API Reference

Constructs

PDKPipeline

An extension to CodePipeline which configures same defaults for a NX Monorepo codebase.

In addition to this, it also creates a CodeCommit repository with automated PR builds and approvals.

Initializers

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline(
  scope: Construct,
  id: str,
  artifact_bucket: IBucket = None,
  asset_publishing_code_build_defaults: CodeBuildOptions = None,
  cli_version: str = None,
  code_build_defaults: CodeBuildOptions = None,
  code_pipeline: Pipeline = None,
  cross_account_keys: bool = None,
  cross_region_replication_buckets: typing.Mapping[IBucket] = None,
  docker_credentials: typing.List[DockerCredential] = None,
  docker_enabled_for_self_mutation: bool = None,
  docker_enabled_for_synth: bool = None,
  enable_key_rotation: bool = None,
  pipeline_name: str = None,
  publish_assets_in_parallel: bool = None,
  reuse_cross_region_support_stacks: bool = None,
  role: IRole = None,
  self_mutation: bool = None,
  self_mutation_code_build_defaults: CodeBuildOptions = None,
  synth: IFileSetProducer = None,
  synth_code_build_defaults: CodeBuildOptions = None,
  use_change_sets: bool = None,
  primary_synth_directory: str,
  repository_name: str,
  branch_name_prefixes: typing.List[str] = None,
  cdk_command: str = None,
  cdk_src_dir: str = None,
  code_commit_removal_policy: RemovalPolicy = None,
  code_commit_repository: IRepository = None,
  default_branch_name: str = None,
  sonar_code_scanner_config: SonarCodeScannerConfig = None,
  synth_shell_step_partial_props: ShellStepProps = None
)

Name	Type	Description
scope	constructs.Construct	No description.
id	str	No description.
artifact_bucket	aws_cdk.aws_s3.IBucket	An existing S3 Bucket to use for storing the pipeline's artifact.
asset_publishing_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the asset publishing CodeBuild projects.
cli_version	str	CDK CLI version to use in self-mutation and asset publishing steps.
code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Customize the CodeBuild projects created for this pipeline.
code_pipeline	aws_cdk.aws_codepipeline.Pipeline	An existing Pipeline to be reused and built upon.
cross_account_keys	bool	Create KMS keys for the artifact buckets, allowing cross-account deployments.
cross_region_replication_buckets	typing.Mapping[aws_cdk.aws_s3.IBucket]	A map of region to S3 bucket name used for cross-region CodePipeline.
docker_credentials	typing.List[aws_cdk.pipelines.DockerCredential]	A list of credentials used to authenticate to Docker registries.
docker_enabled_for_self_mutation	bool	Enable Docker for the self-mutate step.
docker_enabled_for_synth	bool	Enable Docker for the 'synth' step.
enable_key_rotation	bool	Enable KMS key rotation for the generated KMS keys.
pipeline_name	str	The name of the CodePipeline pipeline.
publish_assets_in_parallel	bool	Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuse_cross_region_support_stacks	bool	Reuse the same cross region support stack for all pipelines in the App.
role	aws_cdk.aws_iam.IRole	The IAM role to be assumed by this Pipeline.
self_mutation	bool	Whether the pipeline will update itself.
self_mutation_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the self mutation CodeBuild projects.
synth	aws_cdk.pipelines.IFileSetProducer	The build step that produces the CDK Cloud Assembly.
synth_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the synthesize CodeBuild projects.
use_change_sets	bool	Deploy every stack by creating a change set and executing it.
primary_synth_directory	str	Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.
repository_name	str	Name of the CodeCommit repository to create.
branch_name_prefixes	typing.List[str]	Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.
cdk_command	str	CDK command.
cdk_src_dir	str	The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.
code_commit_removal_policy	aws_cdk.RemovalPolicy	Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.
code_commit_repository	aws_cdk.aws_codecommit.IRepository	The repository to add the pipeline to.
default_branch_name	str	Branch to trigger the pipeline execution.
sonar_code_scanner_config	SonarCodeScannerConfig	Configuration for enabling Sonarqube code scanning on a successful synth.
synth_shell_step_partial_props	aws_cdk.pipelines.ShellStepProps	PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

---

scope^Required

• Type: constructs.Construct

---

id^Required

• Type: str

---

artifact_bucket^Optional

• Type: aws_cdk.aws_s3.IBucket
• Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.

---

asset_publishing_code_build_defaults^Optional

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.

---

cli_version^Optional

• Type: str
• Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.

---

code_build_defaults^Optional

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.

---

code_pipeline^Optional

• Type: aws_cdk.aws_codepipeline.Pipeline
• Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]

---

cross_account_keys^Optional

• Type: bool
• Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.

---

cross_region_replication_buckets^Optional

• Type: typing.Mapping[aws_cdk.aws_s3.IBucket]
• Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.

---

docker_credentials^Optional

• Type: typing.List[aws_cdk.pipelines.DockerCredential]
• Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.

---

docker_enabled_for_self_mutation^Optional

• Type: bool
• Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.

---

docker_enabled_for_synth^Optional

• Type: bool
• Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.

---

enable_key_rotation^Optional

• Type: bool
• Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.

---

pipeline_name^Optional

• Type: str
• Default: Automatically generated

The name of the CodePipeline pipeline.

---

publish_assets_in_parallel^Optional

• Type: bool
• Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.

---

reuse_cross_region_support_stacks^Optional

• Type: bool
• Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.

---

role^Optional

• Type: aws_cdk.aws_iam.IRole
• Default: A new role is created

The IAM role to be assumed by this Pipeline.

---

self_mutation^Optional

• Type: bool
• Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.

---

self_mutation_code_build_defaults^Optional

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.

---

synth^Optional

• Type: aws_cdk.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.

---

synth_code_build_defaults^Optional

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.

---

use_change_sets^Optional

• Type: bool
• Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.

---

primary_synth_directory^Required

• Type: str

Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.

---

repository_name^Required

• Type: str

Name of the CodeCommit repository to create.

---

branch_name_prefixes^Optional

• Type: typing.List[str]
• Default: undefined

Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.

---

Example

# Example automatically generated from non-compiling source. May contain errors.
# Disables feature branches (default)
PDKPipeline(self, "PDKPipeline",
    repository_name="my-repo",
    branch_name_prefixes=[]
)

cdk_command^Optional

• Type: str
• Default: 'npx cdk'

CDK command.

Override the command used to call cdk for synth and deploy.

---

cdk_src_dir^Optional

• Type: str
• Default: The parent directory of primarySynthDirectory

The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.

---

code_commit_removal_policy^Optional

• Type: aws_cdk.RemovalPolicy

Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.

---

code_commit_repository^Optional

• Type: aws_cdk.aws_codecommit.IRepository

The repository to add the pipeline to.

---

default_branch_name^Optional

• Type: str
• Default: mainline

Branch to trigger the pipeline execution.

---

sonar_code_scanner_config^Optional

• Type: SonarCodeScannerConfig
• Default: undefined

Configuration for enabling Sonarqube code scanning on a successful synth.

---

synth_shell_step_partial_props^Optional

• Type: aws_cdk.pipelines.ShellStepProps

PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

To override these defaults and/or provide additional inputs, specify env settings, etc you can provide a partial ShellStepProps.

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
add_stage	No description.
build_pipeline	No description.
suppress_cdk_violations	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

add_stage

def add_stage(
  stage: Stage,
  post: typing.List[Step] = None,
  pre: typing.List[Step] = None,
  stack_steps: typing.List[StackSteps] = None
) -> StageDeployment

stage^Required

• Type: aws_cdk.Stage

---

post^Optional

• Type: typing.List[aws_cdk.pipelines.Step]
• Default: No additional steps

Additional steps to run after all of the stacks in the stage.

---

pre^Optional

• Type: typing.List[aws_cdk.pipelines.Step]
• Default: No additional steps

Additional steps to run before any of the stacks in the stage.

---

stack_steps^Optional

• Type: typing.List[aws_cdk.pipelines.StackSteps]
• Default: No additional instructions

Instructions for stack level steps.

---

build_pipeline

def build_pipeline() -> None

suppress_cdk_violations

def suppress_cdk_violations() -> None

Static Functions

Name	Description
is_construct	Checks if x is a construct.
get_branch_prefix	A helper function to create a branch prefix.
is_default_branch	A helper function to determine if the current branch is the default branch.
normalize_branch_name	A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').

---

is_construct

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: typing.Any

Any object.

---

get_branch_prefix

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline.get_branch_prefix(
  default_branch_name: str = None,
  node: Node = None
)

A helper function to create a branch prefix.

The prefix is empty on the default branch.

default_branch_name^Optional

• Type: str

Specify the default branch name without context.

---

node^Optional

• Type: constructs.Node

The current node to fetch defaultBranchName from context.

---

is_default_branch

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline.is_default_branch(
  default_branch_name: str = None,
  node: Node = None
)

A helper function to determine if the current branch is the default branch.

If there is no BRANCH environment variable, then assume this is the default branch. Otherwise, check that BRANCH matches the default branch name.

The default branch name is determined in the following priority:

1. defaultBranchName property
2. defaultBranchName context
3. PDKPipeline.defaultBranchName constant

default_branch_name^Optional

• Type: str

Specify the default branch name without context.

---

node^Optional

• Type: constructs.Node

The current node to fetch defaultBranchName from context.

---

normalize_branch_name

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline.normalize_branch_name(
  branch_name: str
)

A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').

branch_name^Required

• Type: str

The name of the branch to normalize.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.
code_pipeline	aws_cdk.pipelines.CodePipeline	No description.
code_repository	aws_cdk.aws_codecommit.IRepository	No description.

---

node^Required

node: Node

• Type: constructs.Node

The tree node.

---

code_pipeline^Required

code_pipeline: CodePipeline

• Type: aws_cdk.pipelines.CodePipeline

---

code_repository^Optional

code_repository: IRepository

• Type: aws_cdk.aws_codecommit.IRepository

---

Constants

Name	Type	Description
ALL_BRANCHES	typing.List[str]	No description.
defaultBranchName	str	No description.

---

ALL_BRANCHES^Required

ALL_BRANCHES: typing.List[str]

• Type: typing.List[str]

---

defaultBranchName^Required

defaultBranchName: str

• Type: str

---

PDKPipelineWithCodeConnection

An extension to CodePipeline which configures same defaults for a NX Monorepo and using a AWS CodeConnections as source.

Initializers

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipelineWithCodeConnection(
  scope: Construct,
  id: str,
  artifact_bucket: IBucket = None,
  asset_publishing_code_build_defaults: CodeBuildOptions = None,
  cli_version: str = None,
  code_build_defaults: CodeBuildOptions = None,
  code_pipeline: Pipeline = None,
  cross_account_keys: bool = None,
  cross_region_replication_buckets: typing.Mapping[IBucket] = None,
  docker_credentials: typing.List[DockerCredential] = None,
  docker_enabled_for_self_mutation: bool = None,
  docker_enabled_for_synth: bool = None,
  enable_key_rotation: bool = None,
  pipeline_name: str = None,
  publish_assets_in_parallel: bool = None,
  reuse_cross_region_support_stacks: bool = None,
  role: IRole = None,
  self_mutation: bool = None,
  self_mutation_code_build_defaults: CodeBuildOptions = None,
  synth: IFileSetProducer = None,
  synth_code_build_defaults: CodeBuildOptions = None,
  use_change_sets: bool = None,
  code_connection_arn: str,
  primary_synth_directory: str,
  repository_owner_and_name: str,
  cdk_command: str = None,
  cdk_src_dir: str = None,
  default_branch_name: str = None,
  sonar_code_scanner_config: SonarCodeScannerConfig = None,
  synth_shell_step_partial_props: ShellStepProps = None
)

Name	Type	Description
scope	constructs.Construct	No description.
id	str	No description.
artifact_bucket	aws_cdk.aws_s3.IBucket	An existing S3 Bucket to use for storing the pipeline's artifact.
asset_publishing_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the asset publishing CodeBuild projects.
cli_version	str	CDK CLI version to use in self-mutation and asset publishing steps.
code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Customize the CodeBuild projects created for this pipeline.
code_pipeline	aws_cdk.aws_codepipeline.Pipeline	An existing Pipeline to be reused and built upon.
cross_account_keys	bool	Create KMS keys for the artifact buckets, allowing cross-account deployments.
cross_region_replication_buckets	typing.Mapping[aws_cdk.aws_s3.IBucket]	A map of region to S3 bucket name used for cross-region CodePipeline.
docker_credentials	typing.List[aws_cdk.pipelines.DockerCredential]	A list of credentials used to authenticate to Docker registries.
docker_enabled_for_self_mutation	bool	Enable Docker for the self-mutate step.
docker_enabled_for_synth	bool	Enable Docker for the 'synth' step.
enable_key_rotation	bool	Enable KMS key rotation for the generated KMS keys.
pipeline_name	str	The name of the CodePipeline pipeline.
publish_assets_in_parallel	bool	Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuse_cross_region_support_stacks	bool	Reuse the same cross region support stack for all pipelines in the App.
role	aws_cdk.aws_iam.IRole	The IAM role to be assumed by this Pipeline.
self_mutation	bool	Whether the pipeline will update itself.
self_mutation_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the self mutation CodeBuild projects.
synth	aws_cdk.pipelines.IFileSetProducer	The build step that produces the CDK Cloud Assembly.
synth_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the synthesize CodeBuild projects.
use_change_sets	bool	Deploy every stack by creating a change set and executing it.
code_connection_arn	str	The Arn of the CodeConnection.
primary_synth_directory	str	Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.
repository_owner_and_name	str	The Owner and Repository name for instance, user Bob with git repository ACME becomes "Bob/ACME".
cdk_command	str	CDK command.
cdk_src_dir	str	The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.
default_branch_name	str	Branch to trigger the pipeline execution.
sonar_code_scanner_config	SonarCodeScannerConfig	Configuration for enabling Sonarqube code scanning on a successful synth.
synth_shell_step_partial_props	aws_cdk.pipelines.ShellStepProps	PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

---

scope^Required

• Type: constructs.Construct

---

id^Required

• Type: str

---

artifact_bucket^Optional

• Type: aws_cdk.aws_s3.IBucket
• Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.

---

asset_publishing_code_build_defaults^Optional

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.

---

cli_version^Optional

• Type: str
• Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.

---

code_build_defaults^Optional

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.

---

code_pipeline^Optional

• Type: aws_cdk.aws_codepipeline.Pipeline
• Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]

---

cross_account_keys^Optional

• Type: bool
• Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.

---

cross_region_replication_buckets^Optional

• Type: typing.Mapping[aws_cdk.aws_s3.IBucket]
• Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.

---

docker_credentials^Optional

• Type: typing.List[aws_cdk.pipelines.DockerCredential]
• Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.

---

docker_enabled_for_self_mutation^Optional

• Type: bool
• Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.

---

docker_enabled_for_synth^Optional

• Type: bool
• Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.

---

enable_key_rotation^Optional

• Type: bool
• Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.

---

pipeline_name^Optional

• Type: str
• Default: Automatically generated

The name of the CodePipeline pipeline.

---

publish_assets_in_parallel^Optional

• Type: bool
• Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.

---

reuse_cross_region_support_stacks^Optional

• Type: bool
• Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.

---

role^Optional

• Type: aws_cdk.aws_iam.IRole
• Default: A new role is created

The IAM role to be assumed by this Pipeline.

---

self_mutation^Optional

• Type: bool
• Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.

---

self_mutation_code_build_defaults^Optional

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.

---

synth^Optional

• Type: aws_cdk.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.

---

synth_code_build_defaults^Optional

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.

---

use_change_sets^Optional

• Type: bool
• Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.

---

code_connection_arn^Required

• Type: str

The Arn of the CodeConnection.

---

primary_synth_directory^Required

• Type: str

Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.

---

repository_owner_and_name^Required

• Type: str

The Owner and Repository name for instance, user Bob with git repository ACME becomes "Bob/ACME".

---

cdk_command^Optional

• Type: str
• Default: 'npx cdk'

CDK command.

Override the command used to call cdk for synth and deploy.

---

cdk_src_dir^Optional

• Type: str
• Default: The parent directory of primarySynthDirectory

The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.

---

default_branch_name^Optional

• Type: str
• Default: mainline

Branch to trigger the pipeline execution.

---

sonar_code_scanner_config^Optional

• Type: SonarCodeScannerConfig
• Default: undefined

Configuration for enabling Sonarqube code scanning on a successful synth.

---

synth_shell_step_partial_props^Optional

• Type: aws_cdk.pipelines.ShellStepProps

PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

To override these defaults and/or provide additional inputs, specify env settings, etc you can provide a partial ShellStepProps.

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
add_stage	No description.
build_pipeline	No description.
suppress_cdk_violations	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

add_stage

def add_stage(
  stage: Stage,
  post: typing.List[Step] = None,
  pre: typing.List[Step] = None,
  stack_steps: typing.List[StackSteps] = None
) -> StageDeployment

stage^Required

• Type: aws_cdk.Stage

---

post^Optional

• Type: typing.List[aws_cdk.pipelines.Step]
• Default: No additional steps

Additional steps to run after all of the stacks in the stage.

---

pre^Optional

• Type: typing.List[aws_cdk.pipelines.Step]
• Default: No additional steps

Additional steps to run before any of the stacks in the stage.

---

stack_steps^Optional

• Type: typing.List[aws_cdk.pipelines.StackSteps]
• Default: No additional instructions

Instructions for stack level steps.

---

build_pipeline

def build_pipeline() -> None

suppress_cdk_violations

def suppress_cdk_violations() -> None

Static Functions

Name	Description
is_construct	Checks if x is a construct.
get_branch_prefix	A helper function to create a branch prefix.
is_default_branch	A helper function to determine if the current branch is the default branch.
normalize_branch_name	A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').

---

is_construct

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipelineWithCodeConnection.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: typing.Any

Any object.

---

get_branch_prefix

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipelineWithCodeConnection.get_branch_prefix(
  default_branch_name: str = None,
  node: Node = None
)

A helper function to create a branch prefix.

The prefix is empty on the default branch.

default_branch_name^Optional

• Type: str

Specify the default branch name without context.

---

node^Optional

• Type: constructs.Node

The current node to fetch defaultBranchName from context.

---

is_default_branch

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipelineWithCodeConnection.is_default_branch(
  default_branch_name: str = None,
  node: Node = None
)

A helper function to determine if the current branch is the default branch.

If there is no BRANCH environment variable, then assume this is the default branch. Otherwise, check that BRANCH matches the default branch name.

The default branch name is determined in the following priority:

1. defaultBranchName property
2. defaultBranchName context
3. PDKPipeline.defaultBranchName constant

default_branch_name^Optional

• Type: str

Specify the default branch name without context.

---

node^Optional

• Type: constructs.Node

The current node to fetch defaultBranchName from context.

---

normalize_branch_name

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipelineWithCodeConnection.normalize_branch_name(
  branch_name: str
)

A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').

branch_name^Required

• Type: str

The name of the branch to normalize.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.
code_pipeline	aws_cdk.pipelines.CodePipeline	No description.
code_repository	aws_cdk.aws_codecommit.IRepository	No description.

---

node^Required

node: Node

• Type: constructs.Node

The tree node.

---

code_pipeline^Required

code_pipeline: CodePipeline

• Type: aws_cdk.pipelines.CodePipeline

---

code_repository^Optional

code_repository: IRepository

• Type: aws_cdk.aws_codecommit.IRepository

---

Constants

Name	Type	Description
ALL_BRANCHES	typing.List[str]	No description.
defaultBranchName	str	No description.

---

ALL_BRANCHES^Required

ALL_BRANCHES: typing.List[str]

• Type: typing.List[str]

---

defaultBranchName^Required

defaultBranchName: str

• Type: str

---

SonarCodeScanner

Initializers

import aws.pdk.pipeline

aws.pdk.pipeline.SonarCodeScanner(
  scope: Construct,
  id: str,
  sonarqube_authorized_group: str,
  sonarqube_default_profile_or_gate_name: str,
  sonarqube_endpoint: str,
  sonarqube_project_name: str,
  cdk_out_dir: str = None,
  cfn_nag_ignore_path: str = None,
  exclude_globs_for_scan: typing.List[str] = None,
  include_globs_for_scan: typing.List[str] = None,
  pre_archive_commands: typing.List[str] = None,
  sonarqube_specific_profile_or_gate_name: str = None,
  sonarqube_tags: typing.List[str] = None,
  artifact_bucket_arn: str,
  synth_build_arn: str,
  artifact_bucket_key_arn: str = None
)

Name	Type	Description
scope	constructs.Construct	No description.
id	str	No description.
sonarqube_authorized_group	str	Group name in Sonarqube with access to administer this project.
sonarqube_default_profile_or_gate_name	str	Default profile/gate name i.e: your org profile.
sonarqube_endpoint	str	endpoint of the sonarqube instance i.e: https://.
sonarqube_project_name	str	Name of the project to create in Sonarqube.
cdk_out_dir	str	directory containing the synthesized cdk resources.
cfn_nag_ignore_path	str	path to a file containing the cfn nag suppression rules.
exclude_globs_for_scan	typing.List[str]	glob patterns to exclude from sonar scan.
include_globs_for_scan	typing.List[str]	glob patterns to include from sonar scan.
pre_archive_commands	typing.List[str]	Hook which allows custom commands to be executed before the process commences the archival process.
sonarqube_specific_profile_or_gate_name	str	Specific profile/gate name i.e: language specific.
sonarqube_tags	typing.List[str]	Tags to associate with this project.
artifact_bucket_arn	str	S3 bucket ARN containing the built artifacts from the synth build.
synth_build_arn	str	ARN for the CodeBuild task responsible for executing the synth command.
artifact_bucket_key_arn	str	Artifact bucket key ARN used to encrypt the artifacts.

---

scope^Required

• Type: constructs.Construct

---

id^Required

• Type: str

---

sonarqube_authorized_group^Required

• Type: str

Group name in Sonarqube with access to administer this project.

---

sonarqube_default_profile_or_gate_name^Required

• Type: str

Default profile/gate name i.e: your org profile.

Note: These need to be set up in Sonarqube manually.

---

sonarqube_endpoint^Required

• Type: str

endpoint of the sonarqube instance i.e: https://.

Note: Ensure a trailing '/' is not included.

---

sonarqube_project_name^Required

• Type: str

Name of the project to create in Sonarqube.

---

cdk_out_dir^Optional

• Type: str

directory containing the synthesized cdk resources.

---

cfn_nag_ignore_path^Optional

• Type: str

path to a file containing the cfn nag suppression rules.

---

exclude_globs_for_scan^Optional

• Type: typing.List[str]

glob patterns to exclude from sonar scan.

---

include_globs_for_scan^Optional

• Type: typing.List[str]

glob patterns to include from sonar scan.

---

pre_archive_commands^Optional

• Type: typing.List[str]

Hook which allows custom commands to be executed before the process commences the archival process.

---

sonarqube_specific_profile_or_gate_name^Optional

• Type: str

Specific profile/gate name i.e: language specific.

Note: These need to be set up in Sonarqube manually.

---

sonarqube_tags^Optional

• Type: typing.List[str]

Tags to associate with this project.

---

artifact_bucket_arn^Required

• Type: str

S3 bucket ARN containing the built artifacts from the synth build.

---

synth_build_arn^Required

• Type: str

ARN for the CodeBuild task responsible for executing the synth command.

---

artifact_bucket_key_arn^Optional

• Type: str

Artifact bucket key ARN used to encrypt the artifacts.

---

Methods

Name	Description
to_string	Returns a string representation of this construct.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

Static Functions

Name	Description
is_construct	Checks if x is a construct.

---

is_construct

import aws.pdk.pipeline

aws.pdk.pipeline.SonarCodeScanner.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: typing.Any

Any object.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.

---

node^Required

node: Node

• Type: constructs.Node

The tree node.

---

Structs

CodePipelineProps

CodePipelineProps.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.CodePipelineProps(
  artifact_bucket: IBucket = None,
  asset_publishing_code_build_defaults: CodeBuildOptions = None,
  cli_version: str = None,
  code_build_defaults: CodeBuildOptions = None,
  code_pipeline: Pipeline = None,
  cross_account_keys: bool = None,
  cross_region_replication_buckets: typing.Mapping[IBucket] = None,
  docker_credentials: typing.List[DockerCredential] = None,
  docker_enabled_for_self_mutation: bool = None,
  docker_enabled_for_synth: bool = None,
  enable_key_rotation: bool = None,
  pipeline_name: str = None,
  publish_assets_in_parallel: bool = None,
  reuse_cross_region_support_stacks: bool = None,
  role: IRole = None,
  self_mutation: bool = None,
  self_mutation_code_build_defaults: CodeBuildOptions = None,
  synth: IFileSetProducer = None,
  synth_code_build_defaults: CodeBuildOptions = None,
  use_change_sets: bool = None
)

Properties

Name	Type	Description
artifact_bucket	aws_cdk.aws_s3.IBucket	An existing S3 Bucket to use for storing the pipeline's artifact.
asset_publishing_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the asset publishing CodeBuild projects.
cli_version	str	CDK CLI version to use in self-mutation and asset publishing steps.
code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Customize the CodeBuild projects created for this pipeline.
code_pipeline	aws_cdk.aws_codepipeline.Pipeline	An existing Pipeline to be reused and built upon.
cross_account_keys	bool	Create KMS keys for the artifact buckets, allowing cross-account deployments.
cross_region_replication_buckets	typing.Mapping[aws_cdk.aws_s3.IBucket]	A map of region to S3 bucket name used for cross-region CodePipeline.
docker_credentials	typing.List[aws_cdk.pipelines.DockerCredential]	A list of credentials used to authenticate to Docker registries.
docker_enabled_for_self_mutation	bool	Enable Docker for the self-mutate step.
docker_enabled_for_synth	bool	Enable Docker for the 'synth' step.
enable_key_rotation	bool	Enable KMS key rotation for the generated KMS keys.
pipeline_name	str	The name of the CodePipeline pipeline.
publish_assets_in_parallel	bool	Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuse_cross_region_support_stacks	bool	Reuse the same cross region support stack for all pipelines in the App.
role	aws_cdk.aws_iam.IRole	The IAM role to be assumed by this Pipeline.
self_mutation	bool	Whether the pipeline will update itself.
self_mutation_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the self mutation CodeBuild projects.
synth	aws_cdk.pipelines.IFileSetProducer	The build step that produces the CDK Cloud Assembly.
synth_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the synthesize CodeBuild projects.
use_change_sets	bool	Deploy every stack by creating a change set and executing it.

---

artifact_bucket^Optional

artifact_bucket: IBucket

• Type: aws_cdk.aws_s3.IBucket
• Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.

---

asset_publishing_code_build_defaults^Optional

asset_publishing_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.

---

cli_version^Optional

cli_version: str

• Type: str
• Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.

---

code_build_defaults^Optional

code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.

---

code_pipeline^Optional

code_pipeline: Pipeline

• Type: aws_cdk.aws_codepipeline.Pipeline
• Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]

---

cross_account_keys^Optional

cross_account_keys: bool

• Type: bool
• Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.

---

cross_region_replication_buckets^Optional

cross_region_replication_buckets: typing.Mapping[IBucket]

• Type: typing.Mapping[aws_cdk.aws_s3.IBucket]
• Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.

---

docker_credentials^Optional

docker_credentials: typing.List[DockerCredential]

• Type: typing.List[aws_cdk.pipelines.DockerCredential]
• Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.

---

docker_enabled_for_self_mutation^Optional

docker_enabled_for_self_mutation: bool

• Type: bool
• Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.

---

docker_enabled_for_synth^Optional

docker_enabled_for_synth: bool

• Type: bool
• Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.

---

enable_key_rotation^Optional

enable_key_rotation: bool

• Type: bool
• Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.

---

pipeline_name^Optional

pipeline_name: str

• Type: str
• Default: Automatically generated

The name of the CodePipeline pipeline.

---

publish_assets_in_parallel^Optional

publish_assets_in_parallel: bool

• Type: bool
• Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.

---

reuse_cross_region_support_stacks^Optional

reuse_cross_region_support_stacks: bool

• Type: bool
• Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.

---

role^Optional

role: IRole

• Type: aws_cdk.aws_iam.IRole
• Default: A new role is created

The IAM role to be assumed by this Pipeline.

---

self_mutation^Optional

self_mutation: bool

• Type: bool
• Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.

---

self_mutation_code_build_defaults^Optional

self_mutation_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.

---

synth^Optional

synth: IFileSetProducer

• Type: aws_cdk.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.

---

synth_code_build_defaults^Optional

synth_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.

---

use_change_sets^Optional

use_change_sets: bool

• Type: bool
• Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.

---

IsDefaultBranchProps

Properties to help the isDefaultBranch function determine the default branch name.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.IsDefaultBranchProps(
  default_branch_name: str = None,
  node: Node = None
)

Properties

Name	Type	Description
default_branch_name	str	Specify the default branch name without context.
node	constructs.Node	The current node to fetch defaultBranchName from context.

---

default_branch_name^Optional

default_branch_name: str

• Type: str

Specify the default branch name without context.

---

node^Optional

node: Node

• Type: constructs.Node

The current node to fetch defaultBranchName from context.

---

PDKPipelineProps

Properties to configure the PDKPipeline with CodeCommit as source.

Note: Due to limitations with JSII and generic support it should be noted that the synth, synthShellStepPartialProps.input and synthShellStepPartialProps.primaryOutputDirectory properties will be ignored if passed in to this construct.

synthShellStepPartialProps.commands is marked as a required field, however if you pass in [] the default commands of this construct will be retained.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipelineProps(
  artifact_bucket: IBucket = None,
  asset_publishing_code_build_defaults: CodeBuildOptions = None,
  cli_version: str = None,
  code_build_defaults: CodeBuildOptions = None,
  code_pipeline: Pipeline = None,
  cross_account_keys: bool = None,
  cross_region_replication_buckets: typing.Mapping[IBucket] = None,
  docker_credentials: typing.List[DockerCredential] = None,
  docker_enabled_for_self_mutation: bool = None,
  docker_enabled_for_synth: bool = None,
  enable_key_rotation: bool = None,
  pipeline_name: str = None,
  publish_assets_in_parallel: bool = None,
  reuse_cross_region_support_stacks: bool = None,
  role: IRole = None,
  self_mutation: bool = None,
  self_mutation_code_build_defaults: CodeBuildOptions = None,
  synth: IFileSetProducer = None,
  synth_code_build_defaults: CodeBuildOptions = None,
  use_change_sets: bool = None,
  primary_synth_directory: str,
  repository_name: str,
  branch_name_prefixes: typing.List[str] = None,
  cdk_command: str = None,
  cdk_src_dir: str = None,
  code_commit_removal_policy: RemovalPolicy = None,
  code_commit_repository: IRepository = None,
  default_branch_name: str = None,
  sonar_code_scanner_config: SonarCodeScannerConfig = None,
  synth_shell_step_partial_props: ShellStepProps = None
)

Properties

Name	Type	Description
artifact_bucket	aws_cdk.aws_s3.IBucket	An existing S3 Bucket to use for storing the pipeline's artifact.
asset_publishing_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the asset publishing CodeBuild projects.
cli_version	str	CDK CLI version to use in self-mutation and asset publishing steps.
code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Customize the CodeBuild projects created for this pipeline.
code_pipeline	aws_cdk.aws_codepipeline.Pipeline	An existing Pipeline to be reused and built upon.
cross_account_keys	bool	Create KMS keys for the artifact buckets, allowing cross-account deployments.
cross_region_replication_buckets	typing.Mapping[aws_cdk.aws_s3.IBucket]	A map of region to S3 bucket name used for cross-region CodePipeline.
docker_credentials	typing.List[aws_cdk.pipelines.DockerCredential]	A list of credentials used to authenticate to Docker registries.
docker_enabled_for_self_mutation	bool	Enable Docker for the self-mutate step.
docker_enabled_for_synth	bool	Enable Docker for the 'synth' step.
enable_key_rotation	bool	Enable KMS key rotation for the generated KMS keys.
pipeline_name	str	The name of the CodePipeline pipeline.
publish_assets_in_parallel	bool	Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuse_cross_region_support_stacks	bool	Reuse the same cross region support stack for all pipelines in the App.
role	aws_cdk.aws_iam.IRole	The IAM role to be assumed by this Pipeline.
self_mutation	bool	Whether the pipeline will update itself.
self_mutation_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the self mutation CodeBuild projects.
synth	aws_cdk.pipelines.IFileSetProducer	The build step that produces the CDK Cloud Assembly.
synth_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the synthesize CodeBuild projects.
use_change_sets	bool	Deploy every stack by creating a change set and executing it.
primary_synth_directory	str	Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.
repository_name	str	Name of the CodeCommit repository to create.
branch_name_prefixes	typing.List[str]	Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.
cdk_command	str	CDK command.
cdk_src_dir	str	The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.
code_commit_removal_policy	aws_cdk.RemovalPolicy	Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.
code_commit_repository	aws_cdk.aws_codecommit.IRepository	The repository to add the pipeline to.
default_branch_name	str	Branch to trigger the pipeline execution.
sonar_code_scanner_config	SonarCodeScannerConfig	Configuration for enabling Sonarqube code scanning on a successful synth.
synth_shell_step_partial_props	aws_cdk.pipelines.ShellStepProps	PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

---

artifact_bucket^Optional

artifact_bucket: IBucket

• Type: aws_cdk.aws_s3.IBucket
• Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.

---

asset_publishing_code_build_defaults^Optional

asset_publishing_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.

---

cli_version^Optional

cli_version: str

• Type: str
• Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.

---

code_build_defaults^Optional

code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.

---

code_pipeline^Optional

code_pipeline: Pipeline

• Type: aws_cdk.aws_codepipeline.Pipeline
• Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]

---

cross_account_keys^Optional

cross_account_keys: bool

• Type: bool
• Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.

---

cross_region_replication_buckets^Optional

cross_region_replication_buckets: typing.Mapping[IBucket]

• Type: typing.Mapping[aws_cdk.aws_s3.IBucket]
• Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.

---

docker_credentials^Optional

docker_credentials: typing.List[DockerCredential]

• Type: typing.List[aws_cdk.pipelines.DockerCredential]
• Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.

---

docker_enabled_for_self_mutation^Optional

docker_enabled_for_self_mutation: bool

• Type: bool
• Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.

---

docker_enabled_for_synth^Optional

docker_enabled_for_synth: bool

• Type: bool
• Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.

---

enable_key_rotation^Optional

enable_key_rotation: bool

• Type: bool
• Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.

---

pipeline_name^Optional

pipeline_name: str

• Type: str
• Default: Automatically generated

The name of the CodePipeline pipeline.

---

publish_assets_in_parallel^Optional

publish_assets_in_parallel: bool

• Type: bool
• Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.

---

reuse_cross_region_support_stacks^Optional

reuse_cross_region_support_stacks: bool

• Type: bool
• Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.

---

role^Optional

role: IRole

• Type: aws_cdk.aws_iam.IRole
• Default: A new role is created

The IAM role to be assumed by this Pipeline.

---

self_mutation^Optional

self_mutation: bool

• Type: bool
• Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.

---

self_mutation_code_build_defaults^Optional

self_mutation_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.

---

synth^Optional

synth: IFileSetProducer

• Type: aws_cdk.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.

---

synth_code_build_defaults^Optional

synth_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.

---

use_change_sets^Optional

use_change_sets: bool

• Type: bool
• Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.

---

primary_synth_directory^Required

primary_synth_directory: str

• Type: str

Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.

---

repository_name^Required

repository_name: str

• Type: str

Name of the CodeCommit repository to create.

---

branch_name_prefixes^Optional

branch_name_prefixes: typing.List[str]

• Type: typing.List[str]
• Default: undefined

Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.

---

Example

# Example automatically generated from non-compiling source. May contain errors.
# Disables feature branches (default)
PDKPipeline(self, "PDKPipeline",
    repository_name="my-repo",
    branch_name_prefixes=[]
)

cdk_command^Optional

cdk_command: str

• Type: str
• Default: 'npx cdk'

CDK command.

Override the command used to call cdk for synth and deploy.

---

cdk_src_dir^Optional

cdk_src_dir: str

• Type: str
• Default: The parent directory of primarySynthDirectory

The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.

---

code_commit_removal_policy^Optional

code_commit_removal_policy: RemovalPolicy

• Type: aws_cdk.RemovalPolicy

Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.

---

code_commit_repository^Optional

code_commit_repository: IRepository

• Type: aws_cdk.aws_codecommit.IRepository

The repository to add the pipeline to.

---

default_branch_name^Optional

default_branch_name: str

• Type: str
• Default: mainline

Branch to trigger the pipeline execution.

---

sonar_code_scanner_config^Optional

sonar_code_scanner_config: SonarCodeScannerConfig

• Type: SonarCodeScannerConfig
• Default: undefined

Configuration for enabling Sonarqube code scanning on a successful synth.

---

synth_shell_step_partial_props^Optional

synth_shell_step_partial_props: ShellStepProps

• Type: aws_cdk.pipelines.ShellStepProps

PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

To override these defaults and/or provide additional inputs, specify env settings, etc you can provide a partial ShellStepProps.

---

PDKPipelineWithCodeConnectionProps

Properties to configure the PDKPipeline with a CodeConnections as source.

Note: Due to limitations with JSII and generic support it should be noted that the synth, synthShellStepPartialProps.input and synthShellStepPartialProps.primaryOutputDirectory properties will be ignored if passed in to this construct.

synthShellStepPartialProps.commands is marked as a required field, however if you pass in [] the default commands of this construct will be retained.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipelineWithCodeConnectionProps(
  artifact_bucket: IBucket = None,
  asset_publishing_code_build_defaults: CodeBuildOptions = None,
  cli_version: str = None,
  code_build_defaults: CodeBuildOptions = None,
  code_pipeline: Pipeline = None,
  cross_account_keys: bool = None,
  cross_region_replication_buckets: typing.Mapping[IBucket] = None,
  docker_credentials: typing.List[DockerCredential] = None,
  docker_enabled_for_self_mutation: bool = None,
  docker_enabled_for_synth: bool = None,
  enable_key_rotation: bool = None,
  pipeline_name: str = None,
  publish_assets_in_parallel: bool = None,
  reuse_cross_region_support_stacks: bool = None,
  role: IRole = None,
  self_mutation: bool = None,
  self_mutation_code_build_defaults: CodeBuildOptions = None,
  synth: IFileSetProducer = None,
  synth_code_build_defaults: CodeBuildOptions = None,
  use_change_sets: bool = None,
  code_connection_arn: str,
  primary_synth_directory: str,
  repository_owner_and_name: str,
  cdk_command: str = None,
  cdk_src_dir: str = None,
  default_branch_name: str = None,
  sonar_code_scanner_config: SonarCodeScannerConfig = None,
  synth_shell_step_partial_props: ShellStepProps = None
)

Properties

Name	Type	Description
artifact_bucket	aws_cdk.aws_s3.IBucket	An existing S3 Bucket to use for storing the pipeline's artifact.
asset_publishing_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the asset publishing CodeBuild projects.
cli_version	str	CDK CLI version to use in self-mutation and asset publishing steps.
code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Customize the CodeBuild projects created for this pipeline.
code_pipeline	aws_cdk.aws_codepipeline.Pipeline	An existing Pipeline to be reused and built upon.
cross_account_keys	bool	Create KMS keys for the artifact buckets, allowing cross-account deployments.
cross_region_replication_buckets	typing.Mapping[aws_cdk.aws_s3.IBucket]	A map of region to S3 bucket name used for cross-region CodePipeline.
docker_credentials	typing.List[aws_cdk.pipelines.DockerCredential]	A list of credentials used to authenticate to Docker registries.
docker_enabled_for_self_mutation	bool	Enable Docker for the self-mutate step.
docker_enabled_for_synth	bool	Enable Docker for the 'synth' step.
enable_key_rotation	bool	Enable KMS key rotation for the generated KMS keys.
pipeline_name	str	The name of the CodePipeline pipeline.
publish_assets_in_parallel	bool	Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuse_cross_region_support_stacks	bool	Reuse the same cross region support stack for all pipelines in the App.
role	aws_cdk.aws_iam.IRole	The IAM role to be assumed by this Pipeline.
self_mutation	bool	Whether the pipeline will update itself.
self_mutation_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the self mutation CodeBuild projects.
synth	aws_cdk.pipelines.IFileSetProducer	The build step that produces the CDK Cloud Assembly.
synth_code_build_defaults	aws_cdk.pipelines.CodeBuildOptions	Additional customizations to apply to the synthesize CodeBuild projects.
use_change_sets	bool	Deploy every stack by creating a change set and executing it.
code_connection_arn	str	The Arn of the CodeConnection.
primary_synth_directory	str	Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.
repository_owner_and_name	str	The Owner and Repository name for instance, user Bob with git repository ACME becomes "Bob/ACME".
cdk_command	str	CDK command.
cdk_src_dir	str	The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.
default_branch_name	str	Branch to trigger the pipeline execution.
sonar_code_scanner_config	SonarCodeScannerConfig	Configuration for enabling Sonarqube code scanning on a successful synth.
synth_shell_step_partial_props	aws_cdk.pipelines.ShellStepProps	PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

---

artifact_bucket^Optional

artifact_bucket: IBucket

• Type: aws_cdk.aws_s3.IBucket
• Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.

---

asset_publishing_code_build_defaults^Optional

asset_publishing_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.

---

cli_version^Optional

cli_version: str

• Type: str
• Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.

---

code_build_defaults^Optional

code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.

---

code_pipeline^Optional

code_pipeline: Pipeline

• Type: aws_cdk.aws_codepipeline.Pipeline
• Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]

---

cross_account_keys^Optional

cross_account_keys: bool

• Type: bool
• Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.

---

cross_region_replication_buckets^Optional

cross_region_replication_buckets: typing.Mapping[IBucket]

• Type: typing.Mapping[aws_cdk.aws_s3.IBucket]
• Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.

---

docker_credentials^Optional

docker_credentials: typing.List[DockerCredential]

• Type: typing.List[aws_cdk.pipelines.DockerCredential]
• Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.

---

docker_enabled_for_self_mutation^Optional

docker_enabled_for_self_mutation: bool

• Type: bool
• Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.

---

docker_enabled_for_synth^Optional

docker_enabled_for_synth: bool

• Type: bool
• Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.

---

enable_key_rotation^Optional

enable_key_rotation: bool

• Type: bool
• Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.

---

pipeline_name^Optional

pipeline_name: str

• Type: str
• Default: Automatically generated

The name of the CodePipeline pipeline.

---

publish_assets_in_parallel^Optional

publish_assets_in_parallel: bool

• Type: bool
• Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.

---

reuse_cross_region_support_stacks^Optional

reuse_cross_region_support_stacks: bool

• Type: bool
• Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.

---

role^Optional

role: IRole

• Type: aws_cdk.aws_iam.IRole
• Default: A new role is created

The IAM role to be assumed by this Pipeline.

---

self_mutation^Optional

self_mutation: bool

• Type: bool
• Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.

---

self_mutation_code_build_defaults^Optional

self_mutation_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.

---

synth^Optional

synth: IFileSetProducer

• Type: aws_cdk.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.

---

synth_code_build_defaults^Optional

synth_code_build_defaults: CodeBuildOptions

• Type: aws_cdk.pipelines.CodeBuildOptions
• Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.

---

use_change_sets^Optional

use_change_sets: bool

• Type: bool
• Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.

---

code_connection_arn^Required

code_connection_arn: str

• Type: str

The Arn of the CodeConnection.

---

primary_synth_directory^Required

primary_synth_directory: str

• Type: str

Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.

---

repository_owner_and_name^Required

repository_owner_and_name: str

• Type: str

The Owner and Repository name for instance, user Bob with git repository ACME becomes "Bob/ACME".

---

cdk_command^Optional

cdk_command: str

• Type: str
• Default: 'npx cdk'

CDK command.

Override the command used to call cdk for synth and deploy.

---

cdk_src_dir^Optional

cdk_src_dir: str

• Type: str
• Default: The parent directory of primarySynthDirectory

The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.

---

default_branch_name^Optional

default_branch_name: str

• Type: str
• Default: mainline

Branch to trigger the pipeline execution.

---

sonar_code_scanner_config^Optional

sonar_code_scanner_config: SonarCodeScannerConfig

• Type: SonarCodeScannerConfig
• Default: undefined

Configuration for enabling Sonarqube code scanning on a successful synth.

---

synth_shell_step_partial_props^Optional

synth_shell_step_partial_props: ShellStepProps

• Type: aws_cdk.pipelines.ShellStepProps

PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

To override these defaults and/or provide additional inputs, specify env settings, etc you can provide a partial ShellStepProps.

---

SonarCodeScannerConfig

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.SonarCodeScannerConfig(
  sonarqube_authorized_group: str,
  sonarqube_default_profile_or_gate_name: str,
  sonarqube_endpoint: str,
  sonarqube_project_name: str,
  cdk_out_dir: str = None,
  cfn_nag_ignore_path: str = None,
  exclude_globs_for_scan: typing.List[str] = None,
  include_globs_for_scan: typing.List[str] = None,
  pre_archive_commands: typing.List[str] = None,
  sonarqube_specific_profile_or_gate_name: str = None,
  sonarqube_tags: typing.List[str] = None
)

Properties

Name	Type	Description
sonarqube_authorized_group	str	Group name in Sonarqube with access to administer this project.
sonarqube_default_profile_or_gate_name	str	Default profile/gate name i.e: your org profile.
sonarqube_endpoint	str	endpoint of the sonarqube instance i.e: https://.
sonarqube_project_name	str	Name of the project to create in Sonarqube.
cdk_out_dir	str	directory containing the synthesized cdk resources.
cfn_nag_ignore_path	str	path to a file containing the cfn nag suppression rules.
exclude_globs_for_scan	typing.List[str]	glob patterns to exclude from sonar scan.
include_globs_for_scan	typing.List[str]	glob patterns to include from sonar scan.
pre_archive_commands	typing.List[str]	Hook which allows custom commands to be executed before the process commences the archival process.
sonarqube_specific_profile_or_gate_name	str	Specific profile/gate name i.e: language specific.
sonarqube_tags	typing.List[str]	Tags to associate with this project.

---

sonarqube_authorized_group^Required

sonarqube_authorized_group: str

• Type: str

Group name in Sonarqube with access to administer this project.

---

sonarqube_default_profile_or_gate_name^Required

sonarqube_default_profile_or_gate_name: str

• Type: str

Default profile/gate name i.e: your org profile.

Note: These need to be set up in Sonarqube manually.

---

sonarqube_endpoint^Required

sonarqube_endpoint: str

• Type: str

endpoint of the sonarqube instance i.e: https://.

Note: Ensure a trailing '/' is not included.

---

sonarqube_project_name^Required

sonarqube_project_name: str

• Type: str

Name of the project to create in Sonarqube.

---

cdk_out_dir^Optional

cdk_out_dir: str

• Type: str

directory containing the synthesized cdk resources.

---

cfn_nag_ignore_path^Optional

cfn_nag_ignore_path: str

• Type: str

path to a file containing the cfn nag suppression rules.

---

exclude_globs_for_scan^Optional

exclude_globs_for_scan: typing.List[str]

• Type: typing.List[str]

glob patterns to exclude from sonar scan.

---

include_globs_for_scan^Optional

include_globs_for_scan: typing.List[str]

• Type: typing.List[str]

glob patterns to include from sonar scan.

---

pre_archive_commands^Optional

pre_archive_commands: typing.List[str]

• Type: typing.List[str]

Hook which allows custom commands to be executed before the process commences the archival process.

---

sonarqube_specific_profile_or_gate_name^Optional

sonarqube_specific_profile_or_gate_name: str

• Type: str

Specific profile/gate name i.e: language specific.

Note: These need to be set up in Sonarqube manually.

---

sonarqube_tags^Optional

sonarqube_tags: typing.List[str]

• Type: typing.List[str]

Tags to associate with this project.

---

SonarCodeScannerProps

SonarCodeScanners properties.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.SonarCodeScannerProps(
  sonarqube_authorized_group: str,
  sonarqube_default_profile_or_gate_name: str,
  sonarqube_endpoint: str,
  sonarqube_project_name: str,
  cdk_out_dir: str = None,
  cfn_nag_ignore_path: str = None,
  exclude_globs_for_scan: typing.List[str] = None,
  include_globs_for_scan: typing.List[str] = None,
  pre_archive_commands: typing.List[str] = None,
  sonarqube_specific_profile_or_gate_name: str = None,
  sonarqube_tags: typing.List[str] = None,
  artifact_bucket_arn: str,
  synth_build_arn: str,
  artifact_bucket_key_arn: str = None
)

Properties

Name	Type	Description
sonarqube_authorized_group	str	Group name in Sonarqube with access to administer this project.
sonarqube_default_profile_or_gate_name	str	Default profile/gate name i.e: your org profile.
sonarqube_endpoint	str	endpoint of the sonarqube instance i.e: https://.
sonarqube_project_name	str	Name of the project to create in Sonarqube.
cdk_out_dir	str	directory containing the synthesized cdk resources.
cfn_nag_ignore_path	str	path to a file containing the cfn nag suppression rules.
exclude_globs_for_scan	typing.List[str]	glob patterns to exclude from sonar scan.
include_globs_for_scan	typing.List[str]	glob patterns to include from sonar scan.
pre_archive_commands	typing.List[str]	Hook which allows custom commands to be executed before the process commences the archival process.
sonarqube_specific_profile_or_gate_name	str	Specific profile/gate name i.e: language specific.
sonarqube_tags	typing.List[str]	Tags to associate with this project.
artifact_bucket_arn	str	S3 bucket ARN containing the built artifacts from the synth build.
synth_build_arn	str	ARN for the CodeBuild task responsible for executing the synth command.
artifact_bucket_key_arn	str	Artifact bucket key ARN used to encrypt the artifacts.

---

sonarqube_authorized_group^Required

sonarqube_authorized_group: str

• Type: str

Group name in Sonarqube with access to administer this project.

---

sonarqube_default_profile_or_gate_name^Required

sonarqube_default_profile_or_gate_name: str

• Type: str

Default profile/gate name i.e: your org profile.

Note: These need to be set up in Sonarqube manually.

---

sonarqube_endpoint^Required

sonarqube_endpoint: str

• Type: str

endpoint of the sonarqube instance i.e: https://.

Note: Ensure a trailing '/' is not included.

---

sonarqube_project_name^Required

sonarqube_project_name: str

• Type: str

Name of the project to create in Sonarqube.

---

cdk_out_dir^Optional

cdk_out_dir: str

• Type: str

directory containing the synthesized cdk resources.

---

cfn_nag_ignore_path^Optional

cfn_nag_ignore_path: str

• Type: str

path to a file containing the cfn nag suppression rules.

---

exclude_globs_for_scan^Optional

exclude_globs_for_scan: typing.List[str]

• Type: typing.List[str]

glob patterns to exclude from sonar scan.

---

include_globs_for_scan^Optional

include_globs_for_scan: typing.List[str]

• Type: typing.List[str]

glob patterns to include from sonar scan.

---

pre_archive_commands^Optional

pre_archive_commands: typing.List[str]

• Type: typing.List[str]

Hook which allows custom commands to be executed before the process commences the archival process.

---

sonarqube_specific_profile_or_gate_name^Optional

sonarqube_specific_profile_or_gate_name: str

• Type: str

Specific profile/gate name i.e: language specific.

Note: These need to be set up in Sonarqube manually.

---

sonarqube_tags^Optional

sonarqube_tags: typing.List[str]

• Type: typing.List[str]

Tags to associate with this project.

---

artifact_bucket_arn^Required

artifact_bucket_arn: str

• Type: str

S3 bucket ARN containing the built artifacts from the synth build.

---

synth_build_arn^Required

synth_build_arn: str

• Type: str

ARN for the CodeBuild task responsible for executing the synth command.

---

artifact_bucket_key_arn^Optional

artifact_bucket_key_arn: str

• Type: str

Artifact bucket key ARN used to encrypt the artifacts.

---

---

Last update: 2025-07-17