-
Notifications
You must be signed in to change notification settings - Fork 3.7k
/
integ.pipeline-cfn-with-action-role.ts
60 lines (53 loc) · 1.49 KB
/
integ.pipeline-cfn-with-action-role.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
import * as codepipeline from 'aws-cdk-lib/aws-codepipeline';
import * as iam from 'aws-cdk-lib/aws-iam';
import * as s3 from 'aws-cdk-lib/aws-s3';
import * as cdk from 'aws-cdk-lib';
import * as cpactions from 'aws-cdk-lib/aws-codepipeline-actions';
const app = new cdk.App({
postCliContext: {
'@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2': false,
},
});
const stack = new cdk.Stack(app, 'aws-cdk-codepipeline-cloudformation-cross-region-with-action-role', {});
const bucket = new s3.Bucket(stack, 'MyBucket', {
versioned: true,
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
const sourceOutput = new codepipeline.Artifact();
const sourceAction = new cpactions.S3SourceAction({
actionName: 'S3',
bucketKey: 'some/path',
bucket,
output: sourceOutput,
});
const sourceStage = {
stageName: 'Source',
actions: [sourceAction],
};
const role = new iam.Role(stack, 'ActionRole', {
assumedBy: new iam.AccountPrincipal(cdk.Aws.ACCOUNT_ID),
});
role.addToPolicy(new iam.PolicyStatement({
actions: ['sqs:*'],
resources: ['*'],
}));
const cfnStage = {
stageName: 'CFN',
actions: [
new cpactions.CloudFormationCreateUpdateStackAction({
actionName: 'CFN_Deploy',
stackName: 'aws-cdk-codepipeline-cross-region-deploy-stack',
templatePath: sourceOutput.atPath('template.yml'),
adminPermissions: false,
role,
}),
],
};
new codepipeline.Pipeline(stack, 'MyPipeline', {
artifactBucket: bucket,
stages: [
sourceStage,
cfnStage,
],
});
app.synth();