3.4 KiB
3.4 KiB
layout | page_title | sidebar_current | description |
---|---|---|---|
aws | AWS: aws_codepipeline | docs-aws-resource-codepipeline | Provides a CodePipeline |
aws_codepipeline
Provides a CodePipeline.
~> NOTE on aws_codepipeline
: - the GITHUB_TOKEN
environment variable must be set if the GitHub provider is specified.
Example Usage
resource "aws_s3_bucket" "foo" {
bucket = "test-bucket"
acl = "private"
}
resource "aws_iam_role" "foo" {
name = "test-role"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "codepipeline.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
EOF
}
resource "aws_iam_role_policy" "codepipeline_policy" {
name = "codepipeline_policy"
role = "${aws_iam_role.codepipeline_role.id}"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect":"Allow",
"Action": [
"s3:GetObject",
"s3:GetObjectVersion",
"s3:GetBucketVersioning"
],
"Resource": [
"${aws_s3_bucket.foo.arn}",
"${aws_s3_bucket.foo.arn}/*"
]
},
{
"Effect": "Allow",
"Action": [
"codebuild:BatchGetBuilds",
"codebuild:StartBuild"
],
"Resource": "*"
}
]
}
EOF
}
resource "aws_codepipeline" "foo" {
name = "tf-test-pipeline"
role_arn = "${aws_iam_role.foo.arn}"
artifact_store {
location = "${aws_s3_bucket.foo.bucket}"
type = "S3"
}
stage {
name = "Source"
action {
name = "Source"
category = "Source"
owner = "ThirdParty"
provider = "GitHub"
version = "1"
output_artifacts = ["test"]
configuration {
Owner = "my-organization"
Repo = "test"
Branch = "master"
}
}
}
stage {
name = "Build"
action {
name = "Build"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
input_artifacts = ["test"]
version = "1"
configuration {
ProjectName = "test"
}
}
}
}
Argument Reference
The following arguments are supported:
name
- (Required) The name of the pipeline.role_arn
- (Required) A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.artifact_store
(Required) An artifact_store block. Artifact stores are documented below.stage
(Required) A stage block. Stages are documented below.
An artifact_store
block supports the following arguments:
location
- (Required) The location where AWS CodePipeline stores artifacts for a pipeline, such as an S3 bucket.type
- (Required) The type of the artifact store, such as Amazon S3encryption_key
- (Optional) The encryption key AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3).
A stage
block supports the following arguments:
name
- (Required) The name of the stage.action
- (Required) The action(s) to include in the stage
Attributes Reference
The following attributes are exported:
id
- The codepipeline ID.