Merge pull request #27 from aws-samples/sns

jakebark · web-flow · commit 268e9e49d190 · 2025-07-08T13:39:50.000+01:00
added sns notifications
diff --git a/README.md b/README.md
@@ -79,6 +79,15 @@ module "pipeline" {
     subnets            = ["subnet-011aabbcc2233d4ef"],
     security_group_ids = ["sg-001abcd2233ee4455"],
   }
+
+  notifications = {
+    sns_topic   = aws_sns_topic.this.arn
+    detail_type = "BASIC"
+    events = [
+      "codepipeline-pipeline-pipeline-execution-failed",
+      "codepipeline-pipeline-pipeline-execution-succeeded"
+    ]
+  }
   
   tags = join(",", [
     "Environment[Dev,Prod]",
diff --git a/codepipeline.tf b/codepipeline.tf
@@ -76,6 +76,7 @@ resource "aws_codepipeline" "this" {
 
       configuration = {
         CustomData = "This action will approve the deployment of resources in ${var.pipeline_name}. Please review the plan action before approving."
+
       }
     }
   }
@@ -172,3 +173,15 @@ data "aws_iam_policy_document" "codepipeline" {
     ]
   }
 }
+
+resource "aws_codestarnotifications_notification_rule" "this" {
+  count          = var.notifications != null ? 1 : 0
+  name           = var.pipeline_name
+  detail_type    = var.notifications["detail_type"]
+  event_type_ids = var.notifications["events"]
+  resource       = aws_codepipeline.this.arn
+
+  target {
+    address = var.notifications["sns_topic"]
+  }
+}
diff --git a/docs/optional_inputs.md b/docs/optional_inputs.md
@@ -26,6 +26,8 @@
 
 `vpc` configures the CodeBuild projects to [run in a VPC](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html).  
 
+`notifications` creates a [CodeStar notification](https://docs.aws.amazon.com/dtconsole/latest/userguide/welcome.html) for the pipeline. `sns_topic` is the SNS topic arn. `events` are the [notification events](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#events-ref-pipeline). `detail_type` is either BASIC or FULL. The SNS topic must allow [codestar-notifications.amazonaws.com to publush to the topic](https://docs.aws.amazon.com/dtconsole/latest/userguide/notification-target-create.html). 
+
 `tags` enables tag validation with [tag-nag](https://github.com/jakebark/tag-nag). Input a list of tag keys and/or tag keys and values to enforce. Input must be passed as a string, see [commands](https://github.com/jakebark/tag-nag?tab=readme-ov-file#commands). 
 
 `tagnag_version` controls the [tag-nag](https://github.com/jakebark/tag-nag) version. It defaults to 0.5.8.
diff --git a/variables.tf b/variables.tf
@@ -71,6 +71,16 @@ variable "log_retention" {
   default     = 90
 }
 
+variable "notifications" {
+  description = "SNS notification configuration"
+  type = object({
+    sns_topic   = string
+    events      = list(string)
+    detail_type = string
+  })
+  default = null
+}
+
 variable "mode" {
   description = "pipeline execution mode"
   type        = string

Original file line number	Diff line number	Diff line change
`@@ -76,6 +76,7 @@ resource "aws_codepipeline" "this" {`
`76`	`76`
`77`	`77`	`configuration = {`
`78`	`78`	`CustomData = "This action will approve the deployment of resources in ${var.pipeline_name}. Please review the plan action before approving."`
	`79`	`+`
`79`	`80`	`}`
`80`	`81`	`}`
`81`	`82`	`}`
`@@ -172,3 +173,15 @@ data "aws_iam_policy_document" "codepipeline" {`
`172`	`173`	`]`
`173`	`174`	`}`
`174`	`175`	`}`
	`176`	`+`
	`177`	`+resource "aws_codestarnotifications_notification_rule" "this" {`
	`178`	`+ count = var.notifications != null ? 1 : 0`
	`179`	`+ name = var.pipeline_name`
	`180`	`+ detail_type = var.notifications["detail_type"]`
	`181`	`+ event_type_ids = var.notifications["events"]`
	`182`	`+ resource = aws_codepipeline.this.arn`
	`183`	`+`
	`184`	`+ target {`
	`185`	`+ address = var.notifications["sns_topic"]`
	`186`	`+ }`
	`187`	`+}`