terraform/website/source/docs/providers/aws/r/codepipeline.markdown

148 lines
3.4 KiB
Markdown
Raw Normal View History

---
layout: "aws"
page_title: "AWS: aws_codepipeline"
sidebar_current: "docs-aws-resource-codepipeline"
description: |-
Provides a CodePipeline
---
# aws\_codepipeline
Provides a CodePipeline.
~> **NOTE on `aws_codepipeline`:** - the `GITHUB_TOKEN` environment variable must be set if the GitHub provider is specified.
## Example Usage
```
resource "aws_s3_bucket" "foo" {
bucket = "test-bucket"
acl = "private"
}
resource "aws_iam_role" "foo" {
name = "test-role"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "codepipeline.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
EOF
}
resource "aws_iam_role_policy" "codepipeline_policy" {
name = "codepipeline_policy"
role = "${aws_iam_role.codepipeline_role.id}"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect":"Allow",
"Action": [
"s3:GetObject",
"s3:GetObjectVersion",
"s3:GetBucketVersioning"
],
"Resource": [
"${aws_s3_bucket.foo.arn}",
"${aws_s3_bucket.foo.arn}/*"
]
},
{
"Effect": "Allow",
"Action": [
"codebuild:BatchGetBuilds",
"codebuild:StartBuild"
],
"Resource": "*"
}
]
}
EOF
}
resource "aws_codepipeline" "foo" {
name = "tf-test-pipeline"
role_arn = "${aws_iam_role.foo.arn}"
artifact_store {
location = "${aws_s3_bucket.foo.bucket}"
type = "S3"
}
stage {
name = "Source"
action {
name = "Source"
category = "Source"
owner = "ThirdParty"
provider = "GitHub"
version = "1"
output_artifacts = ["test"]
configuration {
Owner = "my-organization"
Repo = "test"
Branch = "master"
}
}
}
stage {
name = "Build"
action {
name = "Build"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
input_artifacts = ["test"]
version = "1"
configuration {
ProjectName = "test"
}
}
}
}
```
## Argument Reference
The following arguments are supported:
* `name` - (Required) The name of the pipeline.
* `role_arn` - (Required) A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
* `artifact_store` (Required) An artifact_store block. Artifact stores are documented below.
* `stage` (Required) A stage block. Stages are documented below.
An `artifact_store` block supports the following arguments:
* `location` - (Required) The location where AWS CodePipeline stores artifacts for a pipeline, such as an S3 bucket.
* `type` - (Required) The type of the artifact store, such as Amazon S3
* `encryption_key` - (Optional) The encryption key AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3).
A `stage` block supports the following arguments:
* `name` - (Required) The name of the stage.
* `action` - (Required) The action(s) to include in the stage
## Attributes Reference
The following attributes are exported:
* `id` - The codepipeline ID.