By using AWS re:Post, you agree to the Terms of Use

Unable to Add CodeStarNotification to CodePipeline with properly configured SNS access policy

0

Currently facing an issue with creating a notification rule for code pipeline using CDK with Pipeline or CodePipeline constructs

Resource handler returned message: "Invalid request provided: AWS::CodeStarNotifications::NotificationRule" (RequestToken: <GUID>, HandlerErrorCode: InvalidRequest)

The topic and chatbot are already defined in a different stack. The topic already has configured an access policy. However when I attempt to create a rule for my pipelines, it fails. Every time.

{
  "Version": "2008-10-17",
  "Statement": [
    {
      "Sid": "AWSCodeStarNotifications_publish",
      "Effect": "Allow",
      "Principal": {
        "Service": "codestar-notifications.amazonaws.com"
      },
      "Action": "SNS:Publish",
      "Resource": "arn:aws:sns:us-east-1:123456789:PipelineNotifications"
    }
  ]
}

Referencing topic:

 const pipelineNotificationsTopic = sns.Topic.fromTopicArn(
            this,
            "PipelineNotifications",
            `arn:aws:sns:${props?.env.region}:${props?.env.account}:PipelineNotifications
        `
        );

Pipeline code:

 this.pipeline = new Pipeline(
            this,
            `${props?.appName}-MyPipeline`,
            {
                pipelineName: "MyPipeline",
                crossAccountKeys: true,
                restartExecutionOnUpdate: true,
            }
        );
const rule = this.pipeline.notifyOn(
            "CodeStarRule",
            pipelineNotificationsTopic,
            {
                events: [
                    PipelineNotificationEvents.PIPELINE_EXECUTION_SUCCEEDED,
                    PipelineNotificationEvents.PIPELINE_EXECUTION_FAILED,
                    PipelineNotificationEvents.ACTION_EXECUTION_FAILED,
                ],
                detailType: DetailType.FULL,
            }
        );

or

 this.pipeline = new Pipeline(
            this,
            `${props?.appName}-MyPipeline`,
            {
                pipelineName: "MyPipeline",
                crossAccountKeys: true,
                restartExecutionOnUpdate: true,
            }
        );
const rule =new NotificationRule(this, "Notification", {
            detailType: DetailType.FULL,
            events: [
                "codepipeline-pipeline-pipeline-execution-failed",
                "codepipeline-pipeline-action-execution-failed",
                "codepipeline-pipeline-stage-execution-failed",
                "codepipeline-pipeline-manual-approval-failed",
                "codepipeline-pipeline-manual-approval-needed",
            ],
            source: pipeline,
            targets: [pipelineNotificationsTopic],
        });