Build notifications sample for CodeBuild
Amazon CloudWatch Events has built-in support for Amazon CodeBuild. CloudWatch Events is a stream of system events describing changes in your Amazon resources. With CloudWatch Events, you write declarative rules to associate events of interest with automated actions to be taken. This sample uses Amazon CloudWatch Events and Amazon Simple Notification Service (Amazon SNS) to send build notifications to subscribers whenever builds succeed, fail, go from one build phase to another, or any combination of these events.
Important
Running this sample might result in charges to your Amazon account. These include
possible charges for CodeBuild and for Amazon resources and actions related to Amazon CloudWatch and
Amazon SNS. For more information, see CodeBuild pricing
Run the build notifications sample
Use the following procedure to run the build notifications sample.
To run this sample
-
If you already have a topic set up and subscribed to in Amazon SNS that you want to use for this sample, skip ahead to step 4. Otherwise, if you are using an IAM user instead of an Amazon root account or an administrator user to work with Amazon SNS, add the following statement (between
### BEGIN ADDING STATEMENT HERE ###
and### END ADDING STATEMENT HERE ###
) to the user (or IAM group the user is associated with). Using an Amazon root account is not recommended. This statement enables viewing, creating, subscribing, and testing the sending of notifications to topics in Amazon SNS. Ellipses (...
) are used for brevity and to help you locate where to add the statement. Do not remove any statements, and do not type these ellipses into the existing policy.{ "Statement": [
### BEGIN ADDING STATEMENT HERE ###
{ "Action": [ "sns:CreateTopic", "sns:GetTopicAttributes", "sns:List*", "sns:Publish", "sns:SetTopicAttributes", "sns:Subscribe" ], "Resource": "*", "Effect": "Allow" },### END ADDING STATEMENT HERE ###
... ], "Version": "2012-10-17" }Note
The IAM entity that modifies this policy must have permission in IAM to modify policies.
For more information, see Editing customer managed policies or the "To edit or delete an inline policy for a group, user, or role" section in Working with inline policies (console) in the IAM User Guide.
-
Create or identify a topic in Amazon SNS. Amazon CodeBuild uses CloudWatch Events to send build notifications to this topic through Amazon SNS.
To create a topic:
-
Open the Amazon SNS console at https://console.amazonaws.cn/sns
. -
Choose Create topic.
-
In Create new topic, for Topic name, enter a name for the topic (for example,
CodeBuildDemoTopic
). (If you choose a different name, substitute it throughout this sample.) -
Choose Create topic.
-
On the Topic details: CodeBuildDemoTopic page, copy the Topic ARN value. You need this value for the next step.
For more information, see Create a topic in the Amazon SNS Developer Guide.
-
-
Subscribe one or more recipients to the topic to receive email notifications.
To subscribe a recipient to a topic:
-
With the Amazon SNS console open from the previous step, in the navigation pane, choose Subscriptions, and then choose Create subscription.
-
In Create subscription, for Topic ARN, paste the topic ARN you copied from the previous step.
-
For Protocol, choose Email.
-
For Endpoint, enter the recipient's full email address.
-
Choose Create Subscription.
-
Amazon SNS sends a subscription confirmation email to the recipient. To begin receiving email notifications, the recipient must choose the Confirm subscription link in the subscription confirmation email. After the recipient clicks the link, if successfully subscribed, Amazon SNS displays a confirmation message in the recipient's web browser.
For more information, see Subscribe to a topic in the Amazon SNS Developer Guide.
-
-
If you are using an user instead of an Amazon root account or an administrator user to work with CloudWatch Events, add the following statement (between
### BEGIN ADDING STATEMENT HERE ###
and### END ADDING STATEMENT HERE ###
) to the user (or IAM group the user is associated with). Using an Amazon root account is not recommended. This statement is used to allow the user to work with CloudWatch Events. Ellipses (...
) are used for brevity and to help you locate where to add the statement. Do not remove any statements, and do not type these ellipses into the existing policy.{ "Statement": [
### BEGIN ADDING STATEMENT HERE ###
{ "Action": [ "events:*", "iam:PassRole" ], "Resource": "*", "Effect": "Allow" },### END ADDING STATEMENT HERE ###
... ], "Version": "2012-10-17" }Note
The IAM entity that modifies this policy must have permission in IAM to modify policies.
For more information, see Editing customer managed policies or the "To edit or delete an inline policy for a group, user, or role" section in Working with inline policies (console) in the IAM User Guide.
-
Create a rule in CloudWatch Events. To do this, open the CloudWatch console, at https://console.amazonaws.cn/cloudwatch
. -
In the navigation pane, under Events, choose Rules, and then choose Create rule.
-
On the Step 1: Create rule page, Event Pattern and Build event pattern to match events by service should already be selected.
-
For Service Name, choose CodeBuild. For Event Type, All Events should already be selected.
-
The following code should be displayed in Event Pattern Preview:
{ "source": [ "aws.codebuild" ] }
-
Choose Edit and replace the code in Event Pattern Preview with one of the following two rule patterns.
This first rule pattern triggers an event when a build starts or completes for the specified build projects in Amazon CodeBuild.
{ "source": [ "aws.codebuild" ], "detail-type": [ "CodeBuild Build State Change" ], "detail": { "build-status": [ "IN_PROGRESS", "SUCCEEDED", "FAILED", "STOPPED" ], "project-name": [ "
my-demo-project-1
", "my-demo-project-2
" ] } }In the preceding rule, make the following code changes as needed.
-
To trigger an event when a build starts or completes, either leave all of the values as shown in the
build-status
array, or remove thebuild-status
array altogether. -
To trigger an event only when a build completes, remove
IN_PROGRESS
from thebuild-status
array. -
To trigger an event only when a build starts, remove all of the values except
IN_PROGRESS
from thebuild-status
array. -
To trigger events for all build projects, remove the
project-name
array altogether. -
To trigger events only for individual build projects, specify the name of each build project in the
project-name
array.
This second rule pattern triggers an event whenever a build moves from one build phase to another for the specified build projects in Amazon CodeBuild.
{ "source": [ "aws.codebuild" ], "detail-type": [ "CodeBuild Build Phase Change" ], "detail": { "completed-phase": [ "SUBMITTED", "PROVISIONING", "DOWNLOAD_SOURCE", "INSTALL", "PRE_BUILD", "BUILD", "POST_BUILD", "UPLOAD_ARTIFACTS", "FINALIZING" ], "completed-phase-status": [ "TIMED_OUT", "STOPPED", "FAILED", "SUCCEEDED", "FAULT", "CLIENT_ERROR" ], "project-name": [ "
my-demo-project-1
", "my-demo-project-2
" ] } }In the preceding rule, make the following code changes as needed.
-
To trigger an event for every build phase change (which might send up to nine notifications for each build), either leave all of the values as shown in the
completed-phase
array, or remove thecompleted-phase
array altogether. -
To trigger events only for individual build phase changes, remove the name of each build phase in the
completed-phase
array that you do not want to trigger an event for. -
To trigger an event for every build phase status change, either leave all of the values as shown in the
completed-phase-status
array, or remove thecompleted-phase-status
array altogether. -
To trigger events only for individual build phase status changes, remove the name of each build phase status in the
completed-phase-status
array that you do not want to trigger an event for. -
To trigger events for all build projects, remove the
project-name
array. -
To trigger events for individual build projects, specify the name of each build project in the
project-name
array.
For more information about event patterns, see Event Patterns in the Amazon EventBridge User Guide.
For more information about filtering with event patterns, see Content-based Filtering with Event Patterns in the Amazon EventBridge User Guide.
Note
If you want to trigger events for both build state changes and build phase changes, you must create two separate rules: one for build state changes and another for build phase changes. If you try to combine both rules into a single rule, the combined rule might produce unexpected results or stop working altogether.
When you have finished replacing the code, choose Save.
-
-
For Targets, choose Add target.
-
In the list of targets, choose SNS topic.
-
For Topic, choose the topic you identified or created earlier.
-
Expand Configure input, and then choose Input Transformer.
-
In the Input Path box, enter one of the following input paths.
For a rule with a
detail-type
value ofCodeBuild Build State Change
, enter the following.{"build-id":"$.detail.build-id","project-name":"$.detail.project-name","build-status":"$.detail.build-status"}
For a rule with a
detail-type
value ofCodeBuild Build Phase Change
, enter the following.{"build-id":"$.detail.build-id","project-name":"$.detail.project-name","completed-phase":"$.detail.completed-phase","completed-phase-status":"$.detail.completed-phase-status"}
To get other types of information, see the Build notifications input format reference.
-
In the Input Template box, enter one of the following input templates.
For a rule with a
detail-type
value ofCodeBuild Build State Change
, enter the following."Build '<build-id>' for build project '<project-name>' has reached the build status of '<build-status>'."
For a rule with a
detail-type
value ofCodeBuild Build Phase Change
, enter the following."Build '<build-id>' for build project '<project-name>' has completed the build phase of '<completed-phase>' with a status of '<completed-phase-status>'."
-
Choose Configure details.
-
On the Step 2: Configure rule details page, enter a name and an optional description. For State, leave Enabled selected.
-
Choose Create rule.
-
Create build projects, run the builds, and view build information.
-
Confirm that CodeBuild is now successfully sending build notifications. For example, check to see if the build notification emails are now in your inbox.
To change a rule's behavior, in the CloudWatch console, choose the rule you want to change, choose Actions, and then choose Edit. Make changes to the rule, choose Configure details, and then choose Update rule.
To stop using a rule to send build notifications, in the CloudWatch console, choose the rule you want to stop using, choose Actions, and then choose Disable.
To delete a rule altogether, in the CloudWatch console, choose the rule you want to delete, choose Actions, and then choose Delete.