I am attempting to get a CloudWatch Event to work for a specific CodeBuild project on Build State Change, but it does not seem to take. It works fine if I remove the resource, but then it also triggers on any CodeBuild project. I have something similar working for a specific CodeCommit repository. Am I doing something wrong or is this not implemented for CodeBuild?
{
"detail-type": [
"CodeBuild Build State Change"
],
"source": [
"aws.codebuild"
],
"resources": [
"arn:aws:codebuild:us-east-2:1234567890:build/project-name:*"
]
}
To create CWE rule for specific CodeBuild project, use 'detail.project-name' filter in your CWE rule
{
"source": [
"aws.codebuild"
],
"detail-type": [
"CodeBuild Build State Change"
],
"detail": {
"project-name": [
"project-name"
]
}
}
https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-notifications.html
Related
I have created cloudwatch event rule for glue job state change. I am getting notifications correctly for all glue job state change. But i need to send notifications for some particular glue jobs. i tried with adding multiple jobs but not working properly.
glue jobs:
glue_job1
glue_job2
glue_job3
event rule: with this rule i can get notifications for all jobs.
{
"source": [
"aws.glue"
],
"detail-type": [
"Glue Job State Change"
],
"detail": {
"state": [
"FAILED",
"TIMEOUT",
"SUCCEEDED"
]
}
}
event rule2: with this i am not getting proper notifications
{
"source": [
"aws.glue"
],
"detail-type": [
"Glue Job State Change"
],
"detail": {
"state": [
"FAILED",
"TIMEOUT",
"SUCCEEDED"
],
"jobName": [
"glue_job1",
"glue_job2",
"glue_job3"
]
}
}
how can we send notifications for only specific glue jobs ? how can we create event rule for this scenario. Thank you
I have created the cloudwatch event it contains source as S3 with PutObject and CompleteMultipartUpload and target as ECS task. My rule is working for the single file upload. But when I upload multiple files its creating only one ECS task. Is it possible to run single ECS task for each file uploads ?
{
"source": [
"aws.s3"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"s3.amazonaws.com"
],
"eventName": [
"PutObject",
"CompleteMultipartUpload"
],
"requestParameters": {
"bucketName": [
"test"
]
}
}
}
I want to receive an email every time I update my ECS service (and once the update finishes or the desired state was reached)
I thought about CloudWatch Events Rules setting an SNS topic as target (which a confirmed email address). However, it doesn't work.
This is my custom Event pattern:
{
"detail-type": [
"ECS Update"
],
"resources": [
"arn:aws:ecs:us-east-1:aws-account:service/myService"
],
"source": [
"aws.ecs"
],
"detail": {
"clusterArn": [
"arn:aws:ecs:us-east-1:aws-account:cluster/myCluster"
],
"eventName": [
"SERVICE_STEADY_STATE"
],
"eventType": [
"INFO"
]
}
}
I also tried:
TASKSET_STEADY_STATE
CAPACITY_PROVIDER_STEADY_STATE
SERVICE_DESIRED_COUNT_UPDATED
I'm updating the service through the cli
aws ecs update-service --cluster myCluster --service myService --task-definition myTaskDef --force-new-deployment --desired-count 2
The status of the event rule is enabled and the target is the SNS topic. The input is matched event.
I don't have any clue. Am I using the wrong event name?
You can also set email notification on Task instead of service, also there is an issue regarding ECS notification.
I was not able to make it base on ECS status change, I controlled notification at lambda level. you can set this rule and its working for me.
{
"source": [
"aws.ecs"
],
"detail-type": [
"ECS Service Action"
]
}
you can expect a bit delay as I already experienced this and also reported in GitHub Issue.
Here is the JSON event that you will receive for above rule.
{
"version": "0",
"id": "c3c27e7b-abcd-efgh-c84e-highgclkl",
"detail-type": "ECS Service Action",
"source": "aws.ecs",
"account": "1234567890",
"time": "2020-06-27T00:00:00.00Z",
"region": "us-west-2",
"resources": [
"arn:aws:ecs:us-west-2:1234567890:service/test"
],
"detail": {
"eventType": "INFO",
"eventName": "SERVICE_STEADY_STATE",
"clusterArn": "arn:aws:ecs:us-west-2:123456789:cluster/mycluster",
"createdAt": "2020-06-27T00:00:00.00Z"
}
}
ecs_cwe_events
or the other option is so you can try task-based changes.
{
"source": [
"aws.ecs"
],
"detail-type": [
"ECS Task State Change"
],
"detail": {
"lastStatus": [
"STOPPED",
"RUNNING"
],
"clusterArn": [
"arn:aws:ecs:us-west-2:123456789:cluster/my_cluster",
]
}
}
I Have a CodeCommit repository which needs to be built only when a tag is pushed to the remote. I have used a CloudWatch event to successfully trigger the CodePipeline using the following rule.
I am following this document (referenceCreated event subsection).
{
"source": [
"aws.codecommit"
],
"detail-type": [
"CodeCommit Repository State Change"
],
"resources": [
"arn:aws:codecommit:xxx-repository"
],
"detail": {
"event": "referenceCreated",
"repositoryName": "xxx-repository",
"referenceName": "<Tag Name>",
"referenceType": "tag"
}
}
Following are my problems,
How to access the name of the tag, which triggered the event, from this rule and passes it as a parameter (assuming I can use Input Transformer) to the CodePipeline?
If that is possible, how can I make sure that the CodePipeline build the particular tag/changeset instead of the latest from the branch?
I'm having some issues with AWS CloudWatch Events.
I'm creating a CodePipeline CI pipeline which have a CodeCommit repository as the Source, a CodeBuild project as the Build/Test phase (then, it deploys to Lambda, but the problem isn't there).
We have multiple projects and we are going to push multiple other projects. So, I created a script that manages the AWS CI stuff (i.e. creating a pipeline, a CodeBuild project, ... AND a CloudWatch Events rule, linked to the pipeline).
The first time I push my code, it works. But then, the process stop getting triggered by the push on CodeCommit.
I found a solution (but NOT the one I want) : I just have to modify the pipeline, modify the stage (Source), not touching anything, and saving the null modification : and it works (before saving, it ask the authorization to create a CloudWatch Events rule associated with this pipeline).
Does somebody encountered this issue ? What did you do to bypass it ?
I really want to make a 100% automated CI, I don't want to go to the AWS Console each time my team create a new repository or push a new branch on an existing repository.
EDIT :
Here is the JSON of my CloudWatch Events rule :
{
"Name": "company-ci_codepipeline_project-stage",
"EventPattern": "cf. second JSON",
"State": "ENABLED",
"Arn": "arn:aws:events:region:xxx:rule/company-ci_codepipeline_project-stage",
"Description": "CloudWatch Events rule to automatically trigger the needed pipeline from every push to project repository, on the stage branch on CodeCommit."
}
And here is the EventPattern JSON :
{
"source": [
"aws.codecommit"
],
"detail-type": [
"CodeCommit repository state change"
],
"resources": [
"arn:aws:codecommit:region:xxx:project"
],
"detail": {
"event": [
"referenceCreated",
"referenceUpdated"
],
"referenceType": [
"branch"
],
"referenceName": [
"stage"
]
}
}
I've found this issue is typically related to the event rule/target/role configuration. If you don't have a target associated with your rule, you will NOT see the event invoked when reviewing metrics. Since your EventPattern looks correct, I'm thinking the target might be your issue.
You should have a configured target that looks something like:
{
"Rule": "company-ci_codepipeline_project-stage",
"Targets": [
{
"RoleArn": "arn:aws:iam::xxx:role/cwe-codepipeline",
"Id": "ProjectPipelineTarget",
"Arn": "arn:aws:codepipeline:region:xxx:your-pipeline"
}
]
}
If that seems all good, I'd next check that the role associated with the target is granting the correct permissions. My role looks something like:
{
"Role": {
"Description": "Allows CloudWatch Events to invoke targets and perform actions in built-in targets on your behalf.",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "events.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
},
"MaxSessionDuration": 3600,
"RoleId": "xxxx",
"CreateDate": "2018-08-06T20:56:19Z",
"RoleName": "cwe-codepipeline",
"Path": "/",
"Arn": "arn:aws:iam::xxx:role/cwe-codepipeline"
}
}
And it has an inline policy of:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codepipeline:StartPipelineExecution"
],
"Resource": [
"arn:aws:codepipeline:*:xxx:*"
]
}
]
}
For reference, check out this documentation