1. Storing GitHub Personal Access Token for AWS CodeBuild

    TypeScript

    To securely store a GitHub Personal Access Token for use with AWS CodeBuild, you would use the aws.codebuild.SourceCredential resource. This resource allows you to define credentials for accessing source code repositories, which AWS CodeBuild can then use to access your GitHub repository.

    The token property is where you would specify your GitHub Personal Access Token, and it should be marked as a secret to ensure it's encrypted and not exposed. The authType for GitHub should be set to PERSONAL_ACCESS_TOKEN, and the serverType should be GITHUB.

    Below, I'm providing a Pulumi program that creates a SourceCredential for GitHub in AWS CodeBuild. This program assumes you have already created a Personal Access Token on GitHub with the appropriate permissions for CodeBuild to access your repositories.

    Please remember to install the necessary dependencies before running this program by executing npm install @pulumi/aws.

    import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; // Create a new CodeBuild source credential for GitHub const githubSourceCredential = new aws.codebuild.SourceCredential("github-token", { // The personal access token authType: "PERSONAL_ACCESS_TOKEN", serverType: "GITHUB", // Token should be set as a secret to ensure it is encrypted token: pulumi.secret("your-github-access-token"), }); export const sourceCredentialArn = githubSourceCredential.arn; // Remember to replace `your-github-access-token` with your actual GitHub Personal Access Token.

    When you run this program with Pulumi, it will create a SourceCredential in AWS CodeBuild, which can be referenced by your build projects to access your GitHub repositories. Always keep your tokens and secrets out of plaintext files and use Pulumi's secret handling or environment variables to keep them secure.

    After you have created the SourceCredential, you can then use it in your CodeBuild project by specifying the source property of the aws.codebuild.Project resource to include the auth block with your source credential's ARN.

    Remember to replace 'your-github-access-token' with the actual GitHub Personal Access Token you have generated. Keep this token secret, and don't share it in your code repositories or with unauthorized users.

    For more details on aws.codebuild.SourceCredential and related properties, refer to the Pulumi AWS documentation.