Skip to content

API Reference

Constructs

PDKPipeline

An extension to CodePipeline which configures same defaults for a NX Monorepo codebase.

In addition to this, it also creates a CodeCommit repository with automated PR builds and approvals.

Initializers 

import { PDKPipeline } from '@aws/pdk/pipeline'

new PDKPipeline(scope: Construct, id: string, props: PDKPipelineProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props PDKPipelineProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
addStage No description.
buildPipeline No description.
suppressCDKViolations No description.
toString 
public toString(): string

Returns a string representation of this construct.

addStage 
public addStage(stage: Stage, options?: AddStageOpts): StageDeployment
stageRequired
  • Type: aws-cdk-lib.Stage
optionsOptional
  • Type: aws-cdk-lib.pipelines.AddStageOpts
buildPipeline 
public buildPipeline(): void
suppressCDKViolations 
public suppressCDKViolations(): void

Static Functions

Name Description
isConstruct Checks if x is a construct.
getBranchPrefix A helper function to create a branch prefix.
isDefaultBranch A helper function to determine if the current branch is the default branch.
normalizeBranchName A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').
isConstruct 
import { PDKPipeline } from '@aws/pdk/pipeline'

PDKPipeline.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: any

Any object.

getBranchPrefix 
import { PDKPipeline } from '@aws/pdk/pipeline'

PDKPipeline.getBranchPrefix(props?: IsDefaultBranchProps)

A helper function to create a branch prefix.

The prefix is empty on the default branch.

propsOptional

? { defaultBranchName? Specify the default branch name without context. node? The current app to fetch defaultBranchName from context. }.

isDefaultBranch 
import { PDKPipeline } from '@aws/pdk/pipeline'

PDKPipeline.isDefaultBranch(props?: IsDefaultBranchProps)

A helper function to determine if the current branch is the default branch.

If there is no BRANCH environment variable, then assume this is the default branch. Otherwise, check that BRANCH matches the default branch name.

The default branch name is determined in the following priority:

  1. defaultBranchName property
  2. defaultBranchName context
  3. PDKPipeline.defaultBranchName constant
propsOptional

? { defaultBranchName? Specify the default branch name without context. node? The current app to fetch defaultBranchName from context. }.

normalizeBranchName 
import { PDKPipeline } from '@aws/pdk/pipeline'

PDKPipeline.normalizeBranchName(branchName: string)

A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').

branchNameRequired
  • Type: string

The name of the branch to normalize.

Properties

Name Type Description
node constructs.Node The tree node.
codePipeline aws-cdk-lib.pipelines.CodePipeline No description.
codeRepository aws-cdk-lib.aws_codecommit.IRepository No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

codePipelineRequired 
public readonly codePipeline: CodePipeline;
  • Type: aws-cdk-lib.pipelines.CodePipeline
codeRepositoryOptional 
public readonly codeRepository: IRepository;
  • Type: aws-cdk-lib.aws_codecommit.IRepository

Constants

Name Type Description
ALL_BRANCHES string[] No description.
defaultBranchName string No description.
ALL_BRANCHESRequired 
public readonly ALL_BRANCHES: string[];
  • Type: string[]
defaultBranchNameRequired 
public readonly defaultBranchName: string;
  • Type: string

PDKPipelineWithCodeConnection

An extension to CodePipeline which configures same defaults for a NX Monorepo and using a AWS CodeConnections as source.

Initializers 

import { PDKPipelineWithCodeConnection } from '@aws/pdk/pipeline'

new PDKPipelineWithCodeConnection(scope: Construct, id: string, props: PDKPipelineWithCodeConnectionProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props PDKPipelineWithCodeConnectionProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
addStage No description.
buildPipeline No description.
suppressCDKViolations No description.
toString 
public toString(): string

Returns a string representation of this construct.

addStage 
public addStage(stage: Stage, options?: AddStageOpts): StageDeployment
stageRequired
  • Type: aws-cdk-lib.Stage
optionsOptional
  • Type: aws-cdk-lib.pipelines.AddStageOpts
buildPipeline 
public buildPipeline(): void
suppressCDKViolations 
public suppressCDKViolations(): void

Static Functions

Name Description
isConstruct Checks if x is a construct.
getBranchPrefix A helper function to create a branch prefix.
isDefaultBranch A helper function to determine if the current branch is the default branch.
normalizeBranchName A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').
isConstruct 
import { PDKPipelineWithCodeConnection } from '@aws/pdk/pipeline'

PDKPipelineWithCodeConnection.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: any

Any object.

getBranchPrefix 
import { PDKPipelineWithCodeConnection } from '@aws/pdk/pipeline'

PDKPipelineWithCodeConnection.getBranchPrefix(props?: IsDefaultBranchProps)

A helper function to create a branch prefix.

The prefix is empty on the default branch.

propsOptional

? { defaultBranchName? Specify the default branch name without context. node? The current app to fetch defaultBranchName from context. }.

isDefaultBranch 
import { PDKPipelineWithCodeConnection } from '@aws/pdk/pipeline'

PDKPipelineWithCodeConnection.isDefaultBranch(props?: IsDefaultBranchProps)

A helper function to determine if the current branch is the default branch.

If there is no BRANCH environment variable, then assume this is the default branch. Otherwise, check that BRANCH matches the default branch name.

The default branch name is determined in the following priority:

  1. defaultBranchName property
  2. defaultBranchName context
  3. PDKPipeline.defaultBranchName constant
propsOptional

? { defaultBranchName? Specify the default branch name without context. node? The current app to fetch defaultBranchName from context. }.

normalizeBranchName 
import { PDKPipelineWithCodeConnection } from '@aws/pdk/pipeline'

PDKPipelineWithCodeConnection.normalizeBranchName(branchName: string)

A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').

branchNameRequired
  • Type: string

The name of the branch to normalize.

Properties

Name Type Description
node constructs.Node The tree node.
codePipeline aws-cdk-lib.pipelines.CodePipeline No description.
codeRepository aws-cdk-lib.aws_codecommit.IRepository No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

codePipelineRequired 
public readonly codePipeline: CodePipeline;
  • Type: aws-cdk-lib.pipelines.CodePipeline
codeRepositoryOptional 
public readonly codeRepository: IRepository;
  • Type: aws-cdk-lib.aws_codecommit.IRepository

Constants

Name Type Description
ALL_BRANCHES string[] No description.
defaultBranchName string No description.
ALL_BRANCHESRequired 
public readonly ALL_BRANCHES: string[];
  • Type: string[]
defaultBranchNameRequired 
public readonly defaultBranchName: string;
  • Type: string

SonarCodeScanner

Initializers 

import { SonarCodeScanner } from '@aws/pdk/pipeline'

new SonarCodeScanner(scope: Construct, id: string, props: SonarCodeScannerProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props SonarCodeScannerProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { SonarCodeScanner } from '@aws/pdk/pipeline'

SonarCodeScanner.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

Structs

CodePipelineProps

CodePipelineProps.

Initializer 

import { CodePipelineProps } from '@aws/pdk/pipeline'

const codePipelineProps: CodePipelineProps = { ... }

Properties

Name Type Description
artifactBucket aws-cdk-lib.aws_s3.IBucket An existing S3 Bucket to use for storing the pipeline's artifact.
assetPublishingCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the asset publishing CodeBuild projects.
cliVersion string CDK CLI version to use in self-mutation and asset publishing steps.
codeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Customize the CodeBuild projects created for this pipeline.
codePipeline aws-cdk-lib.aws_codepipeline.Pipeline An existing Pipeline to be reused and built upon.
crossAccountKeys boolean Create KMS keys for the artifact buckets, allowing cross-account deployments.
crossRegionReplicationBuckets {[ key: string ]: aws-cdk-lib.aws_s3.IBucket} A map of region to S3 bucket name used for cross-region CodePipeline.
dockerCredentials aws-cdk-lib.pipelines.DockerCredential[] A list of credentials used to authenticate to Docker registries.
dockerEnabledForSelfMutation boolean Enable Docker for the self-mutate step.
dockerEnabledForSynth boolean Enable Docker for the 'synth' step.
enableKeyRotation boolean Enable KMS key rotation for the generated KMS keys.
pipelineName string The name of the CodePipeline pipeline.
publishAssetsInParallel boolean Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuseCrossRegionSupportStacks boolean Reuse the same cross region support stack for all pipelines in the App.
role aws-cdk-lib.aws_iam.IRole The IAM role to be assumed by this Pipeline.
selfMutation boolean Whether the pipeline will update itself.
selfMutationCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the self mutation CodeBuild projects.
synth aws-cdk-lib.pipelines.IFileSetProducer The build step that produces the CDK Cloud Assembly.
synthCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the synthesize CodeBuild projects.
useChangeSets boolean Deploy every stack by creating a change set and executing it.
artifactBucketOptional 
public readonly artifactBucket: IBucket;
  • Type: aws-cdk-lib.aws_s3.IBucket
  • Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.

assetPublishingCodeBuildDefaultsOptional 
public readonly assetPublishingCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.

cliVersionOptional 
public readonly cliVersion: string;
  • Type: string
  • Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.

codeBuildDefaultsOptional 
public readonly codeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.

codePipelineOptional 
public readonly codePipeline: Pipeline;
  • Type: aws-cdk-lib.aws_codepipeline.Pipeline
  • Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]

crossAccountKeysOptional 
public readonly crossAccountKeys: boolean;
  • Type: boolean
  • Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.

crossRegionReplicationBucketsOptional 
public readonly crossRegionReplicationBuckets: {[ key: string ]: IBucket};
  • Type: {[ key: string ]: aws-cdk-lib.aws_s3.IBucket}
  • Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.

dockerCredentialsOptional 
public readonly dockerCredentials: DockerCredential[];
  • Type: aws-cdk-lib.pipelines.DockerCredential[]
  • Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.

dockerEnabledForSelfMutationOptional 
public readonly dockerEnabledForSelfMutation: boolean;
  • Type: boolean
  • Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.

dockerEnabledForSynthOptional 
public readonly dockerEnabledForSynth: boolean;
  • Type: boolean
  • Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.

enableKeyRotationOptional 
public readonly enableKeyRotation: boolean;
  • Type: boolean
  • Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.

pipelineNameOptional 
public readonly pipelineName: string;
  • Type: string
  • Default: Automatically generated

The name of the CodePipeline pipeline.

publishAssetsInParallelOptional 
public readonly publishAssetsInParallel: boolean;
  • Type: boolean
  • Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.

reuseCrossRegionSupportStacksOptional 
public readonly reuseCrossRegionSupportStacks: boolean;
  • Type: boolean
  • Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.

roleOptional 
public readonly role: IRole;
  • Type: aws-cdk-lib.aws_iam.IRole
  • Default: A new role is created

The IAM role to be assumed by this Pipeline.

selfMutationOptional 
public readonly selfMutation: boolean;
  • Type: boolean
  • Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.

selfMutationCodeBuildDefaultsOptional 
public readonly selfMutationCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.

synthOptional 
public readonly synth: IFileSetProducer;
  • Type: aws-cdk-lib.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.

synthCodeBuildDefaultsOptional 
public readonly synthCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.

useChangeSetsOptional 
public readonly useChangeSets: boolean;
  • Type: boolean
  • Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.

IsDefaultBranchProps

Properties to help the isDefaultBranch function determine the default branch name.

Initializer 

import { IsDefaultBranchProps } from '@aws/pdk/pipeline'

const isDefaultBranchProps: IsDefaultBranchProps = { ... }

Properties

Name Type Description
defaultBranchName string Specify the default branch name without context.
node constructs.Node The current node to fetch defaultBranchName from context.
defaultBranchNameOptional 
public readonly defaultBranchName: string;
  • Type: string

Specify the default branch name without context.

nodeOptional 
public readonly node: Node;
  • Type: constructs.Node

The current node to fetch defaultBranchName from context.

PDKPipelineProps

Properties to configure the PDKPipeline with CodeCommit as source.

Note: Due to limitations with JSII and generic support it should be noted that the synth, synthShellStepPartialProps.input and synthShellStepPartialProps.primaryOutputDirectory properties will be ignored if passed in to this construct.

synthShellStepPartialProps.commands is marked as a required field, however if you pass in [] the default commands of this construct will be retained.

Initializer 

import { PDKPipelineProps } from '@aws/pdk/pipeline'

const pDKPipelineProps: PDKPipelineProps = { ... }

Properties

Name Type Description
artifactBucket aws-cdk-lib.aws_s3.IBucket An existing S3 Bucket to use for storing the pipeline's artifact.
assetPublishingCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the asset publishing CodeBuild projects.
cliVersion string CDK CLI version to use in self-mutation and asset publishing steps.
codeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Customize the CodeBuild projects created for this pipeline.
codePipeline aws-cdk-lib.aws_codepipeline.Pipeline An existing Pipeline to be reused and built upon.
crossAccountKeys boolean Create KMS keys for the artifact buckets, allowing cross-account deployments.
crossRegionReplicationBuckets {[ key: string ]: aws-cdk-lib.aws_s3.IBucket} A map of region to S3 bucket name used for cross-region CodePipeline.
dockerCredentials aws-cdk-lib.pipelines.DockerCredential[] A list of credentials used to authenticate to Docker registries.
dockerEnabledForSelfMutation boolean Enable Docker for the self-mutate step.
dockerEnabledForSynth boolean Enable Docker for the 'synth' step.
enableKeyRotation boolean Enable KMS key rotation for the generated KMS keys.
pipelineName string The name of the CodePipeline pipeline.
publishAssetsInParallel boolean Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuseCrossRegionSupportStacks boolean Reuse the same cross region support stack for all pipelines in the App.
role aws-cdk-lib.aws_iam.IRole The IAM role to be assumed by this Pipeline.
selfMutation boolean Whether the pipeline will update itself.
selfMutationCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the self mutation CodeBuild projects.
synth aws-cdk-lib.pipelines.IFileSetProducer The build step that produces the CDK Cloud Assembly.
synthCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the synthesize CodeBuild projects.
useChangeSets boolean Deploy every stack by creating a change set and executing it.
primarySynthDirectory string Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.
repositoryName string Name of the CodeCommit repository to create.
branchNamePrefixes string[] Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.
cdkCommand string CDK command.
cdkSrcDir string The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.
codeCommitRemovalPolicy aws-cdk-lib.RemovalPolicy Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.
codeCommitRepository aws-cdk-lib.aws_codecommit.IRepository The repository to add the pipeline to.
defaultBranchName string Branch to trigger the pipeline execution.
sonarCodeScannerConfig SonarCodeScannerConfig Configuration for enabling Sonarqube code scanning on a successful synth.
synthShellStepPartialProps aws-cdk-lib.pipelines.ShellStepProps PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.
artifactBucketOptional 
public readonly artifactBucket: IBucket;
  • Type: aws-cdk-lib.aws_s3.IBucket
  • Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.

assetPublishingCodeBuildDefaultsOptional 
public readonly assetPublishingCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.

cliVersionOptional 
public readonly cliVersion: string;
  • Type: string
  • Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.

codeBuildDefaultsOptional 
public readonly codeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.

codePipelineOptional 
public readonly codePipeline: Pipeline;
  • Type: aws-cdk-lib.aws_codepipeline.Pipeline
  • Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]

crossAccountKeysOptional 
public readonly crossAccountKeys: boolean;
  • Type: boolean
  • Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.

crossRegionReplicationBucketsOptional 
public readonly crossRegionReplicationBuckets: {[ key: string ]: IBucket};
  • Type: {[ key: string ]: aws-cdk-lib.aws_s3.IBucket}
  • Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.

dockerCredentialsOptional 
public readonly dockerCredentials: DockerCredential[];
  • Type: aws-cdk-lib.pipelines.DockerCredential[]
  • Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.

dockerEnabledForSelfMutationOptional 
public readonly dockerEnabledForSelfMutation: boolean;
  • Type: boolean
  • Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.

dockerEnabledForSynthOptional 
public readonly dockerEnabledForSynth: boolean;
  • Type: boolean
  • Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.

enableKeyRotationOptional 
public readonly enableKeyRotation: boolean;
  • Type: boolean
  • Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.

pipelineNameOptional 
public readonly pipelineName: string;
  • Type: string
  • Default: Automatically generated

The name of the CodePipeline pipeline.

publishAssetsInParallelOptional 
public readonly publishAssetsInParallel: boolean;
  • Type: boolean
  • Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.

reuseCrossRegionSupportStacksOptional 
public readonly reuseCrossRegionSupportStacks: boolean;
  • Type: boolean
  • Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.

roleOptional 
public readonly role: IRole;
  • Type: aws-cdk-lib.aws_iam.IRole
  • Default: A new role is created

The IAM role to be assumed by this Pipeline.

selfMutationOptional 
public readonly selfMutation: boolean;
  • Type: boolean
  • Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.

selfMutationCodeBuildDefaultsOptional 
public readonly selfMutationCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.

synthOptional 
public readonly synth: IFileSetProducer;
  • Type: aws-cdk-lib.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.

synthCodeBuildDefaultsOptional 
public readonly synthCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.

useChangeSetsOptional 
public readonly useChangeSets: boolean;
  • Type: boolean
  • Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.

primarySynthDirectoryRequired 
public readonly primarySynthDirectory: string;
  • Type: string

Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.

repositoryNameRequired 
public readonly repositoryName: string;
  • Type: string

Name of the CodeCommit repository to create.

branchNamePrefixesOptional 
public readonly branchNamePrefixes: string[];
  • Type: string[]
  • Default: undefined

Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.

Example

// Disables feature branches (default)
new PDKPipeline(this, 'PDKPipeline', {
  repositoryName: 'my-repo',
  branchNamePrefixes: [], // or simply exclude this line
}
cdkCommandOptional 
public readonly cdkCommand: string;
  • Type: string
  • Default: 'npx cdk'

CDK command.

Override the command used to call cdk for synth and deploy.

cdkSrcDirOptional 
public readonly cdkSrcDir: string;
  • Type: string
  • Default: The parent directory of primarySynthDirectory

The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.

codeCommitRemovalPolicyOptional 
public readonly codeCommitRemovalPolicy: RemovalPolicy;
  • Type: aws-cdk-lib.RemovalPolicy

Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.

codeCommitRepositoryOptional 
public readonly codeCommitRepository: IRepository;
  • Type: aws-cdk-lib.aws_codecommit.IRepository

The repository to add the pipeline to.

defaultBranchNameOptional 
public readonly defaultBranchName: string;
  • Type: string
  • Default: mainline

Branch to trigger the pipeline execution.

sonarCodeScannerConfigOptional 
public readonly sonarCodeScannerConfig: SonarCodeScannerConfig;

Configuration for enabling Sonarqube code scanning on a successful synth.

synthShellStepPartialPropsOptional 
public readonly synthShellStepPartialProps: ShellStepProps;
  • Type: aws-cdk-lib.pipelines.ShellStepProps

PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

To override these defaults and/or provide additional inputs, specify env settings, etc you can provide a partial ShellStepProps.

PDKPipelineWithCodeConnectionProps

Properties to configure the PDKPipeline with a CodeConnections as source.

Note: Due to limitations with JSII and generic support it should be noted that the synth, synthShellStepPartialProps.input and synthShellStepPartialProps.primaryOutputDirectory properties will be ignored if passed in to this construct.

synthShellStepPartialProps.commands is marked as a required field, however if you pass in [] the default commands of this construct will be retained.

Initializer 

import { PDKPipelineWithCodeConnectionProps } from '@aws/pdk/pipeline'

const pDKPipelineWithCodeConnectionProps: PDKPipelineWithCodeConnectionProps = { ... }

Properties

Name Type Description
artifactBucket aws-cdk-lib.aws_s3.IBucket An existing S3 Bucket to use for storing the pipeline's artifact.
assetPublishingCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the asset publishing CodeBuild projects.
cliVersion string CDK CLI version to use in self-mutation and asset publishing steps.
codeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Customize the CodeBuild projects created for this pipeline.
codePipeline aws-cdk-lib.aws_codepipeline.Pipeline An existing Pipeline to be reused and built upon.
crossAccountKeys boolean Create KMS keys for the artifact buckets, allowing cross-account deployments.
crossRegionReplicationBuckets {[ key: string ]: aws-cdk-lib.aws_s3.IBucket} A map of region to S3 bucket name used for cross-region CodePipeline.
dockerCredentials aws-cdk-lib.pipelines.DockerCredential[] A list of credentials used to authenticate to Docker registries.
dockerEnabledForSelfMutation boolean Enable Docker for the self-mutate step.
dockerEnabledForSynth boolean Enable Docker for the 'synth' step.
enableKeyRotation boolean Enable KMS key rotation for the generated KMS keys.
pipelineName string The name of the CodePipeline pipeline.
publishAssetsInParallel boolean Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuseCrossRegionSupportStacks boolean Reuse the same cross region support stack for all pipelines in the App.
role aws-cdk-lib.aws_iam.IRole The IAM role to be assumed by this Pipeline.
selfMutation boolean Whether the pipeline will update itself.
selfMutationCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the self mutation CodeBuild projects.
synth aws-cdk-lib.pipelines.IFileSetProducer The build step that produces the CDK Cloud Assembly.
synthCodeBuildDefaults aws-cdk-lib.pipelines.CodeBuildOptions Additional customizations to apply to the synthesize CodeBuild projects.
useChangeSets boolean Deploy every stack by creating a change set and executing it.
codeConnectionArn string The Arn of the CodeConnection.
primarySynthDirectory string Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.
repositoryOwnerAndName string The Owner and Repository name for instance, user Bob with git repository ACME becomes "Bob/ACME".
cdkCommand string CDK command.
cdkSrcDir string The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.
defaultBranchName string Branch to trigger the pipeline execution.
sonarCodeScannerConfig SonarCodeScannerConfig Configuration for enabling Sonarqube code scanning on a successful synth.
synthShellStepPartialProps aws-cdk-lib.pipelines.ShellStepProps PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.
artifactBucketOptional 
public readonly artifactBucket: IBucket;
  • Type: aws-cdk-lib.aws_s3.IBucket
  • Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.

assetPublishingCodeBuildDefaultsOptional 
public readonly assetPublishingCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.

cliVersionOptional 
public readonly cliVersion: string;
  • Type: string
  • Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.

codeBuildDefaultsOptional 
public readonly codeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.

codePipelineOptional 
public readonly codePipeline: Pipeline;
  • Type: aws-cdk-lib.aws_codepipeline.Pipeline
  • Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]

crossAccountKeysOptional 
public readonly crossAccountKeys: boolean;
  • Type: boolean
  • Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.

crossRegionReplicationBucketsOptional 
public readonly crossRegionReplicationBuckets: {[ key: string ]: IBucket};
  • Type: {[ key: string ]: aws-cdk-lib.aws_s3.IBucket}
  • Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.

dockerCredentialsOptional 
public readonly dockerCredentials: DockerCredential[];
  • Type: aws-cdk-lib.pipelines.DockerCredential[]
  • Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.

dockerEnabledForSelfMutationOptional 
public readonly dockerEnabledForSelfMutation: boolean;
  • Type: boolean
  • Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.

dockerEnabledForSynthOptional 
public readonly dockerEnabledForSynth: boolean;
  • Type: boolean
  • Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.

enableKeyRotationOptional 
public readonly enableKeyRotation: boolean;
  • Type: boolean
  • Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.

pipelineNameOptional 
public readonly pipelineName: string;
  • Type: string
  • Default: Automatically generated

The name of the CodePipeline pipeline.

publishAssetsInParallelOptional 
public readonly publishAssetsInParallel: boolean;
  • Type: boolean
  • Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.

reuseCrossRegionSupportStacksOptional 
public readonly reuseCrossRegionSupportStacks: boolean;
  • Type: boolean
  • Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.

roleOptional 
public readonly role: IRole;
  • Type: aws-cdk-lib.aws_iam.IRole
  • Default: A new role is created

The IAM role to be assumed by this Pipeline.

selfMutationOptional 
public readonly selfMutation: boolean;
  • Type: boolean
  • Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.

selfMutationCodeBuildDefaultsOptional 
public readonly selfMutationCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.

synthOptional 
public readonly synth: IFileSetProducer;
  • Type: aws-cdk-lib.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.

synthCodeBuildDefaultsOptional 
public readonly synthCodeBuildDefaults: CodeBuildOptions;
  • Type: aws-cdk-lib.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.

useChangeSetsOptional 
public readonly useChangeSets: boolean;
  • Type: boolean
  • Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.

codeConnectionArnRequired 
public readonly codeConnectionArn: string;
  • Type: string

The Arn of the CodeConnection.

primarySynthDirectoryRequired 
public readonly primarySynthDirectory: string;
  • Type: string

Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.

repositoryOwnerAndNameRequired 
public readonly repositoryOwnerAndName: string;
  • Type: string

The Owner and Repository name for instance, user Bob with git repository ACME becomes "Bob/ACME".

cdkCommandOptional 
public readonly cdkCommand: string;
  • Type: string
  • Default: 'npx cdk'

CDK command.

Override the command used to call cdk for synth and deploy.

cdkSrcDirOptional 
public readonly cdkSrcDir: string;
  • Type: string
  • Default: The parent directory of primarySynthDirectory

The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.

defaultBranchNameOptional 
public readonly defaultBranchName: string;
  • Type: string
  • Default: mainline

Branch to trigger the pipeline execution.

sonarCodeScannerConfigOptional 
public readonly sonarCodeScannerConfig: SonarCodeScannerConfig;

Configuration for enabling Sonarqube code scanning on a successful synth.

synthShellStepPartialPropsOptional 
public readonly synthShellStepPartialProps: ShellStepProps;
  • Type: aws-cdk-lib.pipelines.ShellStepProps

PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

To override these defaults and/or provide additional inputs, specify env settings, etc you can provide a partial ShellStepProps.

SonarCodeScannerConfig

Initializer 

import { SonarCodeScannerConfig } from '@aws/pdk/pipeline'

const sonarCodeScannerConfig: SonarCodeScannerConfig = { ... }

Properties

Name Type Description
sonarqubeAuthorizedGroup string Group name in Sonarqube with access to administer this project.
sonarqubeDefaultProfileOrGateName string Default profile/gate name i.e: your org profile.
sonarqubeEndpoint string endpoint of the sonarqube instance i.e: https://.
sonarqubeProjectName string Name of the project to create in Sonarqube.
cdkOutDir string directory containing the synthesized cdk resources.
cfnNagIgnorePath string path to a file containing the cfn nag suppression rules.
excludeGlobsForScan string[] glob patterns to exclude from sonar scan.
includeGlobsForScan string[] glob patterns to include from sonar scan.
preArchiveCommands string[] Hook which allows custom commands to be executed before the process commences the archival process.
sonarqubeSpecificProfileOrGateName string Specific profile/gate name i.e: language specific.
sonarqubeTags string[] Tags to associate with this project.
sonarqubeAuthorizedGroupRequired 
public readonly sonarqubeAuthorizedGroup: string;
  • Type: string

Group name in Sonarqube with access to administer this project.

sonarqubeDefaultProfileOrGateNameRequired 
public readonly sonarqubeDefaultProfileOrGateName: string;
  • Type: string

Default profile/gate name i.e: your org profile.

Note: These need to be set up in Sonarqube manually.

sonarqubeEndpointRequired 
public readonly sonarqubeEndpoint: string;
  • Type: string

endpoint of the sonarqube instance i.e: https://.

Note: Ensure a trailing '/' is not included.

sonarqubeProjectNameRequired 
public readonly sonarqubeProjectName: string;
  • Type: string

Name of the project to create in Sonarqube.

cdkOutDirOptional 
public readonly cdkOutDir: string;
  • Type: string

directory containing the synthesized cdk resources.

cfnNagIgnorePathOptional 
public readonly cfnNagIgnorePath: string;
  • Type: string

path to a file containing the cfn nag suppression rules.

excludeGlobsForScanOptional 
public readonly excludeGlobsForScan: string[];
  • Type: string[]

glob patterns to exclude from sonar scan.

includeGlobsForScanOptional 
public readonly includeGlobsForScan: string[];
  • Type: string[]

glob patterns to include from sonar scan.

preArchiveCommandsOptional 
public readonly preArchiveCommands: string[];
  • Type: string[]

Hook which allows custom commands to be executed before the process commences the archival process.

sonarqubeSpecificProfileOrGateNameOptional 
public readonly sonarqubeSpecificProfileOrGateName: string;
  • Type: string

Specific profile/gate name i.e: language specific.

Note: These need to be set up in Sonarqube manually.

sonarqubeTagsOptional 
public readonly sonarqubeTags: string[];
  • Type: string[]

Tags to associate with this project.

SonarCodeScannerProps

SonarCodeScanners properties.

Initializer 

import { SonarCodeScannerProps } from '@aws/pdk/pipeline'

const sonarCodeScannerProps: SonarCodeScannerProps = { ... }

Properties

Name Type Description
sonarqubeAuthorizedGroup string Group name in Sonarqube with access to administer this project.
sonarqubeDefaultProfileOrGateName string Default profile/gate name i.e: your org profile.
sonarqubeEndpoint string endpoint of the sonarqube instance i.e: https://.
sonarqubeProjectName string Name of the project to create in Sonarqube.
cdkOutDir string directory containing the synthesized cdk resources.
cfnNagIgnorePath string path to a file containing the cfn nag suppression rules.
excludeGlobsForScan string[] glob patterns to exclude from sonar scan.
includeGlobsForScan string[] glob patterns to include from sonar scan.
preArchiveCommands string[] Hook which allows custom commands to be executed before the process commences the archival process.
sonarqubeSpecificProfileOrGateName string Specific profile/gate name i.e: language specific.
sonarqubeTags string[] Tags to associate with this project.
artifactBucketArn string S3 bucket ARN containing the built artifacts from the synth build.
synthBuildArn string ARN for the CodeBuild task responsible for executing the synth command.
artifactBucketKeyArn string Artifact bucket key ARN used to encrypt the artifacts.
sonarqubeAuthorizedGroupRequired 
public readonly sonarqubeAuthorizedGroup: string;
  • Type: string

Group name in Sonarqube with access to administer this project.

sonarqubeDefaultProfileOrGateNameRequired 
public readonly sonarqubeDefaultProfileOrGateName: string;
  • Type: string

Default profile/gate name i.e: your org profile.

Note: These need to be set up in Sonarqube manually.

sonarqubeEndpointRequired 
public readonly sonarqubeEndpoint: string;
  • Type: string

endpoint of the sonarqube instance i.e: https://.

Note: Ensure a trailing '/' is not included.

sonarqubeProjectNameRequired 
public readonly sonarqubeProjectName: string;
  • Type: string

Name of the project to create in Sonarqube.

cdkOutDirOptional 
public readonly cdkOutDir: string;
  • Type: string

directory containing the synthesized cdk resources.

cfnNagIgnorePathOptional 
public readonly cfnNagIgnorePath: string;
  • Type: string

path to a file containing the cfn nag suppression rules.

excludeGlobsForScanOptional 
public readonly excludeGlobsForScan: string[];
  • Type: string[]

glob patterns to exclude from sonar scan.

includeGlobsForScanOptional 
public readonly includeGlobsForScan: string[];
  • Type: string[]

glob patterns to include from sonar scan.

preArchiveCommandsOptional 
public readonly preArchiveCommands: string[];
  • Type: string[]

Hook which allows custom commands to be executed before the process commences the archival process.

sonarqubeSpecificProfileOrGateNameOptional 
public readonly sonarqubeSpecificProfileOrGateName: string;
  • Type: string

Specific profile/gate name i.e: language specific.

Note: These need to be set up in Sonarqube manually.

sonarqubeTagsOptional 
public readonly sonarqubeTags: string[];
  • Type: string[]

Tags to associate with this project.

artifactBucketArnRequired 
public readonly artifactBucketArn: string;
  • Type: string

S3 bucket ARN containing the built artifacts from the synth build.

synthBuildArnRequired 
public readonly synthBuildArn: string;
  • Type: string

ARN for the CodeBuild task responsible for executing the synth command.

artifactBucketKeyArnOptional 
public readonly artifactBucketKeyArn: string;
  • Type: string

Artifact bucket key ARN used to encrypt the artifacts.

Last update: 2025-07-17