Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Guidance needed for customize codebuild s3 artifact resources

See original GitHub issue

❓ General Issue

The Question

Any way to customize GitHubSourceAction output with following configuration. Artifact input, output with cuztomize FILENAME and disable KMS encrypt by default.

Something like below…

         bucket: codebuildBucket,
         path: 'mypath',
         name: 'name',
         identifier: 'bridge-artifact1',
         encryption: false,

Sample code

// buildspec.yml
    - "**/*"
  name: myCUSTOMNAME ///// THIS not working, still generate randomly

// Codebuild bucket
    const codebuildBucket = new s3.Bucket(
        bucketName: `${environment.ENV.toLowerCase()}-codebuild-bucket`,
        removalPolicy: cdk.RemovalPolicy.DESTROY,
        blockPublicAccess: new s3.BlockPublicAccess({
          blockPublicAcls: true,
          blockPublicPolicy: false,
          ignorePublicAcls: true,
          restrictPublicBuckets: false,
        accessControl: s3.BucketAccessControl.PUBLIC_READ,

const pipeline = new codepipeline.Pipeline(
        pipelineName: `${environment.ENV}`,
        restartExecutionOnUpdate: true,
        artifactBucket: codebuildBucket,

    // Source stage, grab code from Github
    const sourceStage = pipeline.addStage({
      stageName: 'Source',

    const buildStage = pipeline.addStage({
      stageName: 'Build',
      placement: {
        justAfter: sourceStage,

const sourceOutput = new codepipeline.Artifact('sourceOutput');
    const sourceAction = new cpaction.GitHubSourceAction({
      actionName: codebuild-action-${environment.ENV}`,
      owner: '',
      repo: 'api',
      oauthToken: oauthSecret,
      branch: `${environment.branch}`,
      trigger: cpaction.GitHubTrigger.WEBHOOK,
      output: sourceOutput, ////// THIS I hope I can customize its output file's name and disable KMS encryption. 


    const codeBuildProject = new codebuild.PipelineProject(
        role: buildRole,
        environment: {
          buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('node:12-buster'),
        buildSpec: codebuild.BuildSpec.fromSourceFilename('buildspec.yml'),

const buildOutput = new codepipeline.Artifact('buildOutput');
    const buildAction = new cpaction.CodeBuildAction({
      actionName: 'Build',
      input: sourceOutput, // This hope it can disable its encryption
      outputs: [buildOutput], // This hope it can disable its encryption
      project: codeBuildProject,



  • CDK CLI Version: 1.44.0
  • Module Version: 1.44.0
  • Node.js Version: v14.3.0
  • OS: OSX
  • Language (Version): TypeScript (3.8.3)


  2. Disable S3 KMS encryption :

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

skinny85commented, Jun 9, 2020

I already commented that fixing the names of the artifacts is not possible, and doesn’t really make sense in CodePipeline. Basically, the pipeline controls the names, not the CodeBuild project that executes the build (there is no guarantee that the name is dynamic like myname-$(date +%Y-%m-%d), a user can also make it just myname, and then everything would fall apart).

As for encryption, there is a single key used for encryption in the entire CodePipeline - it cannot be set per action. You can grant IAM users permissions to that one key using standard CDK methods like grantEncrypt(), etc.

skinny85commented, Jun 10, 2020

No problem 🙂. I’m resolving this one, let me know if you need any more info about this from our side.

Read more comments on GitHub >

github_iconTop Results From Across the Web

CodeBuild::Project Artifacts - AWS CloudFormation
Artifacts is a property of the AWS::CodeBuild::Project resource that specifies output settings for artifacts generated by an AWS CodeBuild build.
Read more >
AWS::CodeBuild::Project Artifacts - Amazon CloudFormation
Artifacts is a property of the AWS::CodeBuild::Project resource that specifies output settings for artifacts generated by an Amazon CodeBuild build.
Read more >
AWS CodeBuild - Understanding Output Artifacts - YouTube
In this video I show you how to create output artifacts for your codebuild instance and how we can define what files to...
Read more >
Troubleshooting AWS CodePipeline Artifacts - Stelligent
The Artifact Store is an Amazon S3 bucket that CodePipeline uses to store artifacts used by pipelines. When you first use the CodePipeline...
Read more >
AWS CodeBuild -
This guide assumes you have an existing AWS account with permissions to access the different resources used when setting up AWS CodeBuild projects,...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found