AWS CodeBuild Concepts
Jump to navigation
Jump to search
Internal
Build Project
Service Role
Automatically created with the following policies:
CodeBuildBasePolicy-<build-project-name>-<region>
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Resource": [
"arn:aws:logs:us-west-2:673499572719:log-group:/aws/codebuild/playground-ops",
"arn:aws:logs:us-west-2:673499572719:log-group:/aws/codebuild/playground-ops:*"
],
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
]
},
{
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::codepipeline-us-west-2-*"
],
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:GetObjectVersion",
"s3:GetBucketAcl",
"s3:GetBucketLocation"
]
}
]
}
CodeBuildVpcPolicy-<build-project-name>-<region>
CodeBuildCloudWatchLogsPolicy-<build-project-name>-<region>
VPC
Security Group
The build project configuration allows selecting on or more security groups, which are security groups that AWS CodeBuild should use to work with the VPC. The security groups should allow outbound connections.