aws-cdk-lib 2.154.1__py3-none-any.whl → 2.156.0__py3-none-any.whl

aws_cdk/aws_codebuild/__init__.py

@@ -309,15 +309,15 @@ a reserved capacity project. See [Fleet](#fleet) for more information.
 
 ## Images
 
-The CodeBuild library supports both Linux and Windows images via the
-`LinuxBuildImage` (or `LinuxArmBuildImage`), and `WindowsBuildImage` classes, respectively.
+The CodeBuild library supports Linux, Windows, and Mac images via the
+`LinuxBuildImage` (or `LinuxArmBuildImage`), `WindowsBuildImage`, and `MacBuildImage` classes, respectively.
 With the introduction of Lambda compute support, the `LinuxLambdaBuildImage ` (or `LinuxArmLambdaBuildImage`) class
 is available for specifying Lambda-compatible images.
 
 You can specify one of the predefined Windows/Linux images by using one
 of the constants such as `WindowsBuildImage.WIN_SERVER_CORE_2019_BASE`,
 `WindowsBuildImage.WINDOWS_BASE_2_0`, `LinuxBuildImage.STANDARD_2_0`,
-`LinuxBuildImage.AMAZON_LINUX_2_5`, `LinuxArmBuildImage.AMAZON_LINUX_2_ARM`,
+`LinuxBuildImage.AMAZON_LINUX_2_5`, `MacBuildImage.BASE_14`, `LinuxArmBuildImage.AMAZON_LINUX_2_ARM`,
 `LinuxLambdaBuildImage.AMAZON_LINUX_2_NODE_18` or `LinuxArmLambdaBuildImage.AMAZON_LINUX_2_NODE_18`.
 
 Alternatively, you can specify a custom image using one of the static methods on
@@ -336,6 +336,12 @@ or one of the corresponding methods on `WindowsBuildImage`:
 * `WindowsBuildImage.fromEcrRepository(repo[, tag, imageType])`
 * `WindowsBuildImage.fromAsset(parent, id, props, [, imageType])`
 
+or one of the corresponding methods on `MacBuildImage`:
+
+* `MacBuildImage.fromDockerRegistry(image[, { secretsManagerCredentials }, imageType])`
+* `MacBuildImage.fromEcrRepository(repo[, tag, imageType])`
+* `MacBuildImage.fromAsset(parent, id, props, [, imageType])`
+
 or one of the corresponding methods on `LinuxArmBuildImage`:
 
 * `LinuxArmBuildImage.fromDockerRegistry(image[, { secretsManagerCredentials }])`
@@ -2162,7 +2168,7 @@ class CfnFleet(
         :param environment_type: The environment type of the compute fleet. - The environment type ``ARM_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). - The environment type ``LINUX_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). - The environment type ``LINUX_GPU_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). - The environment type ``WINDOWS_SERVER_2019_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). - The environment type ``WINDOWS_SERVER_2022_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai). For more information, see `Build environment compute types <https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html>`_ in the *AWS CodeBuild user guide* .
         :param fleet_service_role: The service role associated with the compute fleet. For more information, see `Allow a user to add a permission policy for a fleet service role <https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html>`_ in the *AWS CodeBuild User Guide* .
         :param fleet_vpc_config: Information about the VPC configuration that AWS CodeBuild accesses.
-        :param image_id: 
+        :param image_id: The Amazon Machine Image (AMI) of the compute fleet.
         :param name: The name of the compute fleet.
         :param overflow_behavior: The compute fleet overflow behavior. - For overflow behavior ``QUEUE`` , your overflow builds need to wait on the existing fleet instance to become available. - For overflow behavior ``ON_DEMAND`` , your overflow builds run on CodeBuild on-demand. .. epigraph:: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see `Example policy statement to allow CodeBuild access to AWS services required to create a VPC network interface <https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface>`_ .
         :param tags: A list of tag key and value pairs associated with this compute fleet. These tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.
@@ -2311,6 +2317,7 @@ class CfnFleet(
     @builtins.property
     @jsii.member(jsii_name="imageId")
     def image_id(self) -> typing.Optional[builtins.str]:
+        '''The Amazon Machine Image (AMI) of the compute fleet.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "imageId"))
 
     @image_id.setter
@@ -2485,7 +2492,7 @@ class CfnFleetProps:
         :param environment_type: The environment type of the compute fleet. - The environment type ``ARM_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). - The environment type ``LINUX_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). - The environment type ``LINUX_GPU_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). - The environment type ``WINDOWS_SERVER_2019_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). - The environment type ``WINDOWS_SERVER_2022_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai). For more information, see `Build environment compute types <https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html>`_ in the *AWS CodeBuild user guide* .
         :param fleet_service_role: The service role associated with the compute fleet. For more information, see `Allow a user to add a permission policy for a fleet service role <https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html>`_ in the *AWS CodeBuild User Guide* .
         :param fleet_vpc_config: Information about the VPC configuration that AWS CodeBuild accesses.
-        :param image_id: 
+        :param image_id: The Amazon Machine Image (AMI) of the compute fleet.
         :param name: The name of the compute fleet.
         :param overflow_behavior: The compute fleet overflow behavior. - For overflow behavior ``QUEUE`` , your overflow builds need to wait on the existing fleet instance to become available. - For overflow behavior ``ON_DEMAND`` , your overflow builds run on CodeBuild on-demand. .. epigraph:: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see `Example policy statement to allow CodeBuild access to AWS services required to create a VPC network interface <https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface>`_ .
         :param tags: A list of tag key and value pairs associated with this compute fleet. These tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.
@@ -2628,7 +2635,8 @@ class CfnFleetProps:
 
     @builtins.property
     def image_id(self) -> typing.Optional[builtins.str]:
-        '''
+        '''The Amazon Machine Image (AMI) of the compute fleet.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-fleet.html#cfn-codebuild-fleet-imageid
         '''
         result = self._values.get("image_id")
@@ -8154,7 +8162,7 @@ class DockerImageOptions:
         *,
         secrets_manager_credentials: typing.Optional[_ISecret_6e020e6a] = None,
     ) -> None:
-        '''The options when creating a CodeBuild Docker build image using ``LinuxBuildImage.fromDockerRegistry`` or ``WindowsBuildImage.fromDockerRegistry``.
+        '''The options when creating a CodeBuild Docker build image using ``LinuxBuildImage.fromDockerRegistry``, ``WindowsBuildImage.fromDockerRegistry``, or ``MacBuildImage.fromDockerRegistry``.
 
         :param secrets_manager_credentials: The credentials, stored in Secrets Manager, used for accessing the repository holding the image, if the repository is private. Default: no credentials will be used (we assume the repository is public)
 
@@ -8332,6 +8340,8 @@ class EnvironmentType(enum.Enum):
     '''Windows Server 2019 container.'''
     WINDOWS_SERVER_2022_CONTAINER = "WINDOWS_SERVER_2022_CONTAINER"
     '''Windows Server 2022 container.'''
+    MAC_ARM = "MAC_ARM"
+    '''MacOS ARM container.'''
 
 
 @jsii.enum(jsii_type="aws-cdk-lib.aws_codebuild.EventAction")
@@ -10822,7 +10832,7 @@ class LinuxArmBuildImage(
         fleet: typing.Optional[IFleet] = None,
         privileged: typing.Optional[builtins.bool] = None,
     ) -> typing.List[builtins.str]:
-        '''Validates by checking the BuildEnvironment computeType as aarch64 images only support ComputeType.SMALL and ComputeType.LARGE.
+        '''Validates by checking the BuildEnvironments' images are not Lambda ComputeTypes.
 
         :param build_image: The image used for the builds. Default: LinuxBuildImage.STANDARD_1_0
         :param certificate: The location of the PEM-encoded certificate for the build project. Default: - No external certificate is added to the project
@@ -11730,6 +11740,289 @@ class LoggingOptions:
         )
 
 
+@jsii.implements(IBuildImage)
+class MacBuildImage(
+    metaclass=jsii.JSIIMeta,
+    jsii_type="aws-cdk-lib.aws_codebuild.MacBuildImage",
+):
+    '''A CodeBuild image running ARM MacOS.
+
+    This class has a bunch of public constants that represent the most popular images.
+
+    You can also specify a custom image using one of the static methods:
+
+    - MacBuildImage.fromDockerRegistry(image[, { secretsManagerCredentials }])
+    - MacBuildImage.fromEcrRepository(repo[, tag])
+    - MacBuildImage.fromAsset(parent, id, props)
+
+    :see: https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html
+    :exampleMetadata: fixture=_generated
+
+    Example::
+
+        # The code below shows an example of how to instantiate this type.
+        # The values are placeholders you should change.
+        import aws_cdk as cdk
+        from aws_cdk import aws_codebuild as codebuild
+        from aws_cdk import aws_ecr_assets as ecr_assets
+        
+        # network_mode: ecr_assets.NetworkMode
+        # platform: ecr_assets.Platform
+        
+        mac_build_image = codebuild.MacBuildImage.from_asset(self, "MyMacBuildImage",
+            directory="directory",
+        
+            # the properties below are optional
+            asset_name="assetName",
+            build_args={
+                "build_args_key": "buildArgs"
+            },
+            build_secrets={
+                "build_secrets_key": "buildSecrets"
+            },
+            build_ssh="buildSsh",
+            cache_disabled=False,
+            cache_from=[ecr_assets.DockerCacheOption(
+                type="type",
+        
+                # the properties below are optional
+                params={
+                    "params_key": "params"
+                }
+            )],
+            cache_to=ecr_assets.DockerCacheOption(
+                type="type",
+        
+                # the properties below are optional
+                params={
+                    "params_key": "params"
+                }
+            ),
+            exclude=["exclude"],
+            extra_hash="extraHash",
+            file="file",
+            follow_symlinks=cdk.SymlinkFollowMode.NEVER,
+            ignore_mode=cdk.IgnoreMode.GLOB,
+            invalidation=ecr_assets.DockerImageAssetInvalidationOptions(
+                build_args=False,
+                build_secrets=False,
+                build_ssh=False,
+                extra_hash=False,
+                file=False,
+                network_mode=False,
+                outputs=False,
+                platform=False,
+                repository_name=False,
+                target=False
+            ),
+            network_mode=network_mode,
+            outputs=["outputs"],
+            platform=platform,
+            target="target"
+        )
+    '''
+
+    @jsii.member(jsii_name="fromAsset")
+    @builtins.classmethod
+    def from_asset(
+        cls,
+        scope: _constructs_77d1e7e8.Construct,
+        id: builtins.str,
+        *,
+        directory: builtins.str,
+        asset_name: typing.Optional[builtins.str] = None,
+        build_args: typing.Optional[typing.Mapping[builtins.str, builtins.str]] = None,
+        build_secrets: typing.Optional[typing.Mapping[builtins.str, builtins.str]] = None,
+        build_ssh: typing.Optional[builtins.str] = None,
+        cache_disabled: typing.Optional[builtins.bool] = None,
+        cache_from: typing.Optional[typing.Sequence[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]]] = None,
+        cache_to: typing.Optional[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]] = None,
+        file: typing.Optional[builtins.str] = None,
+        invalidation: typing.Optional[typing.Union[_DockerImageAssetInvalidationOptions_4deb8d45, typing.Dict[builtins.str, typing.Any]]] = None,
+        network_mode: typing.Optional[_NetworkMode_897e5081] = None,
+        outputs: typing.Optional[typing.Sequence[builtins.str]] = None,
+        platform: typing.Optional[_Platform_d16f3cf1] = None,
+        target: typing.Optional[builtins.str] = None,
+        extra_hash: typing.Optional[builtins.str] = None,
+        exclude: typing.Optional[typing.Sequence[builtins.str]] = None,
+        follow_symlinks: typing.Optional[_SymlinkFollowMode_047ec1f6] = None,
+        ignore_mode: typing.Optional[_IgnoreMode_655a98e8] = None,
+    ) -> IBuildImage:
+        '''Uses an Docker image asset as a ARM MacOS build image.
+
+        :param scope: -
+        :param id: -
+        :param directory: The directory where the Dockerfile is stored. Any directory inside with a name that matches the CDK output folder (cdk.out by default) will be excluded from the asset
+        :param asset_name: Unique identifier of the docker image asset and its potential revisions. Required if using AppScopedStagingSynthesizer. Default: - no asset name
+        :param build_args: Build args to pass to the ``docker build`` command. Since Docker build arguments are resolved before deployment, keys and values cannot refer to unresolved tokens (such as ``lambda.functionArn`` or ``queue.queueUrl``). Default: - no build args are passed
+        :param build_secrets: Build secrets. Docker BuildKit must be enabled to use build secrets. Default: - no build secrets
+        :param build_ssh: SSH agent socket or keys to pass to the ``docker build`` command. Docker BuildKit must be enabled to use the ssh flag Default: - no --ssh flag
+        :param cache_disabled: Disable the cache and pass ``--no-cache`` to the ``docker build`` command. Default: - cache is used
+        :param cache_from: Cache from options to pass to the ``docker build`` command. Default: - no cache from options are passed to the build command
+        :param cache_to: Cache to options to pass to the ``docker build`` command. Default: - no cache to options are passed to the build command
+        :param file: Path to the Dockerfile (relative to the directory). Default: 'Dockerfile'
+        :param invalidation: Options to control which parameters are used to invalidate the asset hash. Default: - hash all parameters
+        :param network_mode: Networking mode for the RUN commands during build. Support docker API 1.25+. Default: - no networking mode specified (the default networking mode ``NetworkMode.DEFAULT`` will be used)
+        :param outputs: Outputs to pass to the ``docker build`` command. Default: - no outputs are passed to the build command (default outputs are used)
+        :param platform: Platform to build for. *Requires Docker Buildx*. Default: - no platform specified (the current machine architecture will be used)
+        :param target: Docker target to build to. Default: - no target
+        :param extra_hash: Extra information to encode into the fingerprint (e.g. build instructions and other inputs). Default: - hash is only based on source content
+        :param exclude: File paths matching the patterns will be excluded. See ``ignoreMode`` to set the matching behavior. Has no effect on Assets bundled using the ``bundling`` property. Default: - nothing is excluded
+        :param follow_symlinks: A strategy for how to handle symlinks. Default: SymlinkFollowMode.NEVER
+        :param ignore_mode: The ignore behavior to use for ``exclude`` patterns. Default: IgnoreMode.GLOB
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__aa924aa0600b9706b95a62c612f337f8dde0f0df7d5d3b8c5b48b72793d2f035)
+            check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
+            check_type(argname="argument id", value=id, expected_type=type_hints["id"])
+        props = _DockerImageAssetProps_6897287d(
+            directory=directory,
+            asset_name=asset_name,
+            build_args=build_args,
+            build_secrets=build_secrets,
+            build_ssh=build_ssh,
+            cache_disabled=cache_disabled,
+            cache_from=cache_from,
+            cache_to=cache_to,
+            file=file,
+            invalidation=invalidation,
+            network_mode=network_mode,
+            outputs=outputs,
+            platform=platform,
+            target=target,
+            extra_hash=extra_hash,
+            exclude=exclude,
+            follow_symlinks=follow_symlinks,
+            ignore_mode=ignore_mode,
+        )
+
+        return typing.cast(IBuildImage, jsii.sinvoke(cls, "fromAsset", [scope, id, props]))
+
+    @jsii.member(jsii_name="fromDockerRegistry")
+    @builtins.classmethod
+    def from_docker_registry(
+        cls,
+        name: builtins.str,
+        *,
+        secrets_manager_credentials: typing.Optional[_ISecret_6e020e6a] = None,
+    ) -> IBuildImage:
+        '''Makes an ARM MacOS build image from a Docker Hub image.
+
+        :param name: -
+        :param secrets_manager_credentials: The credentials, stored in Secrets Manager, used for accessing the repository holding the image, if the repository is private. Default: no credentials will be used (we assume the repository is public)
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__3ced24ed51e6d3d02f373fa149177eaedab74dee6bcfb75fb774dc8c44de1400)
+            check_type(argname="argument name", value=name, expected_type=type_hints["name"])
+        options = DockerImageOptions(
+            secrets_manager_credentials=secrets_manager_credentials
+        )
+
+        return typing.cast(IBuildImage, jsii.sinvoke(cls, "fromDockerRegistry", [name, options]))
+
+    @jsii.member(jsii_name="fromEcrRepository")
+    @builtins.classmethod
+    def from_ecr_repository(
+        cls,
+        repository: _IRepository_e6004aa6,
+        tag_or_digest: typing.Optional[builtins.str] = None,
+    ) -> IBuildImage:
+        '''Makes an ARM MacOS build image from an ECR repository.
+
+        :param repository: -
+        :param tag_or_digest: -
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__86c63517f15ffab752d46ab62cdbf8292d45fa89a328c7481f83993a790eb5ee)
+            check_type(argname="argument repository", value=repository, expected_type=type_hints["repository"])
+            check_type(argname="argument tag_or_digest", value=tag_or_digest, expected_type=type_hints["tag_or_digest"])
+        return typing.cast(IBuildImage, jsii.sinvoke(cls, "fromEcrRepository", [repository, tag_or_digest]))
+
+    @jsii.member(jsii_name="runScriptBuildspec")
+    def run_script_buildspec(self, entrypoint: builtins.str) -> BuildSpec:
+        '''Make a buildspec to run the indicated script.
+
+        :param entrypoint: -
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__088f043d10fcd15701414055dc0a14f58d71044ecaba5c848f1c97225e6000fe)
+            check_type(argname="argument entrypoint", value=entrypoint, expected_type=type_hints["entrypoint"])
+        return typing.cast(BuildSpec, jsii.invoke(self, "runScriptBuildspec", [entrypoint]))
+
+    @jsii.member(jsii_name="validate")
+    def validate(
+        self,
+        *,
+        build_image: typing.Optional[IBuildImage] = None,
+        certificate: typing.Optional[typing.Union[BuildEnvironmentCertificate, typing.Dict[builtins.str, typing.Any]]] = None,
+        compute_type: typing.Optional[ComputeType] = None,
+        environment_variables: typing.Optional[typing.Mapping[builtins.str, typing.Union[BuildEnvironmentVariable, typing.Dict[builtins.str, typing.Any]]]] = None,
+        fleet: typing.Optional[IFleet] = None,
+        privileged: typing.Optional[builtins.bool] = None,
+    ) -> typing.List[builtins.str]:
+        '''Allows the image a chance to validate whether the passed configuration is correct.
+
+        :param build_image: The image used for the builds. Default: LinuxBuildImage.STANDARD_1_0
+        :param certificate: The location of the PEM-encoded certificate for the build project. Default: - No external certificate is added to the project
+        :param compute_type: The type of compute to use for this build. See the ``ComputeType`` enum for the possible values. Default: taken from ``#buildImage#defaultComputeType``
+        :param environment_variables: The environment variables that your builds can use.
+        :param fleet: Fleet resource for a reserved capacity CodeBuild project. Fleets allow for process builds or tests to run immediately and reduces build durations, by reserving compute resources for your projects. You will be charged for the resources in the fleet, even if they are idle. Default: - No fleet will be attached to the project, which will remain on-demand.
+        :param privileged: Indicates how the project builds Docker images. Specify true to enable running the Docker daemon inside a Docker container. This value must be set to true only if this build project will be used to build Docker images, and the specified build environment image is not one provided by AWS CodeBuild with Docker support. Otherwise, all associated builds that attempt to interact with the Docker daemon will fail. Default: false
+        '''
+        build_environment = BuildEnvironment(
+            build_image=build_image,
+            certificate=certificate,
+            compute_type=compute_type,
+            environment_variables=environment_variables,
+            fleet=fleet,
+            privileged=privileged,
+        )
+
+        return typing.cast(typing.List[builtins.str], jsii.invoke(self, "validate", [build_environment]))
+
+    @jsii.python.classproperty
+    @jsii.member(jsii_name="BASE_14")
+    def BASE_14(cls) -> IBuildImage:
+        '''Corresponds to the standard CodeBuild image ``aws/codebuild/macos-arm-base:14``.'''
+        return typing.cast(IBuildImage, jsii.sget(cls, "BASE_14"))
+
+    @builtins.property
+    @jsii.member(jsii_name="defaultComputeType")
+    def default_compute_type(self) -> ComputeType:
+        '''The default ``ComputeType`` to use with this image, if one was not specified in ``BuildEnvironment#computeType`` explicitly.'''
+        return typing.cast(ComputeType, jsii.get(self, "defaultComputeType"))
+
+    @builtins.property
+    @jsii.member(jsii_name="imageId")
+    def image_id(self) -> builtins.str:
+        '''The Docker image identifier that the build environment uses.'''
+        return typing.cast(builtins.str, jsii.get(self, "imageId"))
+
+    @builtins.property
+    @jsii.member(jsii_name="type")
+    def type(self) -> builtins.str:
+        '''The type of build environment.'''
+        return typing.cast(builtins.str, jsii.get(self, "type"))
+
+    @builtins.property
+    @jsii.member(jsii_name="imagePullPrincipalType")
+    def image_pull_principal_type(self) -> typing.Optional[ImagePullPrincipalType]:
+        '''The type of principal that CodeBuild will use to pull this build Docker image.'''
+        return typing.cast(typing.Optional[ImagePullPrincipalType], jsii.get(self, "imagePullPrincipalType"))
+
+    @builtins.property
+    @jsii.member(jsii_name="repository")
+    def repository(self) -> typing.Optional[_IRepository_e6004aa6]:
+        '''An optional ECR repository that the image is hosted in.'''
+        return typing.cast(typing.Optional[_IRepository_e6004aa6], jsii.get(self, "repository"))
+
+    @builtins.property
+    @jsii.member(jsii_name="secretsManagerCredentials")
+    def secrets_manager_credentials(self) -> typing.Optional[_ISecret_6e020e6a]:
+        '''The secretsManagerCredentials for access to a private registry.'''
+        return typing.cast(typing.Optional[_ISecret_6e020e6a], jsii.get(self, "secretsManagerCredentials"))
+
+
 class PhaseChangeEvent(
     metaclass=jsii.JSIIMeta,
     jsii_type="aws-cdk-lib.aws_codebuild.PhaseChangeEvent",
@@ -17051,6 +17344,7 @@ __all__ = [
     "LinuxLambdaBuildImage",
     "LocalCacheMode",
     "LoggingOptions",
+    "MacBuildImage",
     "PhaseChangeEvent",
     "PipelineProject",
     "PipelineProjectProps",
@@ -18340,6 +18634,53 @@ def _typecheckingstub__8f582462b349e223e49bf3524c963794211ae94781bdfcfe2a00802c6
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__aa924aa0600b9706b95a62c612f337f8dde0f0df7d5d3b8c5b48b72793d2f035(
+    scope: _constructs_77d1e7e8.Construct,
+    id: builtins.str,
+    *,
+    directory: builtins.str,
+    asset_name: typing.Optional[builtins.str] = None,
+    build_args: typing.Optional[typing.Mapping[builtins.str, builtins.str]] = None,
+    build_secrets: typing.Optional[typing.Mapping[builtins.str, builtins.str]] = None,
+    build_ssh: typing.Optional[builtins.str] = None,
+    cache_disabled: typing.Optional[builtins.bool] = None,
+    cache_from: typing.Optional[typing.Sequence[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]]] = None,
+    cache_to: typing.Optional[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]] = None,
+    file: typing.Optional[builtins.str] = None,
+    invalidation: typing.Optional[typing.Union[_DockerImageAssetInvalidationOptions_4deb8d45, typing.Dict[builtins.str, typing.Any]]] = None,
+    network_mode: typing.Optional[_NetworkMode_897e5081] = None,
+    outputs: typing.Optional[typing.Sequence[builtins.str]] = None,
+    platform: typing.Optional[_Platform_d16f3cf1] = None,
+    target: typing.Optional[builtins.str] = None,
+    extra_hash: typing.Optional[builtins.str] = None,
+    exclude: typing.Optional[typing.Sequence[builtins.str]] = None,
+    follow_symlinks: typing.Optional[_SymlinkFollowMode_047ec1f6] = None,
+    ignore_mode: typing.Optional[_IgnoreMode_655a98e8] = None,
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__3ced24ed51e6d3d02f373fa149177eaedab74dee6bcfb75fb774dc8c44de1400(
+    name: builtins.str,
+    *,
+    secrets_manager_credentials: typing.Optional[_ISecret_6e020e6a] = None,
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__86c63517f15ffab752d46ab62cdbf8292d45fa89a328c7481f83993a790eb5ee(
+    repository: _IRepository_e6004aa6,
+    tag_or_digest: typing.Optional[builtins.str] = None,
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__088f043d10fcd15701414055dc0a14f58d71044ecaba5c848f1c97225e6000fe(
+    entrypoint: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__cad18ebbb1c05a6adb06360d9baca4a0658b2f85c2078bc257ed8d4f8467c35e(
     *,
     allow_all_outbound: typing.Optional[builtins.bool] = None,