-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'refs/remotes/aws/master'
- Loading branch information
Showing
8 changed files
with
313 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
17 changes: 17 additions & 0 deletions
17
automated-actions/AWS_Codepipeline_Disable_Stage_Transition/CloudwatchEventPattern
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
{ | ||
"source": [ | ||
"aws.health" | ||
], | ||
"detail-type": [ | ||
"AWS Health Event" | ||
], | ||
"detail": { | ||
"service": [ | ||
"EC2" | ||
], | ||
"eventTypeCategory": [ | ||
"issue" | ||
] | ||
} | ||
} | ||
|
23 changes: 23 additions & 0 deletions
23
automated-actions/AWS_Codepipeline_Disable_Stage_Transition/IAMPolicy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
{ | ||
"Version": "2012-10-17", | ||
"Statement": [ | ||
{ | ||
"Sid": "Stmt1477516473539", | ||
"Action": [ | ||
"logs:CreateLogGroup", | ||
"logs:CreateLogStream", | ||
"logs:PutLogEvents" | ||
], | ||
"Effect": "Allow", | ||
"Resource": "arn:aws:logs:*:*:*" | ||
}, | ||
{ | ||
"Sid": "Stmt1484165114117", | ||
"Action": [ | ||
"codepipeline:DisableStageTransition" | ||
], | ||
"Effect": "Allow", | ||
"Resource": "*" | ||
} | ||
] | ||
} |
33 changes: 33 additions & 0 deletions
33
automated-actions/AWS_Codepipeline_Disable_Stage_Transition/LambdaFunction.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
// Sample Lambda Function to disable stage transition to pause deployments when an AWS Health issue event is generated. | ||
var AWS = require('aws-sdk'); | ||
var codepipeline = new AWS.CodePipeline(); | ||
|
||
// define configuration | ||
const pipelineName = process.env.pipelineName; //Pipeline Name | ||
const stageName = process.env.stageName; //Stage Name (e.g. Beta) | ||
|
||
//main function which gets AWS Health data from Cloudwatch event | ||
exports.handler = (event, context, callback) => { | ||
//extract details from Cloudwatch event | ||
eventName = event.detail.eventTypeCode; | ||
//disable transitions into the next stage of the pipeline | ||
var params = { | ||
pipelineName: pipelineName, | ||
reason: "AWS Health issue detected - please see AWS Personal Health Dashboard for more details", | ||
stageName: stageName, | ||
transitionType: "Inbound" | ||
}; | ||
codepipeline.disableStageTransition(params, function(err, data) { | ||
if (err) { | ||
const errorMessage = `Error in disabling CodePipeline stage transition for pipeline, ${pipelineName} in response to AWS Health event: ${eventName}.`; | ||
console.log(errorMessage, err); | ||
callback(errorMessage); | ||
} | ||
else { | ||
const successMessage = `Successfully got details from AWS Health event, ${eventName}, and disabled stage transition to ${stageName} for pipeline, ${pipelineName}.`; | ||
console.log(successMessage, data); | ||
callback(null, successMessage); //return success | ||
} | ||
}); | ||
}; | ||
|
29 changes: 29 additions & 0 deletions
29
automated-actions/AWS_Codepipeline_Disable_Stage_Transition/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
## AWS Health Issue Amazon Cloudwatch event trigger AWS CodePipeline Disable Stage Transition using AWS Lambda | ||
|
||
### Description | ||
This sample highlights you can automatically stop a deployment when an Amazon EC2 issue occurs by disabling the stage transition in AWS Code Pipeline in response to an AWS Health Issue. | ||
|
||
### Setup and Usage | ||
|
||
#### Cloudformation Setup | ||
Choose **Launch Stack** to launch the template in the US East (N. Virginia) Region in your account: | ||
|
||
[![Launch AWS Health SMS Notifier](../../images/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=AWSHealthCodePipelineDisableDisableStageTransition&templateURL=https://s3.amazonaws.com/aws-health-tools/Cloudformation-templates/AWSHealthCodePipelineDisableDisableStageTransition.json) | ||
|
||
#### Manual Setup | ||
1. Create an IAM role for the Lambda function to use. Attach the [IAM policy](IAMPolicy) to the role in the IAM console. | ||
Documentation on how to create an IAM policy is available here: http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html | ||
Documentation on how to create an IAM role for Lambda is available here: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-service.html#roles-creatingrole-service-console | ||
|
||
2. Create a Lambda JavaScript function by using the [sample](LambdaFunction.js) provided and choose the IAM role created in step 1. Be sure to update the configuration of the Lambda function per your needs. | ||
More information about Lambda is available here: http://docs.aws.amazon.com/lambda/latest/dg/getting-started.html | ||
|
||
3. Create a CloudWatch Events rule to trigger the Lambda function created in step 2 matching an AWS Health Issue. An example of Cloudwatch rule event pattern for EC2 issues is [here](CloudwatchEventPattern). | ||
Documentation on how to create an AWS Health CloudWatch Events rule is available here: http://docs.aws.amazon.com/health/latest/ug/cloudwatch-events-health.html | ||
|
||
More information about AWS Health is available here: http://docs.aws.amazon.com/health/latest/ug/what-is-aws-health.html | ||
|
||
Note that this is a just an example of how to set up automation with AWS Health, Amazon CloudWatch Events, and AWS Lambda. We recommend testing the example and tailoring it to your environment before using it in your production environment. | ||
|
||
### License | ||
AWS Health Tools are licensed under the Apache 2.0 License. |
208 changes: 208 additions & 0 deletions
208
automated-actions/AWS_Codepipeline_Disable_Stage_Transition/cloudformation.template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,208 @@ | ||
{ | ||
"AWSTemplateFormatVersion": "2010-09-09", | ||
"Description": "This template sets up AWS Health Tool to stop a deployment when an AWS issue occurs by disabling the stage transition in AWS Code Pipeline in response to an AWS Health Issue.", | ||
"Metadata": { | ||
"AWS::CloudFormation::Interface": { | ||
"ParameterGroups": [ | ||
{ | ||
"Label": { | ||
"default": "General Configuration" | ||
}, | ||
"Parameters": [ | ||
"pipelineName", | ||
"stageName" | ||
] | ||
} | ||
], | ||
"ParameterLabels": { | ||
"pipelineName": { | ||
"default": "pipelineName" | ||
}, | ||
"stageName": { | ||
"default": "Beta" | ||
} | ||
} | ||
} | ||
}, | ||
"Parameters": { | ||
"pipelineName": { | ||
"Description": "The name of your AWS Pipeline", | ||
"Type": "String", | ||
"Default": "MyPipeline" | ||
}, | ||
"stageName": { | ||
"Description": "The name of your AWS Pipeline stage", | ||
"Type": "String", | ||
"Default": "Beta" | ||
} | ||
}, | ||
"Resources": { | ||
"LambdaIAMRoleforCodepipelineDisableStageTransition": { | ||
"Type": "AWS::IAM::Role", | ||
"Properties": { | ||
"AssumeRolePolicyDocument": { | ||
"Version": "2012-10-17", | ||
"Statement": [ | ||
{ | ||
"Effect": "Allow", | ||
"Principal": { | ||
"Service": "lambda.amazonaws.com" | ||
}, | ||
"Action": "sts:AssumeRole" | ||
} | ||
] | ||
}, | ||
"Path": "/", | ||
"Policies": [ | ||
{ | ||
"PolicyName": "AWSCodepipelineDisableStageTransitionAndLambda", | ||
"PolicyDocument": { | ||
"Version": "2012-10-17", | ||
"Statement": [ | ||
{ | ||
"Sid": "LambdaLogging", | ||
"Effect": "Allow", | ||
"Action": [ | ||
"logs:CreateLogGroup", | ||
"logs:CreateLogStream", | ||
"logs:PutLogEvents" | ||
], | ||
"Resource": [ | ||
"arn:aws:logs:*:*:*" | ||
] | ||
}, | ||
{ | ||
"Sid": "CodePipelineDisableStageTransition", | ||
"Action": [ | ||
"codepipeline:DisableStageTransition" | ||
], | ||
"Effect": "Allow", | ||
"Resource": "*" | ||
} | ||
] | ||
} | ||
} | ||
] | ||
} | ||
}, | ||
"LambdaFunction": { | ||
"Properties": { | ||
"Code": { | ||
"ZipFile": { | ||
"Fn::Join": [ | ||
"\n", | ||
[ | ||
"// Sample Lambda Function to disable stage transition to pause deployments when an AWS Health issue event is generated.", | ||
"var AWS = require('aws-sdk');", | ||
"var codepipeline = new AWS.CodePipeline();", | ||
"// define configuration", | ||
"const pipelineName = process.env.pipelineName; //Pipeline Name", | ||
"const stageName = process.env.stageName; //Stage Name (e.g. Beta)", | ||
"//main function which gets AWS Health data from Cloudwatch event", | ||
"exports.handler = (event, context, callback) => {", | ||
" //extract details from Cloudwatch event", | ||
" eventName = event.detail.eventTypeCode;", | ||
" //disable transitions into the next stage of the pipeline", | ||
" var params = {", | ||
" pipelineName: pipelineName,", | ||
" reason: 'AWS Health issue detected - please see AWS Personal Health Dashboard for more details',", | ||
" stageName: stageName,", | ||
" transitionType: 'Inbound'", | ||
" };", | ||
" codepipeline.disableStageTransition(params, function(err, data) {", | ||
" if (err) {", | ||
" const errorMessage = `Error in disabling CodePipeline stage transition for pipeline, ${pipelineName} in response to AWS Health event: ${eventName}.`;", | ||
" console.log(errorMessage, err);", | ||
" callback(errorMessage);", | ||
" }", | ||
" else {", | ||
" const successMessage = `Successfully got details from AWS Health event, ${eventName}, and disabled stage transition to ${stageName} for pipeline, ${pipelineName}.`;", | ||
" console.log(successMessage, data);", | ||
" callback(null, successMessage); //return success", | ||
" }", | ||
" });", | ||
"};", | ||
"" | ||
] | ||
] | ||
} | ||
}, | ||
"Description": "Lambda Function to disable stage transition to pause deployments when an AWS Health issue event is generated", | ||
"Handler": "index.handler", | ||
"Role": { | ||
"Fn::GetAtt": [ | ||
"LambdaIAMRoleforCodepipelineDisableStageTransition", | ||
"Arn" | ||
] | ||
}, | ||
"Runtime": "nodejs4.3", | ||
"Timeout": 120, | ||
"Environment": { | ||
"Variables": { | ||
"pipelineName": { | ||
"Ref": "pipelineName" | ||
}, | ||
"stageName": { | ||
"Ref": "stageName" | ||
} | ||
} | ||
} | ||
}, | ||
"Type": "AWS::Lambda::Function" | ||
}, | ||
"LambdaPermission": { | ||
"Type": "AWS::Lambda::Permission", | ||
"Properties": { | ||
"FunctionName": { | ||
"Fn::GetAtt": [ | ||
"LambdaFunction", | ||
"Arn" | ||
] | ||
}, | ||
"Action": "lambda:InvokeFunction", | ||
"Principal": "events.amazonaws.com", | ||
"SourceArn": { | ||
"Fn::GetAtt": [ | ||
"CloudWatchEventRule", | ||
"Arn" | ||
] | ||
} | ||
} | ||
}, | ||
"CloudWatchEventRule": { | ||
"Type": "AWS::Events::Rule", | ||
"Properties": { | ||
"Description": "AWS Health EC2 Issues", | ||
"EventPattern": { | ||
"source": [ | ||
"aws.health" | ||
], | ||
"detail-type": [ | ||
"AWS Health Event" | ||
], | ||
"detail": { | ||
"service": [ | ||
"EC2" | ||
], | ||
"eventTypeCategory": [ | ||
"issue" | ||
] | ||
} | ||
}, | ||
"State": "ENABLED", | ||
"Targets": [ | ||
{ | ||
"Arn": { | ||
"Fn::GetAtt": [ | ||
"LambdaFunction", | ||
"Arn" | ||
] | ||
}, | ||
"Id": "CodePipelineDisableStageTransitionFunction" | ||
} | ||
] | ||
} | ||
} | ||
} | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.