From e7d6113ba4b23e2357f69ca25d47ab0a08c5bd29 Mon Sep 17 00:00:00 2001 From: Daisuke Date: Thu, 8 May 2025 20:56:21 +0900 Subject: [PATCH] feat: add Codebuild resources --- template-codepipeline.yaml | 49 +++++++++++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) diff --git a/template-codepipeline.yaml b/template-codepipeline.yaml index 36f7a5c..c1dbc22 100644 --- a/template-codepipeline.yaml +++ b/template-codepipeline.yaml @@ -32,6 +32,53 @@ Resources: - s3:DeleteObject Resource: !Sub "arn:aws:s3:::${WebsiteBucket}/*" + CodeBuildServiceRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: Allow + Principal: + Service: + - codebuild.amazonaws.com + Action: + - sts:AssumeRole + Policies: + - PolicyName: CodeBuildPolicy + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: Allow + Action: + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:PutLogEvents + Resource: "*" + - Effect: Allow + Action: + - s3:GetObject + - s3:PutObject + - s3:ListBucket + Resource: + - "arn:aws:s3:::codebuild-ap-northeast-1-692859919890-input-bucket" + - "arn:aws:s3:::codebuild-ap-northeast-1-692859919890-input-bucket/*" + - "arn:aws:s3:::naputo-blog-source" + - "arn:aws:s3:::naputo-blog-source/*" + + MyBlogCodeBuildProject: + Type: AWS::CodeBuild::Project + Properties: + ServiceRole: !GetAtt CodeBuildServiceRole.Arn + Artifacts: + Type: CODEPIPELINE + Environment: + ComputeType: BUILD_LAMBDA_1GB + Image: aws/codebuild/amazonlinux-x86_64-lambda-standard:nodejs22 + Type: LINUX_LAMBDA_CONTAINER + Source: + Type: CODEPIPELINE + CodePipelineRole: Type: AWS::IAM::Role Properties: @@ -115,7 +162,7 @@ Resources: Provider: CodeBuild Version: "1" Configuration: - ProjectName: "MyBlogCodeBuildProject" + ProjectName: !Ref MyBlogCodeBuildProject OutputArtifacts: - Name: BuildArtifact InputArtifacts: