DBT Module¶
This module manages CodeBuild projects for DBT pipeline execution.
Resources¶
The module creates the following AWS resources:
aws_iam_role.codebuild_role: IAM role for CodeBuild
aws_iam_role_policy.codebuild_policy: IAM policy for CodeBuild
aws_codebuild_project.dbt_projects: CodeBuild projects for each configured DBT project
aws_cloudwatch_event_rule.codebuild_schedule: Scheduling rules for projects with schedule
aws_cloudwatch_event_target.codebuild_target: Targets for scheduling rules
aws_iam_role.events_role: IAM role for CloudWatch Events
Inputs¶
Name |
Description |
Type |
Default |
Required |
|---|---|---|---|---|
additional_iam_policy_arns |
List of managed IAM policy ARNs to attach to CodeBuild role. Useful for adding additional permissions without modifying the default policy |
list(string) |
[] |
no |
aws_region |
AWS region where resources will be created (e.g.: us-east-1, sa-east-1) |
string |
n/a |
yes |
codebuild_role_name_suffix |
Custom suffix for CodeBuild role name. If not provided, uses ‘codebuild-role’ |
string |
“codebuild-role” |
no |
ecr_dbt |
ECR repository name containing the DBT Docker image (without environment prefix) |
string |
“dbtbuildkit” |
no |
ecr_image_tag |
Docker image tag for DBT in ECR |
string |
“latest” |
no |
ecr_image_uri |
Complete URI of the DBT Docker image in ECR. If provided, overrides automatic construction based on ecr_dbt. Format: <account-id>.dkr.ecr.<region>.amazonaws.com/<repo>:<tag> |
string |
null |
no |
ecr_repository_arns |
List of allowed ECR repository ARNs (used only with use_minimal_iam_policy = true). If empty, allows all repositories |
list(string) |
[] |
no |
enable_default_iam_permissions |
If true, adds default broad permissions for DBT (S3, Athena, Redshift, Glue, etc). If false, uses only iam_policy_statements |
bool |
true |
no |
env |
Deployment environment (accepted values: dev, stg, prd) |
string |
n/a |
yes |
events_role_name_suffix |
Custom suffix for Events role name. If not provided, uses ‘events-role’ |
string |
“events-role” |
no |
file_name |
Configuration file for CodeBuild projects (dbt_project.yml or codebuild-config.yml). When using dbt_project.yml, add a top-level ‘dbtbuildkit’ key with a list of projects. |
string |
“dbt_project.yml” |
no |
folder_name |
Folder name for the codebuild configuration file |
string |
“.” |
no |
github_branch |
GitHub repository branch to use (e.g.: main, develop) |
string |
“main” |
no |
github_connection_arn |
GitHub connection ARN for native integration. Required when use_github_native = true |
string |
null |
no |
iam_policy_statements |
List of custom IAM statements to add to CodeBuild policy. If not provided, uses default broad permissions |
|
[] |
no |
incident_response_plan_default |
Default incident response plan name used when not specified in the project |
string |
“” |
no |
project |
Project name for identification and organization of AWS resources |
string |
n/a |
yes |
s3_buckets |
List of allowed S3 buckets for access (used only with use_minimal_iam_policy = true). If empty, allows all buckets |
list(string) |
[] |
no |
secrets_manager_secrets |
List of allowed Secrets Manager secret ARNs (used only with use_minimal_iam_policy = true). If empty, allows all secrets |
list(string) |
[] |
no |
tags |
Map of common tags applied to all module resources |
map(string) |
n/a |
yes |
use_github_native |
If true, uses native GitHub integration. If false, uses SSH as fallback. |
bool |
true |
no |
use_minimal_iam_policy |
If true, uses minimal and restrictive IAM policy. If false, uses broad policy with wildcards. Requires enable_default_iam_permissions = true |
bool |
false |
no |
Outputs¶
Name |
Description |
|---|---|
active_projects_summary |
Summary of active DBT projects in the environment |
codebuild_iam_role_arn |
ARN of IAM role used by CodeBuild projects |
codebuild_projects |
List of CodeBuild projects created for DBT execution |
debug_schedules |
Debug of processed schedule expressions |
events_iam_role_arn |
ARN of IAM role used by CloudWatch Events to schedule executions |
manual_projects |
List of DBT projects for manual execution |
scheduled_projects |
List of DBT projects with scheduled execution |
Examples¶
See the Usage Examples section for practical usage examples.
Navigation¶
DbtBuildKit Documentation - Home
Quick Start Guide - Quick Start Guide
Usage Examples - Usage Examples
DbtBuildKit Module - DbtBuildKit Module
CI/CD Setup - CI/CD Setup Guide