Created
March 22, 2022 13:38
-
-
Save markilott/d69fc0027f82cb85c4eb2eb209074a31 to your computer and use it in GitHub Desktop.
AWS CDK Cross Account Pipeline Event Rule
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// PipelinePrepStack in the Tools Account =================== | |
// Allow CodeCommit account EventBus to put events to Pipeline account EventBus | |
// This is used to trigger the pipeline from CodeCommit updates in the Development account | |
new CfnEventBusPolicy(this, 'eventsPolicy', { | |
statementId: 'CodeCommit', | |
eventBusName: 'default', | |
statement: { | |
Effect: 'Allow', | |
Principal: { AWS: `arn:aws:iam::${codeCommitAccount}:root` }, | |
Action: 'events:PutEvents', | |
Resource: `arn:aws:events:${this.region}:${this.account}:event-bus/default`, | |
}, | |
}); | |
// CodeCommitStack in the Dev Account ======================= | |
// Create an Events rule to send all CodeCommit repository updates for our repo to the Pipeline Account. | |
// They are filtered by branch at the other end by the Pipeline rules. | |
// The Event Bus Policy in the Pipeline account must be created to allow this first (in the PipelinePrepStack above). | |
new CfnRule(this, 'UpdateToPipeline', { | |
description: 'Send CodeCommit events to Pipeline Account', | |
eventBusName: 'default', | |
eventPattern: { | |
'detail-type': ['CodeCommit Repository State Change'], | |
source: ['aws.codecommit'], | |
resources: [`arn:aws:codecommit:${this.region}:${this.account}:${repoName}`], | |
}, | |
state: 'ENABLED', | |
targets: [{ | |
arn: `arn:aws:events:${this.region}:${toolsAccount}:event-bus/default`, | |
id: 'PipelineDemo', | |
}], | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment