AWS CodeBuild Integration
Build phase duration, cache hit rates, and project-level success metrics for AWS CodeBuild. Full observability into your AWS-native CI pipelines without leaving TigerOps.
How It Works
Enable CloudWatch Metrics Forwarding
Configure a CloudWatch Metric Stream to forward CodeBuild namespace metrics to TigerOps via Kinesis Data Firehose. All build success counts, failure counts, and duration metrics begin flowing in within minutes.
Configure EventBridge Rules
Create an EventBridge rule that matches CodeBuild state change events and routes them to a TigerOps API destination. This provides real-time build phase transitions without CloudWatch latency.
Enable Build Badge and Phase Override
Add TigerOps environment variable injection to your buildspec.yml to annotate builds with service name and environment metadata. This scopes deployment change events to the correct service metrics.
Correlate Builds with Downstream Services
TigerOps matches CodeBuild project completions that produce deployment artifacts with metric changes in the target services, automatically detecting deploy-induced regressions within your correlation window.
What You Get Out of the Box
Build Phase Duration Breakdown
Track time spent in each CodeBuild build phase — SUBMITTED, QUEUED, PROVISIONING, DOWNLOAD_SOURCE, INSTALL, PRE_BUILD, BUILD, POST_BUILD, UPLOAD_ARTIFACTS — with p50/p95 histograms per project.
Cache Hit Rate Monitoring
Monitor S3 cache and local Docker layer cache hit rates per CodeBuild project. TigerOps alerts when cache effectiveness drops, indicating cache invalidation issues that are inflating build duration.
Project Success Rate Tracking
Track build success, failure, fault, and stopped counts per CodeBuild project and compute rolling success rate trends. TigerOps alerts on sustained success rate drops that indicate systemic build failures.
Queue & Provisioning Latency
Monitor how long builds wait in QUEUED state before provisioning starts, and how long PROVISIONING takes before the first build command runs. Excessive queuing indicates concurrency limit pressure.
Compute Type Cost Efficiency
Track build duration broken down by EC2 compute type (small, medium, large, 2xlarge) and Lambda compute type. TigerOps helps you identify projects that are over-provisioned or under-provisioned for their build workload.
CodePipeline Integration Events
When CodeBuild runs as a CodePipeline stage, TigerOps correlates the pipeline action execution with the build result and downstream deployment, providing a complete artifact delivery trace.
EventBridge Rule & buildspec.yml Annotations
Route CodeBuild state change events to TigerOps via EventBridge and annotate builds with service metadata.
# buildspec.yml — TigerOps change event on build completion
# Set TIGEROPS_API_KEY and TIGEROPS_SERVICE in CodeBuild project environment
version: 0.2
cache:
paths:
- /root/.npm/**/*
phases:
install:
runtime-versions:
nodejs: 20
commands:
- npm ci
build:
commands:
- npm test
- npm run build
post_build:
commands:
# Emit deployment event on main branch builds only
- |
if [ "$CODEBUILD_WEBHOOK_HEAD_REF" = "refs/heads/main" ] || [ "$CODEBUILD_SOURCE_VERSION" = "main" ]; then
curl -s -X POST https://ingest.atatus.net/api/v1/events -H "Authorization: Bearer $TIGEROPS_API_KEY" -H "Content-Type: application/json" -d "{
"event": "deployment",
"service": "$TIGEROPS_SERVICE",
"environment": "$TIGEROPS_ENVIRONMENT",
"version": "$CODEBUILD_RESOLVED_SOURCE_VERSION",
"build_id": "$CODEBUILD_BUILD_ID"
}"
fi
# ─── EventBridge rule (Terraform) ────────────────────────────────
# resource "aws_cloudwatch_event_rule" "codebuild_tigerops" {
# event_pattern = jsonencode({
# source = ["aws.codebuild"]
# detail-type = ["CodeBuild Build State Change"]
# })
# }
# resource "aws_cloudwatch_event_target" "tigerops_api" {
# rule = aws_cloudwatch_event_rule.codebuild_tigerops.name
# arn = aws_cloudwatch_event_api_destination.tigerops.arn
# }Common Questions
Does TigerOps require any IAM permissions to monitor CodeBuild?
Yes. The CloudWatch Metric Stream approach requires an IAM role for Kinesis Firehose with CloudWatch:PutMetricStream permission. The EventBridge approach requires an IAM role for the API destination with execute-api:Invoke permission. TigerOps provides Terraform and CloudFormation templates for both.
How does TigerOps measure cache hit rates for CodeBuild?
CodeBuild logs cache download and upload events in build logs. TigerOps parses these via CloudWatch Logs subscription filter or CodeBuild CloudWatch Metrics (S3CacheDownloadBytes and DockerLayerCacheHits metrics) to compute effective cache hit rates per project.
Can TigerOps monitor CodeBuild across multiple AWS accounts?
Yes. Deploy the CloudWatch Metric Stream and EventBridge rule in each AWS account. Tag the Firehose delivery stream with the account ID and region. TigerOps aggregates metrics from all accounts with account and region as label dimensions.
What CodeBuild metrics are available via CloudWatch?
AWS publishes Builds, FailedBuilds, SucceededBuilds, StoppedBuilds, Duration, BuildDuration, PreBuildDuration, PostBuildDuration, and UploadArtifactsDuration metrics per project. TigerOps ingests all of these and computes derived success rate and queue depth metrics.
How do I distinguish CodeBuild projects that deploy to production from those that only build?
Add a TIGEROPS_ENVIRONMENT environment variable to your CodeBuild project environment settings. Set it to "production" for projects that deploy to production. TigerOps uses this variable from the EventBridge event to scope change events correctly.
Complete Visibility Into Your AWS CodeBuild Projects
Build phase analytics, cache effectiveness, and deploy correlation. Connect via CloudWatch in under 10 minutes.