Amazon S3 source actions and EventBridge with Amazon CloudTrail
To add an Amazon S3 source action in CodePipeline, you choose either to:
-
Use the CodePipeline console Create pipeline wizard (Create a pipeline (console)) or Edit action page to choose the S3 provider option. The console creates an EventBridge rule and a CloudTrail trail that starts your pipeline when the source changes.
-
Use the Amazon CLI to add the action configuration for the
S3action and create additional resources as follows:-
Use the
S3example action configuration in Amazon S3 source action to create your action as shown in Create a pipeline (CLI). -
The change detection method defaults to starting the pipeline by polling the source. You should disable periodic checks and create the change detection rule and trail manually. Use one of the following methods: Create an EventBridge rule for an Amazon S3 source (console), Create an EventBridge rule for an Amazon S3 source (CLI), or Create an EventBridge rule for an Amazon S3 source (Amazon CloudFormation template) .
-
Amazon CloudTrail is a service that logs and filters events on your Amazon S3 source bucket. The trail sends the filtered source changes to the EventBridge rule. The EventBridge rule detects the source change and then starts your pipeline.
Requirements:
-
If you are not creating a trail, use an existing Amazon CloudTrail trail for logging events in your Amazon S3 source bucket and sending filtered events to the EventBridge rule.
-
Create or use an existing S3 bucket where Amazon CloudTrail can store its log files. Amazon CloudTrail must have the permissions required to deliver log files to an Amazon S3 bucket. The bucket cannot be configured as a Requester Pays bucket. When you create an Amazon S3 bucket as part of creating or updating a trail in the console, Amazon CloudTrail attaches the required permissions to a bucket for you. For more information, see Amazon S3 Bucket Policy for CloudTrail.