cloudformation-coverage-roadmap
cloudformation-coverage-roadmap copied to clipboard
aws-cloudformation
AWS::CodePipeline::Pipeline - Add Arn as a Return Value
1. Title
AWS::CodePipeline::Pipeline-Add Arn as a Return Value
2. Scope of request
When you want to reference the arn of a Pipeline, you have to manually construct it like this:
"arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}"
This is bad for a number of reasons:
- Cumbersome to read and write
- Inhibits new user's ability to understand template anatomy
- Inconsistent with other resource types e.g. AWS::IAM::Role where you can write "${MyRole.Arn}"
It would be great for Arn to be a supported attribute when a Pipeline is passed to Fn::GetAtt like this:
"${Pipeline.Arn}"
3. Expected behavior
Arn is returned when a pipeline is passed to Fn::GetAtt with the Arn argument.
4. Suggest specific test cases
In order to wire up push events in CodePipeline using S3 as a source, you have to pass the arn of the pipeline to an event rule, like this:
"EventRule": {
"Type": "AWS::Event::Rule",
"Properties": {
"EventPattern": {
"source": [ "aws.s3" ],
"detail-type": [ "AWS API Call via CloudTrail" ],
"detail": {
"eventSource": [ "s3.amazonaws.com" ],
"eventName": [
"PutObject",
"CompleteMultipartUpload",
"CopyObject"
],
"requestParameters": {
"bucketName": [ { "Fn::Sub": "${SourceBucket}" } ],
"key": [ { "Fn::Sub": "${SourceKey}" } ]
}
}
},
"Targets": [
{
"Id": { "Fn::Sub": "${Pipeline}-Target" },
"Arn": { "Fn::Sub": "arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}" },
"RoleArn": { "Fn::Sub": "${EventRole.Arn}" }
}
]
}
}
5. Helpful Links to speed up research and evaluation
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html#aws-resource-codepipeline-pipeline-return-values
- https://docs.aws.amazon.com/codepipeline/latest/userguide/update-change-detection.html#update-change-detection-cfn
- https://theburningmonk.com/cloudformation-ref-and-getatt-cheatsheet/
6. Category (required) - Will help with tagging and be easier to find by other users to +1
Developer Tools, Enhancement
One way to future proof the workaround a bit more is the usage of the AWS::Partition pseudoparameter as described in:
https://github.com/aws-cloudformation/aws-cloudformation-coverage-roadmap/issues/68#issuecomment-548926406
https://stackoverflow.com/a/59362496/4122849
"arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}"
Oh right, forgot about that one. Honestly it's difficult to tell from outside AWS who's responsible for providing this kind of functionality.
If it's the cfn team then this issue feels like a duplicate of #68 but if it's the CodePipeline team then it'd be better if this issue stayed separate.
My concern is that inertia will set in if ALL Arns are added at once. Individual additions feels more tractable since you can make quicker, more incremental progress.
Any news about this? I have just lost 2h of my day trying to get the Arn using Fn::GetAtt 💔
vouch for this.
I need to get my pipeline arn to use it in AWS::CodeStarNotifications::NotificationRule
I just also hit this one! Can we add a return value to make it consistent with CodeBuild etc?
vouch for this. I need to get my pipeline arn to use it in
AWS::CodeStarNotifications::NotificationRule
work-around:
Resource: !Sub
- 'arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${PipelineName}'
- { PipelineName: !Ref MyPipeline }
You can make it even shorter if you want:
!Sub "arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${MyPipeline}"
Please add this. I need to pass a codepipeline arn to AWS::Scheduler::Schedule in the same stack.
