kichik/pipeline.py

## pipeline.py
try:
    import aws_cdk.core as core  # CDK 1
except ImportError:
    import aws_cdk as core  # CDK 2
from aws_cdk import aws_codepipeline as codepipeline
from aws_cdk import aws_kms as kms
from aws_cdk import aws_s3 as s3
from aws_cdk import pipelines

app = core.App()
pipeline_stack = core.Stack(app, "pipeline-stack")
pipeline = codepipeline.Pipeline(
    pipeline_stack,
    "Pipeline",
    cross_region_replication_buckets={
        region: s3.Bucket.from_bucket_attributes(
            pipeline_stack,
            f"Bucket {region}",
            bucket_name="insert bucket name here",
            encryption_key=kms.Key.from_key_arn(
                pipeline_stack,
                f"Key {region}",
                key_arn="insert key arn here",
            )
        )
        for region in ["us-east-1", "us-west-1", "eu-west-1"]
    },
    cross_account_keys=True,
    restart_execution_on_update=True,
)
cdk_pipeline = pipelines.CodePipeline(
    pipeline_stack,
    "CDK Pipeline",
    code_pipeline=pipeline,
    # ... other settings here ...
)

## replication-buckets.py
try:
    import aws_cdk.core as core  # CDK 1
except ImportError:
    import aws_cdk as core  # CDK 2
from aws_cdk import aws_iam as iam
from aws_cdk import aws_kms as kms
from aws_cdk import aws_s3 as s3

app = core.App()
for region in ["us-east-1", "us-west-1", "eu-west-1"]:
    artifact_stack = core.Stack(
        app,
        f"common-pipeline-support-{region}",
        env=core.Environment(
            account="123456789",
            region=region,
        ),
    )
    key = kms.Key(
        artifact_stack,
        "Replication Key",
        removal_policy=core.RemovalPolicy.DESTROY,
    )
    key_alias = kms.Alias(
        artifact_stack,
        "Replication Key Alias",
        alias_name=core.PhysicalName.GENERATE_IF_NEEDED,  # helps using the object directly
        target_key=key,
        removal_policy=core.RemovalPolicy.DESTROY,
    )
    bucket = s3.Bucket(
        artifact_stack,
        "Replication Bucket",
        bucket_name=core.PhysicalName.GENERATE_IF_NEEDED,  # helps using the object directly
        encryption_key=key_alias,
        auto_delete_objects=True,
        removal_policy=core.RemovalPolicy.DESTROY,
    )

    for target_account in ["22222222222", "33333333333"]:
        bucket.grant_read(iam.AccountPrincipal(target_account))
        key.grant_decrypt(iam.AccountPrincipal(target_account))
	try:
	import aws_cdk.core as core # CDK 1
	except ImportError:
	import aws_cdk as core # CDK 2
	from aws_cdk import aws_codepipeline as codepipeline
	from aws_cdk import aws_kms as kms
	from aws_cdk import aws_s3 as s3
	from aws_cdk import pipelines

	app = core.App()
	pipeline_stack = core.Stack(app, "pipeline-stack")
	pipeline = codepipeline.Pipeline(
	pipeline_stack,
	"Pipeline",
	cross_region_replication_buckets={
	region: s3.Bucket.from_bucket_attributes(
	pipeline_stack,
	f"Bucket {region}",
	bucket_name="insert bucket name here",
	encryption_key=kms.Key.from_key_arn(
	pipeline_stack,
	f"Key {region}",
	key_arn="insert key arn here",
	)
	)
	for region in ["us-east-1", "us-west-1", "eu-west-1"]
	},
	cross_account_keys=True,
	restart_execution_on_update=True,
	)
	cdk_pipeline = pipelines.CodePipeline(
	pipeline_stack,
	"CDK Pipeline",
	code_pipeline=pipeline,
	# ... other settings here ...
	)