Jeremy Cooper [AFS MBP]
67c98b7677
Updates IMDS & ECR encryption syntax | tfsec/chekov ignores |
|
%!s(int64=3) %!d(string=hai) anos | |
|---|---|---|
| .. | ||
| README.md | %!s(int64=3) %!d(string=hai) anos | |
| accounts.tf | %!s(int64=3) %!d(string=hai) anos | |
| constants.tf | %!s(int64=3) %!d(string=hai) anos | |
| globals.tf | %!s(int64=3) %!d(string=hai) anos | |
| iam.tf | %!s(int64=3) %!d(string=hai) anos | |
| kms.tf | %!s(int64=3) %!d(string=hai) anos | |
| outputs.tf | %!s(int64=3) %!d(string=hai) anos | |
| repos.tf | %!s(int64=3) %!d(string=hai) anos | |
| s3.tf | %!s(int64=3) %!d(string=hai) anos | |
| vars.tf | %!s(int64=3) %!d(string=hai) anos | |
README.md
CodeBuild ECR Base
This module is the building blocks for the AWS CodeBuild projects. It has the foundational pieces for using codebuild to build Linux software / RPMs. You may need to compile an RPM for a specific release of an OS, and CodeBuild by default only has Docker images for Amazon Linux 2 and Ubuntu. So part of this builds RHEL Docker images so that you can compile software in a RHEL userspace.
It builds these resources:
- IAM role for Codebuild jobs to run and be launched by Eventbridge (codebuild-role)
- S3 bucket for holding Codebuild artifacts (xdr-codebuild-artifacts)
- ECR Repos for OS-specific containers
- Codebuild jobs to
docker buildcontainers for the OS-specific containers- RHEL 7
- RHEL 8
- RHEL 9 beta (not working right now)
The ECR repo and related codebuild jobs use a submodule. The OS-specific containers are rebuilt daily to keep them up to date with the latest RHEL patches.