AWS::CodePipeline::Pipeline - Add Arn as a Return Value

[mikerochip]

1. Title

AWS::CodePipeline::Pipeline-Add Arn as a Return Value

2. Scope of request

When you want to reference the arn of a Pipeline, you have to manually construct it like this:

"arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}"

This is bad for a number of reasons:

1. Cumbersome to read and write
2. Inhibits new user's ability to understand template anatomy
3. Inconsistent with other resource types e.g. AWS::IAM::Role where you can write "${MyRole.Arn}"

It would be great for Arn to be a supported attribute when a Pipeline is passed to Fn::GetAtt like this:

"${Pipeline.Arn}"

3. Expected behavior

Arn is returned when a pipeline is passed to Fn::GetAtt with the Arn argument.

4. Suggest specific test cases

In order to wire up push events in CodePipeline using S3 as a source, you have to pass the arn of the pipeline to an event rule, like this:

"EventRule": {
  "Type": "AWS::Event::Rule",
  "Properties": {
    "EventPattern": {
      "source": [ "aws.s3" ],
      "detail-type": [ "AWS API Call via CloudTrail" ],
      "detail": {
        "eventSource": [ "s3.amazonaws.com" ],
        "eventName": [
          "PutObject",
          "CompleteMultipartUpload",
          "CopyObject"
        ],
        "requestParameters": {
          "bucketName": [ { "Fn::Sub": "${SourceBucket}" } ],
          "key": [ { "Fn::Sub": "${SourceKey}" } ]
        }
      }
    },
    "Targets": [
      {
        "Id": { "Fn::Sub": "${Pipeline}-Target" },
        "Arn": { "Fn::Sub": "arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}" },
        "RoleArn": { "Fn::Sub": "${EventRole.Arn}" }
      }
    ]
  }
}

5. Helpful Links to speed up research and evaluation

• https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html#aws-resource-codepipeline-pipeline-return-values
• https://docs.aws.amazon.com/codepipeline/latest/userguide/update-change-detection.html#update-change-detection-cfn
• https://theburningmonk.com/cloudformation-ref-and-getatt-cheatsheet/

6. Category (required) - Will help with tagging and be easier to find by other users to +1

Developer Tools, Enhancement

[PatMyron]

More generalized workaround with the AWS::Partition pseudoparameter as described in: https://github.com/aws-cloudformation/aws-cloudformation-coverage-roadmap/issues/68#issuecomment-548926406 https://stackoverflow.com/a/59362496/4122849

      "arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}"

[mikerochip]

Oh right, forgot about that one. Honestly it's difficult to tell from outside AWS who's responsible for providing this kind of functionality.

If it's the cfn team then this issue feels like a duplicate of #68 but if it's the CodePipeline team then it'd be better if this issue stayed separate.

My concern is that inertia will set in if ALL Arns are added at once. Individual additions feels more tractable since you can make quicker, more incremental progress.

[andreybleme]

Any news about this? I have just lost 2h of my day trying to get the Arn using Fn::GetAtt 💔

[libert-xyz]

vouch for this. I need to get my pipeline arn to use it in AWS::CodeStarNotifications::NotificationRule

[jwalsh2me]

I just also hit this one! Can we add a return value to make it consistent with CodeBuild etc?

[fernandohonig]

This is needed. Thanks.

[aleksei-panin]

Also vote for this! Please implement! Thanks!

[chienkira]

+1

[muthu329024]

vouch for this. I need to get my pipeline arn to use it in AWS::CodeStarNotifications::NotificationRule

work-around:

  Resource: !Sub
                - 'arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${PipelineName}'
                - { PipelineName: !Ref MyPipeline }

[benbridts]

You can make it even shorter if you want:

!Sub "arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${MyPipeline}"

[65]

+1 for this

[mday-ntirety]

Please add this. I need to pass a codepipeline arn to AWS::Scheduler::Schedule in the same stack.

[RamazanKara]

+1

[neoReuters]

+1. It's a value available already - why isn't this just exposed?