This lab is currently in Beta, content may be updated as we refine the material
LABINTERMEDIATE

CodeBuild Artifact Pipeline

Build a CodeBuild project end-to-end: KMS-encrypted artifact bucket, scoped service role, buildspec with dependency caching and JUnit reports, then trigger builds and debug a failing test.

50 minutes
aws/devops
CodeBuild Artifact Pipeline - Platform Engineering Hands-On Lab Icon

Lab Overview

In this lab you will stand up a complete AWS CodeBuild pipeline that compiles a small Node.js application, runs unit tests, caches dependencies, publishes JUnit test reports to a CodeBuild report group, and stores build artifacts in an S3 bucket encrypted with a customer-managed KMS key.

You will:

  • Create a KMS customer-managed key and a tagged S3 artifact bucket
  • Create a CodeBuild service role scoped to S3, KMS, Logs, and CodeBuild Reports
  • Author a `buildspec.yml` with install, build, test, and reports phases plus an S3 dependency cache
  • Upload source to S3 and create the CodeBuild project pointing at it
  • Trigger a build, watch logs, and inspect the report group and artifact outputs
  • Introduce a failing unit test, observe the failure surface in the report group, then fix it and re-run

Region: `us-east-1`. Instance type: `t3.small` workstation. All resources are tagged `lab=true,Course=dop-c02` so the cleanup script can sweep them on lab stop.

What You'll Learn

Create a KMS customer-managed key and an S3 artifact bucket with SSE-KMS default encryption

Create a least-privilege CodeBuild service role scoped to S3, KMS, Logs, and Reports

Author a buildspec.yml with install/build/test phases, S3 dependency cache, and JUnit reports

Create a CodeBuild project from the AWS CLI pointing at S3-hosted source

Trigger and monitor a CodeBuild run and locate artifacts in S3

Diagnose a failing build by inspecting the CodeBuild report group, then fix and re-run

Prerequisites

basic-aws-cli-familiarity

aws-associate-level-knowledge

completed-aws-devops-cli-operations-baseline-lab

Technologies Covered

awscodebuilds3kmsiamcicdbuildspecreportsdop-c02

Part of a Course

This lab is part of the AWS Certified DevOps Engineer - Professional (DOP-C02) course

View All Courses

Choose your plan

Simple, Transparent Pricing

Unlock full access to TeKanAid courses, labs, and bootcamps

Buying for a team? Private corporate training is available for up to 15 learners.View team training
MonthlyQuarterly

Pro

Course content without labs

$59/month

Renews automatically. Cancel anytime.

Final price verified at checkout.

  • Full access to all courses
  • Progress tracking
  • Certificate of completion
  • Community access
  • Bootcamp participation
  • New content access
Recommended

Premium

Full access with hands-on labs

$99/month

Renews automatically. Cancel anytime.

Final price verified at checkout.

  • Everything in Pro
  • Unlimited hands-on labs
  • Lab AI Assistant
  • Accelerator bootcamps with live office hours
  • Priority support
Get Access Now

Prefer a single course?

Purchase individual courses for a one-time fee of $79. Full access to course content, quizzes, certificates, and community features, lab access is not included.

Browse Courses

Try it free, no credit card

Three free ways to start. All bridge into the paid Premium catalog when you're ready.

▶ Start with free courses and labs🧩 Solve your first free puzzle📧 Get the free 7-day crash course

Not ready to commit? The crash course is email-only. No academy account required.

Ready to Get Started?

Start this hands-on lab and build real-world Platform Engineering skills

Get Access Now