuild. * **name** *(string) --* The name of the Docker image. * **description** *(string) --* The description of the Docker image. * **versions** *(list) --* A list of environment image versions. * *(string) --* CodeBuild / Client / get_report_group_trend get_report_group_trend ********************** CodeBuild.Client.get_report_group_trend(**kwargs) Analyzes and accumulates test report values for the specified test reports. See also: AWS API Documentation **Request Syntax** response = client.get_report_group_trend( reportGroupArn='string', numOfReports=123, trendField='PASS_RATE'|'DURATION'|'TOTAL'|'LINE_COVERAGE'|'LINES_COVERED'|'LINES_MISSED'|'BRANCH_COVERAGE'|'BRANCHES_COVERED'|'BRANCHES_MISSED' ) Parameters: * **reportGroupArn** (*string*) -- **[REQUIRED]** The ARN of the report group that contains the reports to analyze. * **numOfReports** (*integer*) -- The number of reports to analyze. This operation always retrieves the most recent reports. If this parameter is omitted, the most recent 100 reports are analyzed. * **trendField** (*string*) -- **[REQUIRED]** The test report value to accumulate. This must be one of the following values: Test reports: DURATION Accumulate the test run times for the specified reports. PASS_RATE Accumulate the percentage of tests that passed for the specified test reports. TOTAL Accumulate the total number of tests for the specified test reports. Code coverage reports: BRANCH_COVERAGE Accumulate the branch coverage percentages for the specified test reports. BRANCHES_COVERED Accumulate the branches covered values for the specified test reports. BRANCHES_MISSED Accumulate the branches missed values for the specified test reports. LINE_COVERAGE Accumulate the line coverage percentages for the specified test reports. LINES_COVERED Accumulate the lines covered values for the specified test reports. LINES_MISSED Accumulate the lines not covered values for the specified test reports. Return type: dict Returns: **Response Syntax** { 'stats': { 'average': 'string', 'max': 'string', 'min': 'string' }, 'rawData': [ { 'reportArn': 'string', 'data': 'string' }, ] } **Response Structure** * *(dict) --* * **stats** *(dict) --* Contains the accumulated trend data. * **average** *(string) --* Contains the average of all values analyzed. * **max** *(string) --* Contains the maximum value analyzed. * **min** *(string) --* Contains the minimum value analyzed. * **rawData** *(list) --* An array that contains the raw data for each report. * *(dict) --* Contains the unmodified data for the report. For more information, see . * **reportArn** *(string) --* The ARN of the report. * **data** *(string) --* The value of the requested data field from the report. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / batch_get_projects batch_get_projects ****************** CodeBuild.Client.batch_get_projects(**kwargs) Gets information about one or more build projects. See also: AWS API Documentation **Request Syntax** response = client.batch_get_projects( names=[ 'string', ] ) Parameters: **names** (*list*) -- **[REQUIRED]** The names or ARNs of the build projects. To get information about a project shared with your Amazon Web Services account, its ARN must be specified. You cannot specify a shared project using its name. * *(string) --* Return type: dict Returns: **Response Syntax** { 'projects': [ { 'name': 'string', 'arn': 'string', 'description': 'string', 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'sourceVersion': 'string', 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'encryptionKey': 'string', 'tags': [ { 'key': 'string', 'value': 'string' }, ], 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'webhook': { 'url': 'string', 'payloadUrl': 'string', 'secret': 'string', 'branchFilter': 'string', 'filterGroups': [ [ { 'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME'|'ORGANIZATION_NAME', 'pattern': 'string', 'excludeMatchedPattern': True|False }, ], ], 'buildType': 'BUILD'|'BUILD_BATCH'|'RUNNER_BUILDKITE_BUILD', 'manualCreation': True|False, 'lastModifiedSecret': datetime(2015, 1, 1), 'scopeConfiguration': { 'name': 'string', 'domain': 'string', 'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP' }, 'status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'DELETING', 'statusMessage': 'string' }, 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'badge': { 'badgeEnabled': True|False, 'badgeRequestUrl': 'string' }, 'logsConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'buildBatchConfig': { 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, 'concurrentBuildLimit': 123, 'projectVisibility': 'PUBLIC_READ'|'PRIVATE', 'publicProjectAlias': 'string', 'resourceAccessRole': 'string', 'autoRetryLimit': 123 }, ], 'projectsNotFound': [ 'string', ] } **Response Structure** * *(dict) --* * **projects** *(list) --* Information about the requested build projects. * *(dict) --* Information about a build project. * **name** *(string) --* The name of the build project. * **arn** *(string) --* The Amazon Resource Name (ARN) of the build project. * **description** *(string) --* A description that makes the build project easy to identify. * **source** *(dict) --* Information about the build input source code for this build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self-managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild- sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. If "sourceVersion" is specified at the build level, then that version takes precedence over this "sourceVersion" (at the project level). For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. If "secondarySourceVersions" is specified at the build level, then they take over these "secondarySourceVersions" (at the project level). * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts /". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "ProjectArtifacts" objects. * *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts /". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build project. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment for this build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99 b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfb dbf," use "/@sha256:cbbf2f9a9 9b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cf bdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a build is allowed to be queued before it times out. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3). * **tags** *(list) --* A list of tag key and value pairs associated with this build project. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **created** *(datetime) --* When the build project was created, expressed in Unix time format. * **lastModified** *(datetime) --* When the build project's settings were last modified, expressed in Unix time format. * **webhook** *(dict) --* Information about a webhook that connects repository events to a build project in CodeBuild. * **url** *(string) --* The URL to the webhook. * **payloadUrl** *(string) --* The CodeBuild endpoint where webhook events are sent. * **secret** *(string) --* The secret token of the associated repository. Note: A Bitbucket webhook does not support "secret". * **branchFilter** *(string) --* A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If "branchFilter" is empty, then all branches are built. Note: It is recommended that you use "filterGroups" instead of "branchFilter". * **filterGroups** *(list) --* An array of arrays of "WebhookFilter" objects used to determine which webhooks are triggered. At least one "WebhookFilter" in the array must specify "EVENT" as its "type". For a build to be triggered, at least one filter group in the "filterGroups" array must pass. For a filter group to pass, each of its filters must pass. * *(list) --* * *(dict) --* A filter used to determine which webhooks trigger a build. * **type** *(string) --* The type of webhook filter. There are 11 webhook filter types: "EVENT", "ACTOR_ACCOUNT_ID", "HEAD_REF", "BASE_REF", "FILE_PATH", "COMMIT_MESSAGE", "TAG_NAME", "RELEASE_NAME", "REPOSITORY_NAME", "ORGANIZATION_NAME", and "WORKFLOW_NAME". * EVENT * A webhook event triggers a build when the provided "pattern" matches one of nine event types: "PUSH", "PULL_REQUEST_CREATED", "PULL_REQUEST_UPDATED", "PULL_REQUEST_CLOSED", "PULL_REQUEST_REOPENED", "PULL_REQUEST_MERGED", "RELEASED", "PRERELEASED", and "WORKFLOW_JOB_QUEUED". The "EVENT" patterns are specified as a comma-separated string. For example, "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" filters all push, pull request created, and pull request updated events. Note: Types "PULL_REQUEST_REOPENED" and "WORKFLOW_JOB_QUEUED" work with GitHub and GitHub Enterprise only. Types "RELEASED" and "PRERELEASED" work with GitHub only. * ACTOR_ACCOUNT_ID * A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression "pattern". * HEAD_REF * A webhook event triggers a build when the head reference matches the regular expression "pattern". For example, "refs/heads/branch-name" and "refs/tags/tag- name". Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. * BASE_REF * A webhook event triggers a build when the base reference matches the regular expression "pattern". For example, "refs/heads/branch-name". Note: Works with pull request events only. * FILE_PATH * A webhook triggers a build when the path of a changed file matches the regular expression "pattern". Note: Works with push and pull request events only. * COMMIT_MESSAGE * A webhook triggers a build when the head commit message matches the regular expression "pattern". Note: Works with push and pull request events only. * TAG_NAME * A webhook triggers a build when the tag name of the release matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * RELEASE_NAME * A webhook triggers a build when the release name matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * REPOSITORY_NAME * A webhook triggers a build when the repository name matches the regular expression "pattern". Note: Works with GitHub global or organization webhooks only. * ORGANIZATION_NAME * A webhook triggers a build when the organization name matches the regular expression "pattern". Note: Works with GitHub global webhooks only. * WORKFLOW_NAME * A webhook triggers a build when the workflow name matches the regular expression "pattern". Note: Works with "WORKFLOW_JOB_QUEUED" events only. Note: For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name. * **pattern** *(string) --* For a "WebHookFilter" that uses "EVENT" type, a comma-separated string that specifies one or more events. For example, the webhook filter "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" allows all push, pull request created, and pull request updated events to trigger a build. For a "WebHookFilter" that uses any of the other filter types, a regular expression pattern. For example, a "WebHookFilter" that uses "HEAD_REF" for its "type" and the pattern "^refs/heads/" triggers a build when the head reference is a branch with a reference name "refs/heads/branch- name". * **excludeMatchedPattern** *(boolean) --* Used to indicate that the "pattern" determines which webhook events do not trigger a build. If true, then a webhook event that does not match the "pattern" triggers a build. If false, then a webhook event that matches the "pattern" triggers a build. * **buildType** *(string) --* Specifies the type of build this webhook will trigger. Note: "RUNNER_BUILDKITE_BUILD" is only available for "NO_SOURCE" source type projects configured for Buildkite runner builds. For more information about CodeBuild-hosted Buildkite runner builds, see Tutorial: Configure a CodeBuild-hosted Buildkite runner in the *CodeBuild user guide*. * **manualCreation** *(boolean) --* If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns "payloadUrl" and "secret" values for the webhook. The "payloadUrl" and "secret" values in the output can be used to manually create a webhook within GitHub. Note: manualCreation is only available for GitHub webhooks. * **lastModifiedSecret** *(datetime) --* A timestamp that indicates the last time a repository's secret token was modified. * **scopeConfiguration** *(dict) --* The scope configuration for global or organization webhooks. Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks. * **name** *(string) --* The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook. * **domain** *(string) --* The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED. * **scope** *(string) --* The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION. * **status** *(string) --* The status of the webhook. Valid values include: * "CREATING": The webhook is being created. * "CREATE_FAILED": The webhook has failed to create. * "ACTIVE": The webhook has succeeded and is active. * "DELETING": The webhook is being deleted. * **statusMessage** *(string) --* A message associated with the status of a webhook. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **badge** *(dict) --* Information about the build badge for the build project. * **badgeEnabled** *(boolean) --* Set this to true to generate a publicly accessible URL for your project's build badge. * **badgeRequestUrl** *(string) --* The publicly-accessible URL through which you can access the build badge for your project. * **logsConfig** *(dict) --* Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3 :::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs- dns-name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs- abcd1234.efs.us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs-abcd1234.efs.us- west-2.amazonaws.com:/my-efs-mount-directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048 576,hard,timeo=600,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** *(dict) --* A ProjectBuildBatchConfig object that defines the batch build options for the project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **concurrentBuildLimit** *(integer) --* The maximum number of concurrent builds that are allowed for this project. New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run. * **projectVisibility** *(string) --* Specifies the visibility of the project's builds. Possible values are: PUBLIC_READ The project builds are visible to the public. PRIVATE The project builds are not visible to the public. * **publicProjectAlias** *(string) --* Contains the project identifier used with the public build APIs. * **resourceAccessRole** *(string) --* The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds. * **autoRetryLimit** *(integer) --* The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. * **projectsNotFound** *(list) --* The names of build projects for which information could not be found. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / list_reports_for_report_group list_reports_for_report_group ***************************** CodeBuild.Client.list_reports_for_report_group(**kwargs) Returns a list of ARNs for the reports that belong to a "ReportGroup". See also: AWS API Documentation **Request Syntax** response = client.list_reports_for_report_group( reportGroupArn='string', nextToken='string', sortOrder='ASCENDING'|'DESCENDING', maxResults=123, filter={ 'status': 'GENERATING'|'SUCCEEDED'|'FAILED'|'INCOMPLETE'|'DELETING' } ) Parameters: * **reportGroupArn** (*string*) -- **[REQUIRED]** The ARN of the report group for which you want to return report ARNs. * **nextToken** (*string*) -- During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **sortOrder** (*string*) -- Use to specify whether the results are returned in ascending or descending order. * **maxResults** (*integer*) -- The maximum number of paginated reports in this report group returned per response. Use "nextToken" to iterate pages in the list of returned "Report" objects. The default value is 100. * **filter** (*dict*) -- A "ReportFilter" object used to filter the returned reports. * **status** *(string) --* The status used to filter reports. You can filter using one status only. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'reports': [ 'string', ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **reports** *(list) --* The list of report ARNs. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / stop_build_batch stop_build_batch **************** CodeBuild.Client.stop_build_batch(**kwargs) Stops a running batch build. See also: AWS API Documentation **Request Syntax** response = client.stop_build_batch( id='string' ) Parameters: **id** (*string*) -- **[REQUIRED]** The identifier of the batch build to stop. Return type: dict Returns: **Response Syntax** { 'buildBatch': { 'id': 'string', 'arn': 'string', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'buildBatchStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'sourceVersion': 'string', 'resolvedSourceVersion': 'string', 'projectName': 'string', 'phases': [ { 'phaseType': 'SUBMITTED'|'DOWNLOAD_BATCHSPEC'|'IN_PROGRESS'|'COMBINE_ARTIFACTS'|'SUCCEEDED'|'FAILED'|'STOPPED', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'logConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'buildTimeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'complete': True|False, 'initiator': 'string', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'encryptionKey': 'string', 'buildBatchNumber': 123, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'buildBatchConfig': { 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, 'buildGroups': [ { 'identifier': 'string', 'dependsOn': [ 'string', ], 'ignoreFailure': True|False, 'currentBuildSummary': { 'arn': 'string', 'requestedOn': datetime(2015, 1, 1), 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'primaryArtifact': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, ] }, 'priorBuildSummaryList': [ { 'arn': 'string', 'requestedOn': datetime(2015, 1, 1), 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'primaryArtifact': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, ] }, ] }, ], 'debugSessionEnabled': True|False, 'reportArns': [ 'string', ] } } **Response Structure** * *(dict) --* * **buildBatch** *(dict) --* Contains information about a batch build. * **id** *(string) --* The identifier of the batch build. * **arn** *(string) --* The ARN of the batch build. * **startTime** *(datetime) --* The date and time that the batch build started. * **endTime** *(datetime) --* The date and time that the batch build ended. * **currentPhase** *(string) --* The current phase of the batch build. * **buildBatchStatus** *(string) --* The status of the batch build. * **sourceVersion** *(string) --* The identifier of the version of the source code to be built. * **resolvedSourceVersion** *(string) --* The identifier of the resolved version of this batch build's source code. * For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID. * For CodePipeline, the source revision provided by CodePipeline. * For Amazon S3, this does not apply. * **projectName** *(string) --* The name of the batch build project. * **phases** *(list) --* An array of "BuildBatchPhase" objects the specify the phases of the batch build. * *(dict) --* Contains information about a stage for a batch build. * **phaseType** *(string) --* The name of the batch build phase. Valid values include: COMBINE_ARTIFACTS Build output artifacts are being combined and uploaded to the output location. DOWNLOAD_BATCHSPEC The batch build specification is being downloaded. FAILED One or more of the builds failed. IN_PROGRESS The batch build is in progress. STOPPED The batch build was stopped. SUBMITTED The btach build has been submitted. SUCCEEDED The batch build succeeded. * **phaseStatus** *(string) --* The current status of the batch build phase. Valid values include: FAILED The build phase failed. FAULT The build phase faulted. IN_PROGRESS The build phase is still in progress. STOPPED The build phase stopped. SUCCEEDED The build phase succeeded. TIMED_OUT The build phase timed out. * **startTime** *(datetime) --* When the batch build phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the batch build phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the batch build's phase. * **contexts** *(list) --* Additional information about the batch build phase. Especially to help troubleshoot a failed batch build. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **source** *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects that define the sources for the batch build. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. Each "ProjectSourceVersion" must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* A "BuildArtifacts" object the defines the build artifacts for this batch build. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "BuildArtifacts" objects the define the build artifacts for this batch build. * *(dict) --* Information about build output artifacts. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build project. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment of the build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The name of a service role used for builds in the batch. * **logConfig** *(dict) --* Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **buildTimeoutInMinutes** *(integer) --* Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in. * **queuedTimeoutInMinutes** *(integer) --* Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out. * **complete** *(boolean) --* Indicates if the batch build is complete. * **initiator** *(string) --* The entity that started the batch build. Valid values include: * If CodePipeline started the build, the pipeline's name (for example, "codepipeline/my-demo-pipeline"). * If a user started the build, the user's name. * If the Jenkins plugin for CodeBuild started the build, the string "CodeBuild-Jenkins-Plugin". * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). * **buildBatchNumber** *(integer) --* The number of the batch build. For each project, the "buildBatchNumber" of its first batch build is "1". The "buildBatchNumber" of each subsequent batch build is incremented by "1". If a batch build is deleted, the "buildBatchNumber" of other batch builds does not change. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for the batch build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** *(dict) --* Contains configuration information about a batch build project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **buildGroups** *(list) --* An array of "BuildGroup" objects that define the build groups for the batch build. * *(dict) --* Contains information about a batch build build group. Build groups are used to combine builds that can run in parallel, while still being able to set dependencies on other build groups. * **identifier** *(string) --* Contains the identifier of the build group. * **dependsOn** *(list) --* An array of strings that contain the identifiers of the build groups that this build group depends on. * *(string) --* * **ignoreFailure** *(boolean) --* Specifies if failures in this build group can be ignored. * **currentBuildSummary** *(dict) --* A "BuildSummary" object that contains a summary of the current build group. * **arn** *(string) --* The batch build ARN. * **requestedOn** *(datetime) --* When the build was started, expressed in Unix time format. * **buildStatus** *(string) --* The status of the build group. FAILED The build group failed. FAULT The build group faulted. IN_PROGRESS The build group is still in progress. STOPPED The build group stopped. SUCCEEDED The build group succeeded. TIMED_OUT The build group timed out. * **primaryArtifact** *(dict) --* A "ResolvedArtifact" object that represents the primary build artifacts for the build group. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **secondaryArtifacts** *(list) --* An array of "ResolvedArtifact" objects that represents the secondary build artifacts for the build group. * *(dict) --* Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **priorBuildSummaryList** *(list) --* An array of "BuildSummary" objects that contain summaries of previous build groups. * *(dict) --* Contains summary information about a batch build group. * **arn** *(string) --* The batch build ARN. * **requestedOn** *(datetime) --* When the build was started, expressed in Unix time format. * **buildStatus** *(string) --* The status of the build group. FAILED The build group failed. FAULT The build group faulted. IN_PROGRESS The build group is still in progress. STOPPED The build group stopped. SUCCEEDED The build group succeeded. TIMED_OUT The build group timed out. * **primaryArtifact** *(dict) --* A "ResolvedArtifact" object that represents the primary build artifacts for the build group. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **secondaryArtifacts** *(list) --* An array of "ResolvedArtifact" objects that represents the secondary build artifacts for the build group. * *(dict) --* Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **debugSessionEnabled** *(boolean) --* Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds. * **reportArns** *(list) --* An array that contains the ARNs of reports created by merging reports from builds associated with this batch build. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / list_shared_report_groups list_shared_report_groups ************************* CodeBuild.Client.list_shared_report_groups(**kwargs) Gets a list of report groups that are shared with other Amazon Web Services accounts or users. See also: AWS API Documentation **Request Syntax** response = client.list_shared_report_groups( sortOrder='ASCENDING'|'DESCENDING', sortBy='ARN'|'MODIFIED_TIME', nextToken='string', maxResults=123 ) Parameters: * **sortOrder** (*string*) -- The order in which to list shared report groups. Valid values include: * "ASCENDING": List in ascending order. * "DESCENDING": List in descending order. * **sortBy** (*string*) -- The criterion to be used to list report groups shared with the current Amazon Web Services account or user. Valid values include: * "ARN": List based on the ARN. * "MODIFIED_TIME": List based on when information about the shared report group was last changed. * **nextToken** (*string*) -- During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **maxResults** (*integer*) -- The maximum number of paginated shared report groups per response. Use "nextToken" to iterate pages in the list of returned "ReportGroup" objects. The default value is 100. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'reportGroups': [ 'string', ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **reportGroups** *(list) --* The list of ARNs for the report groups shared with the current Amazon Web Services account or user. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / delete_build_batch delete_build_batch ****************** CodeBuild.Client.delete_build_batch(**kwargs) Deletes a batch build. See also: AWS API Documentation **Request Syntax** response = client.delete_build_batch( id='string' ) Parameters: **id** (*string*) -- **[REQUIRED]** The identifier of the batch build to delete. Return type: dict Returns: **Response Syntax** { 'statusCode': 'string', 'buildsDeleted': [ 'string', ], 'buildsNotDeleted': [ { 'id': 'string', 'statusCode': 'string' }, ] } **Response Structure** * *(dict) --* * **statusCode** *(string) --* The status code. * **buildsDeleted** *(list) --* An array of strings that contain the identifiers of the builds that were deleted. * *(string) --* * **buildsNotDeleted** *(list) --* An array of "BuildNotDeleted" objects that specify the builds that could not be deleted. * *(dict) --* Information about a build that could not be successfully deleted. * **id** *(string) --* The ID of the build that could not be successfully deleted. * **statusCode** *(string) --* Additional information about the build that could not be successfully deleted. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / batch_get_build_batches batch_get_build_batches *********************** CodeBuild.Client.batch_get_build_batches(**kwargs) Retrieves information about one or more batch builds. See also: AWS API Documentation **Request Syntax** response = client.batch_get_build_batches( ids=[ 'string', ] ) Parameters: **ids** (*list*) -- **[REQUIRED]** An array that contains the batch build identifiers to retrieve. * *(string) --* Return type: dict Returns: **Response Syntax** { 'buildBatches': [ { 'id': 'string', 'arn': 'string', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'buildBatchStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'sourceVersion': 'string', 'resolvedSourceVersion': 'string', 'projectName': 'string', 'phases': [ { 'phaseType': 'SUBMITTED'|'DOWNLOAD_BATCHSPEC'|'IN_PROGRESS'|'COMBINE_ARTIFACTS'|'SUCCEEDED'|'FAILED'|'STOPPED', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'logConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'buildTimeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'complete': True|False, 'initiator': 'string', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'encryptionKey': 'string', 'buildBatchNumber': 123, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'buildBatchConfig': { 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, 'buildGroups': [ { 'identifier': 'string', 'dependsOn': [ 'string', ], 'ignoreFailure': True|False, 'currentBuildSummary': { 'arn': 'string', 'requestedOn': datetime(2015, 1, 1), 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'primaryArtifact': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, ] }, 'priorBuildSummaryList': [ { 'arn': 'string', 'requestedOn': datetime(2015, 1, 1), 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'primaryArtifact': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, ] }, ] }, ], 'debugSessionEnabled': True|False, 'reportArns': [ 'string', ] }, ], 'buildBatchesNotFound': [ 'string', ] } **Response Structure** * *(dict) --* * **buildBatches** *(list) --* An array of "BuildBatch" objects that represent the retrieved batch builds. * *(dict) --* Contains information about a batch build. * **id** *(string) --* The identifier of the batch build. * **arn** *(string) --* The ARN of the batch build. * **startTime** *(datetime) --* The date and time that the batch build started. * **endTime** *(datetime) --* The date and time that the batch build ended. * **currentPhase** *(string) --* The current phase of the batch build. * **buildBatchStatus** *(string) --* The status of the batch build. * **sourceVersion** *(string) --* The identifier of the version of the source code to be built. * **resolvedSourceVersion** *(string) --* The identifier of the resolved version of this batch build's source code. * For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID. * For CodePipeline, the source revision provided by CodePipeline. * For Amazon S3, this does not apply. * **projectName** *(string) --* The name of the batch build project. * **phases** *(list) --* An array of "BuildBatchPhase" objects the specify the phases of the batch build. * *(dict) --* Contains information about a stage for a batch build. * **phaseType** *(string) --* The name of the batch build phase. Valid values include: COMBINE_ARTIFACTS Build output artifacts are being combined and uploaded to the output location. DOWNLOAD_BATCHSPEC The batch build specification is being downloaded. FAILED One or more of the builds failed. IN_PROGRESS The batch build is in progress. STOPPED The batch build was stopped. SUBMITTED The btach build has been submitted. SUCCEEDED The batch build succeeded. * **phaseStatus** *(string) --* The current status of the batch build phase. Valid values include: FAILED The build phase failed. FAULT The build phase faulted. IN_PROGRESS The build phase is still in progress. STOPPED The build phase stopped. SUCCEEDED The build phase succeeded. TIMED_OUT The build phase timed out. * **startTime** *(datetime) --* When the batch build phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the batch build phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the batch build's phase. * **contexts** *(list) --* Additional information about the batch build phase. Especially to help troubleshoot a failed batch build. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **source** *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects that define the sources for the batch build. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self-managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild- sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. Each "ProjectSourceVersion" must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* A "BuildArtifacts" object the defines the build artifacts for this batch build. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "BuildArtifacts" objects the define the build artifacts for this batch build. * *(dict) --* Information about build output artifacts. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build project. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment of the build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99 b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfb dbf," use "/@sha256:cbbf2f9a9 9b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cf bdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The name of a service role used for builds in the batch. * **logConfig** *(dict) --* Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3 :::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **buildTimeoutInMinutes** *(integer) --* Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in. * **queuedTimeoutInMinutes** *(integer) --* Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out. * **complete** *(boolean) --* Indicates if the batch build is complete. * **initiator** *(string) --* The entity that started the batch build. Valid values include: * If CodePipeline started the build, the pipeline's name (for example, "codepipeline/my-demo-pipeline"). * If a user started the build, the user's name. * If the Jenkins plugin for CodeBuild started the build, the string "CodeBuild-Jenkins-Plugin". * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). * **buildBatchNumber** *(integer) --* The number of the batch build. For each project, the "buildBatchNumber" of its first batch build is "1". The "buildBatchNumber" of each subsequent batch build is incremented by "1". If a batch build is deleted, the "buildBatchNumber" of other batch builds does not change. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for the batch build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs- dns-name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs- abcd1234.efs.us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs-abcd1234.efs.us- west-2.amazonaws.com:/my-efs-mount-directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048 576,hard,timeo=600,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** *(dict) --* Contains configuration information about a batch build project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **buildGroups** *(list) --* An array of "BuildGroup" objects that define the build groups for the batch build. * *(dict) --* Contains information about a batch build build group. Build groups are used to combine builds that can run in parallel, while still being able to set dependencies on other build groups. * **identifier** *(string) --* Contains the identifier of the build group. * **dependsOn** *(list) --* An array of strings that contain the identifiers of the build groups that this build group depends on. * *(string) --* * **ignoreFailure** *(boolean) --* Specifies if failures in this build group can be ignored. * **currentBuildSummary** *(dict) --* A "BuildSummary" object that contains a summary of the current build group. * **arn** *(string) --* The batch build ARN. * **requestedOn** *(datetime) --* When the build was started, expressed in Unix time format. * **buildStatus** *(string) --* The status of the build group. FAILED The build group failed. FAULT The build group faulted. IN_PROGRESS The build group is still in progress. STOPPED The build group stopped. SUCCEEDED The build group succeeded. TIMED_OUT The build group timed out. * **primaryArtifact** *(dict) --* A "ResolvedArtifact" object that represents the primary build artifacts for the build group. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **secondaryArtifacts** *(list) --* An array of "ResolvedArtifact" objects that represents the secondary build artifacts for the build group. * *(dict) --* Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **priorBuildSummaryList** *(list) --* An array of "BuildSummary" objects that contain summaries of previous build groups. * *(dict) --* Contains summary information about a batch build group. * **arn** *(string) --* The batch build ARN. * **requestedOn** *(datetime) --* When the build was started, expressed in Unix time format. * **buildStatus** *(string) --* The status of the build group. FAILED The build group failed. FAULT The build group faulted. IN_PROGRESS The build group is still in progress. STOPPED The build group stopped. SUCCEEDED The build group succeeded. TIMED_OUT The build group timed out. * **primaryArtifact** *(dict) --* A "ResolvedArtifact" object that represents the primary build artifacts for the build group. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **secondaryArtifacts** *(list) --* An array of "ResolvedArtifact" objects that represents the secondary build artifacts for the build group. * *(dict) --* Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **debugSessionEnabled** *(boolean) --* Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds. * **reportArns** *(list) --* An array that contains the ARNs of reports created by merging reports from builds associated with this batch build. * *(string) --* * **buildBatchesNotFound** *(list) --* An array that contains the identifiers of any batch builds that are not found. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / import_source_credentials import_source_credentials ************************* CodeBuild.Client.import_source_credentials(**kwargs) Imports the source repository credentials for an CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket repository. See also: AWS API Documentation **Request Syntax** response = client.import_source_credentials( username='string', token='string', serverType='GITHUB'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'GITLAB'|'GITLAB_SELF_MANAGED', authType='OAUTH'|'BASIC_AUTH'|'PERSONAL_ACCESS_TOKEN'|'CODECONNECTIONS'|'SECRETS_MANAGER', shouldOverwrite=True|False ) Parameters: * **username** (*string*) -- The Bitbucket username when the "authType" is BASIC_AUTH. This parameter is not valid for other types of source providers or connections. * **token** (*string*) -- **[REQUIRED]** For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the "authType" CODECONNECTIONS, this is the "connectionArn". For the "authType" SECRETS_MANAGER, this is the "secretArn". * **serverType** (*string*) -- **[REQUIRED]** The source provider used for this project. * **authType** (*string*) -- **[REQUIRED]** The type of authentication used to connect to a GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket repository. An OAUTH connection is not supported by the API and must be created using the CodeBuild console. * **shouldOverwrite** (*boolean*) -- Set to "false" to prevent overwriting the repository source credentials. Set to "true" to overwrite the repository source credentials. The default value is "true". Return type: dict Returns: **Response Syntax** { 'arn': 'string' } **Response Structure** * *(dict) --* * **arn** *(string) --* The Amazon Resource Name (ARN) of the token. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.AccountLimitExceededException" * "CodeBuild.Client.exceptions.ResourceAlreadyExistsException" CodeBuild / Client / list_projects list_projects ************* CodeBuild.Client.list_projects(**kwargs) Gets a list of build project names, with each build project name representing a single build project. See also: AWS API Documentation **Request Syntax** response = client.list_projects( sortBy='NAME'|'CREATED_TIME'|'LAST_MODIFIED_TIME', sortOrder='ASCENDING'|'DESCENDING', nextToken='string' ) Parameters: * **sortBy** (*string*) -- The criterion to be used to list build project names. Valid values include: * "CREATED_TIME": List based on when each build project was created. * "LAST_MODIFIED_TIME": List based on when information about each build project was last changed. * "NAME": List based on each build project's name. Use "sortOrder" to specify in what order to list the build project names based on the preceding criteria. * **sortOrder** (*string*) -- The order in which to list build projects. Valid values include: * "ASCENDING": List in ascending order. * "DESCENDING": List in descending order. Use "sortBy" to specify the criterion to be used to list build project names. * **nextToken** (*string*) -- During a previous call, if there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a *nextToken*. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'projects': [ 'string', ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* If there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a *nextToken*. To get the next batch of items in the list, call this operation again, adding the next token to the call. * **projects** *(list) --* The list of build project names, with each build project name representing a single build project. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / start_sandbox_connection start_sandbox_connection ************************ CodeBuild.Client.start_sandbox_connection(**kwargs) Starts a sandbox connection. See also: AWS API Documentation **Request Syntax** response = client.start_sandbox_connection( sandboxId='string' ) Parameters: **sandboxId** (*string*) -- **[REQUIRED]** A "sandboxId" or "sandboxArn". Return type: dict Returns: **Response Syntax** { 'ssmSession': { 'sessionId': 'string', 'tokenValue': 'string', 'streamUrl': 'string' } } **Response Structure** * *(dict) --* * **ssmSession** *(dict) --* Information about the Session Manager session. * **sessionId** *(string) --* The ID of the session. * **tokenValue** *(string) --* An encrypted token value containing session and caller information. * **streamUrl** *(string) --* A URL back to SSM Agent on the managed node that the Session Manager client uses to send commands and receive output from the node. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / delete_fleet delete_fleet ************ CodeBuild.Client.delete_fleet(**kwargs) Deletes a compute fleet. When you delete a compute fleet, its builds are not deleted. See also: AWS API Documentation **Request Syntax** response = client.delete_fleet( arn='string' ) Parameters: **arn** (*string*) -- **[REQUIRED]** The ARN of the compute fleet. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / get_waiter get_waiter ********** CodeBuild.Client.get_waiter(waiter_name) Returns an object that can wait for some condition. Parameters: **waiter_name** (*str*) -- The name of the waiter to get. See the waiters section of the service docs for a list of available waiters. Returns: The specified waiter object. Return type: "botocore.waiter.Waiter" CodeBuild / Client / list_report_groups list_report_groups ****************** CodeBuild.Client.list_report_groups(**kwargs) Gets a list ARNs for the report groups in the current Amazon Web Services account. See also: AWS API Documentation **Request Syntax** response = client.list_report_groups( sortOrder='ASCENDING'|'DESCENDING', sortBy='NAME'|'CREATED_TIME'|'LAST_MODIFIED_TIME', nextToken='string', maxResults=123 ) Parameters: * **sortOrder** (*string*) -- Used to specify the order to sort the list of returned report groups. Valid values are "ASCENDING" and "DESCENDING". * **sortBy** (*string*) -- The criterion to be used to list build report groups. Valid values include: * "CREATED_TIME": List based on when each report group was created. * "LAST_MODIFIED_TIME": List based on when each report group was last changed. * "NAME": List based on each report group's name. * **nextToken** (*string*) -- During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **maxResults** (*integer*) -- The maximum number of paginated report groups returned per response. Use "nextToken" to iterate pages in the list of returned "ReportGroup" objects. The default value is 100. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'reportGroups': [ 'string', ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **reportGroups** *(list) --* The list of ARNs for the report groups in the current Amazon Web Services account. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / retry_build_batch retry_build_batch ***************** CodeBuild.Client.retry_build_batch(**kwargs) Restarts a failed batch build. Only batch builds that have failed can be retried. See also: AWS API Documentation **Request Syntax** response = client.retry_build_batch( id='string', idempotencyToken='string', retryType='RETRY_ALL_BUILDS'|'RETRY_FAILED_BUILDS' ) Parameters: * **id** (*string*) -- Specifies the identifier of the batch build to restart. * **idempotencyToken** (*string*) -- A unique, case sensitive identifier you provide to ensure the idempotency of the "RetryBuildBatch" request. The token is included in the "RetryBuildBatch" request and is valid for five minutes. If you repeat the "RetryBuildBatch" request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error. * **retryType** (*string*) -- Specifies the type of retry to perform. Return type: dict Returns: **Response Syntax** { 'buildBatch': { 'id': 'string', 'arn': 'string', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'buildBatchStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'sourceVersion': 'string', 'resolvedSourceVersion': 'string', 'projectName': 'string', 'phases': [ { 'phaseType': 'SUBMITTED'|'DOWNLOAD_BATCHSPEC'|'IN_PROGRESS'|'COMBINE_ARTIFACTS'|'SUCCEEDED'|'FAILED'|'STOPPED', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'logConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'buildTimeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'complete': True|False, 'initiator': 'string', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'encryptionKey': 'string', 'buildBatchNumber': 123, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'buildBatchConfig': { 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, 'buildGroups': [ { 'identifier': 'string', 'dependsOn': [ 'string', ], 'ignoreFailure': True|False, 'currentBuildSummary': { 'arn': 'string', 'requestedOn': datetime(2015, 1, 1), 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'primaryArtifact': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, ] }, 'priorBuildSummaryList': [ { 'arn': 'string', 'requestedOn': datetime(2015, 1, 1), 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'primaryArtifact': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, ] }, ] }, ], 'debugSessionEnabled': True|False, 'reportArns': [ 'string', ] } } **Response Structure** * *(dict) --* * **buildBatch** *(dict) --* Contains information about a batch build. * **id** *(string) --* The identifier of the batch build. * **arn** *(string) --* The ARN of the batch build. * **startTime** *(datetime) --* The date and time that the batch build started. * **endTime** *(datetime) --* The date and time that the batch build ended. * **currentPhase** *(string) --* The current phase of the batch build. * **buildBatchStatus** *(string) --* The status of the batch build. * **sourceVersion** *(string) --* The identifier of the version of the source code to be built. * **resolvedSourceVersion** *(string) --* The identifier of the resolved version of this batch build's source code. * For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID. * For CodePipeline, the source revision provided by CodePipeline. * For Amazon S3, this does not apply. * **projectName** *(string) --* The name of the batch build project. * **phases** *(list) --* An array of "BuildBatchPhase" objects the specify the phases of the batch build. * *(dict) --* Contains information about a stage for a batch build. * **phaseType** *(string) --* The name of the batch build phase. Valid values include: COMBINE_ARTIFACTS Build output artifacts are being combined and uploaded to the output location. DOWNLOAD_BATCHSPEC The batch build specification is being downloaded. FAILED One or more of the builds failed. IN_PROGRESS The batch build is in progress. STOPPED The batch build was stopped. SUBMITTED The btach build has been submitted. SUCCEEDED The batch build succeeded. * **phaseStatus** *(string) --* The current status of the batch build phase. Valid values include: FAILED The build phase failed. FAULT The build phase faulted. IN_PROGRESS The build phase is still in progress. STOPPED The build phase stopped. SUCCEEDED The build phase succeeded. TIMED_OUT The build phase timed out. * **startTime** *(datetime) --* When the batch build phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the batch build phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the batch build's phase. * **contexts** *(list) --* Additional information about the batch build phase. Especially to help troubleshoot a failed batch build. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **source** *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects that define the sources for the batch build. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. Each "ProjectSourceVersion" must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* A "BuildArtifacts" object the defines the build artifacts for this batch build. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "BuildArtifacts" objects the define the build artifacts for this batch build. * *(dict) --* Information about build output artifacts. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build project. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment of the build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The name of a service role used for builds in the batch. * **logConfig** *(dict) --* Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **buildTimeoutInMinutes** *(integer) --* Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in. * **queuedTimeoutInMinutes** *(integer) --* Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out. * **complete** *(boolean) --* Indicates if the batch build is complete. * **initiator** *(string) --* The entity that started the batch build. Valid values include: * If CodePipeline started the build, the pipeline's name (for example, "codepipeline/my-demo-pipeline"). * If a user started the build, the user's name. * If the Jenkins plugin for CodeBuild started the build, the string "CodeBuild-Jenkins-Plugin". * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). * **buildBatchNumber** *(integer) --* The number of the batch build. For each project, the "buildBatchNumber" of its first batch build is "1". The "buildBatchNumber" of each subsequent batch build is incremented by "1". If a batch build is deleted, the "buildBatchNumber" of other batch builds does not change. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for the batch build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** *(dict) --* Contains configuration information about a batch build project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **buildGroups** *(list) --* An array of "BuildGroup" objects that define the build groups for the batch build. * *(dict) --* Contains information about a batch build build group. Build groups are used to combine builds that can run in parallel, while still being able to set dependencies on other build groups. * **identifier** *(string) --* Contains the identifier of the build group. * **dependsOn** *(list) --* An array of strings that contain the identifiers of the build groups that this build group depends on. * *(string) --* * **ignoreFailure** *(boolean) --* Specifies if failures in this build group can be ignored. * **currentBuildSummary** *(dict) --* A "BuildSummary" object that contains a summary of the current build group. * **arn** *(string) --* The batch build ARN. * **requestedOn** *(datetime) --* When the build was started, expressed in Unix time format. * **buildStatus** *(string) --* The status of the build group. FAILED The build group failed. FAULT The build group faulted. IN_PROGRESS The build group is still in progress. STOPPED The build group stopped. SUCCEEDED The build group succeeded. TIMED_OUT The build group timed out. * **primaryArtifact** *(dict) --* A "ResolvedArtifact" object that represents the primary build artifacts for the build group. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **secondaryArtifacts** *(list) --* An array of "ResolvedArtifact" objects that represents the secondary build artifacts for the build group. * *(dict) --* Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **priorBuildSummaryList** *(list) --* An array of "BuildSummary" objects that contain summaries of previous build groups. * *(dict) --* Contains summary information about a batch build group. * **arn** *(string) --* The batch build ARN. * **requestedOn** *(datetime) --* When the build was started, expressed in Unix time format. * **buildStatus** *(string) --* The status of the build group. FAILED The build group failed. FAULT The build group faulted. IN_PROGRESS The build group is still in progress. STOPPED The build group stopped. SUCCEEDED The build group succeeded. TIMED_OUT The build group timed out. * **primaryArtifact** *(dict) --* A "ResolvedArtifact" object that represents the primary build artifacts for the build group. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **secondaryArtifacts** *(list) --* An array of "ResolvedArtifact" objects that represents the secondary build artifacts for the build group. * *(dict) --* Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **debugSessionEnabled** *(boolean) --* Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds. * **reportArns** *(list) --* An array that contains the ARNs of reports created by merging reports from builds associated with this batch build. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / list_fleets list_fleets *********** CodeBuild.Client.list_fleets(**kwargs) Gets a list of compute fleet names with each compute fleet name representing a single compute fleet. See also: AWS API Documentation **Request Syntax** response = client.list_fleets( nextToken='string', maxResults=123, sortOrder='ASCENDING'|'DESCENDING', sortBy='NAME'|'CREATED_TIME'|'LAST_MODIFIED_TIME' ) Parameters: * **nextToken** (*string*) -- During a previous call, if there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a *nextToken*. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **maxResults** (*integer*) -- The maximum number of paginated compute fleets returned per response. Use "nextToken" to iterate pages in the list of returned compute fleets. * **sortOrder** (*string*) -- The order in which to list compute fleets. Valid values include: * "ASCENDING": List in ascending order. * "DESCENDING": List in descending order. Use "sortBy" to specify the criterion to be used to list compute fleet names. * **sortBy** (*string*) -- The criterion to be used to list compute fleet names. Valid values include: * "CREATED_TIME": List based on when each compute fleet was created. * "LAST_MODIFIED_TIME": List based on when information about each compute fleet was last changed. * "NAME": List based on each compute fleet's name. Use "sortOrder" to specify in what order to list the compute fleet names based on the preceding criteria. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'fleets': [ 'string', ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* If there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a *nextToken*. To get the next batch of items in the list, call this operation again, adding the next token to the call. * **fleets** *(list) --* The list of compute fleet names. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / list_builds list_builds *********** CodeBuild.Client.list_builds(**kwargs) Gets a list of build IDs, with each build ID representing a single build. See also: AWS API Documentation **Request Syntax** response = client.list_builds( sortOrder='ASCENDING'|'DESCENDING', nextToken='string' ) Parameters: * **sortOrder** (*string*) -- The order to list build IDs. Valid values include: * "ASCENDING": List the build IDs in ascending order by build ID. * "DESCENDING": List the build IDs in descending order by build ID. * **nextToken** (*string*) -- During a previous call, if there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a *nextToken*. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* A list of build IDs, with each build ID representing a single build. * *(string) --* * **nextToken** *(string) --* If there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a *nextToken*. To get the next batch of items in the list, call this operation again, adding the next token to the call. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / delete_project delete_project ************** CodeBuild.Client.delete_project(**kwargs) Deletes a build project. When you delete a project, its builds are not deleted. See also: AWS API Documentation **Request Syntax** response = client.delete_project( name='string' ) Parameters: **name** (*string*) -- **[REQUIRED]** The name of the build project. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / create_webhook create_webhook ************** CodeBuild.Client.create_webhook(**kwargs) For an existing CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables CodeBuild to start rebuilding the source code every time a code change is pushed to the repository. Warning: If you enable webhooks for an CodeBuild project, and the project is used as a build step in CodePipeline, then two identical builds are created for each commit. One build is triggered through webhooks, and one through CodePipeline. Because billing is on a per-build basis, you are billed for both builds. Therefore, if you are using CodePipeline, we recommend that you disable webhooks in CodeBuild. In the CodeBuild console, clear the Webhook box. For more information, see step 5 in Change a Build Project's Settings. See also: AWS API Documentation **Request Syntax** response = client.create_webhook( projectName='string', branchFilter='string', filterGroups=[ [ { 'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME'|'ORGANIZATION_NAME', 'pattern': 'string', 'excludeMatchedPattern': True|False }, ], ], buildType='BUILD'|'BUILD_BATCH'|'RUNNER_BUILDKITE_BUILD', manualCreation=True|False, scopeConfiguration={ 'name': 'string', 'domain': 'string', 'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP' }, pullRequestBuildPolicy={ 'requiresCommentApproval': 'DISABLED'|'ALL_PULL_REQUESTS'|'FORK_PULL_REQUESTS', 'approverRoles': [ 'GITHUB_READ'|'GITHUB_TRIAGE'|'GITHUB_WRITE'|'GITHUB_MAINTAIN'|'GITHUB_ADMIN'|'GITLAB_GUEST'|'GITLAB_PLANNER'|'GITLAB_REPORTER'|'GITLAB_DEVELOPER'|'GITLAB_MAINTAINER'|'GITLAB_OWNER'|'BITBUCKET_READ'|'BITBUCKET_WRITE'|'BITBUCKET_ADMIN', ] } ) Parameters: * **projectName** (*string*) -- **[REQUIRED]** The name of the CodeBuild project. * **branchFilter** (*string*) -- A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If "branchFilter" is empty, then all branches are built. Note: It is recommended that you use "filterGroups" instead of "branchFilter". * **filterGroups** (*list*) -- An array of arrays of "WebhookFilter" objects used to determine which webhooks are triggered. At least one "WebhookFilter" in the array must specify "EVENT" as its "type". For a build to be triggered, at least one filter group in the "filterGroups" array must pass. For a filter group to pass, each of its filters must pass. * *(list) --* * *(dict) --* A filter used to determine which webhooks trigger a build. * **type** *(string) --* **[REQUIRED]** The type of webhook filter. There are 11 webhook filter types: "EVENT", "ACTOR_ACCOUNT_ID", "HEAD_REF", "BASE_REF", "FILE_PATH", "COMMIT_MESSAGE", "TAG_NAME", "RELEASE_NAME", "REPOSITORY_NAME", "ORGANIZATION_NAME", and "WORKFLOW_NAME". * EVENT * A webhook event triggers a build when the provided "pattern" matches one of nine event types: "PUSH", "PULL_REQUEST_CREATED", "PULL_REQUEST_UPDATED", "PULL_REQUEST_CLOSED", "PULL_REQUEST_REOPENED", "PULL_REQUEST_MERGED", "RELEASED", "PRERELEASED", and "WORKFLOW_JOB_QUEUED". The "EVENT" patterns are specified as a comma-separated string. For example, "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" filters all push, pull request created, and pull request updated events. Note: Types "PULL_REQUEST_REOPENED" and "WORKFLOW_JOB_QUEUED" work with GitHub and GitHub Enterprise only. Types "RELEASED" and "PRERELEASED" work with GitHub only. * ACTOR_ACCOUNT_ID * A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression "pattern". * HEAD_REF * A webhook event triggers a build when the head reference matches the regular expression "pattern". For example, "refs/heads/branch-name" and "refs/tags /tag-name". Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. * BASE_REF * A webhook event triggers a build when the base reference matches the regular expression "pattern". For example, "refs/heads/branch-name". Note: Works with pull request events only. * FILE_PATH * A webhook triggers a build when the path of a changed file matches the regular expression "pattern". Note: Works with push and pull request events only. * COMMIT_MESSAGE * A webhook triggers a build when the head commit message matches the regular expression "pattern". Note: Works with push and pull request events only. * TAG_NAME * A webhook triggers a build when the tag name of the release matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * RELEASE_NAME * A webhook triggers a build when the release name matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * REPOSITORY_NAME * A webhook triggers a build when the repository name matches the regular expression "pattern". Note: Works with GitHub global or organization webhooks only. * ORGANIZATION_NAME * A webhook triggers a build when the organization name matches the regular expression "pattern". Note: Works with GitHub global webhooks only. * WORKFLOW_NAME * A webhook triggers a build when the workflow name matches the regular expression "pattern". Note: Works with "WORKFLOW_JOB_QUEUED" events only. Note: For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name. * **pattern** *(string) --* **[REQUIRED]** For a "WebHookFilter" that uses "EVENT" type, a comma- separated string that specifies one or more events. For example, the webhook filter "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" allows all push, pull request created, and pull request updated events to trigger a build. For a "WebHookFilter" that uses any of the other filter types, a regular expression pattern. For example, a "WebHookFilter" that uses "HEAD_REF" for its "type" and the pattern "^refs/heads/" triggers a build when the head reference is a branch with a reference name "refs/heads/branch-name". * **excludeMatchedPattern** *(boolean) --* Used to indicate that the "pattern" determines which webhook events do not trigger a build. If true, then a webhook event that does not match the "pattern" triggers a build. If false, then a webhook event that matches the "pattern" triggers a build. * **buildType** (*string*) -- Specifies the type of build this webhook will trigger. Note: "RUNNER_BUILDKITE_BUILD" is only available for "NO_SOURCE" source type projects configured for Buildkite runner builds. For more information about CodeBuild-hosted Buildkite runner builds, see Tutorial: Configure a CodeBuild-hosted Buildkite runner in the *CodeBuild user guide*. * **manualCreation** (*boolean*) -- If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns "payloadUrl" and "secret" values for the webhook. The "payloadUrl" and "secret" values in the output can be used to manually create a webhook within GitHub. Note: "manualCreation" is only available for GitHub webhooks. * **scopeConfiguration** (*dict*) -- The scope configuration for global or organization webhooks. Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks. * **name** *(string) --* **[REQUIRED]** The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook. * **domain** *(string) --* The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED. * **scope** *(string) --* **[REQUIRED]** The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION. * **pullRequestBuildPolicy** (*dict*) -- A PullRequestBuildPolicy object that defines comment-based approval requirements for triggering builds on pull requests. This policy helps control when automated builds are executed based on contributor permissions and approval workflows. * **requiresCommentApproval** *(string) --* **[REQUIRED]** Specifies when comment-based approval is required before triggering a build on pull requests. This setting determines whether builds run automatically or require explicit approval through comments. * *DISABLED*: Builds trigger automatically without requiring comment approval * *ALL_PULL_REQUESTS*: All pull requests require comment approval before builds execute (unless contributor is one of the approver roles) * *FORK_PULL_REQUESTS*: Only pull requests from forked repositories require comment approval (unless contributor is one of the approver roles) * **approverRoles** *(list) --* List of repository roles that have approval privileges for pull request builds when comment approval is required. Only users with these roles can provide valid comment approvals. If a pull request contributor is one of these roles, their pull request builds will trigger automatically. This field is only applicable when "requiresCommentApproval" is not *DISABLED*. * *(string) --* Return type: dict Returns: **Response Syntax** { 'webhook': { 'url': 'string', 'payloadUrl': 'string', 'secret': 'string', 'branchFilter': 'string', 'filterGroups': [ [ { 'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME'|'ORGANIZATION_NAME', 'pattern': 'string', 'excludeMatchedPattern': True|False }, ], ], 'buildType': 'BUILD'|'BUILD_BATCH'|'RUNNER_BUILDKITE_BUILD', 'manualCreation': True|False, 'lastModifiedSecret': datetime(2015, 1, 1), 'scopeConfiguration': { 'name': 'string', 'domain': 'string', 'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP' }, 'status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'DELETING', 'statusMessage': 'string' } } **Response Structure** * *(dict) --* * **webhook** *(dict) --* Information about a webhook that connects repository events to a build project in CodeBuild. * **url** *(string) --* The URL to the webhook. * **payloadUrl** *(string) --* The CodeBuild endpoint where webhook events are sent. * **secret** *(string) --* The secret token of the associated repository. Note: A Bitbucket webhook does not support "secret". * **branchFilter** *(string) --* A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If "branchFilter" is empty, then all branches are built. Note: It is recommended that you use "filterGroups" instead of "branchFilter". * **filterGroups** *(list) --* An array of arrays of "WebhookFilter" objects used to determine which webhooks are triggered. At least one "WebhookFilter" in the array must specify "EVENT" as its "type". For a build to be triggered, at least one filter group in the "filterGroups" array must pass. For a filter group to pass, each of its filters must pass. * *(list) --* * *(dict) --* A filter used to determine which webhooks trigger a build. * **type** *(string) --* The type of webhook filter. There are 11 webhook filter types: "EVENT", "ACTOR_ACCOUNT_ID", "HEAD_REF", "BASE_REF", "FILE_PATH", "COMMIT_MESSAGE", "TAG_NAME", "RELEASE_NAME", "REPOSITORY_NAME", "ORGANIZATION_NAME", and "WORKFLOW_NAME". * EVENT * A webhook event triggers a build when the provided "pattern" matches one of nine event types: "PUSH", "PULL_REQUEST_CREATED", "PULL_REQUEST_UPDATED", "PULL_REQUEST_CLOSED", "PULL_REQUEST_REOPENED", "PULL_REQUEST_MERGED", "RELEASED", "PRERELEASED", and "WORKFLOW_JOB_QUEUED". The "EVENT" patterns are specified as a comma-separated string. For example, "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" filters all push, pull request created, and pull request updated events. Note: Types "PULL_REQUEST_REOPENED" and "WORKFLOW_JOB_QUEUED" work with GitHub and GitHub Enterprise only. Types "RELEASED" and "PRERELEASED" work with GitHub only. * ACTOR_ACCOUNT_ID * A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression "pattern". * HEAD_REF * A webhook event triggers a build when the head reference matches the regular expression "pattern". For example, "refs/heads/branch-name" and "refs/tags/tag-name". Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. * BASE_REF * A webhook event triggers a build when the base reference matches the regular expression "pattern". For example, "refs/heads/branch- name". Note: Works with pull request events only. * FILE_PATH * A webhook triggers a build when the path of a changed file matches the regular expression "pattern". Note: Works with push and pull request events only. * COMMIT_MESSAGE * A webhook triggers a build when the head commit message matches the regular expression "pattern". Note: Works with push and pull request events only. * TAG_NAME * A webhook triggers a build when the tag name of the release matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * RELEASE_NAME * A webhook triggers a build when the release name matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * REPOSITORY_NAME * A webhook triggers a build when the repository name matches the regular expression "pattern". Note: Works with GitHub global or organization webhooks only. * ORGANIZATION_NAME * A webhook triggers a build when the organization name matches the regular expression "pattern". Note: Works with GitHub global webhooks only. * WORKFLOW_NAME * A webhook triggers a build when the workflow name matches the regular expression "pattern". Note: Works with "WORKFLOW_JOB_QUEUED" events only. Note: For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name. * **pattern** *(string) --* For a "WebHookFilter" that uses "EVENT" type, a comma-separated string that specifies one or more events. For example, the webhook filter "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" allows all push, pull request created, and pull request updated events to trigger a build. For a "WebHookFilter" that uses any of the other filter types, a regular expression pattern. For example, a "WebHookFilter" that uses "HEAD_REF" for its "type" and the pattern "^refs/heads/" triggers a build when the head reference is a branch with a reference name "refs/heads/branch-name". * **excludeMatchedPattern** *(boolean) --* Used to indicate that the "pattern" determines which webhook events do not trigger a build. If true, then a webhook event that does not match the "pattern" triggers a build. If false, then a webhook event that matches the "pattern" triggers a build. * **buildType** *(string) --* Specifies the type of build this webhook will trigger. Note: "RUNNER_BUILDKITE_BUILD" is only available for "NO_SOURCE" source type projects configured for Buildkite runner builds. For more information about CodeBuild-hosted Buildkite runner builds, see Tutorial: Configure a CodeBuild-hosted Buildkite runner in the *CodeBuild user guide*. * **manualCreation** *(boolean) --* If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns "payloadUrl" and "secret" values for the webhook. The "payloadUrl" and "secret" values in the output can be used to manually create a webhook within GitHub. Note: manualCreation is only available for GitHub webhooks. * **lastModifiedSecret** *(datetime) --* A timestamp that indicates the last time a repository's secret token was modified. * **scopeConfiguration** *(dict) --* The scope configuration for global or organization webhooks. Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks. * **name** *(string) --* The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook. * **domain** *(string) --* The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED. * **scope** *(string) --* The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION. * **status** *(string) --* The status of the webhook. Valid values include: * "CREATING": The webhook is being created. * "CREATE_FAILED": The webhook has failed to create. * "ACTIVE": The webhook has succeeded and is active. * "DELETING": The webhook is being deleted. * **statusMessage** *(string) --* A message associated with the status of a webhook. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.OAuthProviderException" * "CodeBuild.Client.exceptions.ResourceAlreadyExistsException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / update_project_visibility update_project_visibility ************************* CodeBuild.Client.update_project_visibility(**kwargs) Changes the public visibility for a project. The project's build results, logs, and artifacts are available to the general public. For more information, see Public build projects in the *CodeBuild User Guide*. Warning: The following should be kept in mind when making your projects public: * All of a project's build results, logs, and artifacts, including builds that were run when the project was private, are available to the general public. * All build logs and artifacts are available to the public. Environment variables, source code, and other sensitive information may have been output to the build logs and artifacts. You must be careful about what information is output to the build logs. Some best practice are: * Do not store sensitive values in environment variables. We recommend that you use an Amazon EC2 Systems Manager Parameter Store or Secrets Manager to store sensitive values. * Follow Best practices for using webhooks in the *CodeBuild User Guide* to limit which entities can trigger a build, and do not store the buildspec in the project itself, to ensure that your webhooks are as secure as possible. * A malicious user can use public builds to distribute malicious artifacts. We recommend that you review all pull requests to verify that the pull request is a legitimate change. We also recommend that you validate any artifacts with their checksums to make sure that the correct artifacts are being downloaded. See also: AWS API Documentation **Request Syntax** response = client.update_project_visibility( projectArn='string', projectVisibility='PUBLIC_READ'|'PRIVATE', resourceAccessRole='string' ) Parameters: * **projectArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the build project. * **projectVisibility** (*string*) -- **[REQUIRED]** Specifies the visibility of the project's builds. Possible values are: PUBLIC_READ The project builds are visible to the public. PRIVATE The project builds are not visible to the public. * **resourceAccessRole** (*string*) -- The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds. Return type: dict Returns: **Response Syntax** { 'projectArn': 'string', 'publicProjectAlias': 'string', 'projectVisibility': 'PUBLIC_READ'|'PRIVATE' } **Response Structure** * *(dict) --* * **projectArn** *(string) --* The Amazon Resource Name (ARN) of the build project. * **publicProjectAlias** *(string) --* Contains the project identifier used with the public build APIs. * **projectVisibility** *(string) --* Specifies the visibility of the project's builds. Possible values are: PUBLIC_READ The project builds are visible to the public. PRIVATE The project builds are not visible to the public. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / create_fleet create_fleet ************ CodeBuild.Client.create_fleet(**kwargs) Creates a compute fleet. See also: AWS API Documentation **Request Syntax** response = client.create_fleet( name='string', baseCapacity=123, environmentType='WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', computeType='BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', computeConfiguration={ 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, scalingConfiguration={ 'scalingType': 'TARGET_TRACKING_SCALING', 'targetTrackingScalingConfigs': [ { 'metricType': 'FLEET_UTILIZATION_RATE', 'targetValue': 123.0 }, ], 'maxCapacity': 123 }, overflowBehavior='QUEUE'|'ON_DEMAND', vpcConfig={ 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, proxyConfiguration={ 'defaultBehavior': 'ALLOW_ALL'|'DENY_ALL', 'orderedProxyRules': [ { 'type': 'DOMAIN'|'IP', 'effect': 'ALLOW'|'DENY', 'entities': [ 'string', ] }, ] }, imageId='string', fleetServiceRole='string', tags=[ { 'key': 'string', 'value': 'string' }, ] ) Parameters: * **name** (*string*) -- **[REQUIRED]** The name of the compute fleet. * **baseCapacity** (*integer*) -- **[REQUIRED]** The initial number of machines allocated to the fleet, which defines the number of builds that can run in parallel. * **environmentType** (*string*) -- **[REQUIRED]** The environment type of the compute fleet. * The environment type "ARM_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). * The environment type "ARM_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_GPU_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). * The environment type "MAC_ARM" is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) * The environment type "MAC_ARM" is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). * The environment type "WINDOWS_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "WINDOWS_SERVER_2019_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). * The environment type "WINDOWS_SERVER_2022_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai). For more information, see Build environment compute types in the *CodeBuild user guide*. * **computeType** (*string*) -- **[REQUIRED]** Information about the compute resources the compute fleet uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "CUSTOM_INSTANCE_TYPE": Specify the instance type for your compute fleet. For a list of supported instance types, see Supported instance families in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** (*dict*) -- The compute configuration of the compute fleet. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE" or "CUSTOM_INSTANCE_TYPE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **scalingConfiguration** (*dict*) -- The scaling configuration of the compute fleet. * **scalingType** *(string) --* The scaling type for a compute fleet. * **targetTrackingScalingConfigs** *(list) --* A list of "TargetTrackingScalingConfiguration" objects. * *(dict) --* Defines when a new instance is auto-scaled into the compute fleet. * **metricType** *(string) --* The metric type to determine auto-scaling. * **targetValue** *(float) --* The value of "metricType" when to start scaling. * **maxCapacity** *(integer) --* The maximum number of instances in the fleet when auto- scaling. * **overflowBehavior** (*string*) -- The compute fleet overflow behavior. * For overflow behavior "QUEUE", your overflow builds need to wait on the existing fleet instance to become available. * For overflow behavior "ON_DEMAND", your overflow builds run on CodeBuild on-demand. Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface. * **vpcConfig** (*dict*) -- Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **proxyConfiguration** (*dict*) -- The proxy configuration of the compute fleet. * **defaultBehavior** *(string) --* The default behavior of outgoing traffic. * **orderedProxyRules** *(list) --* An array of "FleetProxyRule" objects that represent the specified destination domains or IPs to allow or deny network access control to. * *(dict) --* Information about the proxy rule for your reserved capacity instances. * **type** *(string) --* **[REQUIRED]** The type of proxy rule. * **effect** *(string) --* **[REQUIRED]** The behavior of the proxy rule. * **entities** *(list) --* **[REQUIRED]** The destination of the proxy rule. * *(string) --* * **imageId** (*string*) -- The Amazon Machine Image (AMI) of the compute fleet. * **fleetServiceRole** (*string*) -- The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the *CodeBuild User Guide*. * **tags** (*list*) -- A list of tag key and value pairs associated with this compute fleet. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. Return type: dict Returns: **Response Syntax** { 'fleet': { 'arn': 'string', 'name': 'string', 'id': 'string', 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'status': { 'statusCode': 'CREATING'|'UPDATING'|'ROTATING'|'PENDING_DELETION'|'DELETING'|'CREATE_FAILED'|'UPDATE_ROLLBACK_FAILED'|'ACTIVE', 'context': 'CREATE_FAILED'|'UPDATE_FAILED'|'ACTION_REQUIRED'|'PENDING_DELETION'|'INSUFFICIENT_CAPACITY', 'message': 'string' }, 'baseCapacity': 123, 'environmentType': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'scalingConfiguration': { 'scalingType': 'TARGET_TRACKING_SCALING', 'targetTrackingScalingConfigs': [ { 'metricType': 'FLEET_UTILIZATION_RATE', 'targetValue': 123.0 }, ], 'maxCapacity': 123, 'desiredCapacity': 123 }, 'overflowBehavior': 'QUEUE'|'ON_DEMAND', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'proxyConfiguration': { 'defaultBehavior': 'ALLOW_ALL'|'DENY_ALL', 'orderedProxyRules': [ { 'type': 'DOMAIN'|'IP', 'effect': 'ALLOW'|'DENY', 'entities': [ 'string', ] }, ] }, 'imageId': 'string', 'fleetServiceRole': 'string', 'tags': [ { 'key': 'string', 'value': 'string' }, ] } } **Response Structure** * *(dict) --* * **fleet** *(dict) --* Information about the compute fleet * **arn** *(string) --* The ARN of the compute fleet. * **name** *(string) --* The name of the compute fleet. * **id** *(string) --* The ID of the compute fleet. * **created** *(datetime) --* The time at which the compute fleet was created. * **lastModified** *(datetime) --* The time at which the compute fleet was last modified. * **status** *(dict) --* The status of the compute fleet. * **statusCode** *(string) --* The status code of the compute fleet. Valid values include: * "CREATING": The compute fleet is being created. * "UPDATING": The compute fleet is being updated. * "ROTATING": The compute fleet is being rotated. * "PENDING_DELETION": The compute fleet is pending deletion. * "DELETING": The compute fleet is being deleted. * "CREATE_FAILED": The compute fleet has failed to create. * "UPDATE_ROLLBACK_FAILED": The compute fleet has failed to update and could not rollback to previous state. * "ACTIVE": The compute fleet has succeeded and is active. * **context** *(string) --* Additional information about a compute fleet. Valid values include: * "CREATE_FAILED": The compute fleet has failed to create. * "UPDATE_FAILED": The compute fleet has failed to update. * **message** *(string) --* A message associated with the status of a compute fleet. * **baseCapacity** *(integer) --* The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel. * **environmentType** *(string) --* The environment type of the compute fleet. * The environment type "ARM_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). * The environment type "ARM_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_GPU_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). * The environment type "MAC_ARM" is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) * The environment type "MAC_ARM" is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). * The environment type "WINDOWS_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "WINDOWS_SERVER_2019_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). * The environment type "WINDOWS_SERVER_2022_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai). For more information, see Build environment compute types in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the compute fleet uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "CUSTOM_INSTANCE_TYPE": Specify the instance type for your compute fleet. For a list of supported instance types, see Supported instance families in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the compute fleet. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE" or "CUSTOM_INSTANCE_TYPE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **scalingConfiguration** *(dict) --* The scaling configuration of the compute fleet. * **scalingType** *(string) --* The scaling type for a compute fleet. * **targetTrackingScalingConfigs** *(list) --* A list of "TargetTrackingScalingConfiguration" objects. * *(dict) --* Defines when a new instance is auto-scaled into the compute fleet. * **metricType** *(string) --* The metric type to determine auto-scaling. * **targetValue** *(float) --* The value of "metricType" when to start scaling. * **maxCapacity** *(integer) --* The maximum number of instances in the fleet when auto- scaling. * **desiredCapacity** *(integer) --* The desired number of instances in the fleet when auto- scaling. * **overflowBehavior** *(string) --* The compute fleet overflow behavior. * For overflow behavior "QUEUE", your overflow builds need to wait on the existing fleet instance to become available. * For overflow behavior "ON_DEMAND", your overflow builds run on CodeBuild on-demand. Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **proxyConfiguration** *(dict) --* The proxy configuration of the compute fleet. * **defaultBehavior** *(string) --* The default behavior of outgoing traffic. * **orderedProxyRules** *(list) --* An array of "FleetProxyRule" objects that represent the specified destination domains or IPs to allow or deny network access control to. * *(dict) --* Information about the proxy rule for your reserved capacity instances. * **type** *(string) --* The type of proxy rule. * **effect** *(string) --* The behavior of the proxy rule. * **entities** *(list) --* The destination of the proxy rule. * *(string) --* * **imageId** *(string) --* The Amazon Machine Image (AMI) of the compute fleet. * **fleetServiceRole** *(string) --* The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the *CodeBuild User Guide*. * **tags** *(list) --* A list of tag key and value pairs associated with this compute fleet. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceAlreadyExistsException" * "CodeBuild.Client.exceptions.AccountLimitExceededException" CodeBuild / Client / start_sandbox start_sandbox ************* CodeBuild.Client.start_sandbox(**kwargs) Starts a sandbox. See also: AWS API Documentation **Request Syntax** response = client.start_sandbox( projectName='string', idempotencyToken='string' ) Parameters: * **projectName** (*string*) -- The CodeBuild project name. * **idempotencyToken** (*string*) -- A unique client token. Return type: dict Returns: **Response Syntax** { 'sandbox': { 'id': 'string', 'arn': 'string', 'projectName': 'string', 'requestTime': datetime(2015, 1, 1), 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'status': 'string', 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'sourceVersion': 'string', 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'logConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'encryptionKey': 'string', 'serviceRole': 'string', 'currentSession': { 'id': 'string', 'status': 'string', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'phases': [ { 'phaseType': 'string', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'resolvedSourceVersion': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'networkInterface': { 'subnetId': 'string', 'networkInterfaceId': 'string' } } } } **Response Structure** * *(dict) --* * **sandbox** *(dict) --* Information about the requested sandbox. * **id** *(string) --* The ID of the sandbox. * **arn** *(string) --* The ARN of the sandbox. * **projectName** *(string) --* The CodeBuild project name. * **requestTime** *(datetime) --* When the sandbox process was initially requested, expressed in Unix time format. * **startTime** *(datetime) --* When the sandbox process started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox process ended, expressed in Unix time format. * **status** *(string) --* The status of the sandbox. * **source** *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* Any version identifier for the version of the sandbox to be built. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment of the build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this sandbox if it does not get marked as completed. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a sandbox is allowed to be queued before it times out. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **logConfig** *(dict) --* Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the sandbox output artifacts. * **serviceRole** *(string) --* The name of a service role used for this sandbox. * **currentSession** *(dict) --* The current session for the sandbox. * **id** *(string) --* The ID of the sandbox session. * **status** *(string) --* The status of the sandbox session. * **startTime** *(datetime) --* When the sandbox session started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox session ended, expressed in Unix time format. * **currentPhase** *(string) --* The current phase for the sandbox. * **phases** *(list) --* An array of "SandboxSessionPhase" objects. * *(dict) --* Contains information about the sandbox phase. * **phaseType** *(string) --* The name of the sandbox phase. * **phaseStatus** *(string) --* The current status of the sandbox phase. Valid values include: FAILED The sandbox phase failed. FAULT The sandbox phase faulted. IN_PROGRESS The sandbox phase is still in progress. STOPPED The sandbox phase stopped. SUCCEEDED The sandbox phase succeeded. TIMED_OUT The sandbox phase timed out. * **startTime** *(datetime) --* When the sandbox phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the sandbox's phase. * **contexts** *(list) --* An array of "PhaseContext" objects. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **resolvedSourceVersion** *(string) --* An identifier for the version of this sandbox's source code. * **logs** *(dict) --* Information about build logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3 :::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **networkInterface** *(dict) --* Describes a network interface. * **subnetId** *(string) --* The ID of the subnet. * **networkInterfaceId** *(string) --* The ID of the network interface. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" * "CodeBuild.Client.exceptions.AccountSuspendedException" CodeBuild / Client / list_build_batches_for_project list_build_batches_for_project ****************************** CodeBuild.Client.list_build_batches_for_project(**kwargs) Retrieves the identifiers of the build batches for a specific project. See also: AWS API Documentation **Request Syntax** response = client.list_build_batches_for_project( projectName='string', filter={ 'status': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED' }, maxResults=123, sortOrder='ASCENDING'|'DESCENDING', nextToken='string' ) Parameters: * **projectName** (*string*) -- The name of the project. * **filter** (*dict*) -- A "BuildBatchFilter" object that specifies the filters for the search. * **status** *(string) --* The status of the batch builds to retrieve. Only batch builds that have this status will be retrieved. * **maxResults** (*integer*) -- The maximum number of results to return. * **sortOrder** (*string*) -- Specifies the sort order of the returned items. Valid values include: * "ASCENDING": List the batch build identifiers in ascending order by identifier. * "DESCENDING": List the batch build identifiers in descending order by identifier. * **nextToken** (*string*) -- The "nextToken" value returned from a previous call to "ListBuildBatchesForProject". This specifies the next item to return. To return the beginning of the list, exclude this parameter. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* An array of strings that contains the batch build identifiers. * *(string) --* * **nextToken** *(string) --* If there are more items to return, this contains a token that is passed to a subsequent call to "ListBuildBatchesForProject" to retrieve the next set of items. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / start_build_batch start_build_batch ***************** CodeBuild.Client.start_build_batch(**kwargs) Starts a batch build for a project. See also: AWS API Documentation **Request Syntax** response = client.start_build_batch( projectName='string', secondarySourcesOverride=[ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], secondarySourcesVersionOverride=[ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], sourceVersion='string', artifactsOverride={ 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, secondaryArtifactsOverride=[ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], environmentVariablesOverride=[ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], sourceTypeOverride='CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', sourceLocationOverride='string', sourceAuthOverride={ 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, gitCloneDepthOverride=123, gitSubmodulesConfigOverride={ 'fetchSubmodules': True|False }, buildspecOverride='string', insecureSslOverride=True|False, reportBuildBatchStatusOverride=True|False, environmentTypeOverride='WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', imageOverride='string', computeTypeOverride='BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', certificateOverride='string', cacheOverride={ 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, serviceRoleOverride='string', privilegedModeOverride=True|False, buildTimeoutInMinutesOverride=123, queuedTimeoutInMinutesOverride=123, encryptionKeyOverride='string', idempotencyToken='string', logsConfigOverride={ 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, registryCredentialOverride={ 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, imagePullCredentialsTypeOverride='CODEBUILD'|'SERVICE_ROLE', buildBatchConfigOverride={ 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, debugSessionEnabled=True|False ) Parameters: * **projectName** (*string*) -- **[REQUIRED]** The name of the project. * **secondarySourcesOverride** (*list*) -- An array of "ProjectSource" objects that override the secondary sources defined in the batch build project. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* **[REQUIRED]** The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git- codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* **[REQUIRED]** Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild- sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* **[REQUIRED]** The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourcesVersionOverride** (*list*) -- An array of "ProjectSourceVersion" objects that override the secondary source versions in the batch build project. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* **[REQUIRED]** An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* **[REQUIRED]** The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **sourceVersion** (*string*) -- The version of the batch build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider: CodeCommit The commit ID, branch, or Git tag to use. GitHub The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. Bitbucket The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. Amazon S3 The version ID of the object that represents the build input ZIP file to use. If "sourceVersion" is specified at the project level, then this "sourceVersion" (at the build level) takes precedence. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifactsOverride** (*dict*) -- An array of "ProjectArtifacts" objects that contains information about the build output artifact overrides for the build project. * **type** *(string) --* **[REQUIRED]** The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifactsOverride** (*list*) -- An array of "ProjectArtifacts" objects that override the secondary artifacts defined in the batch build project. * *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* **[REQUIRED]** The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **environmentVariablesOverride** (*list*) -- An array of "EnvironmentVariable" objects that override, or add to, the environment variables defined in the batch build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* **[REQUIRED]** The name or key of the environment variable. * **value** *(string) --* **[REQUIRED]** The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **sourceTypeOverride** (*string*) -- The source input type that overrides the source input defined in the batch build project. * **sourceLocationOverride** (*string*) -- A location that overrides, for this batch build, the source location defined in the batch build project. * **sourceAuthOverride** (*dict*) -- A "SourceAuth" object that overrides the one defined in the batch build project. This override applies only if the build project's source is BitBucket or GitHub. * **type** *(string) --* **[REQUIRED]** The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **gitCloneDepthOverride** (*integer*) -- The user-defined depth of history, with a minimum value of 0, that overrides, for this batch build only, any previous depth of history defined in the batch build project. * **gitSubmodulesConfigOverride** (*dict*) -- A "GitSubmodulesConfig" object that overrides the Git submodules configuration for this batch build. * **fetchSubmodules** *(boolean) --* **[REQUIRED]** Set to true to fetch Git submodules for your CodeBuild build project. * **buildspecOverride** (*string*) -- A buildspec file declaration that overrides, for this build only, the latest one already defined in the build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **insecureSslOverride** (*boolean*) -- Enable this flag to override the insecure SSL setting that is specified in the batch build project. The insecure SSL setting determines whether to ignore SSL warnings while connecting to the project source code. This override applies only if the build's source is GitHub Enterprise. * **reportBuildBatchStatusOverride** (*boolean*) -- Set to "true" to report to your source provider the status of a batch build's start and completion. If you use this option with a source provider other than GitHub, GitHub Enterprise, or Bitbucket, an "invalidInputException" is thrown. Note: The status of a build triggered by a webhook is always reported to your source provider. * **environmentTypeOverride** (*string*) -- A container type for this batch build that overrides the one specified in the batch build project. * **imageOverride** (*string*) -- The name of an image for this batch build that overrides the one specified in the batch build project. * **computeTypeOverride** (*string*) -- The name of a compute type for this batch build that overrides the one specified in the batch build project. * **certificateOverride** (*string*) -- The name of a certificate for this batch build that overrides the one specified in the batch build project. * **cacheOverride** (*dict*) -- A "ProjectCache" object that specifies cache overrides. * **type** *(string) --* **[REQUIRED]** The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **serviceRoleOverride** (*string*) -- The name of a service role for this batch build that overrides the one specified in the batch build project. * **privilegedModeOverride** (*boolean*) -- Enable this flag to override privileged mode in the batch build project. * **buildTimeoutInMinutesOverride** (*integer*) -- Overrides the build timeout specified in the batch build project. * **queuedTimeoutInMinutesOverride** (*integer*) -- The number of minutes a batch build is allowed to be queued before it times out. * **encryptionKeyOverride** (*string*) -- The Key Management Service customer master key (CMK) that overrides the one specified in the batch build project. The CMK key encrypts the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias /"). * **idempotencyToken** (*string*) -- A unique, case sensitive identifier you provide to ensure the idempotency of the "StartBuildBatch" request. The token is included in the "StartBuildBatch" request and is valid for five minutes. If you repeat the "StartBuildBatch" request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error. * **logsConfigOverride** (*dict*) -- A "LogsConfig" object that override the log settings defined in the batch build project. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* **[REQUIRED]** The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* **[REQUIRED]** The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my-bucket/build- log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **registryCredentialOverride** (*dict*) -- A "RegistryCredential" object that overrides credentials for access to a private registry. * **credential** *(string) --* **[REQUIRED]** The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* **[REQUIRED]** The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsTypeOverride** (*string*) -- The type of credentials CodeBuild uses to pull images in your batch build. There are two valid values: CODEBUILD Specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild's service principal. SERVICE_ROLE Specifies that CodeBuild uses your build project's service role. When using a cross-account or private registry image, you must use "SERVICE_ROLE" credentials. When using an CodeBuild curated image, you must use "CODEBUILD" credentials. * **buildBatchConfigOverride** (*dict*) -- A "BuildBatchConfigOverride" object that contains batch build configuration overrides. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **debugSessionEnabled** (*boolean*) -- Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds. Return type: dict Returns: **Response Syntax** { 'buildBatch': { 'id': 'string', 'arn': 'string', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'buildBatchStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'sourceVersion': 'string', 'resolvedSourceVersion': 'string', 'projectName': 'string', 'phases': [ { 'phaseType': 'SUBMITTED'|'DOWNLOAD_BATCHSPEC'|'IN_PROGRESS'|'COMBINE_ARTIFACTS'|'SUCCEEDED'|'FAILED'|'STOPPED', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'logConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'buildTimeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'complete': True|False, 'initiator': 'string', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'encryptionKey': 'string', 'buildBatchNumber': 123, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'buildBatchConfig': { 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, 'buildGroups': [ { 'identifier': 'string', 'dependsOn': [ 'string', ], 'ignoreFailure': True|False, 'currentBuildSummary': { 'arn': 'string', 'requestedOn': datetime(2015, 1, 1), 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'primaryArtifact': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, ] }, 'priorBuildSummaryList': [ { 'arn': 'string', 'requestedOn': datetime(2015, 1, 1), 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'primaryArtifact': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'identifier': 'string' }, ] }, ] }, ], 'debugSessionEnabled': True|False, 'reportArns': [ 'string', ] } } **Response Structure** * *(dict) --* * **buildBatch** *(dict) --* A "BuildBatch" object that contains information about the batch build. * **id** *(string) --* The identifier of the batch build. * **arn** *(string) --* The ARN of the batch build. * **startTime** *(datetime) --* The date and time that the batch build started. * **endTime** *(datetime) --* The date and time that the batch build ended. * **currentPhase** *(string) --* The current phase of the batch build. * **buildBatchStatus** *(string) --* The status of the batch build. * **sourceVersion** *(string) --* The identifier of the version of the source code to be built. * **resolvedSourceVersion** *(string) --* The identifier of the resolved version of this batch build's source code. * For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID. * For CodePipeline, the source revision provided by CodePipeline. * For Amazon S3, this does not apply. * **projectName** *(string) --* The name of the batch build project. * **phases** *(list) --* An array of "BuildBatchPhase" objects the specify the phases of the batch build. * *(dict) --* Contains information about a stage for a batch build. * **phaseType** *(string) --* The name of the batch build phase. Valid values include: COMBINE_ARTIFACTS Build output artifacts are being combined and uploaded to the output location. DOWNLOAD_BATCHSPEC The batch build specification is being downloaded. FAILED One or more of the builds failed. IN_PROGRESS The batch build is in progress. STOPPED The batch build was stopped. SUBMITTED The btach build has been submitted. SUCCEEDED The batch build succeeded. * **phaseStatus** *(string) --* The current status of the batch build phase. Valid values include: FAILED The build phase failed. FAULT The build phase faulted. IN_PROGRESS The build phase is still in progress. STOPPED The build phase stopped. SUCCEEDED The build phase succeeded. TIMED_OUT The build phase timed out. * **startTime** *(datetime) --* When the batch build phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the batch build phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the batch build's phase. * **contexts** *(list) --* Additional information about the batch build phase. Especially to help troubleshoot a failed batch build. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **source** *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects that define the sources for the batch build. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. Each "ProjectSourceVersion" must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* A "BuildArtifacts" object the defines the build artifacts for this batch build. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "BuildArtifacts" objects the define the build artifacts for this batch build. * *(dict) --* Information about build output artifacts. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build project. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment of the build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The name of a service role used for builds in the batch. * **logConfig** *(dict) --* Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **buildTimeoutInMinutes** *(integer) --* Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in. * **queuedTimeoutInMinutes** *(integer) --* Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out. * **complete** *(boolean) --* Indicates if the batch build is complete. * **initiator** *(string) --* The entity that started the batch build. Valid values include: * If CodePipeline started the build, the pipeline's name (for example, "codepipeline/my-demo-pipeline"). * If a user started the build, the user's name. * If the Jenkins plugin for CodeBuild started the build, the string "CodeBuild-Jenkins-Plugin". * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). * **buildBatchNumber** *(integer) --* The number of the batch build. For each project, the "buildBatchNumber" of its first batch build is "1". The "buildBatchNumber" of each subsequent batch build is incremented by "1". If a batch build is deleted, the "buildBatchNumber" of other batch builds does not change. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for the batch build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** *(dict) --* Contains configuration information about a batch build project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **buildGroups** *(list) --* An array of "BuildGroup" objects that define the build groups for the batch build. * *(dict) --* Contains information about a batch build build group. Build groups are used to combine builds that can run in parallel, while still being able to set dependencies on other build groups. * **identifier** *(string) --* Contains the identifier of the build group. * **dependsOn** *(list) --* An array of strings that contain the identifiers of the build groups that this build group depends on. * *(string) --* * **ignoreFailure** *(boolean) --* Specifies if failures in this build group can be ignored. * **currentBuildSummary** *(dict) --* A "BuildSummary" object that contains a summary of the current build group. * **arn** *(string) --* The batch build ARN. * **requestedOn** *(datetime) --* When the build was started, expressed in Unix time format. * **buildStatus** *(string) --* The status of the build group. FAILED The build group failed. FAULT The build group faulted. IN_PROGRESS The build group is still in progress. STOPPED The build group stopped. SUCCEEDED The build group succeeded. TIMED_OUT The build group timed out. * **primaryArtifact** *(dict) --* A "ResolvedArtifact" object that represents the primary build artifacts for the build group. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **secondaryArtifacts** *(list) --* An array of "ResolvedArtifact" objects that represents the secondary build artifacts for the build group. * *(dict) --* Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **priorBuildSummaryList** *(list) --* An array of "BuildSummary" objects that contain summaries of previous build groups. * *(dict) --* Contains summary information about a batch build group. * **arn** *(string) --* The batch build ARN. * **requestedOn** *(datetime) --* When the build was started, expressed in Unix time format. * **buildStatus** *(string) --* The status of the build group. FAILED The build group failed. FAULT The build group faulted. IN_PROGRESS The build group is still in progress. STOPPED The build group stopped. SUCCEEDED The build group succeeded. TIMED_OUT The build group timed out. * **primaryArtifact** *(dict) --* A "ResolvedArtifact" object that represents the primary build artifacts for the build group. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **secondaryArtifacts** *(list) --* An array of "ResolvedArtifact" objects that represents the secondary build artifacts for the build group. * *(dict) --* Represents a resolved build artifact. A resolved artifact is an artifact that is built and deployed to the destination, such as Amazon S3. * **type** *(string) --* Specifies the type of artifact. * **location** *(string) --* The location of the artifact. * **identifier** *(string) --* The identifier of the artifact. * **debugSessionEnabled** *(boolean) --* Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds. * **reportArns** *(list) --* An array that contains the ARNs of reports created by merging reports from builds associated with this batch build. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / invalidate_project_cache invalidate_project_cache ************************ CodeBuild.Client.invalidate_project_cache(**kwargs) Resets the cache for a project. See also: AWS API Documentation **Request Syntax** response = client.invalidate_project_cache( projectName='string' ) Parameters: **projectName** (*string*) -- **[REQUIRED]** The name of the CodeBuild build project that the cache is reset for. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / create_project create_project ************** CodeBuild.Client.create_project(**kwargs) Creates a build project. See also: AWS API Documentation **Request Syntax** response = client.create_project( name='string', description='string', source={ 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, secondarySources=[ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], sourceVersion='string', secondarySourceVersions=[ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], artifacts={ 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, secondaryArtifacts=[ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], cache={ 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, environment={ 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, serviceRole='string', timeoutInMinutes=123, queuedTimeoutInMinutes=123, encryptionKey='string', tags=[ { 'key': 'string', 'value': 'string' }, ], vpcConfig={ 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, badgeEnabled=True|False, logsConfig={ 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, fileSystemLocations=[ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], buildBatchConfig={ 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, concurrentBuildLimit=123, autoRetryLimit=123 ) Parameters: * **name** (*string*) -- **[REQUIRED]** The name of the build project. * **description** (*string*) -- A description that makes the build project easy to identify. * **source** (*dict*) -- **[REQUIRED]** Information about the build input source code for the build project. * **type** *(string) --* **[REQUIRED]** The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git- codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* **[REQUIRED]** Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* **[REQUIRED]** The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** (*list*) -- An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* **[REQUIRED]** The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git- codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* **[REQUIRED]** Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild- sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* **[REQUIRED]** The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** (*string*) -- A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. If "sourceVersion" is specified at the build level, then that version takes precedence over this "sourceVersion" (at the project level). For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **secondarySourceVersions** (*list*) -- An array of "ProjectSourceVersion" objects. If "secondarySourceVersions" is specified at the build level, then they take precedence over these "secondarySourceVersions" (at the project level). * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* **[REQUIRED]** An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* **[REQUIRED]** The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** (*dict*) -- **[REQUIRED]** Information about the build output artifacts for the build project. * **type** *(string) --* **[REQUIRED]** The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** (*list*) -- An array of "ProjectArtifacts" objects. * *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* **[REQUIRED]** The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** (*dict*) -- Stores recently used information so that it can be quickly accessed at a later time. * **type** *(string) --* **[REQUIRED]** The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** (*dict*) -- **[REQUIRED]** Information about the build environment for the build project. * **type** *(string) --* **[REQUIRED]** The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* **[REQUIRED]** The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256: cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa038 2cfbdbf," use "/@sha256:cbbf2f9a99b 47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* **[REQUIRED]** Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* **[REQUIRED]** The name or key of the environment variable. * **value** *(string) --* **[REQUIRED]** The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets- manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* **[REQUIRED]** The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* **[REQUIRED]** The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* **[REQUIRED]** Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** (*string*) -- **[REQUIRED]** The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account. * **timeoutInMinutes** (*integer*) -- How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before it times out any build that has not been marked as completed. The default is 60 minutes. * **queuedTimeoutInMinutes** (*integer*) -- The number of minutes a build is allowed to be queued before it times out. * **encryptionKey** (*string*) -- The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias /"). * **tags** (*list*) -- A list of tag key and value pairs associated with this build project. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **vpcConfig** (*dict*) -- VpcConfig enables CodeBuild to access resources in an Amazon VPC. Note: If you're using compute fleets during project creation, do not provide vpcConfig. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **badgeEnabled** (*boolean*) -- Set this to true to generate a publicly accessible URL for your project's build badge. * **logsConfig** (*dict*) -- Information about logs for the build project. These can be logs in CloudWatch Logs, logs uploaded to a specified S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* **[REQUIRED]** The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* **[REQUIRED]** The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my-bucket/build- log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **fileSystemLocations** (*list*) -- An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns-name :/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs.us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs-abcd1234.efs.us-west-2.amazonaws.com :/my-efs-mount-directory". The directory path in the format "efs-dns-name:/directory- path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers= 4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** (*dict*) -- A ProjectBuildBatchConfig object that defines the batch build options for the project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **concurrentBuildLimit** (*integer*) -- The maximum number of concurrent builds that are allowed for this project. New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run. * **autoRetryLimit** (*integer*) -- The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. Return type: dict Returns: **Response Syntax** { 'project': { 'name': 'string', 'arn': 'string', 'description': 'string', 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'sourceVersion': 'string', 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'encryptionKey': 'string', 'tags': [ { 'key': 'string', 'value': 'string' }, ], 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'webhook': { 'url': 'string', 'payloadUrl': 'string', 'secret': 'string', 'branchFilter': 'string', 'filterGroups': [ [ { 'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME'|'ORGANIZATION_NAME', 'pattern': 'string', 'excludeMatchedPattern': True|False }, ], ], 'buildType': 'BUILD'|'BUILD_BATCH'|'RUNNER_BUILDKITE_BUILD', 'manualCreation': True|False, 'lastModifiedSecret': datetime(2015, 1, 1), 'scopeConfiguration': { 'name': 'string', 'domain': 'string', 'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP' }, 'status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'DELETING', 'statusMessage': 'string' }, 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'badge': { 'badgeEnabled': True|False, 'badgeRequestUrl': 'string' }, 'logsConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'buildBatchConfig': { 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, 'concurrentBuildLimit': 123, 'projectVisibility': 'PUBLIC_READ'|'PRIVATE', 'publicProjectAlias': 'string', 'resourceAccessRole': 'string', 'autoRetryLimit': 123 } } **Response Structure** * *(dict) --* * **project** *(dict) --* Information about the build project that was created. * **name** *(string) --* The name of the build project. * **arn** *(string) --* The Amazon Resource Name (ARN) of the build project. * **description** *(string) --* A description that makes the build project easy to identify. * **source** *(dict) --* Information about the build input source code for this build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. If "sourceVersion" is specified at the build level, then that version takes precedence over this "sourceVersion" (at the project level). For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. If "secondarySourceVersions" is specified at the build level, then they take over these "secondarySourceVersions" (at the project level). * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "ProjectArtifacts" objects. * *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts /". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build project. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment for this build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a build is allowed to be queued before it times out. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3). * **tags** *(list) --* A list of tag key and value pairs associated with this build project. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **created** *(datetime) --* When the build project was created, expressed in Unix time format. * **lastModified** *(datetime) --* When the build project's settings were last modified, expressed in Unix time format. * **webhook** *(dict) --* Information about a webhook that connects repository events to a build project in CodeBuild. * **url** *(string) --* The URL to the webhook. * **payloadUrl** *(string) --* The CodeBuild endpoint where webhook events are sent. * **secret** *(string) --* The secret token of the associated repository. Note: A Bitbucket webhook does not support "secret". * **branchFilter** *(string) --* A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If "branchFilter" is empty, then all branches are built. Note: It is recommended that you use "filterGroups" instead of "branchFilter". * **filterGroups** *(list) --* An array of arrays of "WebhookFilter" objects used to determine which webhooks are triggered. At least one "WebhookFilter" in the array must specify "EVENT" as its "type". For a build to be triggered, at least one filter group in the "filterGroups" array must pass. For a filter group to pass, each of its filters must pass. * *(list) --* * *(dict) --* A filter used to determine which webhooks trigger a build. * **type** *(string) --* The type of webhook filter. There are 11 webhook filter types: "EVENT", "ACTOR_ACCOUNT_ID", "HEAD_REF", "BASE_REF", "FILE_PATH", "COMMIT_MESSAGE", "TAG_NAME", "RELEASE_NAME", "REPOSITORY_NAME", "ORGANIZATION_NAME", and "WORKFLOW_NAME". * EVENT * A webhook event triggers a build when the provided "pattern" matches one of nine event types: "PUSH", "PULL_REQUEST_CREATED", "PULL_REQUEST_UPDATED", "PULL_REQUEST_CLOSED", "PULL_REQUEST_REOPENED", "PULL_REQUEST_MERGED", "RELEASED", "PRERELEASED", and "WORKFLOW_JOB_QUEUED". The "EVENT" patterns are specified as a comma- separated string. For example, "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" filters all push, pull request created, and pull request updated events. Note: Types "PULL_REQUEST_REOPENED" and "WORKFLOW_JOB_QUEUED" work with GitHub and GitHub Enterprise only. Types "RELEASED" and "PRERELEASED" work with GitHub only. * ACTOR_ACCOUNT_ID * A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression "pattern". * HEAD_REF * A webhook event triggers a build when the head reference matches the regular expression "pattern". For example, "refs/heads/branch- name" and "refs/tags/tag-name". Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. * BASE_REF * A webhook event triggers a build when the base reference matches the regular expression "pattern". For example, "refs/heads/branch- name". Note: Works with pull request events only. * FILE_PATH * A webhook triggers a build when the path of a changed file matches the regular expression "pattern". Note: Works with push and pull request events only. * COMMIT_MESSAGE * A webhook triggers a build when the head commit message matches the regular expression "pattern". Note: Works with push and pull request events only. * TAG_NAME * A webhook triggers a build when the tag name of the release matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * RELEASE_NAME * A webhook triggers a build when the release name matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * REPOSITORY_NAME * A webhook triggers a build when the repository name matches the regular expression "pattern". Note: Works with GitHub global or organization webhooks only. * ORGANIZATION_NAME * A webhook triggers a build when the organization name matches the regular expression "pattern". Note: Works with GitHub global webhooks only. * WORKFLOW_NAME * A webhook triggers a build when the workflow name matches the regular expression "pattern". Note: Works with "WORKFLOW_JOB_QUEUED" events only. Note: For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name. * **pattern** *(string) --* For a "WebHookFilter" that uses "EVENT" type, a comma-separated string that specifies one or more events. For example, the webhook filter "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" allows all push, pull request created, and pull request updated events to trigger a build. For a "WebHookFilter" that uses any of the other filter types, a regular expression pattern. For example, a "WebHookFilter" that uses "HEAD_REF" for its "type" and the pattern "^refs/heads/" triggers a build when the head reference is a branch with a reference name "refs/heads/branch- name". * **excludeMatchedPattern** *(boolean) --* Used to indicate that the "pattern" determines which webhook events do not trigger a build. If true, then a webhook event that does not match the "pattern" triggers a build. If false, then a webhook event that matches the "pattern" triggers a build. * **buildType** *(string) --* Specifies the type of build this webhook will trigger. Note: "RUNNER_BUILDKITE_BUILD" is only available for "NO_SOURCE" source type projects configured for Buildkite runner builds. For more information about CodeBuild-hosted Buildkite runner builds, see Tutorial: Configure a CodeBuild-hosted Buildkite runner in the *CodeBuild user guide*. * **manualCreation** *(boolean) --* If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns "payloadUrl" and "secret" values for the webhook. The "payloadUrl" and "secret" values in the output can be used to manually create a webhook within GitHub. Note: manualCreation is only available for GitHub webhooks. * **lastModifiedSecret** *(datetime) --* A timestamp that indicates the last time a repository's secret token was modified. * **scopeConfiguration** *(dict) --* The scope configuration for global or organization webhooks. Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks. * **name** *(string) --* The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook. * **domain** *(string) --* The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED. * **scope** *(string) --* The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION. * **status** *(string) --* The status of the webhook. Valid values include: * "CREATING": The webhook is being created. * "CREATE_FAILED": The webhook has failed to create. * "ACTIVE": The webhook has succeeded and is active. * "DELETING": The webhook is being deleted. * **statusMessage** *(string) --* A message associated with the status of a webhook. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **badge** *(dict) --* Information about the build badge for the build project. * **badgeEnabled** *(boolean) --* Set this to true to generate a publicly accessible URL for your project's build badge. * **badgeRequestUrl** *(string) --* The publicly-accessible URL through which you can access the build badge for your project. * **logsConfig** *(dict) --* Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** *(dict) --* A ProjectBuildBatchConfig object that defines the batch build options for the project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **concurrentBuildLimit** *(integer) --* The maximum number of concurrent builds that are allowed for this project. New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run. * **projectVisibility** *(string) --* Specifies the visibility of the project's builds. Possible values are: PUBLIC_READ The project builds are visible to the public. PRIVATE The project builds are not visible to the public. * **publicProjectAlias** *(string) --* Contains the project identifier used with the public build APIs. * **resourceAccessRole** *(string) --* The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds. * **autoRetryLimit** *(integer) --* The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceAlreadyExistsException" * "CodeBuild.Client.exceptions.AccountLimitExceededException" CodeBuild / Client / delete_webhook delete_webhook ************** CodeBuild.Client.delete_webhook(**kwargs) For an existing CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops CodeBuild from rebuilding the source code every time a code change is pushed to the repository. See also: AWS API Documentation **Request Syntax** response = client.delete_webhook( projectName='string' ) Parameters: **projectName** (*string*) -- **[REQUIRED]** The name of the CodeBuild project. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" * "CodeBuild.Client.exceptions.OAuthProviderException" CodeBuild / Client / describe_code_coverages describe_code_coverages *********************** CodeBuild.Client.describe_code_coverages(**kwargs) Retrieves one or more code coverage reports. See also: AWS API Documentation **Request Syntax** response = client.describe_code_coverages( reportArn='string', nextToken='string', maxResults=123, sortOrder='ASCENDING'|'DESCENDING', sortBy='LINE_COVERAGE_PERCENTAGE'|'FILE_PATH', minLineCoveragePercentage=123.0, maxLineCoveragePercentage=123.0 ) Parameters: * **reportArn** (*string*) -- **[REQUIRED]** The ARN of the report for which test cases are returned. * **nextToken** (*string*) -- The "nextToken" value returned from a previous call to "DescribeCodeCoverages". This specifies the next item to return. To return the beginning of the list, exclude this parameter. * **maxResults** (*integer*) -- The maximum number of results to return. * **sortOrder** (*string*) -- Specifies if the results are sorted in ascending or descending order. * **sortBy** (*string*) -- Specifies how the results are sorted. Possible values are: FILE_PATH The results are sorted by file path. LINE_COVERAGE_PERCENTAGE The results are sorted by the percentage of lines that are covered. * **minLineCoveragePercentage** (*float*) -- The minimum line coverage percentage to report. * **maxLineCoveragePercentage** (*float*) -- The maximum line coverage percentage to report. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'codeCoverages': [ { 'id': 'string', 'reportARN': 'string', 'filePath': 'string', 'lineCoveragePercentage': 123.0, 'linesCovered': 123, 'linesMissed': 123, 'branchCoveragePercentage': 123.0, 'branchesCovered': 123, 'branchesMissed': 123, 'expired': datetime(2015, 1, 1) }, ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* If there are more items to return, this contains a token that is passed to a subsequent call to "DescribeCodeCoverages" to retrieve the next set of items. * **codeCoverages** *(list) --* An array of "CodeCoverage" objects that contain the results. * *(dict) --* Contains code coverage report information. Line coverage measures how many statements your tests cover. A statement is a single instruction, not including comments, conditionals, etc. Branch coverage determines if your tests cover every possible branch of a control structure, such as an "if" or "case" statement. * **id** *(string) --* The identifier of the code coverage report. * **reportARN** *(string) --* The ARN of the report. * **filePath** *(string) --* The path of the test report file. * **lineCoveragePercentage** *(float) --* The percentage of lines that are covered by your tests. * **linesCovered** *(integer) --* The number of lines that are covered by your tests. * **linesMissed** *(integer) --* The number of lines that are not covered by your tests. * **branchCoveragePercentage** *(float) --* The percentage of branches that are covered by your tests. * **branchesCovered** *(integer) --* The number of conditional branches that are covered by your tests. * **branchesMissed** *(integer) --* The number of conditional branches that are not covered by your tests. * **expired** *(datetime) --* The date and time that the tests were run. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / start_build start_build *********** CodeBuild.Client.start_build(**kwargs) Starts running a build with the settings defined in the project. These setting include: how to run a build, where to get the source code, which build environment to use, which build commands to run, and where to store the build output. You can also start a build run by overriding some of the build settings in the project. The overrides only apply for that specific start build request. The settings in the project are unaltered. See also: AWS API Documentation **Request Syntax** response = client.start_build( projectName='string', secondarySourcesOverride=[ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], secondarySourcesVersionOverride=[ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], sourceVersion='string', artifactsOverride={ 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, secondaryArtifactsOverride=[ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], environmentVariablesOverride=[ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], sourceTypeOverride='CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', sourceLocationOverride='string', sourceAuthOverride={ 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, gitCloneDepthOverride=123, gitSubmodulesConfigOverride={ 'fetchSubmodules': True|False }, buildspecOverride='string', insecureSslOverride=True|False, reportBuildStatusOverride=True|False, buildStatusConfigOverride={ 'context': 'string', 'targetUrl': 'string' }, environmentTypeOverride='WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', imageOverride='string', computeTypeOverride='BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', certificateOverride='string', cacheOverride={ 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, serviceRoleOverride='string', privilegedModeOverride=True|False, timeoutInMinutesOverride=123, queuedTimeoutInMinutesOverride=123, encryptionKeyOverride='string', idempotencyToken='string', logsConfigOverride={ 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, registryCredentialOverride={ 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, imagePullCredentialsTypeOverride='CODEBUILD'|'SERVICE_ROLE', debugSessionEnabled=True|False, fleetOverride={ 'fleetArn': 'string' }, autoRetryLimitOverride=123 ) Parameters: * **projectName** (*string*) -- **[REQUIRED]** The name of the CodeBuild build project to start running a build. * **secondarySourcesOverride** (*list*) -- An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* **[REQUIRED]** The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git- codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* **[REQUIRED]** Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild- sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* **[REQUIRED]** The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourcesVersionOverride** (*list*) -- An array of "ProjectSourceVersion" objects that specify one or more versions of the project's secondary sources to be used for this build only. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* **[REQUIRED]** An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* **[REQUIRED]** The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **sourceVersion** (*string*) -- The version of the build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider: CodeCommit The commit ID, branch, or Git tag to use. GitHub The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. GitLab The commit ID, branch, or Git tag to use. Bitbucket The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. Amazon S3 The version ID of the object that represents the build input ZIP file to use. If "sourceVersion" is specified at the project level, then this "sourceVersion" (at the build level) takes precedence. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifactsOverride** (*dict*) -- Build output artifact settings that override, for this build only, the latest ones already defined in the build project. * **type** *(string) --* **[REQUIRED]** The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifactsOverride** (*list*) -- An array of "ProjectArtifacts" objects. * *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* **[REQUIRED]** The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **environmentVariablesOverride** (*list*) -- A set of environment variables that overrides, for this build only, the latest ones already defined in the build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* **[REQUIRED]** The name or key of the environment variable. * **value** *(string) --* **[REQUIRED]** The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **sourceTypeOverride** (*string*) -- A source input type, for this build, that overrides the source input defined in the build project. * **sourceLocationOverride** (*string*) -- A location that overrides, for this build, the source location for the one defined in the build project. * **sourceAuthOverride** (*dict*) -- An authorization type for this build that overrides the one defined in the build project. This override applies only if the build project's source is BitBucket, GitHub, GitLab, or GitLab Self Managed. * **type** *(string) --* **[REQUIRED]** The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **gitCloneDepthOverride** (*integer*) -- The user-defined depth of history, with a minimum value of 0, that overrides, for this build only, any previous depth of history defined in the build project. * **gitSubmodulesConfigOverride** (*dict*) -- Information about the Git submodules configuration for this build of an CodeBuild build project. * **fetchSubmodules** *(boolean) --* **[REQUIRED]** Set to true to fetch Git submodules for your CodeBuild build project. * **buildspecOverride** (*string*) -- A buildspec file declaration that overrides the latest one defined in the build project, for this build only. The buildspec defined on the project is not changed. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. Note: Since this property allows you to change the build commands that will run in the container, you should note that an IAM principal with the ability to call this API and set this parameter can override the default settings. Moreover, we encourage that you use a trustworthy buildspec location like a file in your source repository or a Amazon S3 bucket. Alternatively, you can restrict overrides to the buildspec by using a condition key: Prevent unauthorized modifications to project buildspec. * **insecureSslOverride** (*boolean*) -- Enable this flag to override the insecure SSL setting that is specified in the build project. The insecure SSL setting determines whether to ignore SSL warnings while connecting to the project source code. This override applies only if the build's source is GitHub Enterprise. * **reportBuildStatusOverride** (*boolean*) -- Set to true to report to your source provider the status of a build's start and completion. If you use this option with a source provider other than GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. Note: The status of a build triggered by a webhook is always reported to your source provider. * **buildStatusConfigOverride** (*dict*) -- Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **environmentTypeOverride** (*string*) -- A container type for this build that overrides the one specified in the build project. * **imageOverride** (*string*) -- The name of an image for this build that overrides the one specified in the build project. * **computeTypeOverride** (*string*) -- The name of a compute type for this build that overrides the one specified in the build project. * **certificateOverride** (*string*) -- The name of a certificate for this build that overrides the one specified in the build project. * **cacheOverride** (*dict*) -- A ProjectCache object specified for this build that overrides the one defined in the build project. * **type** *(string) --* **[REQUIRED]** The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **serviceRoleOverride** (*string*) -- The name of a service role for this build that overrides the one specified in the build project. * **privilegedModeOverride** (*boolean*) -- Enable this flag to override privileged mode in the build project. * **timeoutInMinutesOverride** (*integer*) -- The number of build timeout minutes, from 5 to 2160 (36 hours), that overrides, for this build only, the latest setting already defined in the build project. * **queuedTimeoutInMinutesOverride** (*integer*) -- The number of minutes a build is allowed to be queued before it times out. * **encryptionKeyOverride** (*string*) -- The Key Management Service customer master key (CMK) that overrides the one specified in the build project. The CMK key encrypts the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias /"). * **idempotencyToken** (*string*) -- A unique, case sensitive identifier you provide to ensure the idempotency of the StartBuild request. The token is included in the StartBuild request and is valid for 5 minutes. If you repeat the StartBuild request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error. * **logsConfigOverride** (*dict*) -- Log settings for this build that override the log settings defined in the build project. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* **[REQUIRED]** The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* **[REQUIRED]** The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my-bucket/build- log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **registryCredentialOverride** (*dict*) -- The credentials for access to a private registry. * **credential** *(string) --* **[REQUIRED]** The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* **[REQUIRED]** The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsTypeOverride** (*string*) -- The type of credentials CodeBuild uses to pull images in your build. There are two valid values: CODEBUILD Specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild's service principal. SERVICE_ROLE Specifies that CodeBuild uses your build project's service role. When using a cross-account or private registry image, you must use "SERVICE_ROLE" credentials. When using an CodeBuild curated image, you must use "CODEBUILD" credentials. * **debugSessionEnabled** (*boolean*) -- Specifies if session debugging is enabled for this build. For more information, see Viewing a running build in Session Manager. * **fleetOverride** (*dict*) -- A ProjectFleet object specified for this build that overrides the one defined in the build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **autoRetryLimitOverride** (*integer*) -- The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. Return type: dict Returns: **Response Syntax** { 'build': { 'id': 'string', 'arn': 'string', 'buildNumber': 123, 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'sourceVersion': 'string', 'resolvedSourceVersion': 'string', 'projectName': 'string', 'phases': [ { 'phaseType': 'SUBMITTED'|'QUEUED'|'PROVISIONING'|'DOWNLOAD_SOURCE'|'INSTALL'|'PRE_BUILD'|'BUILD'|'POST_BUILD'|'UPLOAD_ARTIFACTS'|'FINALIZING'|'COMPLETED', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'buildComplete': True|False, 'initiator': 'string', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'networkInterface': { 'subnetId': 'string', 'networkInterfaceId': 'string' }, 'encryptionKey': 'string', 'exportedEnvironmentVariables': [ { 'name': 'string', 'value': 'string' }, ], 'reportArns': [ 'string', ], 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'debugSession': { 'sessionEnabled': True|False, 'sessionTarget': 'string' }, 'buildBatchArn': 'string', 'autoRetryConfig': { 'autoRetryLimit': 123, 'autoRetryNumber': 123, 'nextAutoRetry': 'string', 'previousAutoRetry': 'string' } } } **Response Structure** * *(dict) --* * **build** *(dict) --* Information about the build to be run. * **id** *(string) --* The unique ID for the build. * **arn** *(string) --* The Amazon Resource Name (ARN) of the build. * **buildNumber** *(integer) --* The number of the build. For each project, the "buildNumber" of its first build is "1". The "buildNumber" of each subsequent build is incremented by "1". If a build is deleted, the "buildNumber" of other builds does not change. * **startTime** *(datetime) --* When the build process started, expressed in Unix time format. * **endTime** *(datetime) --* When the build process ended, expressed in Unix time format. * **currentPhase** *(string) --* The current build phase. * **buildStatus** *(string) --* The current status of the build. Valid values include: * "FAILED": The build failed. * "FAULT": The build faulted. * "IN_PROGRESS": The build is still in progress. * "STOPPED": The build stopped. * "SUCCEEDED": The build succeeded. * "TIMED_OUT": The build timed out. * **sourceVersion** *(string) --* Any version identifier for the version of the source code to be built. If "sourceVersion" is specified at the project level, then this "sourceVersion" (at the build level) takes precedence. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **resolvedSourceVersion** *(string) --* An identifier for the version of this build's source code. * For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID. * For CodePipeline, the source revision provided by CodePipeline. * For Amazon S3, this does not apply. * **projectName** *(string) --* The name of the CodeBuild project. * **phases** *(list) --* Information about all previous build phases that are complete and information about any current build phase that is not yet complete. * *(dict) --* Information about a stage for a build. * **phaseType** *(string) --* The name of the build phase. Valid values include: BUILD Core build activities typically occur in this build phase. COMPLETED The build has been completed. DOWNLOAD_SOURCE Source code is being downloaded in this build phase. FINALIZING The build process is completing in this build phase. INSTALL Installation activities typically occur in this build phase. POST_BUILD Post-build activities typically occur in this build phase. PRE_BUILD Pre-build activities typically occur in this build phase. PROVISIONING The build environment is being set up. QUEUED The build has been submitted and is queued behind other submitted builds. SUBMITTED The build has been submitted. UPLOAD_ARTIFACTS Build output artifacts are being uploaded to the output location. * **phaseStatus** *(string) --* The current status of the build phase. Valid values include: FAILED The build phase failed. FAULT The build phase faulted. IN_PROGRESS The build phase is still in progress. STOPPED The build phase stopped. SUCCEEDED The build phase succeeded. TIMED_OUT The build phase timed out. * **startTime** *(datetime) --* When the build phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the build phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the build's phase. * **contexts** *(list) --* Additional information about a build phase, especially to help troubleshoot a failed build. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **source** *(dict) --* Information about the source code to be built. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. Each "ProjectSourceVersion" must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* Information about the output artifacts for the build. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "ProjectArtifacts" objects. * *(dict) --* Information about build output artifacts. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment for this build. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The name of a service role used for this build. * **logs** *(dict) --* Information about the build's logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a build is allowed to be queued before it times out. * **buildComplete** *(boolean) --* Whether the build is complete. True if complete; otherwise, false. * **initiator** *(string) --* The entity that started the build. Valid values include: * If CodePipeline started the build, the pipeline's name (for example, "codepipeline/my-demo-pipeline"). * If a user started the build, the user's name (for example, "MyUserName"). * If the Jenkins plugin for CodeBuild started the build, the string "CodeBuild-Jenkins-Plugin". * **vpcConfig** *(dict) --* If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **networkInterface** *(dict) --* Describes a network interface. * **subnetId** *(string) --* The ID of the subnet. * **networkInterfaceId** *(string) --* The ID of the network interface. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). * **exportedEnvironmentVariables** *(list) --* A list of exported environment variables for this build. Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the *CodePipeline User Guide*. * *(dict) --* Contains information about an exported environment variable. Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the *CodePipeline User Guide*. Note: During a build, the value of a variable is available starting with the "install" phase. It can be updated between the start of the "install" phase and the end of the "post_build" phase. After the "post_build" phase ends, the value of exported variables cannot change. * **name** *(string) --* The name of the exported environment variable. * **value** *(string) --* The value assigned to the exported environment variable. * **reportArns** *(list) --* An array of the ARNs associated with this build's reports. * *(string) --* * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **debugSession** *(dict) --* Contains information about the debug session for this build. * **sessionEnabled** *(boolean) --* Specifies if session debugging is enabled for this build. * **sessionTarget** *(string) --* Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build. * **buildBatchArn** *(string) --* The ARN of the batch build that this build is a member of, if applicable. * **autoRetryConfig** *(dict) --* Information about the auto-retry configuration for the build. * **autoRetryLimit** *(integer) --* The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. * **autoRetryNumber** *(integer) --* The number of times that the build has been retried. The initial build will have an auto-retry number of 0. * **nextAutoRetry** *(string) --* The build ARN of the auto-retried build triggered by the current build. The next auto-retry will be "null" for builds that don't trigger an auto-retry. * **previousAutoRetry** *(string) --* The build ARN of the build that triggered the current auto-retry build. The previous auto-retry will be "null" for the initial build. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" * "CodeBuild.Client.exceptions.AccountLimitExceededException" CodeBuild / Client / retry_build retry_build *********** CodeBuild.Client.retry_build(**kwargs) Restarts a build. See also: AWS API Documentation **Request Syntax** response = client.retry_build( id='string', idempotencyToken='string' ) Parameters: * **id** (*string*) -- Specifies the identifier of the build to restart. * **idempotencyToken** (*string*) -- A unique, case sensitive identifier you provide to ensure the idempotency of the "RetryBuild" request. The token is included in the "RetryBuild" request and is valid for five minutes. If you repeat the "RetryBuild" request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error. Return type: dict Returns: **Response Syntax** { 'build': { 'id': 'string', 'arn': 'string', 'buildNumber': 123, 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'sourceVersion': 'string', 'resolvedSourceVersion': 'string', 'projectName': 'string', 'phases': [ { 'phaseType': 'SUBMITTED'|'QUEUED'|'PROVISIONING'|'DOWNLOAD_SOURCE'|'INSTALL'|'PRE_BUILD'|'BUILD'|'POST_BUILD'|'UPLOAD_ARTIFACTS'|'FINALIZING'|'COMPLETED', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'buildComplete': True|False, 'initiator': 'string', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'networkInterface': { 'subnetId': 'string', 'networkInterfaceId': 'string' }, 'encryptionKey': 'string', 'exportedEnvironmentVariables': [ { 'name': 'string', 'value': 'string' }, ], 'reportArns': [ 'string', ], 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'debugSession': { 'sessionEnabled': True|False, 'sessionTarget': 'string' }, 'buildBatchArn': 'string', 'autoRetryConfig': { 'autoRetryLimit': 123, 'autoRetryNumber': 123, 'nextAutoRetry': 'string', 'previousAutoRetry': 'string' } } } **Response Structure** * *(dict) --* * **build** *(dict) --* Information about a build. * **id** *(string) --* The unique ID for the build. * **arn** *(string) --* The Amazon Resource Name (ARN) of the build. * **buildNumber** *(integer) --* The number of the build. For each project, the "buildNumber" of its first build is "1". The "buildNumber" of each subsequent build is incremented by "1". If a build is deleted, the "buildNumber" of other builds does not change. * **startTime** *(datetime) --* When the build process started, expressed in Unix time format. * **endTime** *(datetime) --* When the build process ended, expressed in Unix time format. * **currentPhase** *(string) --* The current build phase. * **buildStatus** *(string) --* The current status of the build. Valid values include: * "FAILED": The build failed. * "FAULT": The build faulted. * "IN_PROGRESS": The build is still in progress. * "STOPPED": The build stopped. * "SUCCEEDED": The build succeeded. * "TIMED_OUT": The build timed out. * **sourceVersion** *(string) --* Any version identifier for the version of the source code to be built. If "sourceVersion" is specified at the project level, then this "sourceVersion" (at the build level) takes precedence. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **resolvedSourceVersion** *(string) --* An identifier for the version of this build's source code. * For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID. * For CodePipeline, the source revision provided by CodePipeline. * For Amazon S3, this does not apply. * **projectName** *(string) --* The name of the CodeBuild project. * **phases** *(list) --* Information about all previous build phases that are complete and information about any current build phase that is not yet complete. * *(dict) --* Information about a stage for a build. * **phaseType** *(string) --* The name of the build phase. Valid values include: BUILD Core build activities typically occur in this build phase. COMPLETED The build has been completed. DOWNLOAD_SOURCE Source code is being downloaded in this build phase. FINALIZING The build process is completing in this build phase. INSTALL Installation activities typically occur in this build phase. POST_BUILD Post-build activities typically occur in this build phase. PRE_BUILD Pre-build activities typically occur in this build phase. PROVISIONING The build environment is being set up. QUEUED The build has been submitted and is queued behind other submitted builds. SUBMITTED The build has been submitted. UPLOAD_ARTIFACTS Build output artifacts are being uploaded to the output location. * **phaseStatus** *(string) --* The current status of the build phase. Valid values include: FAILED The build phase failed. FAULT The build phase faulted. IN_PROGRESS The build phase is still in progress. STOPPED The build phase stopped. SUCCEEDED The build phase succeeded. TIMED_OUT The build phase timed out. * **startTime** *(datetime) --* When the build phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the build phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the build's phase. * **contexts** *(list) --* Additional information about a build phase, especially to help troubleshoot a failed build. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **source** *(dict) --* Information about the source code to be built. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. Each "ProjectSourceVersion" must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* Information about the output artifacts for the build. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "ProjectArtifacts" objects. * *(dict) --* Information about build output artifacts. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment for this build. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The name of a service role used for this build. * **logs** *(dict) --* Information about the build's logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a build is allowed to be queued before it times out. * **buildComplete** *(boolean) --* Whether the build is complete. True if complete; otherwise, false. * **initiator** *(string) --* The entity that started the build. Valid values include: * If CodePipeline started the build, the pipeline's name (for example, "codepipeline/my-demo-pipeline"). * If a user started the build, the user's name (for example, "MyUserName"). * If the Jenkins plugin for CodeBuild started the build, the string "CodeBuild-Jenkins-Plugin". * **vpcConfig** *(dict) --* If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **networkInterface** *(dict) --* Describes a network interface. * **subnetId** *(string) --* The ID of the subnet. * **networkInterfaceId** *(string) --* The ID of the network interface. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). * **exportedEnvironmentVariables** *(list) --* A list of exported environment variables for this build. Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the *CodePipeline User Guide*. * *(dict) --* Contains information about an exported environment variable. Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the *CodePipeline User Guide*. Note: During a build, the value of a variable is available starting with the "install" phase. It can be updated between the start of the "install" phase and the end of the "post_build" phase. After the "post_build" phase ends, the value of exported variables cannot change. * **name** *(string) --* The name of the exported environment variable. * **value** *(string) --* The value assigned to the exported environment variable. * **reportArns** *(list) --* An array of the ARNs associated with this build's reports. * *(string) --* * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **debugSession** *(dict) --* Contains information about the debug session for this build. * **sessionEnabled** *(boolean) --* Specifies if session debugging is enabled for this build. * **sessionTarget** *(string) --* Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build. * **buildBatchArn** *(string) --* The ARN of the batch build that this build is a member of, if applicable. * **autoRetryConfig** *(dict) --* Information about the auto-retry configuration for the build. * **autoRetryLimit** *(integer) --* The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. * **autoRetryNumber** *(integer) --* The number of times that the build has been retried. The initial build will have an auto-retry number of 0. * **nextAutoRetry** *(string) --* The build ARN of the auto-retried build triggered by the current build. The next auto-retry will be "null" for builds that don't trigger an auto-retry. * **previousAutoRetry** *(string) --* The build ARN of the build that triggered the current auto-retry build. The previous auto-retry will be "null" for the initial build. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" * "CodeBuild.Client.exceptions.AccountLimitExceededException" CodeBuild / Client / update_report_group update_report_group ******************* CodeBuild.Client.update_report_group(**kwargs) Updates a report group. See also: AWS API Documentation **Request Syntax** response = client.update_report_group( arn='string', exportConfig={ 'exportConfigType': 'S3'|'NO_EXPORT', 's3Destination': { 'bucket': 'string', 'bucketOwner': 'string', 'path': 'string', 'packaging': 'ZIP'|'NONE', 'encryptionKey': 'string', 'encryptionDisabled': True|False } }, tags=[ { 'key': 'string', 'value': 'string' }, ] ) Parameters: * **arn** (*string*) -- **[REQUIRED]** The ARN of the report group to update. * **exportConfig** (*dict*) -- Used to specify an updated export type. Valid values are: * "S3": The report results are exported to an S3 bucket. * "NO_EXPORT": The report results are not exported. * **exportConfigType** *(string) --* The export configuration type. Valid values are: * "S3": The report results are exported to an S3 bucket. * "NO_EXPORT": The report results are not exported. * **s3Destination** *(dict) --* A "S3ReportExportConfig" object that contains information about the S3 bucket where the run of a report is exported. * **bucket** *(string) --* The name of the S3 bucket where the raw data of a report are exported. * **bucketOwner** *(string) --* The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build. * **path** *(string) --* The path to the exported report's raw data results. * **packaging** *(string) --* The type of build output artifact to create. Valid values include: * "NONE": CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. * "ZIP": CodeBuild creates a ZIP file with the raw data in the output bucket. * **encryptionKey** *(string) --* The encryption key for the report's encrypted raw data. * **encryptionDisabled** *(boolean) --* A boolean value that specifies if the results of a report are encrypted. * **tags** (*list*) -- An updated list of tag key and value pairs associated with this report group. These tags are available for use by Amazon Web Services services that support CodeBuild report group tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. Return type: dict Returns: **Response Syntax** { 'reportGroup': { 'arn': 'string', 'name': 'string', 'type': 'TEST'|'CODE_COVERAGE', 'exportConfig': { 'exportConfigType': 'S3'|'NO_EXPORT', 's3Destination': { 'bucket': 'string', 'bucketOwner': 'string', 'path': 'string', 'packaging': 'ZIP'|'NONE', 'encryptionKey': 'string', 'encryptionDisabled': True|False } }, 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'tags': [ { 'key': 'string', 'value': 'string' }, ], 'status': 'ACTIVE'|'DELETING' } } **Response Structure** * *(dict) --* * **reportGroup** *(dict) --* Information about the updated report group. * **arn** *(string) --* The ARN of the "ReportGroup". * **name** *(string) --* The name of the "ReportGroup". * **type** *(string) --* The type of the "ReportGroup". This can be one of the following values: CODE_COVERAGE The report group contains code coverage reports. TEST The report group contains test reports. * **exportConfig** *(dict) --* Information about the destination where the raw data of this "ReportGroup" is exported. * **exportConfigType** *(string) --* The export configuration type. Valid values are: * "S3": The report results are exported to an S3 bucket. * "NO_EXPORT": The report results are not exported. * **s3Destination** *(dict) --* A "S3ReportExportConfig" object that contains information about the S3 bucket where the run of a report is exported. * **bucket** *(string) --* The name of the S3 bucket where the raw data of a report are exported. * **bucketOwner** *(string) --* The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build. * **path** *(string) --* The path to the exported report's raw data results. * **packaging** *(string) --* The type of build output artifact to create. Valid values include: * "NONE": CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. * "ZIP": CodeBuild creates a ZIP file with the raw data in the output bucket. * **encryptionKey** *(string) --* The encryption key for the report's encrypted raw data. * **encryptionDisabled** *(boolean) --* A boolean value that specifies if the results of a report are encrypted. * **created** *(datetime) --* The date and time this "ReportGroup" was created. * **lastModified** *(datetime) --* The date and time this "ReportGroup" was last modified. * **tags** *(list) --* A list of tag key and value pairs associated with this report group. These tags are available for use by Amazon Web Services services that support CodeBuild report group tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **status** *(string) --* The status of the report group. This property is read- only. This can be one of the following values: ACTIVE The report group is active. DELETING The report group is in the process of being deleted. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / delete_source_credentials delete_source_credentials ************************* CodeBuild.Client.delete_source_credentials(**kwargs) Deletes a set of GitHub, GitHub Enterprise, or Bitbucket source credentials. See also: AWS API Documentation **Request Syntax** response = client.delete_source_credentials( arn='string' ) Parameters: **arn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the token. Return type: dict Returns: **Response Syntax** { 'arn': 'string' } **Response Structure** * *(dict) --* * **arn** *(string) --* The Amazon Resource Name (ARN) of the token. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / delete_report delete_report ************* CodeBuild.Client.delete_report(**kwargs) Deletes a report. See also: AWS API Documentation **Request Syntax** response = client.delete_report( arn='string' ) Parameters: **arn** (*string*) -- **[REQUIRED]** The ARN of the report to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / close close ***** CodeBuild.Client.close() Closes underlying endpoint connections. CodeBuild / Client / put_resource_policy put_resource_policy ******************* CodeBuild.Client.put_resource_policy(**kwargs) Stores a resource policy for the ARN of a "Project" or "ReportGroup" object. See also: AWS API Documentation **Request Syntax** response = client.put_resource_policy( policy='string', resourceArn='string' ) Parameters: * **policy** (*string*) -- **[REQUIRED]** A JSON-formatted resource policy. For more information, see Sharing a Project and Sharing a Report Group in the *CodeBuild User Guide*. * **resourceArn** (*string*) -- **[REQUIRED]** The ARN of the "Project" or "ReportGroup" resource you want to associate with a resource policy. Return type: dict Returns: **Response Syntax** { 'resourceArn': 'string' } **Response Structure** * *(dict) --* * **resourceArn** *(string) --* The ARN of the "Project" or "ReportGroup" resource that is associated with a resource policy. **Exceptions** * "CodeBuild.Client.exceptions.ResourceNotFoundException" * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / list_shared_projects list_shared_projects ******************** CodeBuild.Client.list_shared_projects(**kwargs) Gets a list of projects that are shared with other Amazon Web Services accounts or users. See also: AWS API Documentation **Request Syntax** response = client.list_shared_projects( sortBy='ARN'|'MODIFIED_TIME', sortOrder='ASCENDING'|'DESCENDING', maxResults=123, nextToken='string' ) Parameters: * **sortBy** (*string*) -- The criterion to be used to list build projects shared with the current Amazon Web Services account or user. Valid values include: * "ARN": List based on the ARN. * "MODIFIED_TIME": List based on when information about the shared project was last changed. * **sortOrder** (*string*) -- The order in which to list shared build projects. Valid values include: * "ASCENDING": List in ascending order. * "DESCENDING": List in descending order. * **maxResults** (*integer*) -- The maximum number of paginated shared build projects returned per response. Use "nextToken" to iterate pages in the list of returned "Project" objects. The default value is 100. * **nextToken** (*string*) -- During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'projects': [ 'string', ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **projects** *(list) --* The list of ARNs for the build projects shared with the current Amazon Web Services account or user. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / get_resource_policy get_resource_policy ******************* CodeBuild.Client.get_resource_policy(**kwargs) Gets a resource policy that is identified by its resource ARN. See also: AWS API Documentation **Request Syntax** response = client.get_resource_policy( resourceArn='string' ) Parameters: **resourceArn** (*string*) -- **[REQUIRED]** The ARN of the resource that is associated with the resource policy. Return type: dict Returns: **Response Syntax** { 'policy': 'string' } **Response Structure** * *(dict) --* * **policy** *(string) --* The resource policy for the resource identified by the input ARN parameter. **Exceptions** * "CodeBuild.Client.exceptions.ResourceNotFoundException" * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / list_sandboxes_for_project list_sandboxes_for_project ************************** CodeBuild.Client.list_sandboxes_for_project(**kwargs) Gets a list of sandboxes for a given project. See also: AWS API Documentation **Request Syntax** response = client.list_sandboxes_for_project( projectName='string', maxResults=123, sortOrder='ASCENDING'|'DESCENDING', nextToken='string' ) Parameters: * **projectName** (*string*) -- **[REQUIRED]** The CodeBuild project name. * **maxResults** (*integer*) -- The maximum number of sandbox records to be retrieved. * **sortOrder** (*string*) -- The order in which sandbox records should be retrieved. * **nextToken** (*string*) -- The next token, if any, to get paginated results. You will get this value from previous execution of list sandboxes. Return type: dict Returns: **Response Syntax** { 'ids': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **ids** *(list) --* Information about the requested sandbox IDs. * *(string) --* * **nextToken** *(string) --* Information about the next token to get paginated results. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / batch_delete_builds batch_delete_builds ******************* CodeBuild.Client.batch_delete_builds(**kwargs) Deletes one or more builds. See also: AWS API Documentation **Request Syntax** response = client.batch_delete_builds( ids=[ 'string', ] ) Parameters: **ids** (*list*) -- **[REQUIRED]** The IDs of the builds to delete. * *(string) --* Return type: dict Returns: **Response Syntax** { 'buildsDeleted': [ 'string', ], 'buildsNotDeleted': [ { 'id': 'string', 'statusCode': 'string' }, ] } **Response Structure** * *(dict) --* * **buildsDeleted** *(list) --* The IDs of the builds that were successfully deleted. * *(string) --* * **buildsNotDeleted** *(list) --* Information about any builds that could not be successfully deleted. * *(dict) --* Information about a build that could not be successfully deleted. * **id** *(string) --* The ID of the build that could not be successfully deleted. * **statusCode** *(string) --* Additional information about the build that could not be successfully deleted. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / stop_sandbox stop_sandbox ************ CodeBuild.Client.stop_sandbox(**kwargs) Stops a sandbox. See also: AWS API Documentation **Request Syntax** response = client.stop_sandbox( id='string' ) Parameters: **id** (*string*) -- **[REQUIRED]** Information about the requested sandbox ID. Return type: dict Returns: **Response Syntax** { 'sandbox': { 'id': 'string', 'arn': 'string', 'projectName': 'string', 'requestTime': datetime(2015, 1, 1), 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'status': 'string', 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'sourceVersion': 'string', 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'logConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'encryptionKey': 'string', 'serviceRole': 'string', 'currentSession': { 'id': 'string', 'status': 'string', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'phases': [ { 'phaseType': 'string', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'resolvedSourceVersion': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'networkInterface': { 'subnetId': 'string', 'networkInterfaceId': 'string' } } } } **Response Structure** * *(dict) --* * **sandbox** *(dict) --* Information about the requested sandbox. * **id** *(string) --* The ID of the sandbox. * **arn** *(string) --* The ARN of the sandbox. * **projectName** *(string) --* The CodeBuild project name. * **requestTime** *(datetime) --* When the sandbox process was initially requested, expressed in Unix time format. * **startTime** *(datetime) --* When the sandbox process started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox process ended, expressed in Unix time format. * **status** *(string) --* The status of the sandbox. * **source** *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* Any version identifier for the version of the sandbox to be built. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment of the build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this sandbox if it does not get marked as completed. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a sandbox is allowed to be queued before it times out. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **logConfig** *(dict) --* Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the sandbox output artifacts. * **serviceRole** *(string) --* The name of a service role used for this sandbox. * **currentSession** *(dict) --* The current session for the sandbox. * **id** *(string) --* The ID of the sandbox session. * **status** *(string) --* The status of the sandbox session. * **startTime** *(datetime) --* When the sandbox session started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox session ended, expressed in Unix time format. * **currentPhase** *(string) --* The current phase for the sandbox. * **phases** *(list) --* An array of "SandboxSessionPhase" objects. * *(dict) --* Contains information about the sandbox phase. * **phaseType** *(string) --* The name of the sandbox phase. * **phaseStatus** *(string) --* The current status of the sandbox phase. Valid values include: FAILED The sandbox phase failed. FAULT The sandbox phase faulted. IN_PROGRESS The sandbox phase is still in progress. STOPPED The sandbox phase stopped. SUCCEEDED The sandbox phase succeeded. TIMED_OUT The sandbox phase timed out. * **startTime** *(datetime) --* When the sandbox phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the sandbox's phase. * **contexts** *(list) --* An array of "PhaseContext" objects. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **resolvedSourceVersion** *(string) --* An identifier for the version of this sandbox's source code. * **logs** *(dict) --* Information about build logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3 :::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **networkInterface** *(dict) --* Describes a network interface. * **subnetId** *(string) --* The ID of the subnet. * **networkInterfaceId** *(string) --* The ID of the network interface. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / describe_test_cases describe_test_cases ******************* CodeBuild.Client.describe_test_cases(**kwargs) Returns a list of details about test cases for a report. See also: AWS API Documentation **Request Syntax** response = client.describe_test_cases( reportArn='string', nextToken='string', maxResults=123, filter={ 'status': 'string', 'keyword': 'string' } ) Parameters: * **reportArn** (*string*) -- **[REQUIRED]** The ARN of the report for which test cases are returned. * **nextToken** (*string*) -- During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **maxResults** (*integer*) -- The maximum number of paginated test cases returned per response. Use "nextToken" to iterate pages in the list of returned "TestCase" objects. The default value is 100. * **filter** (*dict*) -- A "TestCaseFilter" object used to filter the returned reports. * **status** *(string) --* The status used to filter test cases. A "TestCaseFilter" can have one status. Valid values are: * "SUCCEEDED" * "FAILED" * "ERROR" * "SKIPPED" * "UNKNOWN" * **keyword** *(string) --* A keyword that is used to filter on the "name" or the "prefix" of the test cases. Only test cases where the keyword is a substring of the "name" or the "prefix" will be returned. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'testCases': [ { 'reportArn': 'string', 'testRawDataPath': 'string', 'prefix': 'string', 'name': 'string', 'status': 'string', 'durationInNanoSeconds': 123, 'message': 'string', 'expired': datetime(2015, 1, 1), 'testSuiteName': 'string' }, ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* During a previous call, the maximum number of items that can be returned is the value specified in "maxResults". If there more items in the list, then a unique string called a *nextToken* is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned. * **testCases** *(list) --* The returned list of test cases. * *(dict) --* Information about a test case created using a framework such as NUnit or Cucumber. A test case might be a unit test or a configuration test. * **reportArn** *(string) --* The ARN of the report to which the test case belongs. * **testRawDataPath** *(string) --* The path to the raw data file that contains the test result. * **prefix** *(string) --* A string that is applied to a series of related test cases. CodeBuild generates the prefix. The prefix depends on the framework used to generate the tests. * **name** *(string) --* The name of the test case. * **status** *(string) --* The status returned by the test case after it was run. Valid statuses are "SUCCEEDED", "FAILED", "ERROR", "SKIPPED", and "UNKNOWN". * **durationInNanoSeconds** *(integer) --* The number of nanoseconds it took to run this test case. * **message** *(string) --* A message associated with a test case. For example, an error message or stack trace. * **expired** *(datetime) --* The date and time a test case expires. A test case expires 30 days after it is created. An expired test case is not available to view in CodeBuild. * **testSuiteName** *(string) --* The name of the test suite that the test case is a part of. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / batch_get_fleets batch_get_fleets **************** CodeBuild.Client.batch_get_fleets(**kwargs) Gets information about one or more compute fleets. See also: AWS API Documentation **Request Syntax** response = client.batch_get_fleets( names=[ 'string', ] ) Parameters: **names** (*list*) -- **[REQUIRED]** The names or ARNs of the compute fleets. * *(string) --* Return type: dict Returns: **Response Syntax** { 'fleets': [ { 'arn': 'string', 'name': 'string', 'id': 'string', 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'status': { 'statusCode': 'CREATING'|'UPDATING'|'ROTATING'|'PENDING_DELETION'|'DELETING'|'CREATE_FAILED'|'UPDATE_ROLLBACK_FAILED'|'ACTIVE', 'context': 'CREATE_FAILED'|'UPDATE_FAILED'|'ACTION_REQUIRED'|'PENDING_DELETION'|'INSUFFICIENT_CAPACITY', 'message': 'string' }, 'baseCapacity': 123, 'environmentType': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'scalingConfiguration': { 'scalingType': 'TARGET_TRACKING_SCALING', 'targetTrackingScalingConfigs': [ { 'metricType': 'FLEET_UTILIZATION_RATE', 'targetValue': 123.0 }, ], 'maxCapacity': 123, 'desiredCapacity': 123 }, 'overflowBehavior': 'QUEUE'|'ON_DEMAND', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'proxyConfiguration': { 'defaultBehavior': 'ALLOW_ALL'|'DENY_ALL', 'orderedProxyRules': [ { 'type': 'DOMAIN'|'IP', 'effect': 'ALLOW'|'DENY', 'entities': [ 'string', ] }, ] }, 'imageId': 'string', 'fleetServiceRole': 'string', 'tags': [ { 'key': 'string', 'value': 'string' }, ] }, ], 'fleetsNotFound': [ 'string', ] } **Response Structure** * *(dict) --* * **fleets** *(list) --* Information about the requested compute fleets. * *(dict) --* A set of dedicated instances for your build environment. * **arn** *(string) --* The ARN of the compute fleet. * **name** *(string) --* The name of the compute fleet. * **id** *(string) --* The ID of the compute fleet. * **created** *(datetime) --* The time at which the compute fleet was created. * **lastModified** *(datetime) --* The time at which the compute fleet was last modified. * **status** *(dict) --* The status of the compute fleet. * **statusCode** *(string) --* The status code of the compute fleet. Valid values include: * "CREATING": The compute fleet is being created. * "UPDATING": The compute fleet is being updated. * "ROTATING": The compute fleet is being rotated. * "PENDING_DELETION": The compute fleet is pending deletion. * "DELETING": The compute fleet is being deleted. * "CREATE_FAILED": The compute fleet has failed to create. * "UPDATE_ROLLBACK_FAILED": The compute fleet has failed to update and could not rollback to previous state. * "ACTIVE": The compute fleet has succeeded and is active. * **context** *(string) --* Additional information about a compute fleet. Valid values include: * "CREATE_FAILED": The compute fleet has failed to create. * "UPDATE_FAILED": The compute fleet has failed to update. * **message** *(string) --* A message associated with the status of a compute fleet. * **baseCapacity** *(integer) --* The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel. * **environmentType** *(string) --* The environment type of the compute fleet. * The environment type "ARM_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). * The environment type "ARM_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_GPU_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). * The environment type "MAC_ARM" is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) * The environment type "MAC_ARM" is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). * The environment type "WINDOWS_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "WINDOWS_SERVER_2019_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). * The environment type "WINDOWS_SERVER_2022_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai). For more information, see Build environment compute types in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the compute fleet uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "CUSTOM_INSTANCE_TYPE": Specify the instance type for your compute fleet. For a list of supported instance types, see Supported instance families in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the compute fleet. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE" or "CUSTOM_INSTANCE_TYPE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **scalingConfiguration** *(dict) --* The scaling configuration of the compute fleet. * **scalingType** *(string) --* The scaling type for a compute fleet. * **targetTrackingScalingConfigs** *(list) --* A list of "TargetTrackingScalingConfiguration" objects. * *(dict) --* Defines when a new instance is auto-scaled into the compute fleet. * **metricType** *(string) --* The metric type to determine auto-scaling. * **targetValue** *(float) --* The value of "metricType" when to start scaling. * **maxCapacity** *(integer) --* The maximum number of instances in the fleet when auto- scaling. * **desiredCapacity** *(integer) --* The desired number of instances in the fleet when auto- scaling. * **overflowBehavior** *(string) --* The compute fleet overflow behavior. * For overflow behavior "QUEUE", your overflow builds need to wait on the existing fleet instance to become available. * For overflow behavior "ON_DEMAND", your overflow builds run on CodeBuild on-demand. Note: If you choose to set your overflow behavior to on- demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **proxyConfiguration** *(dict) --* The proxy configuration of the compute fleet. * **defaultBehavior** *(string) --* The default behavior of outgoing traffic. * **orderedProxyRules** *(list) --* An array of "FleetProxyRule" objects that represent the specified destination domains or IPs to allow or deny network access control to. * *(dict) --* Information about the proxy rule for your reserved capacity instances. * **type** *(string) --* The type of proxy rule. * **effect** *(string) --* The behavior of the proxy rule. * **entities** *(list) --* The destination of the proxy rule. * *(string) --* * **imageId** *(string) --* The Amazon Machine Image (AMI) of the compute fleet. * **fleetServiceRole** *(string) --* The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the *CodeBuild User Guide*. * **tags** *(list) --* A list of tag key and value pairs associated with this compute fleet. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **fleetsNotFound** *(list) --* The names of compute fleets for which information could not be found. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / batch_get_builds batch_get_builds **************** CodeBuild.Client.batch_get_builds(**kwargs) Gets information about one or more builds. See also: AWS API Documentation **Request Syntax** response = client.batch_get_builds( ids=[ 'string', ] ) Parameters: **ids** (*list*) -- **[REQUIRED]** The IDs of the builds. * *(string) --* Return type: dict Returns: **Response Syntax** { 'builds': [ { 'id': 'string', 'arn': 'string', 'buildNumber': 123, 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'sourceVersion': 'string', 'resolvedSourceVersion': 'string', 'projectName': 'string', 'phases': [ { 'phaseType': 'SUBMITTED'|'QUEUED'|'PROVISIONING'|'DOWNLOAD_SOURCE'|'INSTALL'|'PRE_BUILD'|'BUILD'|'POST_BUILD'|'UPLOAD_ARTIFACTS'|'FINALIZING'|'COMPLETED', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'buildComplete': True|False, 'initiator': 'string', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'networkInterface': { 'subnetId': 'string', 'networkInterfaceId': 'string' }, 'encryptionKey': 'string', 'exportedEnvironmentVariables': [ { 'name': 'string', 'value': 'string' }, ], 'reportArns': [ 'string', ], 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'debugSession': { 'sessionEnabled': True|False, 'sessionTarget': 'string' }, 'buildBatchArn': 'string', 'autoRetryConfig': { 'autoRetryLimit': 123, 'autoRetryNumber': 123, 'nextAutoRetry': 'string', 'previousAutoRetry': 'string' } }, ], 'buildsNotFound': [ 'string', ] } **Response Structure** * *(dict) --* * **builds** *(list) --* Information about the requested builds. * *(dict) --* Information about a build. * **id** *(string) --* The unique ID for the build. * **arn** *(string) --* The Amazon Resource Name (ARN) of the build. * **buildNumber** *(integer) --* The number of the build. For each project, the "buildNumber" of its first build is "1". The "buildNumber" of each subsequent build is incremented by "1". If a build is deleted, the "buildNumber" of other builds does not change. * **startTime** *(datetime) --* When the build process started, expressed in Unix time format. * **endTime** *(datetime) --* When the build process ended, expressed in Unix time format. * **currentPhase** *(string) --* The current build phase. * **buildStatus** *(string) --* The current status of the build. Valid values include: * "FAILED": The build failed. * "FAULT": The build faulted. * "IN_PROGRESS": The build is still in progress. * "STOPPED": The build stopped. * "SUCCEEDED": The build succeeded. * "TIMED_OUT": The build timed out. * **sourceVersion** *(string) --* Any version identifier for the version of the source code to be built. If "sourceVersion" is specified at the project level, then this "sourceVersion" (at the build level) takes precedence. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **resolvedSourceVersion** *(string) --* An identifier for the version of this build's source code. * For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID. * For CodePipeline, the source revision provided by CodePipeline. * For Amazon S3, this does not apply. * **projectName** *(string) --* The name of the CodeBuild project. * **phases** *(list) --* Information about all previous build phases that are complete and information about any current build phase that is not yet complete. * *(dict) --* Information about a stage for a build. * **phaseType** *(string) --* The name of the build phase. Valid values include: BUILD Core build activities typically occur in this build phase. COMPLETED The build has been completed. DOWNLOAD_SOURCE Source code is being downloaded in this build phase. FINALIZING The build process is completing in this build phase. INSTALL Installation activities typically occur in this build phase. POST_BUILD Post-build activities typically occur in this build phase. PRE_BUILD Pre-build activities typically occur in this build phase. PROVISIONING The build environment is being set up. QUEUED The build has been submitted and is queued behind other submitted builds. SUBMITTED The build has been submitted. UPLOAD_ARTIFACTS Build output artifacts are being uploaded to the output location. * **phaseStatus** *(string) --* The current status of the build phase. Valid values include: FAILED The build phase failed. FAULT The build phase faulted. IN_PROGRESS The build phase is still in progress. STOPPED The build phase stopped. SUCCEEDED The build phase succeeded. TIMED_OUT The build phase timed out. * **startTime** *(datetime) --* When the build phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the build phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the build's phase. * **contexts** *(list) --* Additional information about a build phase, especially to help troubleshoot a failed build. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **source** *(dict) --* Information about the source code to be built. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self-managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild- sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. Each "ProjectSourceVersion" must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* Information about the output artifacts for the build. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "ProjectArtifacts" objects. * *(dict) --* Information about build output artifacts. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment for this build. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99 b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfb dbf," use "/@sha256:cbbf2f9a9 9b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cf bdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The name of a service role used for this build. * **logs** *(dict) --* Information about the build's logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3 :::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a build is allowed to be queued before it times out. * **buildComplete** *(boolean) --* Whether the build is complete. True if complete; otherwise, false. * **initiator** *(string) --* The entity that started the build. Valid values include: * If CodePipeline started the build, the pipeline's name (for example, "codepipeline/my-demo-pipeline"). * If a user started the build, the user's name (for example, "MyUserName"). * If the Jenkins plugin for CodeBuild started the build, the string "CodeBuild-Jenkins-Plugin". * **vpcConfig** *(dict) --* If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **networkInterface** *(dict) --* Describes a network interface. * **subnetId** *(string) --* The ID of the subnet. * **networkInterfaceId** *(string) --* The ID of the network interface. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). * **exportedEnvironmentVariables** *(list) --* A list of exported environment variables for this build. Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the *CodePipeline User Guide*. * *(dict) --* Contains information about an exported environment variable. Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the *CodePipeline User Guide*. Note: During a build, the value of a variable is available starting with the "install" phase. It can be updated between the start of the "install" phase and the end of the "post_build" phase. After the "post_build" phase ends, the value of exported variables cannot change. * **name** *(string) --* The name of the exported environment variable. * **value** *(string) --* The value assigned to the exported environment variable. * **reportArns** *(list) --* An array of the ARNs associated with this build's reports. * *(string) --* * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs- dns-name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs- abcd1234.efs.us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs-abcd1234.efs.us- west-2.amazonaws.com:/my-efs-mount-directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048 576,hard,timeo=600,retrans=2". For more information, see Recommended NFS Mount Options. * **debugSession** *(dict) --* Contains information about the debug session for this build. * **sessionEnabled** *(boolean) --* Specifies if session debugging is enabled for this build. * **sessionTarget** *(string) --* Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build. * **buildBatchArn** *(string) --* The ARN of the batch build that this build is a member of, if applicable. * **autoRetryConfig** *(dict) --* Information about the auto-retry configuration for the build. * **autoRetryLimit** *(integer) --* The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. * **autoRetryNumber** *(integer) --* The number of times that the build has been retried. The initial build will have an auto-retry number of 0. * **nextAutoRetry** *(string) --* The build ARN of the auto-retried build triggered by the current build. The next auto-retry will be "null" for builds that don't trigger an auto-retry. * **previousAutoRetry** *(string) --* The build ARN of the build that triggered the current auto-retry build. The previous auto-retry will be "null" for the initial build. * **buildsNotFound** *(list) --* The IDs of builds for which information could not be found. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" **Examples** The following example gets information about builds with the specified build IDs. response = client.batch_get_builds( ids=[ 'codebuild-demo-project:9b0ac37f-d19e-4254-9079-f47e9a389eEX', 'codebuild-demo-project:b79a46f7-1473-4636-a23f-da9c45c208EX', ], ) print(response) Expected Output: { 'builds': [ { 'arn': 'arn:aws:codebuild:us-east-1:123456789012:build/codebuild-demo-project:9b0ac37f-d19e-4254-9079-f47e9a389eEX', 'artifacts': { 'location': 'arn:aws:s3:::codebuild-123456789012-output-bucket/codebuild-demo-project', }, 'buildComplete': True, 'buildStatus': 'SUCCEEDED', 'currentPhase': 'COMPLETED', 'endTime': 1479832474.764, 'environment': { 'type': 'LINUX_CONTAINER', 'computeType': 'BUILD_GENERAL1_SMALL', 'environmentVariables': [ ], 'image': 'aws/codebuild/java:openjdk-8', 'privilegedMode': False, }, 'id': 'codebuild-demo-project:9b0ac37f-d19e-4254-9079-f47e9a389eEX', 'initiator': 'MyDemoUser', 'logs': { 'deepLink': 'https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#logEvent:group=/aws/codebuild/codebuild-demo-project;stream=9b0ac37f-d19e-4254-9079-f47e9a389eEX', 'groupName': '/aws/codebuild/codebuild-demo-project', 'streamName': '9b0ac37f-d19e-4254-9079-f47e9a389eEX', }, 'phases': [ { 'durationInSeconds': 0, 'endTime': 1479832342.23, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'SUBMITTED', 'startTime': 1479832341.854, }, { 'contexts': [ ], 'durationInSeconds': 72, 'endTime': 1479832415.064, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'PROVISIONING', 'startTime': 1479832342.23, }, { 'contexts': [ ], 'durationInSeconds': 46, 'endTime': 1479832461.261, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'DOWNLOAD_SOURCE', 'startTime': 1479832415.064, }, { 'contexts': [ ], 'durationInSeconds': 0, 'endTime': 1479832461.354, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'INSTALL', 'startTime': 1479832461.261, }, { 'contexts': [ ], 'durationInSeconds': 0, 'endTime': 1479832461.448, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'PRE_BUILD', 'startTime': 1479832461.354, }, { 'contexts': [ ], 'durationInSeconds': 9, 'endTime': 1479832471.115, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'BUILD', 'startTime': 1479832461.448, }, { 'contexts': [ ], 'durationInSeconds': 0, 'endTime': 1479832471.224, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'POST_BUILD', 'startTime': 1479832471.115, }, { 'contexts': [ ], 'durationInSeconds': 0, 'endTime': 1479832471.791, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'UPLOAD_ARTIFACTS', 'startTime': 1479832471.224, }, { 'contexts': [ ], 'durationInSeconds': 2, 'endTime': 1479832474.764, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'FINALIZING', 'startTime': 1479832471.791, }, { 'phaseType': 'COMPLETED', 'startTime': 1479832474.764, }, ], 'projectName': 'codebuild-demo-project', 'source': { 'type': 'S3', 'buildspec': '', 'location': 'arn:aws:s3:::codebuild-123456789012-input-bucket/MessageUtil.zip', }, 'startTime': 1479832341.854, 'timeoutInMinutes': 60, }, { 'arn': 'arn:aws:codebuild:us-east-1:123456789012:build/codebuild-demo-project:b79a46f7-1473-4636-a23f-da9c45c208EX', 'artifacts': { 'location': 'arn:aws:s3:::codebuild-123456789012-output-bucket/codebuild-demo-project', }, 'buildComplete': True, 'buildStatus': 'SUCCEEDED', 'currentPhase': 'COMPLETED', 'endTime': 1479401214.239, 'environment': { 'type': 'LINUX_CONTAINER', 'computeType': 'BUILD_GENERAL1_SMALL', 'environmentVariables': [ ], 'image': 'aws/codebuild/java:openjdk-8', 'privilegedMode': False, }, 'id': 'codebuild-demo-project:b79a46f7-1473-4636-a23f-da9c45c208EX', 'initiator': 'MyDemoUser', 'logs': { 'deepLink': 'https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#logEvent:group=/aws/codebuild/codebuild-demo-project;stream=b79a46f7-1473-4636-a23f-da9c45c208EX', 'groupName': '/aws/codebuild/codebuild-demo-project', 'streamName': 'b79a46f7-1473-4636-a23f-da9c45c208EX', }, 'phases': [ { 'durationInSeconds': 0, 'endTime': 1479401082.342, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'SUBMITTED', 'startTime': 1479401081.869, }, { 'contexts': [ ], 'durationInSeconds': 71, 'endTime': 1479401154.129, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'PROVISIONING', 'startTime': 1479401082.342, }, { 'contexts': [ ], 'durationInSeconds': 45, 'endTime': 1479401199.136, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'DOWNLOAD_SOURCE', 'startTime': 1479401154.129, }, { 'contexts': [ ], 'durationInSeconds': 0, 'endTime': 1479401199.236, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'INSTALL', 'startTime': 1479401199.136, }, { 'contexts': [ ], 'durationInSeconds': 0, 'endTime': 1479401199.345, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'PRE_BUILD', 'startTime': 1479401199.236, }, { 'contexts': [ ], 'durationInSeconds': 9, 'endTime': 1479401208.68, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'BUILD', 'startTime': 1479401199.345, }, { 'contexts': [ ], 'durationInSeconds': 0, 'endTime': 1479401208.783, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'POST_BUILD', 'startTime': 1479401208.68, }, { 'contexts': [ ], 'durationInSeconds': 0, 'endTime': 1479401209.463, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'UPLOAD_ARTIFACTS', 'startTime': 1479401208.783, }, { 'contexts': [ ], 'durationInSeconds': 4, 'endTime': 1479401214.239, 'phaseStatus': 'SUCCEEDED', 'phaseType': 'FINALIZING', 'startTime': 1479401209.463, }, { 'phaseType': 'COMPLETED', 'startTime': 1479401214.239, }, ], 'projectName': 'codebuild-demo-project', 'source': { 'type': 'S3', 'location': 'arn:aws:s3:::codebuild-123456789012-input-bucket/MessageUtil.zip', }, 'startTime': 1479401081.869, 'timeoutInMinutes': 60, }, ], 'ResponseMetadata': { '...': '...', }, } CodeBuild / Client / batch_get_sandboxes batch_get_sandboxes ******************* CodeBuild.Client.batch_get_sandboxes(**kwargs) Gets information about the sandbox status. See also: AWS API Documentation **Request Syntax** response = client.batch_get_sandboxes( ids=[ 'string', ] ) Parameters: **ids** (*list*) -- **[REQUIRED]** A comma separated list of "sandboxIds" or "sandboxArns". * *(string) --* Return type: dict Returns: **Response Syntax** { 'sandboxes': [ { 'id': 'string', 'arn': 'string', 'projectName': 'string', 'requestTime': datetime(2015, 1, 1), 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'status': 'string', 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'sourceVersion': 'string', 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'logConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'encryptionKey': 'string', 'serviceRole': 'string', 'currentSession': { 'id': 'string', 'status': 'string', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'phases': [ { 'phaseType': 'string', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'resolvedSourceVersion': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'networkInterface': { 'subnetId': 'string', 'networkInterfaceId': 'string' } } }, ], 'sandboxesNotFound': [ 'string', ] } **Response Structure** * *(dict) --* * **sandboxes** *(list) --* Information about the requested sandboxes. * *(dict) --* Contains sandbox information. * **id** *(string) --* The ID of the sandbox. * **arn** *(string) --* The ARN of the sandbox. * **projectName** *(string) --* The CodeBuild project name. * **requestTime** *(datetime) --* When the sandbox process was initially requested, expressed in Unix time format. * **startTime** *(datetime) --* When the sandbox process started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox process ended, expressed in Unix time format. * **status** *(string) --* The status of the sandbox. * **source** *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* Any version identifier for the version of the sandbox to be built. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self-managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild- sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment of the build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99 b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfb dbf," use "/@sha256:cbbf2f9a9 9b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cf bdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs- dns-name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs- abcd1234.efs.us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs-abcd1234.efs.us- west-2.amazonaws.com:/my-efs-mount-directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048 576,hard,timeo=600,retrans=2". For more information, see Recommended NFS Mount Options. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this sandbox if it does not get marked as completed. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a sandbox is allowed to be queued before it times out. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **logConfig** *(dict) --* Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3 :::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the sandbox output artifacts. * **serviceRole** *(string) --* The name of a service role used for this sandbox. * **currentSession** *(dict) --* The current session for the sandbox. * **id** *(string) --* The ID of the sandbox session. * **status** *(string) --* The status of the sandbox session. * **startTime** *(datetime) --* When the sandbox session started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox session ended, expressed in Unix time format. * **currentPhase** *(string) --* The current phase for the sandbox. * **phases** *(list) --* An array of "SandboxSessionPhase" objects. * *(dict) --* Contains information about the sandbox phase. * **phaseType** *(string) --* The name of the sandbox phase. * **phaseStatus** *(string) --* The current status of the sandbox phase. Valid values include: FAILED The sandbox phase failed. FAULT The sandbox phase faulted. IN_PROGRESS The sandbox phase is still in progress. STOPPED The sandbox phase stopped. SUCCEEDED The sandbox phase succeeded. TIMED_OUT The sandbox phase timed out. * **startTime** *(datetime) --* When the sandbox phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the sandbox phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the sandbox's phase. * **contexts** *(list) --* An array of "PhaseContext" objects. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **resolvedSourceVersion** *(string) --* An identifier for the version of this sandbox's source code. * **logs** *(dict) --* Information about build logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my- bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **networkInterface** *(dict) --* Describes a network interface. * **subnetId** *(string) --* The ID of the subnet. * **networkInterfaceId** *(string) --* The ID of the network interface. * **sandboxesNotFound** *(list) --* The IDs of sandboxes for which information could not be found. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / update_webhook update_webhook ************** CodeBuild.Client.update_webhook(**kwargs) Updates the webhook associated with an CodeBuild build project. Note: If you use Bitbucket for your repository, "rotateSecret" is ignored. See also: AWS API Documentation **Request Syntax** response = client.update_webhook( projectName='string', branchFilter='string', rotateSecret=True|False, filterGroups=[ [ { 'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME'|'ORGANIZATION_NAME', 'pattern': 'string', 'excludeMatchedPattern': True|False }, ], ], buildType='BUILD'|'BUILD_BATCH'|'RUNNER_BUILDKITE_BUILD', pullRequestBuildPolicy={ 'requiresCommentApproval': 'DISABLED'|'ALL_PULL_REQUESTS'|'FORK_PULL_REQUESTS', 'approverRoles': [ 'GITHUB_READ'|'GITHUB_TRIAGE'|'GITHUB_WRITE'|'GITHUB_MAINTAIN'|'GITHUB_ADMIN'|'GITLAB_GUEST'|'GITLAB_PLANNER'|'GITLAB_REPORTER'|'GITLAB_DEVELOPER'|'GITLAB_MAINTAINER'|'GITLAB_OWNER'|'BITBUCKET_READ'|'BITBUCKET_WRITE'|'BITBUCKET_ADMIN', ] } ) Parameters: * **projectName** (*string*) -- **[REQUIRED]** The name of the CodeBuild project. * **branchFilter** (*string*) -- A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If "branchFilter" is empty, then all branches are built. Note: It is recommended that you use "filterGroups" instead of "branchFilter". * **rotateSecret** (*boolean*) -- A boolean value that specifies whether the associated GitHub repository's secret token should be updated. If you use Bitbucket for your repository, "rotateSecret" is ignored. * **filterGroups** (*list*) -- An array of arrays of "WebhookFilter" objects used to determine if a webhook event can trigger a build. A filter group must contain at least one "EVENT" "WebhookFilter". * *(list) --* * *(dict) --* A filter used to determine which webhooks trigger a build. * **type** *(string) --* **[REQUIRED]** The type of webhook filter. There are 11 webhook filter types: "EVENT", "ACTOR_ACCOUNT_ID", "HEAD_REF", "BASE_REF", "FILE_PATH", "COMMIT_MESSAGE", "TAG_NAME", "RELEASE_NAME", "REPOSITORY_NAME", "ORGANIZATION_NAME", and "WORKFLOW_NAME". * EVENT * A webhook event triggers a build when the provided "pattern" matches one of nine event types: "PUSH", "PULL_REQUEST_CREATED", "PULL_REQUEST_UPDATED", "PULL_REQUEST_CLOSED", "PULL_REQUEST_REOPENED", "PULL_REQUEST_MERGED", "RELEASED", "PRERELEASED", and "WORKFLOW_JOB_QUEUED". The "EVENT" patterns are specified as a comma-separated string. For example, "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" filters all push, pull request created, and pull request updated events. Note: Types "PULL_REQUEST_REOPENED" and "WORKFLOW_JOB_QUEUED" work with GitHub and GitHub Enterprise only. Types "RELEASED" and "PRERELEASED" work with GitHub only. * ACTOR_ACCOUNT_ID * A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression "pattern". * HEAD_REF * A webhook event triggers a build when the head reference matches the regular expression "pattern". For example, "refs/heads/branch-name" and "refs/tags /tag-name". Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. * BASE_REF * A webhook event triggers a build when the base reference matches the regular expression "pattern". For example, "refs/heads/branch-name". Note: Works with pull request events only. * FILE_PATH * A webhook triggers a build when the path of a changed file matches the regular expression "pattern". Note: Works with push and pull request events only. * COMMIT_MESSAGE * A webhook triggers a build when the head commit message matches the regular expression "pattern". Note: Works with push and pull request events only. * TAG_NAME * A webhook triggers a build when the tag name of the release matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * RELEASE_NAME * A webhook triggers a build when the release name matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * REPOSITORY_NAME * A webhook triggers a build when the repository name matches the regular expression "pattern". Note: Works with GitHub global or organization webhooks only. * ORGANIZATION_NAME * A webhook triggers a build when the organization name matches the regular expression "pattern". Note: Works with GitHub global webhooks only. * WORKFLOW_NAME * A webhook triggers a build when the workflow name matches the regular expression "pattern". Note: Works with "WORKFLOW_JOB_QUEUED" events only. Note: For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name. * **pattern** *(string) --* **[REQUIRED]** For a "WebHookFilter" that uses "EVENT" type, a comma- separated string that specifies one or more events. For example, the webhook filter "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" allows all push, pull request created, and pull request updated events to trigger a build. For a "WebHookFilter" that uses any of the other filter types, a regular expression pattern. For example, a "WebHookFilter" that uses "HEAD_REF" for its "type" and the pattern "^refs/heads/" triggers a build when the head reference is a branch with a reference name "refs/heads/branch-name". * **excludeMatchedPattern** *(boolean) --* Used to indicate that the "pattern" determines which webhook events do not trigger a build. If true, then a webhook event that does not match the "pattern" triggers a build. If false, then a webhook event that matches the "pattern" triggers a build. * **buildType** (*string*) -- Specifies the type of build this webhook will trigger. Note: "RUNNER_BUILDKITE_BUILD" is only available for "NO_SOURCE" source type projects configured for Buildkite runner builds. For more information about CodeBuild-hosted Buildkite runner builds, see Tutorial: Configure a CodeBuild-hosted Buildkite runner in the *CodeBuild user guide*. * **pullRequestBuildPolicy** (*dict*) -- A PullRequestBuildPolicy object that defines comment-based approval requirements for triggering builds on pull requests. This policy helps control when automated builds are executed based on contributor permissions and approval workflows. * **requiresCommentApproval** *(string) --* **[REQUIRED]** Specifies when comment-based approval is required before triggering a build on pull requests. This setting determines whether builds run automatically or require explicit approval through comments. * *DISABLED*: Builds trigger automatically without requiring comment approval * *ALL_PULL_REQUESTS*: All pull requests require comment approval before builds execute (unless contributor is one of the approver roles) * *FORK_PULL_REQUESTS*: Only pull requests from forked repositories require comment approval (unless contributor is one of the approver roles) * **approverRoles** *(list) --* List of repository roles that have approval privileges for pull request builds when comment approval is required. Only users with these roles can provide valid comment approvals. If a pull request contributor is one of these roles, their pull request builds will trigger automatically. This field is only applicable when "requiresCommentApproval" is not *DISABLED*. * *(string) --* Return type: dict Returns: **Response Syntax** { 'webhook': { 'url': 'string', 'payloadUrl': 'string', 'secret': 'string', 'branchFilter': 'string', 'filterGroups': [ [ { 'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME'|'ORGANIZATION_NAME', 'pattern': 'string', 'excludeMatchedPattern': True|False }, ], ], 'buildType': 'BUILD'|'BUILD_BATCH'|'RUNNER_BUILDKITE_BUILD', 'manualCreation': True|False, 'lastModifiedSecret': datetime(2015, 1, 1), 'scopeConfiguration': { 'name': 'string', 'domain': 'string', 'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP' }, 'status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'DELETING', 'statusMessage': 'string' } } **Response Structure** * *(dict) --* * **webhook** *(dict) --* Information about a repository's webhook that is associated with a project in CodeBuild. * **url** *(string) --* The URL to the webhook. * **payloadUrl** *(string) --* The CodeBuild endpoint where webhook events are sent. * **secret** *(string) --* The secret token of the associated repository. Note: A Bitbucket webhook does not support "secret". * **branchFilter** *(string) --* A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If "branchFilter" is empty, then all branches are built. Note: It is recommended that you use "filterGroups" instead of "branchFilter". * **filterGroups** *(list) --* An array of arrays of "WebhookFilter" objects used to determine which webhooks are triggered. At least one "WebhookFilter" in the array must specify "EVENT" as its "type". For a build to be triggered, at least one filter group in the "filterGroups" array must pass. For a filter group to pass, each of its filters must pass. * *(list) --* * *(dict) --* A filter used to determine which webhooks trigger a build. * **type** *(string) --* The type of webhook filter. There are 11 webhook filter types: "EVENT", "ACTOR_ACCOUNT_ID", "HEAD_REF", "BASE_REF", "FILE_PATH", "COMMIT_MESSAGE", "TAG_NAME", "RELEASE_NAME", "REPOSITORY_NAME", "ORGANIZATION_NAME", and "WORKFLOW_NAME". * EVENT * A webhook event triggers a build when the provided "pattern" matches one of nine event types: "PUSH", "PULL_REQUEST_CREATED", "PULL_REQUEST_UPDATED", "PULL_REQUEST_CLOSED", "PULL_REQUEST_REOPENED", "PULL_REQUEST_MERGED", "RELEASED", "PRERELEASED", and "WORKFLOW_JOB_QUEUED". The "EVENT" patterns are specified as a comma-separated string. For example, "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" filters all push, pull request created, and pull request updated events. Note: Types "PULL_REQUEST_REOPENED" and "WORKFLOW_JOB_QUEUED" work with GitHub and GitHub Enterprise only. Types "RELEASED" and "PRERELEASED" work with GitHub only. * ACTOR_ACCOUNT_ID * A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression "pattern". * HEAD_REF * A webhook event triggers a build when the head reference matches the regular expression "pattern". For example, "refs/heads/branch-name" and "refs/tags/tag-name". Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. * BASE_REF * A webhook event triggers a build when the base reference matches the regular expression "pattern". For example, "refs/heads/branch- name". Note: Works with pull request events only. * FILE_PATH * A webhook triggers a build when the path of a changed file matches the regular expression "pattern". Note: Works with push and pull request events only. * COMMIT_MESSAGE * A webhook triggers a build when the head commit message matches the regular expression "pattern". Note: Works with push and pull request events only. * TAG_NAME * A webhook triggers a build when the tag name of the release matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * RELEASE_NAME * A webhook triggers a build when the release name matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * REPOSITORY_NAME * A webhook triggers a build when the repository name matches the regular expression "pattern". Note: Works with GitHub global or organization webhooks only. * ORGANIZATION_NAME * A webhook triggers a build when the organization name matches the regular expression "pattern". Note: Works with GitHub global webhooks only. * WORKFLOW_NAME * A webhook triggers a build when the workflow name matches the regular expression "pattern". Note: Works with "WORKFLOW_JOB_QUEUED" events only. Note: For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name. * **pattern** *(string) --* For a "WebHookFilter" that uses "EVENT" type, a comma-separated string that specifies one or more events. For example, the webhook filter "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" allows all push, pull request created, and pull request updated events to trigger a build. For a "WebHookFilter" that uses any of the other filter types, a regular expression pattern. For example, a "WebHookFilter" that uses "HEAD_REF" for its "type" and the pattern "^refs/heads/" triggers a build when the head reference is a branch with a reference name "refs/heads/branch-name". * **excludeMatchedPattern** *(boolean) --* Used to indicate that the "pattern" determines which webhook events do not trigger a build. If true, then a webhook event that does not match the "pattern" triggers a build. If false, then a webhook event that matches the "pattern" triggers a build. * **buildType** *(string) --* Specifies the type of build this webhook will trigger. Note: "RUNNER_BUILDKITE_BUILD" is only available for "NO_SOURCE" source type projects configured for Buildkite runner builds. For more information about CodeBuild-hosted Buildkite runner builds, see Tutorial: Configure a CodeBuild-hosted Buildkite runner in the *CodeBuild user guide*. * **manualCreation** *(boolean) --* If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns "payloadUrl" and "secret" values for the webhook. The "payloadUrl" and "secret" values in the output can be used to manually create a webhook within GitHub. Note: manualCreation is only available for GitHub webhooks. * **lastModifiedSecret** *(datetime) --* A timestamp that indicates the last time a repository's secret token was modified. * **scopeConfiguration** *(dict) --* The scope configuration for global or organization webhooks. Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks. * **name** *(string) --* The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook. * **domain** *(string) --* The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED. * **scope** *(string) --* The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION. * **status** *(string) --* The status of the webhook. Valid values include: * "CREATING": The webhook is being created. * "CREATE_FAILED": The webhook has failed to create. * "ACTIVE": The webhook has succeeded and is active. * "DELETING": The webhook is being deleted. * **statusMessage** *(string) --* A message associated with the status of a webhook. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" * "CodeBuild.Client.exceptions.OAuthProviderException" CodeBuild / Client / create_report_group create_report_group ******************* CodeBuild.Client.create_report_group(**kwargs) Creates a report group. A report group contains a collection of reports. See also: AWS API Documentation **Request Syntax** response = client.create_report_group( name='string', type='TEST'|'CODE_COVERAGE', exportConfig={ 'exportConfigType': 'S3'|'NO_EXPORT', 's3Destination': { 'bucket': 'string', 'bucketOwner': 'string', 'path': 'string', 'packaging': 'ZIP'|'NONE', 'encryptionKey': 'string', 'encryptionDisabled': True|False } }, tags=[ { 'key': 'string', 'value': 'string' }, ] ) Parameters: * **name** (*string*) -- **[REQUIRED]** The name of the report group. * **type** (*string*) -- **[REQUIRED]** The type of report group. * **exportConfig** (*dict*) -- **[REQUIRED]** A "ReportExportConfig" object that contains information about where the report group test results are exported. * **exportConfigType** *(string) --* The export configuration type. Valid values are: * "S3": The report results are exported to an S3 bucket. * "NO_EXPORT": The report results are not exported. * **s3Destination** *(dict) --* A "S3ReportExportConfig" object that contains information about the S3 bucket where the run of a report is exported. * **bucket** *(string) --* The name of the S3 bucket where the raw data of a report are exported. * **bucketOwner** *(string) --* The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build. * **path** *(string) --* The path to the exported report's raw data results. * **packaging** *(string) --* The type of build output artifact to create. Valid values include: * "NONE": CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. * "ZIP": CodeBuild creates a ZIP file with the raw data in the output bucket. * **encryptionKey** *(string) --* The encryption key for the report's encrypted raw data. * **encryptionDisabled** *(boolean) --* A boolean value that specifies if the results of a report are encrypted. * **tags** (*list*) -- A list of tag key and value pairs associated with this report group. These tags are available for use by Amazon Web Services services that support CodeBuild report group tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. Return type: dict Returns: **Response Syntax** { 'reportGroup': { 'arn': 'string', 'name': 'string', 'type': 'TEST'|'CODE_COVERAGE', 'exportConfig': { 'exportConfigType': 'S3'|'NO_EXPORT', 's3Destination': { 'bucket': 'string', 'bucketOwner': 'string', 'path': 'string', 'packaging': 'ZIP'|'NONE', 'encryptionKey': 'string', 'encryptionDisabled': True|False } }, 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'tags': [ { 'key': 'string', 'value': 'string' }, ], 'status': 'ACTIVE'|'DELETING' } } **Response Structure** * *(dict) --* * **reportGroup** *(dict) --* Information about the report group that was created. * **arn** *(string) --* The ARN of the "ReportGroup". * **name** *(string) --* The name of the "ReportGroup". * **type** *(string) --* The type of the "ReportGroup". This can be one of the following values: CODE_COVERAGE The report group contains code coverage reports. TEST The report group contains test reports. * **exportConfig** *(dict) --* Information about the destination where the raw data of this "ReportGroup" is exported. * **exportConfigType** *(string) --* The export configuration type. Valid values are: * "S3": The report results are exported to an S3 bucket. * "NO_EXPORT": The report results are not exported. * **s3Destination** *(dict) --* A "S3ReportExportConfig" object that contains information about the S3 bucket where the run of a report is exported. * **bucket** *(string) --* The name of the S3 bucket where the raw data of a report are exported. * **bucketOwner** *(string) --* The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build. * **path** *(string) --* The path to the exported report's raw data results. * **packaging** *(string) --* The type of build output artifact to create. Valid values include: * "NONE": CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. * "ZIP": CodeBuild creates a ZIP file with the raw data in the output bucket. * **encryptionKey** *(string) --* The encryption key for the report's encrypted raw data. * **encryptionDisabled** *(boolean) --* A boolean value that specifies if the results of a report are encrypted. * **created** *(datetime) --* The date and time this "ReportGroup" was created. * **lastModified** *(datetime) --* The date and time this "ReportGroup" was last modified. * **tags** *(list) --* A list of tag key and value pairs associated with this report group. These tags are available for use by Amazon Web Services services that support CodeBuild report group tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **status** *(string) --* The status of the report group. This property is read- only. This can be one of the following values: ACTIVE The report group is active. DELETING The report group is in the process of being deleted. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceAlreadyExistsException" * "CodeBuild.Client.exceptions.AccountLimitExceededException" CodeBuild / Client / list_command_executions_for_sandbox list_command_executions_for_sandbox *********************************** CodeBuild.Client.list_command_executions_for_sandbox(**kwargs) Gets a list of command executions for a sandbox. See also: AWS API Documentation **Request Syntax** response = client.list_command_executions_for_sandbox( sandboxId='string', maxResults=123, sortOrder='ASCENDING'|'DESCENDING', nextToken='string' ) Parameters: * **sandboxId** (*string*) -- **[REQUIRED]** A "sandboxId" or "sandboxArn". * **maxResults** (*integer*) -- The maximum number of sandbox records to be retrieved. * **sortOrder** (*string*) -- The order in which sandbox records should be retrieved. * **nextToken** (*string*) -- The next token, if any, to get paginated results. You will get this value from previous execution of list sandboxes. Return type: dict Returns: **Response Syntax** { 'commandExecutions': [ { 'id': 'string', 'sandboxId': 'string', 'submitTime': datetime(2015, 1, 1), 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'status': 'string', 'command': 'string', 'type': 'SHELL', 'exitCode': 'string', 'standardOutputContent': 'string', 'standardErrContent': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'sandboxArn': 'string' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **commandExecutions** *(list) --* Information about the requested command executions. * *(dict) --* Contains command execution information. * **id** *(string) --* The ID of the command execution. * **sandboxId** *(string) --* A "sandboxId". * **submitTime** *(datetime) --* When the command execution process was initially submitted, expressed in Unix time format. * **startTime** *(datetime) --* When the command execution process started, expressed in Unix time format. * **endTime** *(datetime) --* When the command execution process ended, expressed in Unix time format. * **status** *(string) --* The status of the command execution. * **command** *(string) --* The command that needs to be executed. * **type** *(string) --* The command type. * **exitCode** *(string) --* The exit code to return upon completion. * **standardOutputContent** *(string) --* The text written by the command to stdout. * **standardErrContent** *(string) --* The text written by the command to stderr. * **logs** *(dict) --* Information about build logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3 :::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **sandboxArn** *(string) --* A "sandboxArn". * **nextToken** *(string) --* Information about the next token to get paginated results. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / delete_resource_policy delete_resource_policy ********************** CodeBuild.Client.delete_resource_policy(**kwargs) Deletes a resource policy that is identified by its resource ARN. See also: AWS API Documentation **Request Syntax** response = client.delete_resource_policy( resourceArn='string' ) Parameters: **resourceArn** (*string*) -- **[REQUIRED]** The ARN of the resource that is associated with the resource policy. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / batch_get_reports batch_get_reports ***************** CodeBuild.Client.batch_get_reports(**kwargs) Returns an array of reports. See also: AWS API Documentation **Request Syntax** response = client.batch_get_reports( reportArns=[ 'string', ] ) Parameters: **reportArns** (*list*) -- **[REQUIRED]** An array of ARNs that identify the "Report" objects to return. * *(string) --* Return type: dict Returns: **Response Syntax** { 'reports': [ { 'arn': 'string', 'type': 'TEST'|'CODE_COVERAGE', 'name': 'string', 'reportGroupArn': 'string', 'executionId': 'string', 'status': 'GENERATING'|'SUCCEEDED'|'FAILED'|'INCOMPLETE'|'DELETING', 'created': datetime(2015, 1, 1), 'expired': datetime(2015, 1, 1), 'exportConfig': { 'exportConfigType': 'S3'|'NO_EXPORT', 's3Destination': { 'bucket': 'string', 'bucketOwner': 'string', 'path': 'string', 'packaging': 'ZIP'|'NONE', 'encryptionKey': 'string', 'encryptionDisabled': True|False } }, 'truncated': True|False, 'testSummary': { 'total': 123, 'statusCounts': { 'string': 123 }, 'durationInNanoSeconds': 123 }, 'codeCoverageSummary': { 'lineCoveragePercentage': 123.0, 'linesCovered': 123, 'linesMissed': 123, 'branchCoveragePercentage': 123.0, 'branchesCovered': 123, 'branchesMissed': 123 } }, ], 'reportsNotFound': [ 'string', ] } **Response Structure** * *(dict) --* * **reports** *(list) --* The array of "Report" objects returned by "BatchGetReports". * *(dict) --* Information about the results from running a series of test cases during the run of a build project. The test cases are specified in the buildspec for the build project using one or more paths to the test case files. You can specify any type of tests you want, such as unit tests, integration tests, and functional tests. * **arn** *(string) --* The ARN of the report run. * **type** *(string) --* The type of the report that was run. CODE_COVERAGE A code coverage report. TEST A test report. * **name** *(string) --* The name of the report that was run. * **reportGroupArn** *(string) --* The ARN of the report group associated with this report. * **executionId** *(string) --* The ARN of the build run that generated this report. * **status** *(string) --* The status of this report. * **created** *(datetime) --* The date and time this report run occurred. * **expired** *(datetime) --* The date and time a report expires. A report expires 30 days after it is created. An expired report is not available to view in CodeBuild. * **exportConfig** *(dict) --* Information about where the raw data used to generate this report was exported. * **exportConfigType** *(string) --* The export configuration type. Valid values are: * "S3": The report results are exported to an S3 bucket. * "NO_EXPORT": The report results are not exported. * **s3Destination** *(dict) --* A "S3ReportExportConfig" object that contains information about the S3 bucket where the run of a report is exported. * **bucket** *(string) --* The name of the S3 bucket where the raw data of a report are exported. * **bucketOwner** *(string) --* The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build. * **path** *(string) --* The path to the exported report's raw data results. * **packaging** *(string) --* The type of build output artifact to create. Valid values include: * "NONE": CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. * "ZIP": CodeBuild creates a ZIP file with the raw data in the output bucket. * **encryptionKey** *(string) --* The encryption key for the report's encrypted raw data. * **encryptionDisabled** *(boolean) --* A boolean value that specifies if the results of a report are encrypted. * **truncated** *(boolean) --* A boolean that specifies if this report run is truncated. The list of test cases is truncated after the maximum number of test cases is reached. * **testSummary** *(dict) --* A "TestReportSummary" object that contains information about this test report. * **total** *(integer) --* The number of test cases in this "TestReportSummary". The total includes truncated test cases. * **statusCounts** *(dict) --* A map that contains the number of each type of status returned by the test results in this "TestReportSummary". * *(string) --* * *(integer) --* * **durationInNanoSeconds** *(integer) --* The number of nanoseconds it took to run all of the test cases in this report. * **codeCoverageSummary** *(dict) --* A "CodeCoverageReportSummary" object that contains a code coverage summary for this report. * **lineCoveragePercentage** *(float) --* The percentage of lines that are covered by your tests. * **linesCovered** *(integer) --* The number of lines that are covered by your tests. * **linesMissed** *(integer) --* The number of lines that are not covered by your tests. * **branchCoveragePercentage** *(float) --* The percentage of branches that are covered by your tests. * **branchesCovered** *(integer) --* The number of conditional branches that are covered by your tests. * **branchesMissed** *(integer) --* The number of conditional branches that are not covered by your tests. * **reportsNotFound** *(list) --* An array of ARNs passed to "BatchGetReportGroups" that are not associated with a "Report". * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / update_fleet update_fleet ************ CodeBuild.Client.update_fleet(**kwargs) Updates a compute fleet. See also: AWS API Documentation **Request Syntax** response = client.update_fleet( arn='string', baseCapacity=123, environmentType='WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', computeType='BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', computeConfiguration={ 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, scalingConfiguration={ 'scalingType': 'TARGET_TRACKING_SCALING', 'targetTrackingScalingConfigs': [ { 'metricType': 'FLEET_UTILIZATION_RATE', 'targetValue': 123.0 }, ], 'maxCapacity': 123 }, overflowBehavior='QUEUE'|'ON_DEMAND', vpcConfig={ 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, proxyConfiguration={ 'defaultBehavior': 'ALLOW_ALL'|'DENY_ALL', 'orderedProxyRules': [ { 'type': 'DOMAIN'|'IP', 'effect': 'ALLOW'|'DENY', 'entities': [ 'string', ] }, ] }, imageId='string', fleetServiceRole='string', tags=[ { 'key': 'string', 'value': 'string' }, ] ) Parameters: * **arn** (*string*) -- **[REQUIRED]** The ARN of the compute fleet. * **baseCapacity** (*integer*) -- The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel. * **environmentType** (*string*) -- The environment type of the compute fleet. * The environment type "ARM_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). * The environment type "ARM_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_GPU_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). * The environment type "MAC_ARM" is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) * The environment type "MAC_ARM" is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). * The environment type "WINDOWS_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "WINDOWS_SERVER_2019_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). * The environment type "WINDOWS_SERVER_2022_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai). For more information, see Build environment compute types in the *CodeBuild user guide*. * **computeType** (*string*) -- Information about the compute resources the compute fleet uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "CUSTOM_INSTANCE_TYPE": Specify the instance type for your compute fleet. For a list of supported instance types, see Supported instance families in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** (*dict*) -- The compute configuration of the compute fleet. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE" or "CUSTOM_INSTANCE_TYPE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **scalingConfiguration** (*dict*) -- The scaling configuration of the compute fleet. * **scalingType** *(string) --* The scaling type for a compute fleet. * **targetTrackingScalingConfigs** *(list) --* A list of "TargetTrackingScalingConfiguration" objects. * *(dict) --* Defines when a new instance is auto-scaled into the compute fleet. * **metricType** *(string) --* The metric type to determine auto-scaling. * **targetValue** *(float) --* The value of "metricType" when to start scaling. * **maxCapacity** *(integer) --* The maximum number of instances in the fleet when auto- scaling. * **overflowBehavior** (*string*) -- The compute fleet overflow behavior. * For overflow behavior "QUEUE", your overflow builds need to wait on the existing fleet instance to become available. * For overflow behavior "ON_DEMAND", your overflow builds run on CodeBuild on-demand. Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface. * **vpcConfig** (*dict*) -- Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **proxyConfiguration** (*dict*) -- The proxy configuration of the compute fleet. * **defaultBehavior** *(string) --* The default behavior of outgoing traffic. * **orderedProxyRules** *(list) --* An array of "FleetProxyRule" objects that represent the specified destination domains or IPs to allow or deny network access control to. * *(dict) --* Information about the proxy rule for your reserved capacity instances. * **type** *(string) --* **[REQUIRED]** The type of proxy rule. * **effect** *(string) --* **[REQUIRED]** The behavior of the proxy rule. * **entities** *(list) --* **[REQUIRED]** The destination of the proxy rule. * *(string) --* * **imageId** (*string*) -- The Amazon Machine Image (AMI) of the compute fleet. * **fleetServiceRole** (*string*) -- The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the *CodeBuild User Guide*. * **tags** (*list*) -- A list of tag key and value pairs associated with this compute fleet. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. Return type: dict Returns: **Response Syntax** { 'fleet': { 'arn': 'string', 'name': 'string', 'id': 'string', 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'status': { 'statusCode': 'CREATING'|'UPDATING'|'ROTATING'|'PENDING_DELETION'|'DELETING'|'CREATE_FAILED'|'UPDATE_ROLLBACK_FAILED'|'ACTIVE', 'context': 'CREATE_FAILED'|'UPDATE_FAILED'|'ACTION_REQUIRED'|'PENDING_DELETION'|'INSUFFICIENT_CAPACITY', 'message': 'string' }, 'baseCapacity': 123, 'environmentType': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'scalingConfiguration': { 'scalingType': 'TARGET_TRACKING_SCALING', 'targetTrackingScalingConfigs': [ { 'metricType': 'FLEET_UTILIZATION_RATE', 'targetValue': 123.0 }, ], 'maxCapacity': 123, 'desiredCapacity': 123 }, 'overflowBehavior': 'QUEUE'|'ON_DEMAND', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'proxyConfiguration': { 'defaultBehavior': 'ALLOW_ALL'|'DENY_ALL', 'orderedProxyRules': [ { 'type': 'DOMAIN'|'IP', 'effect': 'ALLOW'|'DENY', 'entities': [ 'string', ] }, ] }, 'imageId': 'string', 'fleetServiceRole': 'string', 'tags': [ { 'key': 'string', 'value': 'string' }, ] } } **Response Structure** * *(dict) --* * **fleet** *(dict) --* A "Fleet" object. * **arn** *(string) --* The ARN of the compute fleet. * **name** *(string) --* The name of the compute fleet. * **id** *(string) --* The ID of the compute fleet. * **created** *(datetime) --* The time at which the compute fleet was created. * **lastModified** *(datetime) --* The time at which the compute fleet was last modified. * **status** *(dict) --* The status of the compute fleet. * **statusCode** *(string) --* The status code of the compute fleet. Valid values include: * "CREATING": The compute fleet is being created. * "UPDATING": The compute fleet is being updated. * "ROTATING": The compute fleet is being rotated. * "PENDING_DELETION": The compute fleet is pending deletion. * "DELETING": The compute fleet is being deleted. * "CREATE_FAILED": The compute fleet has failed to create. * "UPDATE_ROLLBACK_FAILED": The compute fleet has failed to update and could not rollback to previous state. * "ACTIVE": The compute fleet has succeeded and is active. * **context** *(string) --* Additional information about a compute fleet. Valid values include: * "CREATE_FAILED": The compute fleet has failed to create. * "UPDATE_FAILED": The compute fleet has failed to update. * **message** *(string) --* A message associated with the status of a compute fleet. * **baseCapacity** *(integer) --* The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel. * **environmentType** *(string) --* The environment type of the compute fleet. * The environment type "ARM_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). * The environment type "ARM_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "LINUX_GPU_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). * The environment type "MAC_ARM" is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) * The environment type "MAC_ARM" is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). * The environment type "WINDOWS_EC2" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). * The environment type "WINDOWS_SERVER_2019_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). * The environment type "WINDOWS_SERVER_2022_CONTAINER" is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai). For more information, see Build environment compute types in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the compute fleet uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "CUSTOM_INSTANCE_TYPE": Specify the instance type for your compute fleet. For a list of supported instance types, see Supported instance families in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the compute fleet. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE" or "CUSTOM_INSTANCE_TYPE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **scalingConfiguration** *(dict) --* The scaling configuration of the compute fleet. * **scalingType** *(string) --* The scaling type for a compute fleet. * **targetTrackingScalingConfigs** *(list) --* A list of "TargetTrackingScalingConfiguration" objects. * *(dict) --* Defines when a new instance is auto-scaled into the compute fleet. * **metricType** *(string) --* The metric type to determine auto-scaling. * **targetValue** *(float) --* The value of "metricType" when to start scaling. * **maxCapacity** *(integer) --* The maximum number of instances in the fleet when auto- scaling. * **desiredCapacity** *(integer) --* The desired number of instances in the fleet when auto- scaling. * **overflowBehavior** *(string) --* The compute fleet overflow behavior. * For overflow behavior "QUEUE", your overflow builds need to wait on the existing fleet instance to become available. * For overflow behavior "ON_DEMAND", your overflow builds run on CodeBuild on-demand. Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **proxyConfiguration** *(dict) --* The proxy configuration of the compute fleet. * **defaultBehavior** *(string) --* The default behavior of outgoing traffic. * **orderedProxyRules** *(list) --* An array of "FleetProxyRule" objects that represent the specified destination domains or IPs to allow or deny network access control to. * *(dict) --* Information about the proxy rule for your reserved capacity instances. * **type** *(string) --* The type of proxy rule. * **effect** *(string) --* The behavior of the proxy rule. * **entities** *(list) --* The destination of the proxy rule. * *(string) --* * **imageId** *(string) --* The Amazon Machine Image (AMI) of the compute fleet. * **fleetServiceRole** *(string) --* The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the *CodeBuild User Guide*. * **tags** *(list) --* A list of tag key and value pairs associated with this compute fleet. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" * "CodeBuild.Client.exceptions.AccountLimitExceededException" CodeBuild / Client / list_source_credentials list_source_credentials *********************** CodeBuild.Client.list_source_credentials() Returns a list of "SourceCredentialsInfo" objects. See also: AWS API Documentation **Request Syntax** response = client.list_source_credentials() Return type: dict Returns: **Response Syntax** { 'sourceCredentialsInfos': [ { 'arn': 'string', 'serverType': 'GITHUB'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'GITLAB'|'GITLAB_SELF_MANAGED', 'authType': 'OAUTH'|'BASIC_AUTH'|'PERSONAL_ACCESS_TOKEN'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, ] } **Response Structure** * *(dict) --* * **sourceCredentialsInfos** *(list) --* A list of "SourceCredentialsInfo" objects. Each "SourceCredentialsInfo" object includes the authentication type, token ARN, and type of source provider for one set of credentials. * *(dict) --* Information about the credentials for a GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket repository. * **arn** *(string) --* The Amazon Resource Name (ARN) of the token. * **serverType** *(string) --* The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET. * **authType** *(string) --* The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The connection ARN if your authType is CODECONNECTIONS or SECRETS_MANAGER. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / stop_build stop_build ********** CodeBuild.Client.stop_build(**kwargs) Attempts to stop running a build. See also: AWS API Documentation **Request Syntax** response = client.stop_build( id='string' ) Parameters: **id** (*string*) -- **[REQUIRED]** The ID of the build. Return type: dict Returns: **Response Syntax** { 'build': { 'id': 'string', 'arn': 'string', 'buildNumber': 123, 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'currentPhase': 'string', 'buildStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'sourceVersion': 'string', 'resolvedSourceVersion': 'string', 'projectName': 'string', 'phases': [ { 'phaseType': 'SUBMITTED'|'QUEUED'|'PROVISIONING'|'DOWNLOAD_SOURCE'|'INSTALL'|'PRE_BUILD'|'BUILD'|'POST_BUILD'|'UPLOAD_ARTIFACTS'|'FINALIZING'|'COMPLETED', 'phaseStatus': 'SUCCEEDED'|'FAILED'|'FAULT'|'TIMED_OUT'|'IN_PROGRESS'|'STOPPED', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'durationInSeconds': 123, 'contexts': [ { 'statusCode': 'string', 'message': 'string' }, ] }, ], 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'location': 'string', 'sha256sum': 'string', 'md5sum': 'string', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'buildComplete': True|False, 'initiator': 'string', 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'networkInterface': { 'subnetId': 'string', 'networkInterfaceId': 'string' }, 'encryptionKey': 'string', 'exportedEnvironmentVariables': [ { 'name': 'string', 'value': 'string' }, ], 'reportArns': [ 'string', ], 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'debugSession': { 'sessionEnabled': True|False, 'sessionTarget': 'string' }, 'buildBatchArn': 'string', 'autoRetryConfig': { 'autoRetryLimit': 123, 'autoRetryNumber': 123, 'nextAutoRetry': 'string', 'previousAutoRetry': 'string' } } } **Response Structure** * *(dict) --* * **build** *(dict) --* Information about the build. * **id** *(string) --* The unique ID for the build. * **arn** *(string) --* The Amazon Resource Name (ARN) of the build. * **buildNumber** *(integer) --* The number of the build. For each project, the "buildNumber" of its first build is "1". The "buildNumber" of each subsequent build is incremented by "1". If a build is deleted, the "buildNumber" of other builds does not change. * **startTime** *(datetime) --* When the build process started, expressed in Unix time format. * **endTime** *(datetime) --* When the build process ended, expressed in Unix time format. * **currentPhase** *(string) --* The current build phase. * **buildStatus** *(string) --* The current status of the build. Valid values include: * "FAILED": The build failed. * "FAULT": The build faulted. * "IN_PROGRESS": The build is still in progress. * "STOPPED": The build stopped. * "SUCCEEDED": The build succeeded. * "TIMED_OUT": The build timed out. * **sourceVersion** *(string) --* Any version identifier for the version of the source code to be built. If "sourceVersion" is specified at the project level, then this "sourceVersion" (at the build level) takes precedence. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **resolvedSourceVersion** *(string) --* An identifier for the version of this build's source code. * For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID. * For CodePipeline, the source revision provided by CodePipeline. * For Amazon S3, this does not apply. * **projectName** *(string) --* The name of the CodeBuild project. * **phases** *(list) --* Information about all previous build phases that are complete and information about any current build phase that is not yet complete. * *(dict) --* Information about a stage for a build. * **phaseType** *(string) --* The name of the build phase. Valid values include: BUILD Core build activities typically occur in this build phase. COMPLETED The build has been completed. DOWNLOAD_SOURCE Source code is being downloaded in this build phase. FINALIZING The build process is completing in this build phase. INSTALL Installation activities typically occur in this build phase. POST_BUILD Post-build activities typically occur in this build phase. PRE_BUILD Pre-build activities typically occur in this build phase. PROVISIONING The build environment is being set up. QUEUED The build has been submitted and is queued behind other submitted builds. SUBMITTED The build has been submitted. UPLOAD_ARTIFACTS Build output artifacts are being uploaded to the output location. * **phaseStatus** *(string) --* The current status of the build phase. Valid values include: FAILED The build phase failed. FAULT The build phase faulted. IN_PROGRESS The build phase is still in progress. STOPPED The build phase stopped. SUCCEEDED The build phase succeeded. TIMED_OUT The build phase timed out. * **startTime** *(datetime) --* When the build phase started, expressed in Unix time format. * **endTime** *(datetime) --* When the build phase ended, expressed in Unix time format. * **durationInSeconds** *(integer) --* How long, in seconds, between the starting and ending times of the build's phase. * **contexts** *(list) --* Additional information about a build phase, especially to help troubleshoot a failed build. * *(dict) --* Additional information about a build phase that has an error. You can use this information for troubleshooting. * **statusCode** *(string) --* The status code for the context of the build phase. * **message** *(string) --* An explanation of the build phase's context. This might include a command ID and an exit code. * **source** *(dict) --* Information about the source code to be built. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. Each "ProjectSourceVersion" must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* Information about the output artifacts for the build. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "ProjectArtifacts" objects. * *(dict) --* Information about build output artifacts. * **location** *(string) --* Information about the location of the build artifacts. * **sha256sum** *(string) --* The SHA-256 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **md5sum** *(string) --* The MD5 hash of the build artifact. You can use this hash along with a checksum tool to confirm file integrity and authenticity. Note: This value is available only if the build project's "packaging" value is set to "ZIP". * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Information that tells you if encryption for build artifacts is disabled. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment for this build. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The name of a service role used for this build. * **logs** *(dict) --* Information about the build's logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a build is allowed to be queued before it times out. * **buildComplete** *(boolean) --* Whether the build is complete. True if complete; otherwise, false. * **initiator** *(string) --* The entity that started the build. Valid values include: * If CodePipeline started the build, the pipeline's name (for example, "codepipeline/my-demo-pipeline"). * If a user started the build, the user's name (for example, "MyUserName"). * If the Jenkins plugin for CodeBuild started the build, the string "CodeBuild-Jenkins-Plugin". * **vpcConfig** *(dict) --* If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **networkInterface** *(dict) --* Describes a network interface. * **subnetId** *(string) --* The ID of the subnet. * **networkInterfaceId** *(string) --* The ID of the network interface. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). * **exportedEnvironmentVariables** *(list) --* A list of exported environment variables for this build. Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the *CodePipeline User Guide*. * *(dict) --* Contains information about an exported environment variable. Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the *CodePipeline User Guide*. Note: During a build, the value of a variable is available starting with the "install" phase. It can be updated between the start of the "install" phase and the end of the "post_build" phase. After the "post_build" phase ends, the value of exported variables cannot change. * **name** *(string) --* The name of the exported environment variable. * **value** *(string) --* The value assigned to the exported environment variable. * **reportArns** *(list) --* An array of the ARNs associated with this build's reports. * *(string) --* * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **debugSession** *(dict) --* Contains information about the debug session for this build. * **sessionEnabled** *(boolean) --* Specifies if session debugging is enabled for this build. * **sessionTarget** *(string) --* Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build. * **buildBatchArn** *(string) --* The ARN of the batch build that this build is a member of, if applicable. * **autoRetryConfig** *(dict) --* Information about the auto-retry configuration for the build. * **autoRetryLimit** *(integer) --* The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. * **autoRetryNumber** *(integer) --* The number of times that the build has been retried. The initial build will have an auto-retry number of 0. * **nextAutoRetry** *(string) --* The build ARN of the auto-retried build triggered by the current build. The next auto-retry will be "null" for builds that don't trigger an auto-retry. * **previousAutoRetry** *(string) --* The build ARN of the build that triggered the current auto-retry build. The previous auto-retry will be "null" for the initial build. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException" CodeBuild / Client / batch_get_command_executions batch_get_command_executions **************************** CodeBuild.Client.batch_get_command_executions(**kwargs) Gets information about the command executions. See also: AWS API Documentation **Request Syntax** response = client.batch_get_command_executions( sandboxId='string', commandExecutionIds=[ 'string', ] ) Parameters: * **sandboxId** (*string*) -- **[REQUIRED]** A "sandboxId" or "sandboxArn". * **commandExecutionIds** (*list*) -- **[REQUIRED]** A comma separated list of "commandExecutionIds". * *(string) --* Return type: dict Returns: **Response Syntax** { 'commandExecutions': [ { 'id': 'string', 'sandboxId': 'string', 'submitTime': datetime(2015, 1, 1), 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'status': 'string', 'command': 'string', 'type': 'SHELL', 'exitCode': 'string', 'standardOutputContent': 'string', 'standardErrContent': 'string', 'logs': { 'groupName': 'string', 'streamName': 'string', 'deepLink': 'string', 's3DeepLink': 'string', 'cloudWatchLogsArn': 'string', 's3LogsArn': 'string', 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'sandboxArn': 'string' }, ], 'commandExecutionsNotFound': [ 'string', ] } **Response Structure** * *(dict) --* * **commandExecutions** *(list) --* Information about the requested command executions. * *(dict) --* Contains command execution information. * **id** *(string) --* The ID of the command execution. * **sandboxId** *(string) --* A "sandboxId". * **submitTime** *(datetime) --* When the command execution process was initially submitted, expressed in Unix time format. * **startTime** *(datetime) --* When the command execution process started, expressed in Unix time format. * **endTime** *(datetime) --* When the command execution process ended, expressed in Unix time format. * **status** *(string) --* The status of the command execution. * **command** *(string) --* The command that needs to be executed. * **type** *(string) --* The command type. * **exitCode** *(string) --* The exit code to return upon completion. * **standardOutputContent** *(string) --* The text written by the command to stdout. * **standardErrContent** *(string) --* The text written by the command to stderr. * **logs** *(dict) --* Information about build logs in CloudWatch Logs. * **groupName** *(string) --* The name of the CloudWatch Logs group for the build logs. * **streamName** *(string) --* The name of the CloudWatch Logs stream for the build logs. * **deepLink** *(string) --* The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the "deeplink" will not be valid until it is created. * **s3DeepLink** *(string) --* The URL to a build log in an S3 bucket. * **cloudWatchLogsArn** *(string) --* The ARN of the CloudWatch Logs stream for a build execution. Its format is "arn:${Partition}:logs:${Region}:${Account}:log- group:${LogGroupName}:log-stream:${LogStreamName}". The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs. * **s3LogsArn** *(string) --* The ARN of S3 logs for a build project. Its format is "arn:${Partition}:s3:::${BucketName}/${ObjectName}". For more information, see Resources Defined by Amazon S3. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about S3 logs for a build project. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3 :::my-bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **sandboxArn** *(string) --* A "sandboxArn". * **commandExecutionsNotFound** *(list) --* The IDs of command executions for which information could not be found. * *(string) --* **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" CodeBuild / Client / update_project update_project ************** CodeBuild.Client.update_project(**kwargs) Changes the settings of a build project. See also: AWS API Documentation **Request Syntax** response = client.update_project( name='string', description='string', source={ 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, secondarySources=[ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], sourceVersion='string', secondarySourceVersions=[ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], artifacts={ 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, secondaryArtifacts=[ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], cache={ 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, environment={ 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, serviceRole='string', timeoutInMinutes=123, queuedTimeoutInMinutes=123, encryptionKey='string', tags=[ { 'key': 'string', 'value': 'string' }, ], vpcConfig={ 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, badgeEnabled=True|False, logsConfig={ 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, fileSystemLocations=[ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], buildBatchConfig={ 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, concurrentBuildLimit=123, autoRetryLimit=123 ) Parameters: * **name** (*string*) -- **[REQUIRED]** The name of the build project. Note: You cannot change a build project's name. * **description** (*string*) -- A new or replacement description of the build project. * **source** (*dict*) -- Information to be changed about the build input source code for the build project. * **type** *(string) --* **[REQUIRED]** The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git- codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* **[REQUIRED]** Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* **[REQUIRED]** The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** (*list*) -- An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* **[REQUIRED]** The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git- codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* **[REQUIRED]** Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3:::my-codebuild- sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* **[REQUIRED]** The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** (*string*) -- A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. If "sourceVersion" is specified at the build level, then that version takes precedence over this "sourceVersion" (at the project level). For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **secondarySourceVersions** (*list*) -- An array of "ProjectSourceVersion" objects. If "secondarySourceVersions" is specified at the build level, then they take over these "secondarySourceVersions" (at the project level). * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* **[REQUIRED]** An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* **[REQUIRED]** The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** (*dict*) -- Information to be changed about the build output artifacts for the build project. * **type** *(string) --* **[REQUIRED]** The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** (*list*) -- An array of "ProjectArtifact" objects. * *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* **[REQUIRED]** The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** (*dict*) -- Stores recently used information so that it can be quickly accessed at a later time. * **type** *(string) --* **[REQUIRED]** The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** (*dict*) -- Information to be changed about the build environment for the build project. * **type** *(string) --* **[REQUIRED]** The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* **[REQUIRED]** The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256: cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa038 2cfbdbf," use "/@sha256:cbbf2f9a99b 47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* **[REQUIRED]** Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* **[REQUIRED]** The name or key of the environment variable. * **value** *(string) --* **[REQUIRED]** The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets- manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* **[REQUIRED]** The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* **[REQUIRED]** The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* **[REQUIRED]** Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** (*string*) -- The replacement ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account. * **timeoutInMinutes** (*integer*) -- The replacement value in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. * **queuedTimeoutInMinutes** (*integer*) -- The number of minutes a build is allowed to be queued before it times out. * **encryptionKey** (*string*) -- The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias /"). * **tags** (*list*) -- An updated list of tag key and value pairs associated with this build project. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **vpcConfig** (*dict*) -- VpcConfig enables CodeBuild to access resources in an Amazon VPC. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **badgeEnabled** (*boolean*) -- Set this to true to generate a publicly accessible URL for your project's build badge. * **logsConfig** (*dict*) -- Information about logs for the build project. A project can create logs in CloudWatch Logs, logs in an S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* **[REQUIRED]** The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* **[REQUIRED]** The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my-bucket/build- log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **fileSystemLocations** (*list*) -- An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns-name :/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs.us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs-abcd1234.efs.us-west-2.amazonaws.com :/my-efs-mount-directory". The directory path in the format "efs-dns-name:/directory- path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers= 4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** (*dict*) -- Contains configuration information about a batch build project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **concurrentBuildLimit** (*integer*) -- The maximum number of concurrent builds that are allowed for this project. New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run. To remove this limit, set this value to -1. * **autoRetryLimit** (*integer*) -- The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. Return type: dict Returns: **Response Syntax** { 'project': { 'name': 'string', 'arn': 'string', 'description': 'string', 'source': { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, 'secondarySources': [ { 'type': 'CODECOMMIT'|'CODEPIPELINE'|'GITHUB'|'GITLAB'|'GITLAB_SELF_MANAGED'|'S3'|'BITBUCKET'|'GITHUB_ENTERPRISE'|'NO_SOURCE', 'location': 'string', 'gitCloneDepth': 123, 'gitSubmodulesConfig': { 'fetchSubmodules': True|False }, 'buildspec': 'string', 'auth': { 'type': 'OAUTH'|'CODECONNECTIONS'|'SECRETS_MANAGER', 'resource': 'string' }, 'reportBuildStatus': True|False, 'buildStatusConfig': { 'context': 'string', 'targetUrl': 'string' }, 'insecureSsl': True|False, 'sourceIdentifier': 'string' }, ], 'sourceVersion': 'string', 'secondarySourceVersions': [ { 'sourceIdentifier': 'string', 'sourceVersion': 'string' }, ], 'artifacts': { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, 'secondaryArtifacts': [ { 'type': 'CODEPIPELINE'|'S3'|'NO_ARTIFACTS', 'location': 'string', 'path': 'string', 'namespaceType': 'NONE'|'BUILD_ID', 'name': 'string', 'packaging': 'NONE'|'ZIP', 'overrideArtifactName': True|False, 'encryptionDisabled': True|False, 'artifactIdentifier': 'string', 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' }, ], 'cache': { 'type': 'NO_CACHE'|'S3'|'LOCAL', 'location': 'string', 'modes': [ 'LOCAL_DOCKER_LAYER_CACHE'|'LOCAL_SOURCE_CACHE'|'LOCAL_CUSTOM_CACHE', ], 'cacheNamespace': 'string' }, 'environment': { 'type': 'WINDOWS_CONTAINER'|'LINUX_CONTAINER'|'LINUX_GPU_CONTAINER'|'ARM_CONTAINER'|'WINDOWS_SERVER_2019_CONTAINER'|'WINDOWS_SERVER_2022_CONTAINER'|'LINUX_LAMBDA_CONTAINER'|'ARM_LAMBDA_CONTAINER'|'LINUX_EC2'|'ARM_EC2'|'WINDOWS_EC2'|'MAC_ARM', 'image': 'string', 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'computeConfiguration': { 'vCpu': 123, 'memory': 123, 'disk': 123, 'machineType': 'GENERAL'|'NVME', 'instanceType': 'string' }, 'fleet': { 'fleetArn': 'string' }, 'environmentVariables': [ { 'name': 'string', 'value': 'string', 'type': 'PLAINTEXT'|'PARAMETER_STORE'|'SECRETS_MANAGER' }, ], 'privilegedMode': True|False, 'certificate': 'string', 'registryCredential': { 'credential': 'string', 'credentialProvider': 'SECRETS_MANAGER' }, 'imagePullCredentialsType': 'CODEBUILD'|'SERVICE_ROLE', 'dockerServer': { 'computeType': 'BUILD_GENERAL1_SMALL'|'BUILD_GENERAL1_MEDIUM'|'BUILD_GENERAL1_LARGE'|'BUILD_GENERAL1_XLARGE'|'BUILD_GENERAL1_2XLARGE'|'BUILD_LAMBDA_1GB'|'BUILD_LAMBDA_2GB'|'BUILD_LAMBDA_4GB'|'BUILD_LAMBDA_8GB'|'BUILD_LAMBDA_10GB'|'ATTRIBUTE_BASED_COMPUTE'|'CUSTOM_INSTANCE_TYPE', 'securityGroupIds': [ 'string', ], 'status': { 'status': 'string', 'message': 'string' } } }, 'serviceRole': 'string', 'timeoutInMinutes': 123, 'queuedTimeoutInMinutes': 123, 'encryptionKey': 'string', 'tags': [ { 'key': 'string', 'value': 'string' }, ], 'created': datetime(2015, 1, 1), 'lastModified': datetime(2015, 1, 1), 'webhook': { 'url': 'string', 'payloadUrl': 'string', 'secret': 'string', 'branchFilter': 'string', 'filterGroups': [ [ { 'type': 'EVENT'|'BASE_REF'|'HEAD_REF'|'ACTOR_ACCOUNT_ID'|'FILE_PATH'|'COMMIT_MESSAGE'|'WORKFLOW_NAME'|'TAG_NAME'|'RELEASE_NAME'|'REPOSITORY_NAME'|'ORGANIZATION_NAME', 'pattern': 'string', 'excludeMatchedPattern': True|False }, ], ], 'buildType': 'BUILD'|'BUILD_BATCH'|'RUNNER_BUILDKITE_BUILD', 'manualCreation': True|False, 'lastModifiedSecret': datetime(2015, 1, 1), 'scopeConfiguration': { 'name': 'string', 'domain': 'string', 'scope': 'GITHUB_ORGANIZATION'|'GITHUB_GLOBAL'|'GITLAB_GROUP' }, 'status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'DELETING', 'statusMessage': 'string' }, 'vpcConfig': { 'vpcId': 'string', 'subnets': [ 'string', ], 'securityGroupIds': [ 'string', ] }, 'badge': { 'badgeEnabled': True|False, 'badgeRequestUrl': 'string' }, 'logsConfig': { 'cloudWatchLogs': { 'status': 'ENABLED'|'DISABLED', 'groupName': 'string', 'streamName': 'string' }, 's3Logs': { 'status': 'ENABLED'|'DISABLED', 'location': 'string', 'encryptionDisabled': True|False, 'bucketOwnerAccess': 'NONE'|'READ_ONLY'|'FULL' } }, 'fileSystemLocations': [ { 'type': 'EFS', 'location': 'string', 'mountPoint': 'string', 'identifier': 'string', 'mountOptions': 'string' }, ], 'buildBatchConfig': { 'serviceRole': 'string', 'combineArtifacts': True|False, 'restrictions': { 'maximumBuildsAllowed': 123, 'computeTypesAllowed': [ 'string', ], 'fleetsAllowed': [ 'string', ] }, 'timeoutInMins': 123, 'batchReportMode': 'REPORT_INDIVIDUAL_BUILDS'|'REPORT_AGGREGATED_BATCH' }, 'concurrentBuildLimit': 123, 'projectVisibility': 'PUBLIC_READ'|'PRIVATE', 'publicProjectAlias': 'string', 'resourceAccessRole': 'string', 'autoRetryLimit': 123 } } **Response Structure** * *(dict) --* * **project** *(dict) --* Information about the build project that was changed. * **name** *(string) --* The name of the build project. * **arn** *(string) --* The Amazon Resource Name (ARN) of the build project. * **description** *(string) --* A description that makes the build project easy to identify. * **source** *(dict) --* Information about the build input source code for this build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https ://git-codecommit..amazonaws.com/v1/repos /"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **secondarySources** *(list) --* An array of "ProjectSource" objects. * *(dict) --* Information about the build input source code for the build project. * **type** *(string) --* The type of repository that contains the source code to be built. Valid values include: * "BITBUCKET": The source code is in a Bitbucket repository. * "CODECOMMIT": The source code is in an CodeCommit repository. * "CODEPIPELINE": The source code settings are specified in the source action of a pipeline in CodePipeline. * "GITHUB": The source code is in a GitHub repository. * "GITHUB_ENTERPRISE": The source code is in a GitHub Enterprise Server repository. * "GITLAB": The source code is in a GitLab repository. * "GITLAB_SELF_MANAGED": The source code is in a self- managed GitLab repository. * "NO_SOURCE": The project does not have input source code. * "S3": The source code is in an Amazon S3 bucket. * **location** *(string) --* Information about the location of the source code to be built. Valid values include: * For source code settings that are specified in the source action of a pipeline in CodePipeline, "location" should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. * For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, "https://git-codecommit..amazonaws.com/v1/repos/"). * For source code in an Amazon S3 input bucket, one of the following. * The path to the ZIP file that contains the source code (for example, "//.zip"). * The path to the folder that contains the source code (for example, "///"). * For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub **Authorize application** page, for **Organization access**, choose **Request access** next to each repository you want to allow CodeBuild to have access to, and then choose **Authorize application**. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". * For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections **Authorize application** page, choose **Authorize**. Then on the CodeConnections **Create GitLab connection** page, choose **Connect to GitLab**. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the "auth" object's "type" value to "CODECONNECTIONS" in the "source" object. * For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket **Confirm access to your account** page, choose **Grant access**. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the "source" object, set the "auth" object's "type" value to "OAUTH". If you specify "CODEPIPELINE" for the "Type" property, don't specify this property. For all of the other types, you must specify "Location". * **gitCloneDepth** *(integer) --* Information about the Git clone depth for the build project. * **gitSubmodulesConfig** *(dict) --* Information about the Git submodules configuration for the build project. * **fetchSubmodules** *(boolean) --* Set to true to fetch Git submodules for your CodeBuild build project. * **buildspec** *(string) --* The buildspec file declaration to use for the builds in this build project. If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in "CODEBUILD_SRC_DIR" environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, "arn:aws:s3 :::my-codebuild-sample2/buildspec.yml"). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location. * **auth** *(dict) --* Information about the authorization settings for CodeBuild to access the source code to be built. * **type** *(string) --* The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER. * **resource** *(string) --* The resource value that applies to the specified authorization type. * **reportBuildStatus** *(boolean) --* Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an "invalidInputException" is thrown. To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the *CodeBuild User Guide*. The status of a build triggered by a webhook is always reported to your source provider. If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect. * **buildStatusConfig** *(dict) --* Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is "GITHUB", "GITHUB_ENTERPRISE", or "BITBUCKET". * **context** *(string) --* Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "name" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "context" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **targetUrl** *(string) --* Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. Bitbucket This parameter is used for the "url" parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. GitHub/GitHub Enterprise Server This parameter is used for the "target_url" parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide. * **insecureSsl** *(boolean) --* Enable this flag to ignore SSL warnings while connecting to the project source code. * **sourceIdentifier** *(string) --* An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull-request-ID" (for example "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. If "sourceVersion" is specified at the build level, then that version takes precedence over this "sourceVersion" (at the project level). For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **secondarySourceVersions** *(list) --* An array of "ProjectSourceVersion" objects. If "secondarySourceVersions" is specified at the build level, then they take over these "secondarySourceVersions" (at the project level). * *(dict) --* A source identifier and its corresponding version. * **sourceIdentifier** *(string) --* An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. * **sourceVersion** *(string) --* The source version for the corresponding source identifier. If specified, must be one of: * For CodeCommit: the commit ID, branch, or Git tag to use. * For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format "pr/pull- request-ID" (for example, "pr/25"). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For GitLab: the commit ID, branch, or Git tag to use. * For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. * For Amazon S3: the version ID of the object that represents the build input ZIP file to use. For more information, see Source Version Sample with CodeBuild in the *CodeBuild User Guide*. * **artifacts** *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts/". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **secondaryArtifacts** *(list) --* An array of "ProjectArtifacts" objects. * *(dict) --* Information about the build output artifacts for the build project. * **type** *(string) --* The type of build output artifact. Valid values include: * "CODEPIPELINE": The build project has build output generated through CodePipeline. Note: The "CODEPIPELINE" type is not supported for "secondaryArtifacts". * "NO_ARTIFACTS": The build project does not produce any build output. * "S3": The build project stores build output in Amazon S3. * **location** *(string) --* Information about the build output artifact location: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output bucket. * **path** *(string) --* Along with "namespaceType" and "name", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the path to the output artifact. If "path" is not specified, "path" is not used. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "NONE", and "name" is set to "MyArtifact.zip", the output artifact is stored in the output bucket at "MyArtifacts/MyArtifact.zip". * **namespaceType** *(string) --* Along with "path" and "name", the pattern that CodeBuild uses to determine the name and location to store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "BUILD_ID": Include the build ID in the location of the build output artifact. * "NONE": Do not include the build ID. This is the default if "namespaceType" is not specified. For example, if "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", the output artifact is stored in "MyArtifacts//MyArtifact.zip". * **name** *(string) --* Along with "path" and "namespaceType", the pattern that CodeBuild uses to name and store the output artifact: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket. For example: * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to "MyArtifact.zip", then the output artifact is stored in "MyArtifacts//MyArtifact.zip". * If "path" is empty, "namespaceType" is set to "NONE", and "name" is set to " "/"", the output artifact is stored in the root of the output bucket. * If "path" is set to "MyArtifacts", "namespaceType" is set to "BUILD_ID", and "name" is set to " "/"", the output artifact is stored in "MyArtifacts /". * **packaging** *(string) --* The type of build output artifact to create: * If "type" is set to "CODEPIPELINE", CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. * If "type" is set to "NO_ARTIFACTS", this value is ignored if specified, because no build output is produced. * If "type" is set to "S3", valid values include: * "NONE": CodeBuild creates in the output bucket a folder that contains the build output. This is the default if "packaging" is not specified. * "ZIP": CodeBuild creates in the output bucket a ZIP file that contains the build output. * **overrideArtifactName** *(boolean) --* If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique. * **encryptionDisabled** *(boolean) --* Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown. * **artifactIdentifier** *(string) --* An identifier for this artifact definition. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **cache** *(dict) --* Information about the cache for the build project. * **type** *(string) --* The type of cache used by the build project. Valid values include: * "NO_CACHE": The build project does not use any cache. * "S3": The build project reads and writes from and to S3. * "LOCAL": The build project stores a cache locally on a build host that is only available to that build host. * **location** *(string) --* Information about the cache location: * "NO_CACHE" or "LOCAL": This value is ignored. * "S3": This is the S3 bucket name/prefix. * **modes** *(list) --* An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for "LOCAL" cache types. Possible values are: LOCAL_SOURCE_CACHE Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. LOCAL_DOCKER_LAYER_CACHE Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. Note: * You can use a Docker layer cache in the Linux environment only. * The "privileged" flag must be set so that your project has the required Docker permissions. * You should consider the security implications before you use a Docker layer cache. LOCAL_CUSTOM_CACHE Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: * Only directories can be specified for caching. You cannot specify individual files. * Symlinks are used to reference cached directories. * Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file. * *(string) --* * **cacheNamespace** *(string) --* Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see Cache sharing between projects in the *CodeBuild User Guide*. * **environment** *(dict) --* Information about the build environment for this build project. * **type** *(string) --* The type of build environment to use for related builds. Note: If you're using compute fleets during project creation, "type" will be ignored. For more information, see Build environment compute types in the *CodeBuild user guide*. * **image** *(string) --* The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: * For an image tag: "/:". For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be "aws/codebuild/standard:4.0". * For an image digest: "/@". For example, to specify an image with the digest "sha256:cbbf2f9a99b4 7fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use "/@sha256:cbbf2f9a99b47fc46 0d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf". For more information, see Docker images provided by CodeBuild in the *CodeBuild user guide*. * **computeType** *(string) --* Information about the compute resources the build project uses. Available values include: * "ATTRIBUTE_BASED_COMPUTE": Specify the amount of vCPUs, memory, disk space, and the type of machine. Note: If you use "ATTRIBUTE_BASED_COMPUTE", you must define your attributes by using "computeConfiguration". CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see Reserved capacity environment types in the *CodeBuild User Guide*. * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for builds. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for builds. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_XLARGE": Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type. * "BUILD_GENERAL1_2XLARGE": Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. * "BUILD_LAMBDA_1GB": Use up to 1 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_2GB": Use up to 2 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_4GB": Use up to 4 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_8GB": Use up to 8 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". * "BUILD_LAMBDA_10GB": Use up to 10 GiB memory for builds. Only available for environment type "LINUX_LAMBDA_CONTAINER" and "ARM_LAMBDA_CONTAINER". If you use "BUILD_GENERAL1_SMALL": * For environment type "LINUX_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. * For environment type "ARM_CONTAINER", you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds. If you use "BUILD_GENERAL1_LARGE": * For environment type "LINUX_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs for builds. * For environment type "LINUX_GPU_CONTAINER", you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. * For environment type "ARM_CONTAINER", you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds. For more information, see On-demand environment types in the *CodeBuild User Guide.* * **computeConfiguration** *(dict) --* The compute configuration of the build project. This is only required if "computeType" is set to "ATTRIBUTE_BASED_COMPUTE". * **vCpu** *(integer) --* The number of vCPUs of the instance type included in your fleet. * **memory** *(integer) --* The amount of memory of the instance type included in your fleet. * **disk** *(integer) --* The amount of disk space of the instance type included in your fleet. * **machineType** *(string) --* The machine type of the instance type included in your fleet. * **instanceType** *(string) --* The EC2 instance type to be launched in your fleet. * **fleet** *(dict) --* A ProjectFleet object to use for this build project. * **fleetArn** *(string) --* Specifies the compute fleet ARN for the build project. * **environmentVariables** *(list) --* A set of environment variables to make available to builds for this build project. * *(dict) --* Information about an environment variable for a build project or a build. * **name** *(string) --* The name or key of the environment variable. * **value** *(string) --* The value of the environment variable. Warning: We strongly discourage the use of "PLAINTEXT" environment variables to store sensitive values, especially Amazon Web Services secret key IDs. "PLAINTEXT" environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of type "PARAMETER_STORE" or "SECRETS_MANAGER". * **type** *(string) --* The type of environment variable. Valid values include: * "PARAMETER_STORE": An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the "value" of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env /parameter-store in the *CodeBuild User Guide*. * "PLAINTEXT": An environment variable in plain text format. This is the default value. * "SECRETS_MANAGER": An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as the "value" of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the *CodeBuild User Guide*. * **privilegedMode** *(boolean) --* Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is "false". You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file: If the operating system's base image is Ubuntu Linux: "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"" If the operating system's base image is Alpine Linux and the previous command does not work, add the "-t" argument to "timeout": "- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&" "- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"" * **certificate** *(string) --* The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the *CodeBuild User Guide*. * **registryCredential** *(dict) --* The credentials for access to a private registry. * **credential** *(string) --* The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager. Note: The "credential" can use the name of the credentials only if they exist in your current Amazon Web Services Region. * **credentialProvider** *(string) --* The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager. * **imagePullCredentialsType** *(string) --* The type of credentials CodeBuild uses to pull images in your build. There are two valid values: * "CODEBUILD" specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. * "SERVICE_ROLE" specifies that CodeBuild uses your build project's service role. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials. * **dockerServer** *(dict) --* A DockerServer object to use for this build project. * **computeType** *(string) --* Information about the compute resources the docker server uses. Available values include: * "BUILD_GENERAL1_SMALL": Use up to 4 GiB memory and 2 vCPUs for your docker server. * "BUILD_GENERAL1_MEDIUM": Use up to 8 GiB memory and 4 vCPUs for your docker server. * "BUILD_GENERAL1_LARGE": Use up to 16 GiB memory and 8 vCPUs for your docker server. * "BUILD_GENERAL1_XLARGE": Use up to 64 GiB memory and 32 vCPUs for your docker server. * "BUILD_GENERAL1_2XLARGE": Use up to 128 GiB memory and 64 vCPUs for your docker server. * **securityGroupIds** *(list) --* A list of one or more security groups IDs. Note: Security groups configured for Docker servers should allow ingress network traffic from the VPC configured in the project. They should allow ingress on port 9876. * *(string) --* * **status** *(dict) --* A DockerServerStatus object to use for this docker server. * **status** *(string) --* The status of the docker server. * **message** *(string) --* A message associated with the status of a docker server. * **serviceRole** *(string) --* The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account. * **timeoutInMinutes** *(integer) --* How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes. * **queuedTimeoutInMinutes** *(integer) --* The number of minutes a build is allowed to be queued before it times out. * **encryptionKey** *(string) --* The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts. Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format "alias/"). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3). * **tags** *(list) --* A list of tag key and value pairs associated with this build project. These tags are available for use by Amazon Web Services services that support CodeBuild build project tags. * *(dict) --* A tag, consisting of a key and a value. This tag is available for use by Amazon Web Services services that support tags in CodeBuild. * **key** *(string) --* The tag's key. * **value** *(string) --* The tag's value. * **created** *(datetime) --* When the build project was created, expressed in Unix time format. * **lastModified** *(datetime) --* When the build project's settings were last modified, expressed in Unix time format. * **webhook** *(dict) --* Information about a webhook that connects repository events to a build project in CodeBuild. * **url** *(string) --* The URL to the webhook. * **payloadUrl** *(string) --* The CodeBuild endpoint where webhook events are sent. * **secret** *(string) --* The secret token of the associated repository. Note: A Bitbucket webhook does not support "secret". * **branchFilter** *(string) --* A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If "branchFilter" is empty, then all branches are built. Note: It is recommended that you use "filterGroups" instead of "branchFilter". * **filterGroups** *(list) --* An array of arrays of "WebhookFilter" objects used to determine which webhooks are triggered. At least one "WebhookFilter" in the array must specify "EVENT" as its "type". For a build to be triggered, at least one filter group in the "filterGroups" array must pass. For a filter group to pass, each of its filters must pass. * *(list) --* * *(dict) --* A filter used to determine which webhooks trigger a build. * **type** *(string) --* The type of webhook filter. There are 11 webhook filter types: "EVENT", "ACTOR_ACCOUNT_ID", "HEAD_REF", "BASE_REF", "FILE_PATH", "COMMIT_MESSAGE", "TAG_NAME", "RELEASE_NAME", "REPOSITORY_NAME", "ORGANIZATION_NAME", and "WORKFLOW_NAME". * EVENT * A webhook event triggers a build when the provided "pattern" matches one of nine event types: "PUSH", "PULL_REQUEST_CREATED", "PULL_REQUEST_UPDATED", "PULL_REQUEST_CLOSED", "PULL_REQUEST_REOPENED", "PULL_REQUEST_MERGED", "RELEASED", "PRERELEASED", and "WORKFLOW_JOB_QUEUED". The "EVENT" patterns are specified as a comma- separated string. For example, "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" filters all push, pull request created, and pull request updated events. Note: Types "PULL_REQUEST_REOPENED" and "WORKFLOW_JOB_QUEUED" work with GitHub and GitHub Enterprise only. Types "RELEASED" and "PRERELEASED" work with GitHub only. * ACTOR_ACCOUNT_ID * A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression "pattern". * HEAD_REF * A webhook event triggers a build when the head reference matches the regular expression "pattern". For example, "refs/heads/branch- name" and "refs/tags/tag-name". Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. * BASE_REF * A webhook event triggers a build when the base reference matches the regular expression "pattern". For example, "refs/heads/branch- name". Note: Works with pull request events only. * FILE_PATH * A webhook triggers a build when the path of a changed file matches the regular expression "pattern". Note: Works with push and pull request events only. * COMMIT_MESSAGE * A webhook triggers a build when the head commit message matches the regular expression "pattern". Note: Works with push and pull request events only. * TAG_NAME * A webhook triggers a build when the tag name of the release matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * RELEASE_NAME * A webhook triggers a build when the release name matches the regular expression "pattern". Note: Works with "RELEASED" and "PRERELEASED" events only. * REPOSITORY_NAME * A webhook triggers a build when the repository name matches the regular expression "pattern". Note: Works with GitHub global or organization webhooks only. * ORGANIZATION_NAME * A webhook triggers a build when the organization name matches the regular expression "pattern". Note: Works with GitHub global webhooks only. * WORKFLOW_NAME * A webhook triggers a build when the workflow name matches the regular expression "pattern". Note: Works with "WORKFLOW_JOB_QUEUED" events only. Note: For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name. * **pattern** *(string) --* For a "WebHookFilter" that uses "EVENT" type, a comma-separated string that specifies one or more events. For example, the webhook filter "PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED" allows all push, pull request created, and pull request updated events to trigger a build. For a "WebHookFilter" that uses any of the other filter types, a regular expression pattern. For example, a "WebHookFilter" that uses "HEAD_REF" for its "type" and the pattern "^refs/heads/" triggers a build when the head reference is a branch with a reference name "refs/heads/branch- name". * **excludeMatchedPattern** *(boolean) --* Used to indicate that the "pattern" determines which webhook events do not trigger a build. If true, then a webhook event that does not match the "pattern" triggers a build. If false, then a webhook event that matches the "pattern" triggers a build. * **buildType** *(string) --* Specifies the type of build this webhook will trigger. Note: "RUNNER_BUILDKITE_BUILD" is only available for "NO_SOURCE" source type projects configured for Buildkite runner builds. For more information about CodeBuild-hosted Buildkite runner builds, see Tutorial: Configure a CodeBuild-hosted Buildkite runner in the *CodeBuild user guide*. * **manualCreation** *(boolean) --* If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns "payloadUrl" and "secret" values for the webhook. The "payloadUrl" and "secret" values in the output can be used to manually create a webhook within GitHub. Note: manualCreation is only available for GitHub webhooks. * **lastModifiedSecret** *(datetime) --* A timestamp that indicates the last time a repository's secret token was modified. * **scopeConfiguration** *(dict) --* The scope configuration for global or organization webhooks. Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks. * **name** *(string) --* The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook. * **domain** *(string) --* The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED. * **scope** *(string) --* The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION. * **status** *(string) --* The status of the webhook. Valid values include: * "CREATING": The webhook is being created. * "CREATE_FAILED": The webhook has failed to create. * "ACTIVE": The webhook has succeeded and is active. * "DELETING": The webhook is being deleted. * **statusMessage** *(string) --* A message associated with the status of a webhook. * **vpcConfig** *(dict) --* Information about the VPC configuration that CodeBuild accesses. * **vpcId** *(string) --* The ID of the Amazon VPC. * **subnets** *(list) --* A list of one or more subnet IDs in your Amazon VPC. * *(string) --* * **securityGroupIds** *(list) --* A list of one or more security groups IDs in your Amazon VPC. * *(string) --* * **badge** *(dict) --* Information about the build badge for the build project. * **badgeEnabled** *(boolean) --* Set this to true to generate a publicly accessible URL for your project's build badge. * **badgeRequestUrl** *(string) --* The publicly-accessible URL through which you can access the build badge for your project. * **logsConfig** *(dict) --* Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both. * **cloudWatchLogs** *(dict) --* Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default. * **status** *(string) --* The current status of the logs in CloudWatch Logs for a build project. Valid values are: * "ENABLED": CloudWatch Logs are enabled for this build project. * "DISABLED": CloudWatch Logs are not enabled for this build project. * **groupName** *(string) --* The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **streamName** *(string) --* The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams. * **s3Logs** *(dict) --* Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default. * **status** *(string) --* The current status of the S3 build logs. Valid values are: * "ENABLED": S3 build logs are enabled for this build project. * "DISABLED": S3 build logs are not enabled for this build project. * **location** *(string) --* The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is "my-bucket", and your path prefix is "build-log", then acceptable formats are "my-bucket/build-log" or "arn:aws:s3:::my- bucket/build-log". * **encryptionDisabled** *(boolean) --* Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted. * **bucketOwnerAccess** *(string) --* Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Note: To use this property, your CodeBuild service role must have the "s3:PutBucketAcl" permission. This permission allows CodeBuild to modify the access control list for the bucket. This property can be one of the following values: NONE The bucket owner does not have access to the objects. This is the default. READ_ONLY The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects. FULL The bucket owner has full access to the objects. Object ownership is determined by the following criteria: * If the bucket is configured with the **Bucket owner preferred** setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy. * Otherwise, the uploading account retains ownership of the objects. For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the *Amazon Simple Storage Service User Guide*. * **fileSystemLocations** *(list) --* An array of "ProjectFileSystemLocation" objects for a CodeBuild build project. A "ProjectFileSystemLocation" object specifies the "identifier", "location", "mountOptions", "mountPoint", and "type" of a file system created using Amazon Elastic File System. * *(dict) --* Information about a file system created by Amazon Elastic File System (EFS). For more information, see What Is Amazon Elastic File System? * **type** *(string) --* The type of the file system. The one supported type is "EFS". * **location** *(string) --* A string that specifies the location of the file system created by Amazon EFS. Its format is "efs-dns- name:/directory-path". You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is "fs-abcd1234.efs .us-west-2.amazonaws.com", and its mount directory is "my-efs-mount-directory", then the "location" is "fs- abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount- directory". The directory path in the format "efs-dns-name :/directory-path" is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system. * **mountPoint** *(string) --* The location in the container where you mount the file system. * **identifier** *(string) --* The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the "identifier" in all capital letters to "CODEBUILD_". For example, if you specify "my_efs" for "identifier", a new environment variable is create named "CODEBUILD_MY_EFS". The "identifier" is used to mount your file system. * **mountOptions** *(string) --* The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=6 00,retrans=2". For more information, see Recommended NFS Mount Options. * **buildBatchConfig** *(dict) --* A ProjectBuildBatchConfig object that defines the batch build options for the project. * **serviceRole** *(string) --* Specifies the service role ARN for the batch build project. * **combineArtifacts** *(boolean) --* Specifies if the build artifacts for the batch build should be combined into a single artifact location. * **restrictions** *(dict) --* A "BatchRestrictions" object that specifies the restrictions for the batch build. * **maximumBuildsAllowed** *(integer) --* Specifies the maximum number of builds allowed. * **computeTypesAllowed** *(list) --* An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the *CodeBuild User Guide* for these values. * *(string) --* * **fleetsAllowed** *(list) --* An array of strings that specify the fleets that are allowed for the batch build. See Run builds on reserved capacity fleets in the *CodeBuild User Guide* for more information. * *(string) --* * **timeoutInMins** *(integer) --* Specifies the maximum amount of time, in minutes, that the batch build must be completed in. * **batchReportMode** *(string) --* Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider. REPORT_AGGREGATED_BATCH (Default) Aggregate all of the build statuses into a single status report. REPORT_INDIVIDUAL_BUILDS Send a separate status report for each individual build. * **concurrentBuildLimit** *(integer) --* The maximum number of concurrent builds that are allowed for this project. New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run. * **projectVisibility** *(string) --* Specifies the visibility of the project's builds. Possible values are: PUBLIC_READ The project builds are visible to the public. PRIVATE The project builds are not visible to the public. * **publicProjectAlias** *(string) --* Contains the project identifier used with the public build APIs. * **resourceAccessRole** *(string) --* The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds. * **autoRetryLimit** *(integer) --* The maximum number of additional automatic retries after a failed build. For example, if the auto-retry limit is set to 2, CodeBuild will call the "RetryBuild" API to automatically retry your build for up to 2 additional times. **Exceptions** * "CodeBuild.Client.exceptions.InvalidInputException" * "CodeBuild.Client.exceptions.ResourceNotFoundException"