» Resource: aws_codebuild_webhook

Manages a CodeBuild webhook, which is an endpoint accepted by the CodeBuild service to trigger builds from source code repositories. Depending on the source type of the CodeBuild project, the CodeBuild service may also automatically create and delete the actual repository webhook as well.

» Example Usage

» Bitbucket and GitHub

When working with Bitbucket and GitHub source CodeBuild webhooks, the CodeBuild service will automatically create (on aws_codebuild_webhook resource creation) and delete (on aws_codebuild_webhook resource deletion) the Bitbucket/GitHub repository webhook using its granted OAuth permissions. This behavior cannot be controlled by Terraform.

resource "aws_codebuild_webhook" "example" {
  project_name = "${aws_codebuild_project.example.name}"

  filter_group {
    filter {
      type    = "EVENT"
      pattern = "PUSH"

    filter {
      type    = "HEAD_REF"
      pattern = "master"

» GitHub Enterprise

When working with GitHub Enterprise source CodeBuild webhooks, the GHE repository webhook must be separately managed (e.g. manually or with the github_repository_webhook resource).

More information creating webhooks with GitHub Enterprise can be found in the CodeBuild User Guide.

resource "aws_codebuild_webhook" "example" {
  project_name = "${aws_codebuild_project.example.name}"

resource "github_repository_webhook" "example" {
  active     = true
  events     = ["push"]
  name       = "example"
  repository = "${github_repository.example.name}"

  configuration {
    url          = "${aws_codebuild_webhook.example.payload_url}"
    secret       = "${aws_codebuild_webhook.example.secret}"
    content_type = "json"
    insecure_ssl = false

» Argument Reference

The following arguments are supported:

  • project_name - (Required) The name of the build project.
  • branch_filter - (Optional) A regular expression used to determine which branches get built. Default is all branches are built. It is recommended to use filter_group over branch_filter.
  • filter_group - (Optional) Information about the webhook's trigger. Filter group blocks are documented below.

filter_group supports the following:

  • filter - (Required) A webhook filter for the group. Filter blocks are documented below.

filter supports the following:

  • type - (Required) The webhook filter group's type. Valid values for this parameter are: EVENT, BASE_REF, HEAD_REF, ACTOR_ACCOUNT_ID, FILE_PATH. At least one filter group must specify EVENT as its type.
  • pattern - (Required) For a filter that uses EVENT type, a comma-separated string that specifies one event: PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, PULL_REQUEST_REOPENED. PULL_REQUEST_MERGED works with GitHub & GitHub Enterprise only. For a filter that uses any of the other filter types, a regular expression.
  • exclude_matched_pattern - (Optional) If set to true, the specified filter does not trigger a build. Defaults to false.

» Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The name of the build project.
  • payload_url - The CodeBuild endpoint where webhook events are sent.
  • secret - The secret token of the associated repository. Not returned by the CodeBuild API for all source types.
  • url - The URL to the webhook.

» Import

CodeBuild Webhooks can be imported using the CodeBuild Project name, e.g.

$ terraform import aws_codebuild_webhook.example MyProjectName