Cloudformation-coverage-roadmap: AWS::CodePipeline::Pipeline-Add Arn as a Return Value

Created on 13 Feb 2020 · 8Comments · Source: aws-cloudformation/cloudformation-coverage-roadmap

1. Title

AWS::CodePipeline::Pipeline-Add Arn as a Return Value

2. Scope of request

When you want to reference the arn of a Pipeline, you have to manually construct it like this:

"arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}"

This is bad for a number of reasons:

Cumbersome to read and write
Inhibits new user's ability to understand template anatomy
Inconsistent with other resource types e.g. AWS::IAM::Role where you can write "${MyRole.Arn}"

It would be great for Arn to be a supported attribute when a Pipeline is passed to Fn::GetAtt like this:

"${Pipeline.Arn}"

3. Expected behavior

Arn is returned when a pipeline is passed to Fn::GetAtt with the Arn argument.

4. Suggest specific test cases

In order to wire up push events in CodePipeline using S3 as a source, you have to pass the arn of the pipeline to an event rule, like this:

"EventRule": {
  "Type": "AWS::Event::Rule",
  "Properties": {
    "EventPattern": {
      "source": [ "aws.s3" ],
      "detail-type": [ "AWS API Call via CloudTrail" ],
      "detail": {
        "eventSource": [ "s3.amazonaws.com" ],
        "eventName": [
          "PutObject",
          "CompleteMultipartUpload",
          "CopyObject"
        ],
        "requestParameters": {
          "bucketName": [ { "Fn::Sub": "${SourceBucket}" } ],
          "key": [ { "Fn::Sub": "${SourceKey}" } ]
        }
      }
    },
    "Targets": [
      {
        "Id": { "Fn::Sub": "${Pipeline}-Target" },
        "Arn": { "Fn::Sub": "arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}" },
        "RoleArn": { "Fn::Sub": "${EventRole.Arn}" }
      }
    ]
  }
}

5. Helpful Links to speed up research and evaluation

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html#aws-resource-codepipeline-pipeline-return-values
https://docs.aws.amazon.com/codepipeline/latest/userguide/update-change-detection.html#update-change-detection-cfn
https://theburningmonk.com/cloudformation-ref-and-getatt-cheatsheet/

6. Category (required) - Will help with tagging and be easier to find by other users to +1

Developer Tools, Enhancement

dev tools

Source

mikerochip

👍38

Most helpful comment

vouch for this.
I need to get my pipeline arn to use it in AWS::CodeStarNotifications::NotificationRule

libert-xyz on 5 Jan 2021

👍6

All 8 comments

One way to future proof the workaround a bit more is the usage of the AWS::Partition pseudoparameter as described in:
https://github.com/aws-cloudformation/aws-cloudformation-coverage-roadmap/issues/68#issuecomment-548926406
https://stackoverflow.com/a/59362496/4122849

      "arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}"

PatMyron on 23 Feb 2020

👍3

Oh right, forgot about that one. Honestly it's difficult to tell from outside AWS who's responsible for providing this kind of functionality.

If it's the cfn team then this issue feels like a duplicate of #68 but if it's the CodePipeline team then it'd be better if this issue stayed separate.

My concern is that inertia will set in if ALL Arns are added at once. Individual additions feels more tractable since you can make quicker, more incremental progress.

mikerochip on 23 Feb 2020

Any news about this? I have just lost 2h of my day trying to get the Arn using Fn::GetAtt 💔