search

IAM

Click on Policies, then Create policy. Following that, the next screen click on the JSON button then copy and paste the code below then click Next.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Resource": [
                "*"
            ],
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents",
                "logs:List*",
                "logs:Get*",
                "logs:Describe*"
            ]
        },
        {
            "Effect": "Allow",
            "Resource": [
                "*"
            ],
            "Action": [
                "s3:PutObject",
                "s3:Get*",
                "s3:List*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "codebuild:CreateReportGroup",
                "codebuild:CreateReport",
                "codebuild:UpdateReport",
                "codebuild:BatchPutTestCases",
                "codebuild:Get*",
                "codebuild:Describe*",
                "codebuild:Batch*",
                "codebuild:List*",
                "codebuild:BatchPutCodeCoverages"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Once the whole JSON has been copied and reviewed. The policy can be reviewed and created

Permissions defined in the policy because of the Json output should be:

Next in IAM roles, select create role then for trust entity select AWS Service

and use case is CodeBuild.

For permissions should only need Codebuild-policy before selecting next

For simplicity i’ve named it CodeBuild-Role

PreviousCreating a Codebuild project and getting the output with CloudWatch LogsNextCodeBuild

Last updated