diff --git a/build_spec.yaml b/build_spec.yaml
index 813462e..771dff8 100644
--- a/build_spec.yaml
+++ b/build_spec.yaml
@@ -1,6 +1,6 @@
 version: 0.1
 component: build
-timeoutInSeconds: 1200
+timeoutInSeconds: 1800
 runAs: root
 shell: bash
 
@@ -13,6 +13,13 @@ env:
     - FRONTEND_IMAGE
 
 steps:
+  - type: Command
+    name: "Setup buildx for ARM64"
+    command: |
+      docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+      docker buildx create --name armbuilder --use
+      docker buildx inspect --bootstrap
+
   - type: Command
     name: "Set image tag"
     command: |
@@ -27,20 +34,22 @@ steps:
     name: "Build backend image"
     command: |
       cd backend-java
-      docker build --platform linux/arm64 \
+      docker buildx build --platform linux/arm64 \
         -t "${BACKEND_IMAGE}" \
         -t "${REGISTRY}/backend:latest" \
+        --load \
         .
 
   - type: Command
     name: "Build frontend image"
     command: |
       cd frontend
-      docker build --platform linux/arm64 \
+      docker buildx build --platform linux/arm64 \
         --build-arg NEXT_PUBLIC_GOOGLE_MAPS_API_KEY="${NEXT_PUBLIC_GOOGLE_MAPS_API_KEY}" \
         --build-arg NEXT_PUBLIC_GOOGLE_CLIENT_ID="${NEXT_PUBLIC_GOOGLE_CLIENT_ID}" \
         -t "${FRONTEND_IMAGE}" \
         -t "${REGISTRY}/frontend:latest" \
+        --load \
         .
 
 outputArtifacts:
diff --git a/docs/cicd-architecture.md b/docs/cicd-architecture.md
index 42d3750..8d07570 100644
--- a/docs/cicd-architecture.md
+++ b/docs/cicd-architecture.md
@@ -150,6 +150,56 @@ oci      → OCI Code Repository                  ← CI/CD 트리거용
 
 두 리모트에 모두 push하여 소스와 빌드를 동기화합니다.
 
+### OCI IAM 권한 설정 (빌드/배포용)
+
+OCI DevOps Build Pipeline이 코드 레포, OCIR, 시크릿 등에 접근하려면 **Dynamic Group**과 **IAM Policy**가 필요합니다.
+
+#### Dynamic Group
+
+| 이름 | 설명 |
+|------|------|
+| `tasteby-build-pipeline` | DevOps 빌드/배포 파이프라인 리소스 |
+
+**Matching Rule:**
+```
+ANY {
+  resource.type = 'devopsbuildpipeline',
+  resource.type = 'devopsrepository',
+  resource.type = 'devopsdeploypipeline',
+  resource.type = 'devopsconnection'
+}
+```
+
+#### IAM Policy
+
+| 이름 | 설명 |
+|------|------|
+| `tasteby-devops-policy` | DevOps 파이프라인 리소스 접근 권한 |
+
+**Policy Statements:**
+```
+Allow dynamic-group tasteby-build-pipeline to manage devops-family in tenancy
+Allow dynamic-group tasteby-build-pipeline to manage repos in tenancy
+Allow dynamic-group tasteby-build-pipeline to read secret-family in tenancy
+Allow dynamic-group tasteby-build-pipeline to manage generic-artifacts in tenancy
+Allow dynamic-group tasteby-build-pipeline to use ons-topics in tenancy
+```
+
+> **참고**: IAM 정책은 적용 후 전파에 최대 수 분이 걸릴 수 있습니다.
+> 빌드 실행 시 `RelatedResourceNotAuthorizedOrNotFound` 오류가 나면 정책 전파를 기다린 후 재시도하세요.
+
+#### OCI Code Repository 인증 (HTTPS)
+
+```
+Username: <tenancy-name>/oracleidentitycloudservice/<oci-username>
+Password: OCI Auth Token (User Settings에서 생성)
+```
+
+```bash
+# Git remote 추가 예시
+git remote add oci https://devops.scmservice.ap-seoul-1.oci.oraclecloud.com/namespaces/<namespace>/projects/tasteby/repositories/tasteby
+```
+
 ### build_spec.yaml 구조
 
 ```yaml