Private registry with Amazon Secrets Manager sample for CodeBuild - Amazon CodeBuild
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Private registry with Amazon Secrets Manager sample for CodeBuild

This sample shows you how to use a Docker image that is stored in a private registry as your Amazon CodeBuild runtime environment. The credentials for the private registry are stored in Amazon Secrets Manager. Any private registry works with CodeBuild. This sample uses Docker Hub.

Note

Secrets are visible to actions and are not masked when written to a file.

Private registry sample requirements

To use a private registry with Amazon CodeBuild, you must have the following:

  • A Secrets Manager secret that stores your Docker Hub credentials. The credentials are used to access your private repository.

    Note

    You will be charged for secrets that you create.

  • A private repository or account.

  • A CodeBuild service role IAM policy that grants access to your Secrets Manager secret.

Follow these steps to create these resources and then create a CodeBuild build project using the Docker images stored in your private registry.