Step 1: Create a connection to Bitbucket (console)Step 2: Grant CodeBuild project IAM role access to use the connection Step 3: Configure CodeBuild to use the new connection

Bitbucket App connections

You can use Bitbucket to connect with CodeBuild. Bitbucket App connections are supported through AWS CodeConnections.

Note

CodeConnections is available in less regions than CodeBuild. You can use cross-region connections in CodeBuild. Connections created in opt-in regions, cannot be used in other regions. For more information, see AWS CodeConnections endpoints and quotas.

Topics

Step 1: Create a connection to Bitbucket (console)
Step 2: Grant CodeBuild project IAM role access to use the connection
Step 3: Configure CodeBuild to use the new connection

Step 1: Create a connection to Bitbucket (console)

Use these steps to use the CodeBuild console to add a connection for your project in Bitbucket.

To create a connection to Bitbucket

Follow the instructions in the Developer Tools User Guide for Create a connection to Bitbucket.

Step 2: Grant CodeBuild project IAM role access to use the connection

You can grant CodeBuild project IAM role access to use the Bitbucket tokens vended by your connection.

To grant CodeBuild project IAM role access

Create an IAM role for your CodeBuild project by following the instructions to Allow CodeBuild to interact with other AWS services for your CodeBuild project.

While following the instructions, add the following IAM policy to your CodeBuild project role to grant access to the connection.


{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "codeconnections:GetConnectionToken",
        "codeconnections:GetConnection"
      ],
      "Resource": [
        <connection-arn>
      ]
    }
  ]
}

Step 3: Configure CodeBuild to use the new connection

You can configure a connection as an account level credential and use it in a project.

AWS Management Console

To configure a connection as an account level credential in the AWS Management Console

For Source provider, choose Bitbucket.
For Credential, do one of the following:
- Choose Default source credential to use your account's default source credential to apply to all projects.
  1. If you aren't connected to Bitbucket, choose Manage default source credential.
  2. For Credential type, choose CodeConnections.
  3. In Connection, choose to use an existing connection or create a new connection.
- Choose Custom source credential to use a custom source credential to override your account's default settings.
  1. For Credential type, choose CodeConnections.
  2. In Connection, choose to use an existing connection or create a new connection.

AWS CLI

To configure a connection as an account level credential in the AWS CLI

Open a terminal (Linux, macOS, or Unix) or command prompt (Windows). Use the AWS CLI to run the import-source-credentials command, specifying the --auth-type, --server-type, and --token for your connection.

Use the following command:
```
aws codebuild import-source-credentials --auth-type CODECONNECTIONS --server-type BITBUCKET --token <connection-arn>
```

For more information on setting up multiple tokens in your CodeBuild project, see Configure multiple tokens as source level credentials.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Bitbucket access

Bitbucket app password or access token