Bitbucket App connections - Amazon CodeBuild
Step 1: Create a connection to Bitbucket (console)Step 2: Grant CodeBuild project IAM role access to use the connectionStep 3: Configure CodeBuild to use the new connection
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Bitbucket App connections

You can use Bitbucket to connect with CodeBuild. Bitbucket App connections are supported through Amazon CodeConnections.

Note

CodeConnections is available in less regions than CodeBuild. You can use cross-region connections in CodeBuild. Connections created in opt-in regions, cannot be used in other regions. For more information, see Amazon CodeConnections endpoints and quotas.

Step 1: Create a connection to Bitbucket (console)

Use these steps to use the CodeBuild console to add a connection for your project in Bitbucket.

To create a connection to Bitbucket
Note

Instead of creating or using an existing connection in your account, you can use a connection shared from another Amazon account. For more information, see Share connections with Amazon accounts.

Step 2: Grant CodeBuild project IAM role access to use the connection

You can grant CodeBuild project IAM role access to use the Bitbucket tokens vended by your connection.

To grant CodeBuild project IAM role access

  1. Create an IAM role for your CodeBuild project by following the instructions to Allow CodeBuild to interact with other Amazon services for your CodeBuild project.

  2. While following the instructions, add the following IAM policy to your CodeBuild project role to grant access to the connection.

    {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "codeconnections:GetConnectionToken",
        "codeconnections:GetConnection"
      ],
      "Resource": [
        <connection-arn>
      ]
    }
  ]
}

Step 3: Configure CodeBuild to use the new connection

You can configure a connection as an account level credential and use it in a project.

Amazon Web Services Management Console
To configure a connection as an account level credential in the Amazon Web Services Management Console

  1. For Source provider, choose Bitbucket.

  2. For Credential, do one of the following:

    • Choose Default source credential to use your account's default source credential to apply to all projects.

      1. If you aren't connected to Bitbucket, choose Manage default source credential.

      2. For Credential type, choose CodeConnections.

      3. In Connection, choose to use an existing connection or create a new connection.

    • Choose Custom source credential to use a custom source credential to override your account's default settings.

      1. For Credential type, choose CodeConnections.

      2. In Connection, choose to use an existing connection or create a new connection.

Amazon CLI
To configure a connection as an account level credential in the Amazon CLI

  • Open a terminal (Linux, OS X, or Unix) or command prompt (Windows). Use the Amazon CLI to run the import-source-credentials command, specifying the --auth-type, --server-type, and --token for your connection.

    Use the following command:

    aws codebuild import-source-credentials --auth-type CODECONNECTIONS --server-type BITBUCKET --token <connection-arn>

For more information on setting up multiple tokens in your CodeBuild project, see Configure multiple tokens as source level credentials.