In a typical pipeline, developers write and publish code to a version control system like GitHub, BitBucket, or AWS CodeCommit. As you can see in the diagram below, developers publish code to AWS CodeCommit. Then, it is passed on to AWS CodeBuild which builds the code and produces artifacts, These artifacts are then stored in Amazon S3. Finally, Amazon Elastic Beanstalk will retrieve and deploy the artifacts as a web app that users can access.
Fortunately, our environment is well secured and AWS CodeBuild can't just store artifacts to S3 without permission! So, we created a role for it and attached a policy with some permissions.
Choose the most appropriate permission for this policy.