aws-cdk-lib.aws_codebuild.CfnProject.EnvironmentProperty

interface EnvironmentProperty

LanguageType name
.NETAmazon.CDK.AWS.CodeBuild.CfnProject.EnvironmentProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscodebuild#CfnProject_EnvironmentProperty
Javasoftware.amazon.awscdk.services.codebuild.CfnProject.EnvironmentProperty
Pythonaws_cdk.aws_codebuild.CfnProject.EnvironmentProperty
TypeScript aws-cdk-lib » aws_codebuild » CfnProject » EnvironmentProperty

Environment is a property of the AWS::CodeBuild::Project resource that specifies the environment for an AWS CodeBuild project.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_codebuild as codebuild } from 'aws-cdk-lib';
const environmentProperty: codebuild.CfnProject.EnvironmentProperty = {
  computeType: 'computeType',
  image: 'image',
  type: 'type',

  // the properties below are optional
  certificate: 'certificate',
  environmentVariables: [{
    name: 'name',
    value: 'value',

    // the properties below are optional
    type: 'type',
  }],
  imagePullCredentialsType: 'imagePullCredentialsType',
  privilegedMode: false,
  registryCredential: {
    credential: 'credential',
    credentialProvider: 'credentialProvider',
  },
};

Properties

NameTypeDescription
computeTypestringThe type of compute environment.
imagestringThe image tag or image digest that identifies the Docker image to use for this build project.
typestringThe type of build environment to use for related builds.
certificate?stringThe ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project.
environmentVariables?IResolvable | IResolvable | EnvironmentVariableProperty[]A set of environment variables to make available to builds for this build project.
imagePullCredentialsType?stringThe type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:.
privilegedMode?boolean | IResolvableEnables running the Docker daemon inside a Docker container.
registryCredential?IResolvable | RegistryCredentialPropertyRegistryCredential is a property of the AWS::CodeBuild::Project Environment property that specifies information about credentials that provide access to a private Docker registry. When this is set:.

computeType

Type: string

The type of compute environment.

This determines the number of CPU cores and memory the build environment uses. Available values include:

  • BUILD_GENERAL1_SMALL : Use up to 3 GB memory and 2 vCPUs for builds.
  • BUILD_GENERAL1_MEDIUM : Use up to 7 GB memory and 4 vCPUs for builds.
  • BUILD_GENERAL1_LARGE : Use up to 15 GB memory and 8 vCPUs for builds.

For more information, see Build Environment Compute Types in the AWS CodeBuild User Guide.


image

Type: string

The image tag or image digest that identifies the Docker image to use for this build project.

Use the following formats:

  • For an image tag: <registry>/<repository>:<tag> . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be aws/codebuild/standard:4.0 .
  • For an image digest: <registry>/<repository>@<digest> . For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use <registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf .

For more information, see Docker images provided by CodeBuild in the AWS CodeBuild user guide .


type

Type: string

The type of build environment to use for related builds.

  • The environment type ARM_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).

  • The environment type LINUX_CONTAINER with compute type build.general1.2xlarge is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).

  • The environment type LINUX_GPU_CONTAINER is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).

  • The environment types WINDOWS_CONTAINER and WINDOWS_SERVER_2019_CONTAINER are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

For more information, see Build environment compute types in the AWS CodeBuild user guide .


certificate?

Type: string (optional)

The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project.

For more information, see certificate in the AWS CodeBuild User Guide .


environmentVariables?

Type: IResolvable | IResolvable | EnvironmentVariableProperty[] (optional)

A set of environment variables to make available to builds for this build project.


imagePullCredentialsType?

Type: string (optional)

The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:.

  • CODEBUILD specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.
  • SERVICE_ROLE specifies that AWS CodeBuild uses your build project's service role.

When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.


privilegedMode?

Type: boolean | IResolvable (optional)

Enables running the Docker daemon inside a Docker container.

Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is false .

You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:

If the operating system's base image is Ubuntu Linux:

- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"

If the operating system's base image is Alpine Linux and the previous command does not work, add the -t argument to timeout :

- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&

- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"


registryCredential?

Type: IResolvable | RegistryCredentialProperty (optional)

RegistryCredential is a property of the AWS::CodeBuild::Project Environment property that specifies information about credentials that provide access to a private Docker registry. When this is set:.

  • imagePullCredentialsType must be set to SERVICE_ROLE .
  • images cannot be curated or an Amazon ECR image.