feat: add Codebuild resources
This commit is contained in:
parent
45028307fd
commit
e7d6113ba4
1 changed files with 48 additions and 1 deletions
|
|
@ -32,6 +32,53 @@ Resources:
|
|||
- s3:DeleteObject
|
||||
Resource: !Sub "arn:aws:s3:::${WebsiteBucket}/*"
|
||||
|
||||
CodeBuildServiceRole:
|
||||
Type: AWS::IAM::Role
|
||||
Properties:
|
||||
AssumeRolePolicyDocument:
|
||||
Version: "2012-10-17"
|
||||
Statement:
|
||||
- Effect: Allow
|
||||
Principal:
|
||||
Service:
|
||||
- codebuild.amazonaws.com
|
||||
Action:
|
||||
- sts:AssumeRole
|
||||
Policies:
|
||||
- PolicyName: CodeBuildPolicy
|
||||
PolicyDocument:
|
||||
Version: "2012-10-17"
|
||||
Statement:
|
||||
- Effect: Allow
|
||||
Action:
|
||||
- logs:CreateLogGroup
|
||||
- logs:CreateLogStream
|
||||
- logs:PutLogEvents
|
||||
Resource: "*"
|
||||
- Effect: Allow
|
||||
Action:
|
||||
- s3:GetObject
|
||||
- s3:PutObject
|
||||
- s3:ListBucket
|
||||
Resource:
|
||||
- "arn:aws:s3:::codebuild-ap-northeast-1-692859919890-input-bucket"
|
||||
- "arn:aws:s3:::codebuild-ap-northeast-1-692859919890-input-bucket/*"
|
||||
- "arn:aws:s3:::naputo-blog-source"
|
||||
- "arn:aws:s3:::naputo-blog-source/*"
|
||||
|
||||
MyBlogCodeBuildProject:
|
||||
Type: AWS::CodeBuild::Project
|
||||
Properties:
|
||||
ServiceRole: !GetAtt CodeBuildServiceRole.Arn
|
||||
Artifacts:
|
||||
Type: CODEPIPELINE
|
||||
Environment:
|
||||
ComputeType: BUILD_LAMBDA_1GB
|
||||
Image: aws/codebuild/amazonlinux-x86_64-lambda-standard:nodejs22
|
||||
Type: LINUX_LAMBDA_CONTAINER
|
||||
Source:
|
||||
Type: CODEPIPELINE
|
||||
|
||||
CodePipelineRole:
|
||||
Type: AWS::IAM::Role
|
||||
Properties:
|
||||
|
|
@ -115,7 +162,7 @@ Resources:
|
|||
Provider: CodeBuild
|
||||
Version: "1"
|
||||
Configuration:
|
||||
ProjectName: "MyBlogCodeBuildProject"
|
||||
ProjectName: !Ref MyBlogCodeBuildProject
|
||||
OutputArtifacts:
|
||||
- Name: BuildArtifact
|
||||
InputArtifacts:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue