1. Packages
  2. AWS Classic
  3. API Docs
  4. codepipeline
  5. Pipeline

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.23.0 published on Thursday, Feb 22, 2024 by Pulumi

aws.codepipeline.Pipeline

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.23.0 published on Thursday, Feb 22, 2024 by Pulumi

    Provides a CodePipeline.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.CodeStarConnections.Connection("example", new()
        {
            ProviderType = "GitHub",
        });
    
        var codepipelineBucket = new Aws.S3.BucketV2("codepipelineBucket");
    
        var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
        {
            Statements = new[]
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Effect = "Allow",
                    Principals = new[]
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                        {
                            Type = "Service",
                            Identifiers = new[]
                            {
                                "codepipeline.amazonaws.com",
                            },
                        },
                    },
                    Actions = new[]
                    {
                        "sts:AssumeRole",
                    },
                },
            },
        });
    
        var codepipelineRole = new Aws.Iam.Role("codepipelineRole", new()
        {
            AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
        });
    
        var s3kmskey = Aws.Kms.GetAlias.Invoke(new()
        {
            Name = "alias/myKmsKey",
        });
    
        var codepipeline = new Aws.CodePipeline.Pipeline("codepipeline", new()
        {
            RoleArn = codepipelineRole.Arn,
            ArtifactStores = new[]
            {
                new Aws.CodePipeline.Inputs.PipelineArtifactStoreArgs
                {
                    Location = codepipelineBucket.Bucket,
                    Type = "S3",
                    EncryptionKey = new Aws.CodePipeline.Inputs.PipelineArtifactStoreEncryptionKeyArgs
                    {
                        Id = s3kmskey.Apply(getAliasResult => getAliasResult.Arn),
                        Type = "KMS",
                    },
                },
            },
            Stages = new[]
            {
                new Aws.CodePipeline.Inputs.PipelineStageArgs
                {
                    Name = "Source",
                    Actions = new[]
                    {
                        new Aws.CodePipeline.Inputs.PipelineStageActionArgs
                        {
                            Name = "Source",
                            Category = "Source",
                            Owner = "AWS",
                            Provider = "CodeStarSourceConnection",
                            Version = "1",
                            OutputArtifacts = new[]
                            {
                                "source_output",
                            },
                            Configuration = 
                            {
                                { "ConnectionArn", example.Arn },
                                { "FullRepositoryId", "my-organization/example" },
                                { "BranchName", "main" },
                            },
                        },
                    },
                },
                new Aws.CodePipeline.Inputs.PipelineStageArgs
                {
                    Name = "Build",
                    Actions = new[]
                    {
                        new Aws.CodePipeline.Inputs.PipelineStageActionArgs
                        {
                            Name = "Build",
                            Category = "Build",
                            Owner = "AWS",
                            Provider = "CodeBuild",
                            InputArtifacts = new[]
                            {
                                "source_output",
                            },
                            OutputArtifacts = new[]
                            {
                                "build_output",
                            },
                            Version = "1",
                            Configuration = 
                            {
                                { "ProjectName", "test" },
                            },
                        },
                    },
                },
                new Aws.CodePipeline.Inputs.PipelineStageArgs
                {
                    Name = "Deploy",
                    Actions = new[]
                    {
                        new Aws.CodePipeline.Inputs.PipelineStageActionArgs
                        {
                            Name = "Deploy",
                            Category = "Deploy",
                            Owner = "AWS",
                            Provider = "CloudFormation",
                            InputArtifacts = new[]
                            {
                                "build_output",
                            },
                            Version = "1",
                            Configuration = 
                            {
                                { "ActionMode", "REPLACE_ON_FAILURE" },
                                { "Capabilities", "CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM" },
                                { "OutputFileName", "CreateStackOutput.json" },
                                { "StackName", "MyStack" },
                                { "TemplatePath", "build_output::sam-templated.yaml" },
                            },
                        },
                    },
                },
            },
        });
    
        var codepipelineBucketPab = new Aws.S3.BucketPublicAccessBlock("codepipelineBucketPab", new()
        {
            Bucket = codepipelineBucket.Id,
            BlockPublicAcls = true,
            BlockPublicPolicy = true,
            IgnorePublicAcls = true,
            RestrictPublicBuckets = true,
        });
    
        var codepipelinePolicyPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()
        {
            Statements = new[]
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Effect = "Allow",
                    Actions = new[]
                    {
                        "s3:GetObject",
                        "s3:GetObjectVersion",
                        "s3:GetBucketVersioning",
                        "s3:PutObjectAcl",
                        "s3:PutObject",
                    },
                    Resources = new[]
                    {
                        codepipelineBucket.Arn,
                        $"{codepipelineBucket.Arn}/*",
                    },
                },
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Effect = "Allow",
                    Actions = new[]
                    {
                        "codestar-connections:UseConnection",
                    },
                    Resources = new[]
                    {
                        example.Arn,
                    },
                },
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Effect = "Allow",
                    Actions = new[]
                    {
                        "codebuild:BatchGetBuilds",
                        "codebuild:StartBuild",
                    },
                    Resources = new[]
                    {
                        "*",
                    },
                },
            },
        });
    
        var codepipelinePolicyRolePolicy = new Aws.Iam.RolePolicy("codepipelinePolicyRolePolicy", new()
        {
            Role = codepipelineRole.Id,
            Policy = codepipelinePolicyPolicyDocument.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
        });
    
    });
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codepipeline"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codestarconnections"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := codestarconnections.NewConnection(ctx, "example", &codestarconnections.ConnectionArgs{
    			ProviderType: pulumi.String("GitHub"),
    		})
    		if err != nil {
    			return err
    		}
    		codepipelineBucket, err := s3.NewBucketV2(ctx, "codepipelineBucket", nil)
    		if err != nil {
    			return err
    		}
    		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
    			Statements: []iam.GetPolicyDocumentStatement{
    				{
    					Effect: pulumi.StringRef("Allow"),
    					Principals: []iam.GetPolicyDocumentStatementPrincipal{
    						{
    							Type: "Service",
    							Identifiers: []string{
    								"codepipeline.amazonaws.com",
    							},
    						},
    					},
    					Actions: []string{
    						"sts:AssumeRole",
    					},
    				},
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		codepipelineRole, err := iam.NewRole(ctx, "codepipelineRole", &iam.RoleArgs{
    			AssumeRolePolicy: *pulumi.String(assumeRole.Json),
    		})
    		if err != nil {
    			return err
    		}
    		s3kmskey, err := kms.LookupAlias(ctx, &kms.LookupAliasArgs{
    			Name: "alias/myKmsKey",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = codepipeline.NewPipeline(ctx, "codepipeline", &codepipeline.PipelineArgs{
    			RoleArn: codepipelineRole.Arn,
    			ArtifactStores: codepipeline.PipelineArtifactStoreArray{
    				&codepipeline.PipelineArtifactStoreArgs{
    					Location: codepipelineBucket.Bucket,
    					Type:     pulumi.String("S3"),
    					EncryptionKey: &codepipeline.PipelineArtifactStoreEncryptionKeyArgs{
    						Id:   *pulumi.String(s3kmskey.Arn),
    						Type: pulumi.String("KMS"),
    					},
    				},
    			},
    			Stages: codepipeline.PipelineStageArray{
    				&codepipeline.PipelineStageArgs{
    					Name: pulumi.String("Source"),
    					Actions: codepipeline.PipelineStageActionArray{
    						&codepipeline.PipelineStageActionArgs{
    							Name:     pulumi.String("Source"),
    							Category: pulumi.String("Source"),
    							Owner:    pulumi.String("AWS"),
    							Provider: pulumi.String("CodeStarSourceConnection"),
    							Version:  pulumi.String("1"),
    							OutputArtifacts: pulumi.StringArray{
    								pulumi.String("source_output"),
    							},
    							Configuration: pulumi.StringMap{
    								"ConnectionArn":    example.Arn,
    								"FullRepositoryId": pulumi.String("my-organization/example"),
    								"BranchName":       pulumi.String("main"),
    							},
    						},
    					},
    				},
    				&codepipeline.PipelineStageArgs{
    					Name: pulumi.String("Build"),
    					Actions: codepipeline.PipelineStageActionArray{
    						&codepipeline.PipelineStageActionArgs{
    							Name:     pulumi.String("Build"),
    							Category: pulumi.String("Build"),
    							Owner:    pulumi.String("AWS"),
    							Provider: pulumi.String("CodeBuild"),
    							InputArtifacts: pulumi.StringArray{
    								pulumi.String("source_output"),
    							},
    							OutputArtifacts: pulumi.StringArray{
    								pulumi.String("build_output"),
    							},
    							Version: pulumi.String("1"),
    							Configuration: pulumi.StringMap{
    								"ProjectName": pulumi.String("test"),
    							},
    						},
    					},
    				},
    				&codepipeline.PipelineStageArgs{
    					Name: pulumi.String("Deploy"),
    					Actions: codepipeline.PipelineStageActionArray{
    						&codepipeline.PipelineStageActionArgs{
    							Name:     pulumi.String("Deploy"),
    							Category: pulumi.String("Deploy"),
    							Owner:    pulumi.String("AWS"),
    							Provider: pulumi.String("CloudFormation"),
    							InputArtifacts: pulumi.StringArray{
    								pulumi.String("build_output"),
    							},
    							Version: pulumi.String("1"),
    							Configuration: pulumi.StringMap{
    								"ActionMode":     pulumi.String("REPLACE_ON_FAILURE"),
    								"Capabilities":   pulumi.String("CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM"),
    								"OutputFileName": pulumi.String("CreateStackOutput.json"),
    								"StackName":      pulumi.String("MyStack"),
    								"TemplatePath":   pulumi.String("build_output::sam-templated.yaml"),
    							},
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = s3.NewBucketPublicAccessBlock(ctx, "codepipelineBucketPab", &s3.BucketPublicAccessBlockArgs{
    			Bucket:                codepipelineBucket.ID(),
    			BlockPublicAcls:       pulumi.Bool(true),
    			BlockPublicPolicy:     pulumi.Bool(true),
    			IgnorePublicAcls:      pulumi.Bool(true),
    			RestrictPublicBuckets: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		codepipelinePolicyPolicyDocument := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
    			Statements: iam.GetPolicyDocumentStatementArray{
    				&iam.GetPolicyDocumentStatementArgs{
    					Effect: pulumi.String("Allow"),
    					Actions: pulumi.StringArray{
    						pulumi.String("s3:GetObject"),
    						pulumi.String("s3:GetObjectVersion"),
    						pulumi.String("s3:GetBucketVersioning"),
    						pulumi.String("s3:PutObjectAcl"),
    						pulumi.String("s3:PutObject"),
    					},
    					Resources: pulumi.StringArray{
    						codepipelineBucket.Arn,
    						codepipelineBucket.Arn.ApplyT(func(arn string) (string, error) {
    							return fmt.Sprintf("%v/*", arn), nil
    						}).(pulumi.StringOutput),
    					},
    				},
    				&iam.GetPolicyDocumentStatementArgs{
    					Effect: pulumi.String("Allow"),
    					Actions: pulumi.StringArray{
    						pulumi.String("codestar-connections:UseConnection"),
    					},
    					Resources: pulumi.StringArray{
    						example.Arn,
    					},
    				},
    				&iam.GetPolicyDocumentStatementArgs{
    					Effect: pulumi.String("Allow"),
    					Actions: pulumi.StringArray{
    						pulumi.String("codebuild:BatchGetBuilds"),
    						pulumi.String("codebuild:StartBuild"),
    					},
    					Resources: pulumi.StringArray{
    						pulumi.String("*"),
    					},
    				},
    			},
    		}, nil)
    		_, err = iam.NewRolePolicy(ctx, "codepipelinePolicyRolePolicy", &iam.RolePolicyArgs{
    			Role: codepipelineRole.ID(),
    			Policy: codepipelinePolicyPolicyDocument.ApplyT(func(codepipelinePolicyPolicyDocument iam.GetPolicyDocumentResult) (*string, error) {
    				return &codepipelinePolicyPolicyDocument.Json, nil
    			}).(pulumi.StringPtrOutput),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.codestarconnections.Connection;
    import com.pulumi.aws.codestarconnections.ConnectionArgs;
    import com.pulumi.aws.s3.BucketV2;
    import com.pulumi.aws.iam.IamFunctions;
    import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
    import com.pulumi.aws.iam.Role;
    import com.pulumi.aws.iam.RoleArgs;
    import com.pulumi.aws.kms.KmsFunctions;
    import com.pulumi.aws.kms.inputs.GetAliasArgs;
    import com.pulumi.aws.codepipeline.Pipeline;
    import com.pulumi.aws.codepipeline.PipelineArgs;
    import com.pulumi.aws.codepipeline.inputs.PipelineArtifactStoreArgs;
    import com.pulumi.aws.codepipeline.inputs.PipelineArtifactStoreEncryptionKeyArgs;
    import com.pulumi.aws.codepipeline.inputs.PipelineStageArgs;
    import com.pulumi.aws.s3.BucketPublicAccessBlock;
    import com.pulumi.aws.s3.BucketPublicAccessBlockArgs;
    import com.pulumi.aws.iam.RolePolicy;
    import com.pulumi.aws.iam.RolePolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Connection("example", ConnectionArgs.builder()        
                .providerType("GitHub")
                .build());
    
            var codepipelineBucket = new BucketV2("codepipelineBucket");
    
            final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
                .statements(GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                        .type("Service")
                        .identifiers("codepipeline.amazonaws.com")
                        .build())
                    .actions("sts:AssumeRole")
                    .build())
                .build());
    
            var codepipelineRole = new Role("codepipelineRole", RoleArgs.builder()        
                .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
                .build());
    
            final var s3kmskey = KmsFunctions.getAlias(GetAliasArgs.builder()
                .name("alias/myKmsKey")
                .build());
    
            var codepipeline = new Pipeline("codepipeline", PipelineArgs.builder()        
                .roleArn(codepipelineRole.arn())
                .artifactStores(PipelineArtifactStoreArgs.builder()
                    .location(codepipelineBucket.bucket())
                    .type("S3")
                    .encryptionKey(PipelineArtifactStoreEncryptionKeyArgs.builder()
                        .id(s3kmskey.applyValue(getAliasResult -> getAliasResult.arn()))
                        .type("KMS")
                        .build())
                    .build())
                .stages(            
                    PipelineStageArgs.builder()
                        .name("Source")
                        .actions(PipelineStageActionArgs.builder()
                            .name("Source")
                            .category("Source")
                            .owner("AWS")
                            .provider("CodeStarSourceConnection")
                            .version("1")
                            .outputArtifacts("source_output")
                            .configuration(Map.ofEntries(
                                Map.entry("ConnectionArn", example.arn()),
                                Map.entry("FullRepositoryId", "my-organization/example"),
                                Map.entry("BranchName", "main")
                            ))
                            .build())
                        .build(),
                    PipelineStageArgs.builder()
                        .name("Build")
                        .actions(PipelineStageActionArgs.builder()
                            .name("Build")
                            .category("Build")
                            .owner("AWS")
                            .provider("CodeBuild")
                            .inputArtifacts("source_output")
                            .outputArtifacts("build_output")
                            .version("1")
                            .configuration(Map.of("ProjectName", "test"))
                            .build())
                        .build(),
                    PipelineStageArgs.builder()
                        .name("Deploy")
                        .actions(PipelineStageActionArgs.builder()
                            .name("Deploy")
                            .category("Deploy")
                            .owner("AWS")
                            .provider("CloudFormation")
                            .inputArtifacts("build_output")
                            .version("1")
                            .configuration(Map.ofEntries(
                                Map.entry("ActionMode", "REPLACE_ON_FAILURE"),
                                Map.entry("Capabilities", "CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM"),
                                Map.entry("OutputFileName", "CreateStackOutput.json"),
                                Map.entry("StackName", "MyStack"),
                                Map.entry("TemplatePath", "build_output::sam-templated.yaml")
                            ))
                            .build())
                        .build())
                .build());
    
            var codepipelineBucketPab = new BucketPublicAccessBlock("codepipelineBucketPab", BucketPublicAccessBlockArgs.builder()        
                .bucket(codepipelineBucket.id())
                .blockPublicAcls(true)
                .blockPublicPolicy(true)
                .ignorePublicAcls(true)
                .restrictPublicBuckets(true)
                .build());
    
            final var codepipelinePolicyPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
                .statements(            
                    GetPolicyDocumentStatementArgs.builder()
                        .effect("Allow")
                        .actions(                    
                            "s3:GetObject",
                            "s3:GetObjectVersion",
                            "s3:GetBucketVersioning",
                            "s3:PutObjectAcl",
                            "s3:PutObject")
                        .resources(                    
                            codepipelineBucket.arn(),
                            codepipelineBucket.arn().applyValue(arn -> String.format("%s/*", arn)))
                        .build(),
                    GetPolicyDocumentStatementArgs.builder()
                        .effect("Allow")
                        .actions("codestar-connections:UseConnection")
                        .resources(example.arn())
                        .build(),
                    GetPolicyDocumentStatementArgs.builder()
                        .effect("Allow")
                        .actions(                    
                            "codebuild:BatchGetBuilds",
                            "codebuild:StartBuild")
                        .resources("*")
                        .build())
                .build());
    
            var codepipelinePolicyRolePolicy = new RolePolicy("codepipelinePolicyRolePolicy", RolePolicyArgs.builder()        
                .role(codepipelineRole.id())
                .policy(codepipelinePolicyPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(codepipelinePolicyPolicyDocument -> codepipelinePolicyPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.codestarconnections.Connection("example", provider_type="GitHub")
    codepipeline_bucket = aws.s3.BucketV2("codepipelineBucket")
    assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
            type="Service",
            identifiers=["codepipeline.amazonaws.com"],
        )],
        actions=["sts:AssumeRole"],
    )])
    codepipeline_role = aws.iam.Role("codepipelineRole", assume_role_policy=assume_role.json)
    s3kmskey = aws.kms.get_alias(name="alias/myKmsKey")
    codepipeline = aws.codepipeline.Pipeline("codepipeline",
        role_arn=codepipeline_role.arn,
        artifact_stores=[aws.codepipeline.PipelineArtifactStoreArgs(
            location=codepipeline_bucket.bucket,
            type="S3",
            encryption_key=aws.codepipeline.PipelineArtifactStoreEncryptionKeyArgs(
                id=s3kmskey.arn,
                type="KMS",
            ),
        )],
        stages=[
            aws.codepipeline.PipelineStageArgs(
                name="Source",
                actions=[aws.codepipeline.PipelineStageActionArgs(
                    name="Source",
                    category="Source",
                    owner="AWS",
                    provider="CodeStarSourceConnection",
                    version="1",
                    output_artifacts=["source_output"],
                    configuration={
                        "ConnectionArn": example.arn,
                        "FullRepositoryId": "my-organization/example",
                        "BranchName": "main",
                    },
                )],
            ),
            aws.codepipeline.PipelineStageArgs(
                name="Build",
                actions=[aws.codepipeline.PipelineStageActionArgs(
                    name="Build",
                    category="Build",
                    owner="AWS",
                    provider="CodeBuild",
                    input_artifacts=["source_output"],
                    output_artifacts=["build_output"],
                    version="1",
                    configuration={
                        "ProjectName": "test",
                    },
                )],
            ),
            aws.codepipeline.PipelineStageArgs(
                name="Deploy",
                actions=[aws.codepipeline.PipelineStageActionArgs(
                    name="Deploy",
                    category="Deploy",
                    owner="AWS",
                    provider="CloudFormation",
                    input_artifacts=["build_output"],
                    version="1",
                    configuration={
                        "ActionMode": "REPLACE_ON_FAILURE",
                        "Capabilities": "CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM",
                        "OutputFileName": "CreateStackOutput.json",
                        "StackName": "MyStack",
                        "TemplatePath": "build_output::sam-templated.yaml",
                    },
                )],
            ),
        ])
    codepipeline_bucket_pab = aws.s3.BucketPublicAccessBlock("codepipelineBucketPab",
        bucket=codepipeline_bucket.id,
        block_public_acls=True,
        block_public_policy=True,
        ignore_public_acls=True,
        restrict_public_buckets=True)
    codepipeline_policy_policy_document = aws.iam.get_policy_document_output(statements=[
        aws.iam.GetPolicyDocumentStatementArgs(
            effect="Allow",
            actions=[
                "s3:GetObject",
                "s3:GetObjectVersion",
                "s3:GetBucketVersioning",
                "s3:PutObjectAcl",
                "s3:PutObject",
            ],
            resources=[
                codepipeline_bucket.arn,
                codepipeline_bucket.arn.apply(lambda arn: f"{arn}/*"),
            ],
        ),
        aws.iam.GetPolicyDocumentStatementArgs(
            effect="Allow",
            actions=["codestar-connections:UseConnection"],
            resources=[example.arn],
        ),
        aws.iam.GetPolicyDocumentStatementArgs(
            effect="Allow",
            actions=[
                "codebuild:BatchGetBuilds",
                "codebuild:StartBuild",
            ],
            resources=["*"],
        ),
    ])
    codepipeline_policy_role_policy = aws.iam.RolePolicy("codepipelinePolicyRolePolicy",
        role=codepipeline_role.id,
        policy=codepipeline_policy_policy_document.json)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.codestarconnections.Connection("example", {providerType: "GitHub"});
    const codepipelineBucket = new aws.s3.BucketV2("codepipelineBucket", {});
    const assumeRole = aws.iam.getPolicyDocument({
        statements: [{
            effect: "Allow",
            principals: [{
                type: "Service",
                identifiers: ["codepipeline.amazonaws.com"],
            }],
            actions: ["sts:AssumeRole"],
        }],
    });
    const codepipelineRole = new aws.iam.Role("codepipelineRole", {assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json)});
    const s3kmskey = aws.kms.getAlias({
        name: "alias/myKmsKey",
    });
    const codepipeline = new aws.codepipeline.Pipeline("codepipeline", {
        roleArn: codepipelineRole.arn,
        artifactStores: [{
            location: codepipelineBucket.bucket,
            type: "S3",
            encryptionKey: {
                id: s3kmskey.then(s3kmskey => s3kmskey.arn),
                type: "KMS",
            },
        }],
        stages: [
            {
                name: "Source",
                actions: [{
                    name: "Source",
                    category: "Source",
                    owner: "AWS",
                    provider: "CodeStarSourceConnection",
                    version: "1",
                    outputArtifacts: ["source_output"],
                    configuration: {
                        ConnectionArn: example.arn,
                        FullRepositoryId: "my-organization/example",
                        BranchName: "main",
                    },
                }],
            },
            {
                name: "Build",
                actions: [{
                    name: "Build",
                    category: "Build",
                    owner: "AWS",
                    provider: "CodeBuild",
                    inputArtifacts: ["source_output"],
                    outputArtifacts: ["build_output"],
                    version: "1",
                    configuration: {
                        ProjectName: "test",
                    },
                }],
            },
            {
                name: "Deploy",
                actions: [{
                    name: "Deploy",
                    category: "Deploy",
                    owner: "AWS",
                    provider: "CloudFormation",
                    inputArtifacts: ["build_output"],
                    version: "1",
                    configuration: {
                        ActionMode: "REPLACE_ON_FAILURE",
                        Capabilities: "CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM",
                        OutputFileName: "CreateStackOutput.json",
                        StackName: "MyStack",
                        TemplatePath: "build_output::sam-templated.yaml",
                    },
                }],
            },
        ],
    });
    const codepipelineBucketPab = new aws.s3.BucketPublicAccessBlock("codepipelineBucketPab", {
        bucket: codepipelineBucket.id,
        blockPublicAcls: true,
        blockPublicPolicy: true,
        ignorePublicAcls: true,
        restrictPublicBuckets: true,
    });
    const codepipelinePolicyPolicyDocument = aws.iam.getPolicyDocumentOutput({
        statements: [
            {
                effect: "Allow",
                actions: [
                    "s3:GetObject",
                    "s3:GetObjectVersion",
                    "s3:GetBucketVersioning",
                    "s3:PutObjectAcl",
                    "s3:PutObject",
                ],
                resources: [
                    codepipelineBucket.arn,
                    pulumi.interpolate`${codepipelineBucket.arn}/*`,
                ],
            },
            {
                effect: "Allow",
                actions: ["codestar-connections:UseConnection"],
                resources: [example.arn],
            },
            {
                effect: "Allow",
                actions: [
                    "codebuild:BatchGetBuilds",
                    "codebuild:StartBuild",
                ],
                resources: ["*"],
            },
        ],
    });
    const codepipelinePolicyRolePolicy = new aws.iam.RolePolicy("codepipelinePolicyRolePolicy", {
        role: codepipelineRole.id,
        policy: codepipelinePolicyPolicyDocument.apply(codepipelinePolicyPolicyDocument => codepipelinePolicyPolicyDocument.json),
    });
    
    resources:
      codepipeline:
        type: aws:codepipeline:Pipeline
        properties:
          roleArn: ${codepipelineRole.arn}
          artifactStores:
            - location: ${codepipelineBucket.bucket}
              type: S3
              encryptionKey:
                id: ${s3kmskey.arn}
                type: KMS
          stages:
            - name: Source
              actions:
                - name: Source
                  category: Source
                  owner: AWS
                  provider: CodeStarSourceConnection
                  version: '1'
                  outputArtifacts:
                    - source_output
                  configuration:
                    ConnectionArn: ${example.arn}
                    FullRepositoryId: my-organization/example
                    BranchName: main
            - name: Build
              actions:
                - name: Build
                  category: Build
                  owner: AWS
                  provider: CodeBuild
                  inputArtifacts:
                    - source_output
                  outputArtifacts:
                    - build_output
                  version: '1'
                  configuration:
                    ProjectName: test
            - name: Deploy
              actions:
                - name: Deploy
                  category: Deploy
                  owner: AWS
                  provider: CloudFormation
                  inputArtifacts:
                    - build_output
                  version: '1'
                  configuration:
                    ActionMode: REPLACE_ON_FAILURE
                    Capabilities: CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM
                    OutputFileName: CreateStackOutput.json
                    StackName: MyStack
                    TemplatePath: build_output::sam-templated.yaml
      example:
        type: aws:codestarconnections:Connection
        properties:
          providerType: GitHub
      codepipelineBucket:
        type: aws:s3:BucketV2
      codepipelineBucketPab:
        type: aws:s3:BucketPublicAccessBlock
        properties:
          bucket: ${codepipelineBucket.id}
          blockPublicAcls: true
          blockPublicPolicy: true
          ignorePublicAcls: true
          restrictPublicBuckets: true
      codepipelineRole:
        type: aws:iam:Role
        properties:
          assumeRolePolicy: ${assumeRole.json}
      codepipelinePolicyRolePolicy:
        type: aws:iam:RolePolicy
        properties:
          role: ${codepipelineRole.id}
          policy: ${codepipelinePolicyPolicyDocument.json}
    variables:
      assumeRole:
        fn::invoke:
          Function: aws:iam:getPolicyDocument
          Arguments:
            statements:
              - effect: Allow
                principals:
                  - type: Service
                    identifiers:
                      - codepipeline.amazonaws.com
                actions:
                  - sts:AssumeRole
      codepipelinePolicyPolicyDocument:
        fn::invoke:
          Function: aws:iam:getPolicyDocument
          Arguments:
            statements:
              - effect: Allow
                actions:
                  - s3:GetObject
                  - s3:GetObjectVersion
                  - s3:GetBucketVersioning
                  - s3:PutObjectAcl
                  - s3:PutObject
                resources:
                  - ${codepipelineBucket.arn}
                  - ${codepipelineBucket.arn}/*
              - effect: Allow
                actions:
                  - codestar-connections:UseConnection
                resources:
                  - ${example.arn}
              - effect: Allow
                actions:
                  - codebuild:BatchGetBuilds
                  - codebuild:StartBuild
                resources:
                  - '*'
      s3kmskey:
        fn::invoke:
          Function: aws:kms:getAlias
          Arguments:
            name: alias/myKmsKey
    

    Create Pipeline Resource

    new Pipeline(name: string, args: PipelineArgs, opts?: CustomResourceOptions);
    @overload
    def Pipeline(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 artifact_stores: Optional[Sequence[PipelineArtifactStoreArgs]] = None,
                 name: Optional[str] = None,
                 pipeline_type: Optional[str] = None,
                 role_arn: Optional[str] = None,
                 stages: Optional[Sequence[PipelineStageArgs]] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 variables: Optional[Sequence[PipelineVariableArgs]] = None)
    @overload
    def Pipeline(resource_name: str,
                 args: PipelineArgs,
                 opts: Optional[ResourceOptions] = None)
    func NewPipeline(ctx *Context, name string, args PipelineArgs, opts ...ResourceOption) (*Pipeline, error)
    public Pipeline(string name, PipelineArgs args, CustomResourceOptions? opts = null)
    public Pipeline(String name, PipelineArgs args)
    public Pipeline(String name, PipelineArgs args, CustomResourceOptions options)
    
    type: aws:codepipeline:Pipeline
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args PipelineArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args PipelineArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args PipelineArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args PipelineArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args PipelineArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Pipeline Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Pipeline resource accepts the following input properties:

    ArtifactStores List<PipelineArtifactStore>
    One or more artifact_store blocks. Artifact stores are documented below.
    RoleArn string
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    Stages List<PipelineStage>
    A stage block. Stages are documented below.
    Name string
    The name of the pipeline.
    PipelineType string
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    Tags Dictionary<string, string>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    Variables List<PipelineVariable>
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    ArtifactStores []PipelineArtifactStoreArgs
    One or more artifact_store blocks. Artifact stores are documented below.
    RoleArn string
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    Stages []PipelineStageArgs
    A stage block. Stages are documented below.
    Name string
    The name of the pipeline.
    PipelineType string
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    Tags map[string]string
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    Variables []PipelineVariableArgs
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    artifactStores List<PipelineArtifactStore>
    One or more artifact_store blocks. Artifact stores are documented below.
    roleArn String
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    stages List<PipelineStage>
    A stage block. Stages are documented below.
    name String
    The name of the pipeline.
    pipelineType String
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    tags Map<String,String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    variables List<PipelineVariable>
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    artifactStores PipelineArtifactStore[]
    One or more artifact_store blocks. Artifact stores are documented below.
    roleArn string
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    stages PipelineStage[]
    A stage block. Stages are documented below.
    name string
    The name of the pipeline.
    pipelineType string
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    tags {[key: string]: string}
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    variables PipelineVariable[]
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    artifact_stores Sequence[PipelineArtifactStoreArgs]
    One or more artifact_store blocks. Artifact stores are documented below.
    role_arn str
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    stages Sequence[PipelineStageArgs]
    A stage block. Stages are documented below.
    name str
    The name of the pipeline.
    pipeline_type str
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    tags Mapping[str, str]
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    variables Sequence[PipelineVariableArgs]
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    artifactStores List<Property Map>
    One or more artifact_store blocks. Artifact stores are documented below.
    roleArn String
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    stages List<Property Map>
    A stage block. Stages are documented below.
    name String
    The name of the pipeline.
    pipelineType String
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    tags Map<String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    variables List<Property Map>
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Pipeline resource produces the following output properties:

    Arn string
    The codepipeline ARN.
    Id string
    The provider-assigned unique ID for this managed resource.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    Arn string
    The codepipeline ARN.
    Id string
    The provider-assigned unique ID for this managed resource.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    arn String
    The codepipeline ARN.
    id String
    The provider-assigned unique ID for this managed resource.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    arn string
    The codepipeline ARN.
    id string
    The provider-assigned unique ID for this managed resource.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    arn str
    The codepipeline ARN.
    id str
    The provider-assigned unique ID for this managed resource.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    arn String
    The codepipeline ARN.
    id String
    The provider-assigned unique ID for this managed resource.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    Look up Existing Pipeline Resource

    Get an existing Pipeline resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: PipelineState, opts?: CustomResourceOptions): Pipeline
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            artifact_stores: Optional[Sequence[PipelineArtifactStoreArgs]] = None,
            name: Optional[str] = None,
            pipeline_type: Optional[str] = None,
            role_arn: Optional[str] = None,
            stages: Optional[Sequence[PipelineStageArgs]] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            variables: Optional[Sequence[PipelineVariableArgs]] = None) -> Pipeline
    func GetPipeline(ctx *Context, name string, id IDInput, state *PipelineState, opts ...ResourceOption) (*Pipeline, error)
    public static Pipeline Get(string name, Input<string> id, PipelineState? state, CustomResourceOptions? opts = null)
    public static Pipeline get(String name, Output<String> id, PipelineState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string
    The codepipeline ARN.
    ArtifactStores List<PipelineArtifactStore>
    One or more artifact_store blocks. Artifact stores are documented below.
    Name string
    The name of the pipeline.
    PipelineType string
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    RoleArn string
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    Stages List<PipelineStage>
    A stage block. Stages are documented below.
    Tags Dictionary<string, string>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    Variables List<PipelineVariable>
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    Arn string
    The codepipeline ARN.
    ArtifactStores []PipelineArtifactStoreArgs
    One or more artifact_store blocks. Artifact stores are documented below.
    Name string
    The name of the pipeline.
    PipelineType string
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    RoleArn string
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    Stages []PipelineStageArgs
    A stage block. Stages are documented below.
    Tags map[string]string
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    Variables []PipelineVariableArgs
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    arn String
    The codepipeline ARN.
    artifactStores List<PipelineArtifactStore>
    One or more artifact_store blocks. Artifact stores are documented below.
    name String
    The name of the pipeline.
    pipelineType String
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    roleArn String
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    stages List<PipelineStage>
    A stage block. Stages are documented below.
    tags Map<String,String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    variables List<PipelineVariable>
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    arn string
    The codepipeline ARN.
    artifactStores PipelineArtifactStore[]
    One or more artifact_store blocks. Artifact stores are documented below.
    name string
    The name of the pipeline.
    pipelineType string
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    roleArn string
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    stages PipelineStage[]
    A stage block. Stages are documented below.
    tags {[key: string]: string}
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    variables PipelineVariable[]
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    arn str
    The codepipeline ARN.
    artifact_stores Sequence[PipelineArtifactStoreArgs]
    One or more artifact_store blocks. Artifact stores are documented below.
    name str
    The name of the pipeline.
    pipeline_type str
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    role_arn str
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    stages Sequence[PipelineStageArgs]
    A stage block. Stages are documented below.
    tags Mapping[str, str]
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    variables Sequence[PipelineVariableArgs]
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.
    arn String
    The codepipeline ARN.
    artifactStores List<Property Map>
    One or more artifact_store blocks. Artifact stores are documented below.
    name String
    The name of the pipeline.
    pipelineType String
    Type of the pipeline. Possible values are: V1 and V2. Default value is V1.
    roleArn String
    A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.
    stages List<Property Map>
    A stage block. Stages are documented below.
    tags Map<String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    variables List<Property Map>
    A pipeline-level variable block. Valid only when pipeline_type is V2. Variable are documented below.

    Supporting Types

    PipelineArtifactStore, PipelineArtifactStoreArgs

    Location string
    The location where AWS CodePipeline stores artifacts for a pipeline; currently only S3 is supported.
    Type string
    The type of the artifact store, such as Amazon S3
    EncryptionKey PipelineArtifactStoreEncryptionKey
    The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An encryption_key block is documented below.
    Region string
    The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline.
    Location string
    The location where AWS CodePipeline stores artifacts for a pipeline; currently only S3 is supported.
    Type string
    The type of the artifact store, such as Amazon S3
    EncryptionKey PipelineArtifactStoreEncryptionKey
    The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An encryption_key block is documented below.
    Region string
    The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline.
    location String
    The location where AWS CodePipeline stores artifacts for a pipeline; currently only S3 is supported.
    type String
    The type of the artifact store, such as Amazon S3
    encryptionKey PipelineArtifactStoreEncryptionKey
    The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An encryption_key block is documented below.
    region String
    The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline.
    location string
    The location where AWS CodePipeline stores artifacts for a pipeline; currently only S3 is supported.
    type string
    The type of the artifact store, such as Amazon S3
    encryptionKey PipelineArtifactStoreEncryptionKey
    The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An encryption_key block is documented below.
    region string
    The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline.
    location str
    The location where AWS CodePipeline stores artifacts for a pipeline; currently only S3 is supported.
    type str
    The type of the artifact store, such as Amazon S3
    encryption_key PipelineArtifactStoreEncryptionKey
    The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An encryption_key block is documented below.
    region str
    The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline.
    location String
    The location where AWS CodePipeline stores artifacts for a pipeline; currently only S3 is supported.
    type String
    The type of the artifact store, such as Amazon S3
    encryptionKey Property Map
    The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An encryption_key block is documented below.
    region String
    The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline.

    PipelineArtifactStoreEncryptionKey, PipelineArtifactStoreEncryptionKeyArgs

    Id string
    The KMS key ARN or ID
    Type string
    The type of key; currently only KMS is supported
    Id string
    The KMS key ARN or ID
    Type string
    The type of key; currently only KMS is supported
    id String
    The KMS key ARN or ID
    type String
    The type of key; currently only KMS is supported
    id string
    The KMS key ARN or ID
    type string
    The type of key; currently only KMS is supported
    id str
    The KMS key ARN or ID
    type str
    The type of key; currently only KMS is supported
    id String
    The KMS key ARN or ID
    type String
    The type of key; currently only KMS is supported

    PipelineStage, PipelineStageArgs

    Actions List<PipelineStageAction>
    The action(s) to include in the stage. Defined as an action block below
    Name string
    The name of the stage.
    Actions []PipelineStageAction
    The action(s) to include in the stage. Defined as an action block below
    Name string
    The name of the stage.
    actions List<PipelineStageAction>
    The action(s) to include in the stage. Defined as an action block below
    name String
    The name of the stage.
    actions PipelineStageAction[]
    The action(s) to include in the stage. Defined as an action block below
    name string
    The name of the stage.
    actions Sequence[PipelineStageAction]
    The action(s) to include in the stage. Defined as an action block below
    name str
    The name of the stage.
    actions List<Property Map>
    The action(s) to include in the stage. Defined as an action block below
    name String
    The name of the stage.

    PipelineStageAction, PipelineStageActionArgs

    Category string
    A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are Approval, Build, Deploy, Invoke, Source and Test.
    Name string
    The action declaration's name.
    Owner string
    The creator of the action being called. Possible values are AWS, Custom and ThirdParty.
    Provider string
    The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the Action Structure Reference documentation.
    Version string
    A string that identifies the action type.
    Configuration Dictionary<string, string>
    A map of the action declaration's configuration. Configurations options for action types and providers can be found in the Pipeline Structure Reference and Action Structure Reference documentation.
    InputArtifacts List<string>
    A list of artifact names to be worked on.
    Namespace string
    The namespace all output variables will be accessed from.
    OutputArtifacts List<string>
    A list of artifact names to output. Output artifact names must be unique within a pipeline.
    Region string
    The region in which to run the action.
    RoleArn string
    The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline.
    RunOrder int
    The order in which actions are run.
    Category string
    A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are Approval, Build, Deploy, Invoke, Source and Test.
    Name string
    The action declaration's name.
    Owner string
    The creator of the action being called. Possible values are AWS, Custom and ThirdParty.
    Provider string
    The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the Action Structure Reference documentation.
    Version string
    A string that identifies the action type.
    Configuration map[string]string
    A map of the action declaration's configuration. Configurations options for action types and providers can be found in the Pipeline Structure Reference and Action Structure Reference documentation.
    InputArtifacts []string
    A list of artifact names to be worked on.
    Namespace string
    The namespace all output variables will be accessed from.
    OutputArtifacts []string
    A list of artifact names to output. Output artifact names must be unique within a pipeline.
    Region string
    The region in which to run the action.
    RoleArn string
    The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline.
    RunOrder int
    The order in which actions are run.
    category String
    A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are Approval, Build, Deploy, Invoke, Source and Test.
    name String
    The action declaration's name.
    owner String
    The creator of the action being called. Possible values are AWS, Custom and ThirdParty.
    provider String
    The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the Action Structure Reference documentation.
    version String
    A string that identifies the action type.
    configuration Map<String,String>
    A map of the action declaration's configuration. Configurations options for action types and providers can be found in the Pipeline Structure Reference and Action Structure Reference documentation.
    inputArtifacts List<String>
    A list of artifact names to be worked on.
    namespace String
    The namespace all output variables will be accessed from.
    outputArtifacts List<String>
    A list of artifact names to output. Output artifact names must be unique within a pipeline.
    region String
    The region in which to run the action.
    roleArn String
    The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline.
    runOrder Integer
    The order in which actions are run.
    category string
    A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are Approval, Build, Deploy, Invoke, Source and Test.
    name string
    The action declaration's name.
    owner string
    The creator of the action being called. Possible values are AWS, Custom and ThirdParty.
    provider string
    The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the Action Structure Reference documentation.
    version string
    A string that identifies the action type.
    configuration {[key: string]: string}
    A map of the action declaration's configuration. Configurations options for action types and providers can be found in the Pipeline Structure Reference and Action Structure Reference documentation.
    inputArtifacts string[]
    A list of artifact names to be worked on.
    namespace string
    The namespace all output variables will be accessed from.
    outputArtifacts string[]
    A list of artifact names to output. Output artifact names must be unique within a pipeline.
    region string
    The region in which to run the action.
    roleArn string
    The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline.
    runOrder number
    The order in which actions are run.
    category str
    A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are Approval, Build, Deploy, Invoke, Source and Test.
    name str
    The action declaration's name.
    owner str
    The creator of the action being called. Possible values are AWS, Custom and ThirdParty.
    provider str
    The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the Action Structure Reference documentation.
    version str
    A string that identifies the action type.
    configuration Mapping[str, str]
    A map of the action declaration's configuration. Configurations options for action types and providers can be found in the Pipeline Structure Reference and Action Structure Reference documentation.
    input_artifacts Sequence[str]
    A list of artifact names to be worked on.
    namespace str
    The namespace all output variables will be accessed from.
    output_artifacts Sequence[str]
    A list of artifact names to output. Output artifact names must be unique within a pipeline.
    region str
    The region in which to run the action.
    role_arn str
    The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline.
    run_order int
    The order in which actions are run.
    category String
    A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are Approval, Build, Deploy, Invoke, Source and Test.
    name String
    The action declaration's name.
    owner String
    The creator of the action being called. Possible values are AWS, Custom and ThirdParty.
    provider String
    The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the Action Structure Reference documentation.
    version String
    A string that identifies the action type.
    configuration Map<String>
    A map of the action declaration's configuration. Configurations options for action types and providers can be found in the Pipeline Structure Reference and Action Structure Reference documentation.
    inputArtifacts List<String>
    A list of artifact names to be worked on.
    namespace String
    The namespace all output variables will be accessed from.
    outputArtifacts List<String>
    A list of artifact names to output. Output artifact names must be unique within a pipeline.
    region String
    The region in which to run the action.
    roleArn String
    The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline.
    runOrder Number
    The order in which actions are run.

    PipelineVariable, PipelineVariableArgs

    Name string
    The name of a pipeline-level variable.
    DefaultValue string
    The default value of a pipeline-level variable.
    Description string

    The description of a pipeline-level variable.

    Note: The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.

    Name string
    The name of a pipeline-level variable.
    DefaultValue string
    The default value of a pipeline-level variable.
    Description string

    The description of a pipeline-level variable.

    Note: The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.

    name String
    The name of a pipeline-level variable.
    defaultValue String
    The default value of a pipeline-level variable.
    description String

    The description of a pipeline-level variable.

    Note: The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.

    name string
    The name of a pipeline-level variable.
    defaultValue string
    The default value of a pipeline-level variable.
    description string

    The description of a pipeline-level variable.

    Note: The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.

    name str
    The name of a pipeline-level variable.
    default_value str
    The default value of a pipeline-level variable.
    description str

    The description of a pipeline-level variable.

    Note: The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.

    name String
    The name of a pipeline-level variable.
    defaultValue String
    The default value of a pipeline-level variable.
    description String

    The description of a pipeline-level variable.

    Note: The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.

    Import

    Using pulumi import, import CodePipelines using the name. For example:

     $ pulumi import aws:codepipeline/pipeline:Pipeline foo example
    

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.23.0 published on Thursday, Feb 22, 2024 by Pulumi