mingkun2020
commented
2 years ago Thanks for the feature request! We have a roadmap here, but we also try to take in popular feature requests based on 👍🏽 from the community. We will be adding this to our intake for prioritization.
Describe your idea/feature/enhancement
I currently wrap may serverless application stack in a CDK pipeline as described in the docs which a
cdk.Stageto bundle stacks. After runningcdk synthI get aPipeline.template.jsonwhich is similar to the following:{ "Resources": { "RepositoryFooPipelineDevPipeline92A28D5AmainEventRule6A83461F": { "Type": "AWS::Events::Rule", "Properties": { "EventPattern": { "source": [ "aws.codecommit" ], "resources": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":codecommit:eu-central-1:1111111111111111:foo-repo" ] ] } ], "detail-type": [ "CodeCommit Repository State Change" ], "detail": { "event": [ "referenceCreated", "referenceUpdated" ], "referenceName": [ "main" ] } }, "State": "ENABLED", "Targets": [ { "Arn": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":codepipeline:eu-central-1:1111111111111111:", { "Ref": "Pipeline9850B417" } ] ] }, "Id": "Target0", "RoleArn": { "Fn::GetAtt": [ "PipelineEventsRole96280D9B", "Arn" ] } } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Repository/FooPipelineDevPipeline92A28D5A-main-EventRule/Resource" } }, "PipelineArtifactsBucketAEA9A052": { "Type": "AWS::S3::Bucket", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "aws:kms" } } ] }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true } }, "UpdateReplacePolicy": "Retain", "DeletionPolicy": "Retain", "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/ArtifactsBucket/Resource" } }, "PipelineArtifactsBucketPolicyF53CCC52": { "Type": "AWS::S3::BucketPolicy", "Properties": { "Bucket": { "Ref": "PipelineArtifactsBucketAEA9A052" }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false" } }, "Effect": "Deny", "Principal": { "AWS": "*" }, "Resource": [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, "/*" ] ] } ] }, { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*" ], "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:role/cdk-hnb659fds-deploy-role-1111111111111111-eu-central-1" ] ] } }, "Resource": [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, "/*" ] ] } ] } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/ArtifactsBucket/Policy/Resource" } }, "PipelineRoleB27FAA37": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codepipeline.amazonaws.com" } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Role/Resource" } }, "PipelineRoleDefaultPolicy7BDC1ABB": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*" ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, "/*" ] ] } ] }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineSourcefoodbbackendCodePipelineActionRole6E3D54F7", "Arn" ] } }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineBuildSynthCodePipelineActionRole4E7A6C97", "Arn" ] } }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineUpdatePipelineSelfMutateCodePipelineActionRoleD6D4E5CF", "Arn" ] } }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineAssetsFileAsset1CodePipelineActionRoleC0EC649A", "Arn" ] } }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineAssetsFileAsset2CodePipelineActionRole06965A59", "Arn" ] } }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:role/cdk-hnb659fds-deploy-role-1111111111111111-eu-central-1" ] ] } } ], "Version": "2012-10-17" }, "PolicyName": "PipelineRoleDefaultPolicy7BDC1ABB", "Roles": [ { "Ref": "PipelineRoleB27FAA37" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Role/DefaultPolicy/Resource" } }, "Pipeline9850B417": { "Type": "AWS::CodePipeline::Pipeline", "Properties": { "RoleArn": { "Fn::GetAtt": [ "PipelineRoleB27FAA37", "Arn" ] }, "Stages": [ { "Actions": [ { "ActionTypeId": { "Category": "Source", "Owner": "AWS", "Provider": "CodeCommit", "Version": "1" }, "Configuration": { "RepositoryName": "foo-repo", "BranchName": "main", "PollForSourceChanges": false }, "Name": "foo-repo", "OutputArtifacts": [ { "Name": "foo_db_backend_Source" } ], "RoleArn": { "Fn::GetAtt": [ "PipelineSourcefoodbbackendCodePipelineActionRole6E3D54F7", "Arn" ] }, "RunOrder": 1 } ], "Name": "Source" }, { "Actions": [ { "ActionTypeId": { "Category": "Build", "Owner": "AWS", "Provider": "CodeBuild", "Version": "1" }, "Configuration": { "ProjectName": { "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" }, "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"22d4fcfeb705e5cfff3a47b39b1966efdb91b85c092418369fc13120f6d94ce0\"}]" }, "InputArtifacts": [ { "Name": "foo_db_backend_Source" } ], "Name": "Synth", "OutputArtifacts": [ { "Name": "Synth_Output" } ], "RoleArn": { "Fn::GetAtt": [ "PipelineBuildSynthCodePipelineActionRole4E7A6C97", "Arn" ] }, "RunOrder": 1 } ], "Name": "Build" }, { "Actions": [ { "ActionTypeId": { "Category": "Build", "Owner": "AWS", "Provider": "CodeBuild", "Version": "1" }, "Configuration": { "ProjectName": { "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" }, "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"ef7ce12f1510570feae0c65b191a8c4c29c7032f6c6f12b6a44f0e5ac33f782e\"}]" }, "InputArtifacts": [ { "Name": "Synth_Output" } ], "Name": "SelfMutate", "RoleArn": { "Fn::GetAtt": [ "PipelineUpdatePipelineSelfMutateCodePipelineActionRoleD6D4E5CF", "Arn" ] }, "RunOrder": 1 } ], "Name": "UpdatePipeline" }, { "Actions": [ { "ActionTypeId": { "Category": "Build", "Owner": "AWS", "Provider": "CodeBuild", "Version": "1" }, "Configuration": { "ProjectName": { "Ref": "PipelineAssetsFileAsset185A67CB4" } }, "InputArtifacts": [ { "Name": "Synth_Output" } ], "Name": "FileAsset1", "RoleArn": { "Fn::GetAtt": [ "PipelineAssetsFileAsset1CodePipelineActionRoleC0EC649A", "Arn" ] }, "RunOrder": 1 }, { "ActionTypeId": { "Category": "Build", "Owner": "AWS", "Provider": "CodeBuild", "Version": "1" }, "Configuration": { "ProjectName": { "Ref": "PipelineAssetsFileAsset24D2D639B" } }, "InputArtifacts": [ { "Name": "Synth_Output" } ], "Name": "FileAsset2", "RoleArn": { "Fn::GetAtt": [ "PipelineAssetsFileAsset2CodePipelineActionRole06965A59", "Arn" ] }, "RunOrder": 1 } ], "Name": "Assets" }, { "Actions": [ { "ActionTypeId": { "Category": "Deploy", "Owner": "AWS", "Provider": "CloudFormation", "Version": "1" }, "Configuration": { "StackName": "FooStackDev", "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", "RoleArn": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:role/cdk-hnb659fds-cfn-exec-role-1111111111111111-eu-central-1" ] ] }, "TemplateConfiguration": "Synth_Output::assembly-FooPipelineDev-PipelineAppStage/FooPipelineDevPipelineAppStageAppStack32F3B4A7.template.json.config.json", "ActionMode": "CHANGE_SET_REPLACE", "ChangeSetName": "PipelineChange", "TemplatePath": "Synth_Output::assembly-FooPipelineDev-PipelineAppStage/FooPipelineDevPipelineAppStageAppStack32F3B4A7.template.json" }, "InputArtifacts": [ { "Name": "Synth_Output" } ], "Name": "Prepare", "RoleArn": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:role/cdk-hnb659fds-deploy-role-1111111111111111-eu-central-1" ] ] }, "RunOrder": 1 }, { "ActionTypeId": { "Category": "Deploy", "Owner": "AWS", "Provider": "CloudFormation", "Version": "1" }, "Configuration": { "StackName": "FooStackDev", "ActionMode": "CHANGE_SET_EXECUTE", "ChangeSetName": "PipelineChange" }, "Name": "Deploy", "RoleArn": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:role/cdk-hnb659fds-deploy-role-1111111111111111-eu-central-1" ] ] }, "RunOrder": 2 } ], "Name": "PipelineAppStage" } ], "ArtifactStore": { "Location": { "Ref": "PipelineArtifactsBucketAEA9A052" }, "Type": "S3" }, "Name": "Foo-Pipeline-dev", "RestartExecutionOnUpdate": true }, "DependsOn": [ "PipelineRoleDefaultPolicy7BDC1ABB", "PipelineRoleB27FAA37" ], "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Resource" } }, "PipelineSourcefoodbbackendCodePipelineActionRole6E3D54F7": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:root" ] ] } } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Source/foo-repo/CodePipelineActionRole/Resource" } }, "PipelineSourcefoodbbackendCodePipelineActionRoleDefaultPolicy454A6C53": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*" ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, "/*" ] ] } ] }, { "Action": [ "codecommit:GetBranch", "codecommit:GetCommit", "codecommit:UploadArchive", "codecommit:GetUploadArchiveStatus", "codecommit:CancelUploadArchive" ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":codecommit:eu-central-1:1111111111111111:foo-repo" ] ] } } ], "Version": "2012-10-17" }, "PolicyName": "PipelineSourcefoodbbackendCodePipelineActionRoleDefaultPolicy454A6C53", "Roles": [ { "Ref": "PipelineSourcefoodbbackendCodePipelineActionRole6E3D54F7" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Source/foo-repo/CodePipelineActionRole/DefaultPolicy/Resource" } }, "PipelineEventsRole96280D9B": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "events.amazonaws.com" } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/EventsRole/Resource" } }, "PipelineEventsRoleDefaultPolicy62809D8F": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": "codepipeline:StartPipelineExecution", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":codepipeline:eu-central-1:1111111111111111:", { "Ref": "Pipeline9850B417" } ] ] } } ], "Version": "2012-10-17" }, "PolicyName": "PipelineEventsRoleDefaultPolicy62809D8F", "Roles": [ { "Ref": "PipelineEventsRole96280D9B" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/EventsRole/DefaultPolicy/Resource" } }, "PipelineBuildSynthCdkBuildProjectRole231EEA2A": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codebuild.amazonaws.com" } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/Resource" } }, "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":logs:eu-central-1:1111111111111111:log-group:/aws/codebuild/", { "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" } ] ] }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":logs:eu-central-1:1111111111111111:log-group:/aws/codebuild/", { "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" }, ":*" ] ] } ] }, { "Action": [ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", "codebuild:BatchPutTestCases", "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":codebuild:eu-central-1:1111111111111111:report-group/", { "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" }, "-*" ] ] } }, { "Action": "route53:ListHostedZonesByName", "Effect": "Allow", "Resource": "*" }, { "Action": [ "codeartifact:GetAuthorizationToken", "codeartifact:GetRepositoryEndpoint", "codeartifact:ReadFromRepository" ], "Effect": "Allow", "Resource": [ "arn:aws:codeartifact:eu-central-1:483851311515:domain/siemens", "arn:aws:codeartifact:eu-central-1:483851311515:repository/siemens/gms-wcs-npm" ] }, { "Action": "sts:GetServiceBearerToken", "Condition": { "StringEquals": { "sts:AWSServiceName": "codeartifact.amazonaws.com" } }, "Effect": "Allow", "Resource": "*" }, { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*" ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, "/*" ] ] } ] } ], "Version": "2012-10-17" }, "PolicyName": "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C", "Roles": [ { "Ref": "PipelineBuildSynthCdkBuildProjectRole231EEA2A" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/DefaultPolicy/Resource" } }, "PipelineBuildSynthCdkBuildProject6BEFA8E6": { "Type": "AWS::CodeBuild::Project", "Properties": { "Artifacts": { "Type": "CODEPIPELINE" }, "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", "EnvironmentVariables": [ { "Name": "STAGE", "Type": "PLAINTEXT", "Value": "dev" } ], "Image": "aws/codebuild/standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": false, "Type": "LINUX_CONTAINER" }, "ServiceRole": { "Fn::GetAtt": [ "PipelineBuildSynthCdkBuildProjectRole231EEA2A", "Arn" ] }, "Source": { "BuildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"install\": {\n \"commands\": [\n \"sh ci-install.sh\"\n ]\n },\n \"build\": {\n \"commands\": [\n \"sh ci-build.sh\"\n ]\n }\n },\n \"artifacts\": {\n \"base-directory\": \"cdk.out\",\n \"files\": \"**/*\"\n }\n}", "Type": "CODEPIPELINE" }, "Cache": { "Type": "NO_CACHE" }, "Description": "Pipeline step FooPipelineDev/Pipeline/Build/Synth", "EncryptionKey": "alias/aws/s3" }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Resource" } }, "PipelineBuildSynthCodePipelineActionRole4E7A6C97": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:root" ] ] } } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Build/Synth/CodePipelineActionRole/Resource" } }, "PipelineBuildSynthCodePipelineActionRoleDefaultPolicy92C90290": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "codebuild:BatchGetBuilds", "codebuild:StartBuild", "codebuild:StopBuild" ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineBuildSynthCdkBuildProject6BEFA8E6", "Arn" ] } } ], "Version": "2012-10-17" }, "PolicyName": "PipelineBuildSynthCodePipelineActionRoleDefaultPolicy92C90290", "Roles": [ { "Ref": "PipelineBuildSynthCodePipelineActionRole4E7A6C97" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Build/Synth/CodePipelineActionRole/DefaultPolicy/Resource" } }, "PipelineUpdatePipelineSelfMutateCodePipelineActionRoleD6D4E5CF": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:root" ] ] } } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/UpdatePipeline/SelfMutate/CodePipelineActionRole/Resource" } }, "PipelineUpdatePipelineSelfMutateCodePipelineActionRoleDefaultPolicyE626265B": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "codebuild:BatchGetBuilds", "codebuild:StartBuild", "codebuild:StopBuild" ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineUpdatePipelineSelfMutationDAA41400", "Arn" ] } } ], "Version": "2012-10-17" }, "PolicyName": "PipelineUpdatePipelineSelfMutateCodePipelineActionRoleDefaultPolicyE626265B", "Roles": [ { "Ref": "PipelineUpdatePipelineSelfMutateCodePipelineActionRoleD6D4E5CF" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/UpdatePipeline/SelfMutate/CodePipelineActionRole/DefaultPolicy/Resource" } }, "PipelineAssetsFileAsset1CodePipelineActionRoleC0EC649A": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:root" ] ] } } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Assets/FileAsset1/CodePipelineActionRole/Resource" } }, "PipelineAssetsFileAsset1CodePipelineActionRoleDefaultPolicy5F0BE7E8": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "codebuild:BatchGetBuilds", "codebuild:StartBuild", "codebuild:StopBuild" ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineAssetsFileAsset185A67CB4", "Arn" ] } } ], "Version": "2012-10-17" }, "PolicyName": "PipelineAssetsFileAsset1CodePipelineActionRoleDefaultPolicy5F0BE7E8", "Roles": [ { "Ref": "PipelineAssetsFileAsset1CodePipelineActionRoleC0EC649A" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Assets/FileAsset1/CodePipelineActionRole/DefaultPolicy/Resource" } }, "PipelineAssetsFileAsset2CodePipelineActionRole06965A59": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:root" ] ] } } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Assets/FileAsset2/CodePipelineActionRole/Resource" } }, "PipelineAssetsFileAsset2CodePipelineActionRoleDefaultPolicy2399F4BC": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "codebuild:BatchGetBuilds", "codebuild:StartBuild", "codebuild:StopBuild" ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "PipelineAssetsFileAsset24D2D639B", "Arn" ] } } ], "Version": "2012-10-17" }, "PolicyName": "PipelineAssetsFileAsset2CodePipelineActionRoleDefaultPolicy2399F4BC", "Roles": [ { "Ref": "PipelineAssetsFileAsset2CodePipelineActionRole06965A59" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/Assets/FileAsset2/CodePipelineActionRole/DefaultPolicy/Resource" } }, "PipelineSlackNotification0E450626": { "Type": "AWS::CodeStarNotifications::NotificationRule", "Properties": { "DetailType": "FULL", "EventTypeIds": [ "codepipeline-pipeline-pipeline-execution-failed", "codepipeline-pipeline-pipeline-execution-succeeded" ], "Name": "FooPipelineDevPipelineSlackNotification0B9B5678", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":codepipeline:eu-central-1:1111111111111111:", { "Ref": "Pipeline9850B417" } ] ] }, "Targets": [ { "TargetAddress": "arn:aws:sns:eu-central-1:1111111111111111:foo-database-releases", "TargetType": "SNS" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Pipeline/SlackNotification/Resource" } }, "PipelineUpdatePipelineSelfMutationRole57E559E8": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codebuild.amazonaws.com" } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/UpdatePipeline/SelfMutation/Role/Resource" } }, "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":logs:eu-central-1:1111111111111111:log-group:/aws/codebuild/", { "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" } ] ] }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":logs:eu-central-1:1111111111111111:log-group:/aws/codebuild/", { "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" }, ":*" ] ] } ] }, { "Action": [ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", "codebuild:BatchPutTestCases", "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":codebuild:eu-central-1:1111111111111111:report-group/", { "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" }, "-*" ] ] } }, { "Action": "sts:AssumeRole", "Condition": { "ForAnyValue:StringEquals": { "iam:ResourceTag/aws-cdk:bootstrap-role": [ "image-publishing", "file-publishing", "deploy" ] } }, "Effect": "Allow", "Resource": "arn:*:iam::1111111111111111:role/*" }, { "Action": "cloudformation:DescribeStacks", "Effect": "Allow", "Resource": "*" }, { "Action": "s3:ListBucket", "Effect": "Allow", "Resource": "*" }, { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*" ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, "/*" ] ] } ] } ], "Version": "2012-10-17" }, "PolicyName": "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E", "Roles": [ { "Ref": "PipelineUpdatePipelineSelfMutationRole57E559E8" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/UpdatePipeline/SelfMutation/Role/DefaultPolicy/Resource" } }, "PipelineUpdatePipelineSelfMutationDAA41400": { "Type": "AWS::CodeBuild::Project", "Properties": { "Artifacts": { "Type": "CODEPIPELINE" }, "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", "Image": "aws/codebuild/standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": false, "Type": "LINUX_CONTAINER" }, "ServiceRole": { "Fn::GetAtt": [ "PipelineUpdatePipelineSelfMutationRole57E559E8", "Arn" ] }, "Source": { "BuildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"install\": {\n \"commands\": [\n \"npm install -g aws-cdk@2\"\n ]\n },\n \"build\": {\n \"commands\": [\n \"cdk -a . deploy FooPipelineDev --require-approval=never --verbose\"\n ]\n }\n }\n}", "Type": "CODEPIPELINE" }, "Cache": { "Type": "NO_CACHE" }, "Description": "Pipeline step FooPipelineDev/Pipeline/UpdatePipeline/SelfMutate", "EncryptionKey": "alias/aws/s3", "Name": "Foo-Pipeline-dev-selfupdate" }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/UpdatePipeline/SelfMutation/Resource" } }, "PipelineAssetsFileRole59943A77": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codebuild.amazonaws.com" } }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::1111111111111111:root" ] ] } } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Assets/FileRole/Resource" } }, "PipelineAssetsFileRoleDefaultPolicy14DB8755": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":logs:eu-central-1:1111111111111111:log-group:/aws/codebuild/*" ] ] } }, { "Action": [ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", "codebuild:BatchPutTestCases", "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":codebuild:eu-central-1:1111111111111111:report-group/*" ] ] } }, { "Action": [ "codebuild:BatchGetBuilds", "codebuild:StartBuild", "codebuild:StopBuild" ], "Effect": "Allow", "Resource": "*" }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": [ { "Fn::Sub": "arn:${AWS::Partition}:iam::1111111111111111:role/cdk-hnb659fds-file-publishing-role-1111111111111111-eu-central-1" } ] }, { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*" ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "PipelineArtifactsBucketAEA9A052", "Arn" ] }, "/*" ] ] } ] } ], "Version": "2012-10-17" }, "PolicyName": "PipelineAssetsFileRoleDefaultPolicy14DB8755", "Roles": [ { "Ref": "PipelineAssetsFileRole59943A77" } ] }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Assets/FileRole/DefaultPolicy/Resource" } }, "PipelineAssetsFileAsset185A67CB4": { "Type": "AWS::CodeBuild::Project", "Properties": { "Artifacts": { "Type": "CODEPIPELINE" }, "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", "Image": "aws/codebuild/standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": false, "Type": "LINUX_CONTAINER" }, "ServiceRole": { "Fn::GetAtt": [ "PipelineAssetsFileRole59943A77", "Arn" ] }, "Source": { "BuildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"install\": {\n \"commands\": [\n \"npm install -g cdk-assets@2\"\n ]\n },\n \"build\": {\n \"commands\": [\n \"cdk-assets --path \\\"assembly-FooPipelineDev-PipelineAppStage/FooPipelineDevPipelineAppStageAppStack32F3B4A7.assets.json\\\" --verbose publish \\\"9bf35c4609f7e46143b8f1b17e773306524e3c3f2353f6fec79cc498590043f6:1111111111111111-eu-central-1\\\"\"\n ]\n }\n }\n}", "Type": "CODEPIPELINE" }, "Cache": { "Type": "NO_CACHE" } }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Assets/FileAsset1/Resource" } }, "PipelineAssetsFileAsset24D2D639B": { "Type": "AWS::CodeBuild::Project", "Properties": { "Artifacts": { "Type": "CODEPIPELINE" }, "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", "Image": "aws/codebuild/standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": false, "Type": "LINUX_CONTAINER" }, "ServiceRole": { "Fn::GetAtt": [ "PipelineAssetsFileRole59943A77", "Arn" ] }, "Source": { "BuildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"install\": {\n \"commands\": [\n \"npm install -g cdk-assets@2\"\n ]\n },\n \"build\": {\n \"commands\": [\n \"cdk-assets --path \\\"assembly-FooPipelineDev-PipelineAppStage/FooPipelineDevPipelineAppStageAppStack32F3B4A7.assets.json\\\" --verbose publish \\\"fae71ad7b1dbed5572d016c072bceef3a5edcf1e836dbfda11ab357e325a2ce3:1111111111111111-eu-central-1\\\"\"\n ]\n }\n }\n}", "Type": "CODEPIPELINE" }, "Cache": { "Type": "NO_CACHE" }, "Description": "Pipeline step FooPipelineDev/Pipeline/Assets/FileAsset2", "EncryptionKey": "alias/aws/s3" }, "Metadata": { "aws:cdk:path": "FooPipelineDev/Pipeline/Assets/FileAsset2/Resource" } }, "CDKMetadata": { "Type": "AWS::CDK::Metadata", "Properties": { "Analytics": "v2:deflate64:H4sIAAAAAAAA/11Qy27DMAz7lt4dbc0eH9DehyDdfXAVFVDi2kFktyiM/PvsJUaKnUhRhCm6hvoDXnf6LhV2Q2X4DPHkNQ6qJXFhQlJp9xPpRtYLxDYYUseLzTgrdB2NPJJhSxCbleV94bOSN4iHgAP5rK9sgcYZxscmL/OsWF9TkluTMm7O4snR58Cm23KbyfWEfzErXWzi9WSd5wuj9uxsqvH1NJZK/7V0erJ+u5HxoCWNpanAMb363Lb81axs2kAvL7f9J+zfod71wlxNwXq+ErQL/gJlize6dQEAAA==" }, "Metadata": { "aws:cdk:path": "FooPipelineDev/CDKMetadata/Default" } } }, "Parameters": { "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value",
"Default": "/cdk-bootstrap/hnb659fds/version",
"Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
}
},
"Rules": {
"CheckBootstrapVersion": {
"Assertions": [
{
"Assert": {
"Fn::Not": [
{
"Fn::Contains": [
[
"1",
"2",
"3",
"4",
"5"
],
{
"Ref": "BootstrapVersion"
}
]
}
]
},
"AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
}
]
}
}
}
Now when I try to debug lambda functions of the
AppStackwhich was defined in thecdk.Stagethe SAM CLI fails. I guess the reference to the appStage asset cannot be resolved.Proposal
Support debugging lambda functions which were defined in a stack in a
cdk.Stage.Things to consider:
Additional Details