tessl/npm-pulumi--aws
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources with infrastructure-as-code.
—
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
devtools.mddocs/services/
Developer Tools
AWS services for CI/CD, source control, and application deployment.
Services Overview
CodeCommit - Git Repository Hosting
Fully managed source control service that hosts secure Git repositories.
import { codecommit } from "@pulumi/aws";
// Create a Git repository
const repo = new codecommit.Repository("app-repo", {
repositoryName: "my-application",
description: "Application source code",
defaultBranch: "main",
});
// Create an approval rule template
const approvalRule = new codecommit.ApprovalRuleTemplate("require-review", {
name: "require-code-review",
description: "Require at least 2 approvals before merge",
content: JSON.stringify({
Version: "2018-11-08",
DestinationReferences: ["refs/heads/main"],
Statements: [{
Type: "Approvers",
NumberOfApprovalsNeeded: 2,
ApprovalPoolMembers: [`arn:aws:sts::${accountId}:assumed-role/Developers/*`],
}],
}),
});
// Associate approval rule with repository
new codecommit.ApprovalRuleTemplateAssociation("enforce-review", {
approvalRuleTemplateName: approvalRule.name,
repositoryName: repo.repositoryName,
});
// Trigger on repository events
new codecommit.Trigger("notify-builds", {
repositoryName: repo.repositoryName,
triggers: [{
name: "on-push",
destinationArn: buildTopic.arn,
events: ["all"],
}],
});Key Resources: Repository, ApprovalRuleTemplate, ApprovalRuleTemplateAssociation, Trigger
Data Sources: getRepository, getApprovalRuleTemplate
Use Cases: Git hosting, code collaboration, code review, version control
CodeBuild - Build and Test Code
Fully managed build service that compiles source code, runs tests, and produces deployable artifacts.
import { codebuild } from "@pulumi/aws";
// Create a build project
const buildProject = new codebuild.Project("app-build", {
serviceRole: buildRole.arn,
artifacts: {
type: "S3",
location: artifactsBucket.id,
},
environment: {
computeType: "BUILD_GENERAL1_SMALL",
image: "aws/codebuild/standard:7.0",
type: "LINUX_CONTAINER",
privilegedMode: true,
environmentVariables: [
{ name: "AWS_REGION", value: region },
{ name: "ACCOUNT_ID", value: accountId },
],
},
source: {
type: "CODECOMMIT",
location: repo.cloneUrlHttp,
buildspec: `version: 0.2
phases:
pre_build:
commands:
- echo Logging in to Amazon ECR...
- aws ecr get-login-password | docker login --username AWS --password-stdin $ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com
build:
commands:
- echo Build started on \`date\`
- docker build -t myapp:$CODEBUILD_RESOLVED_SOURCE_VERSION .
- docker tag myapp:$CODEBUILD_RESOLVED_SOURCE_VERSION $ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/myapp:latest
post_build:
commands:
- docker push $ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/myapp:latest
artifacts:
files:
- '**/*'`,
},
logsConfig: {
cloudwatchLogs: {
groupName: buildLogs.name,
},
},
});
// Create a report group for test results
const reportGroup = new codebuild.ReportGroup("test-results", {
type: "TEST",
exportConfig: {
type: "S3",
s3Destination: {
bucket: reportsBucket.id,
path: "/test-reports",
},
},
});
// Create a webhook for automatic builds
new codebuild.Webhook("github-webhook", {
projectName: buildProject.name,
filterGroups: [{
filters: [
{ type: "EVENT", pattern: "PUSH" },
{ type: "HEAD_REF", pattern: "refs/heads/main" },
],
}],
});
// Create a compute fleet for reserved capacity
const fleet = new codebuild.Fleet("reserved-fleet", {
name: "build-fleet",
baseCapacity: 2,
computeType: "BUILD_GENERAL1_SMALL",
environmentType: "LINUX_CONTAINER",
scalingConfiguration: {
maxCapacity: 5,
scalingType: "TARGET_TRACKING_SCALING",
targetTrackingScalingConfigs: [{
metricType: "FLEET_UTILIZATION_RATE",
targetValue: 75,
}],
},
});Key Resources: Project, ReportGroup, Webhook, Fleet, SourceCredential, ResourcePolicy
Data Sources: getFleet
Use Cases: CI/CD builds, Docker image building, test automation, artifact generation
CodeDeploy - Automated Deployments
Automate application deployments to EC2, Lambda, ECS, and on-premises servers.
import { codedeploy } from "@pulumi/aws";
// Create an application
const app = new codedeploy.Application("web-app", {
name: "my-web-application",
computePlatform: "Server",
});
// Create a deployment group
const deploymentGroup = new codedeploy.DeploymentGroup("production", {
appName: app.name,
deploymentGroupName: "production",
serviceRoleArn: deployRole.arn,
ec2TagSets: [{
ec2TagFilters: [{
key: "Environment",
type: "KEY_AND_VALUE",
value: "production",
}],
}],
autoRollbackConfiguration: {
enabled: true,
events: ["DEPLOYMENT_FAILURE"],
},
deploymentStyle: {
deploymentOption: "WITH_TRAFFIC_CONTROL",
deploymentType: "BLUE_GREEN",
},
loadBalancerInfo: {
targetGroupInfos: [{
name: targetGroup.name,
}],
},
});
// Create a custom deployment configuration
const deploymentConfig = new codedeploy.DeploymentConfig("canary", {
deploymentConfigName: "canary-10-percent",
computePlatform: "Server",
trafficRoutingConfig: {
type: "TimeBasedCanary",
timeBasedCanary: {
interval: 10,
percentage: 10,
},
},
});Key Resources: Application, DeploymentGroup, DeploymentConfig
Use Cases: Blue/green deployments, canary releases, rolling updates, automated rollbacks
CodePipeline - Continuous Delivery Pipelines
Orchestrate and automate your release process with continuous delivery pipelines.
import { codepipeline } from "@pulumi/aws";
// Create a pipeline
const pipeline = new codepipeline.Pipeline("release", {
roleArn: pipelineRole.arn,
artifactStores: [{
location: artifactsBucket.id,
type: "S3",
}],
stages: [
{
name: "Source",
actions: [{
name: "Source",
category: "Source",
owner: "AWS",
provider: "CodeCommit",
version: "1",
outputArtifacts: ["source_output"],
configuration: {
RepositoryName: repo.repositoryName,
BranchName: "main",
},
}],
},
{
name: "Build",
actions: [{
name: "Build",
category: "Build",
owner: "AWS",
provider: "CodeBuild",
version: "1",
inputArtifacts: ["source_output"],
outputArtifacts: ["build_output"],
configuration: {
ProjectName: buildProject.name,
},
}],
},
{
name: "Deploy",
actions: [{
name: "Deploy",
category: "Deploy",
owner: "AWS",
provider: "CodeDeploy",
version: "1",
inputArtifacts: ["build_output"],
configuration: {
ApplicationName: app.name,
DeploymentGroupName: deploymentGroup.deploymentGroupName,
},
}],
},
],
});
// Create a custom action type
const customAction = new codepipeline.CustomActionType("security-scan", {
category: "Test",
providerName: "SecurityScanner",
version: "1",
inputArtifactDetails: {
minimumCount: 1,
maximumCount: 1,
},
outputArtifactDetails: {
minimumCount: 0,
maximumCount: 0,
},
});
// Create a webhook for automatic pipeline execution
new codepipeline.Webhook("github-trigger", {
name: "github-webhook",
authentication: "GITHUB_HMAC",
targetPipeline: pipeline.name,
targetAction: "Source",
authenticationConfiguration: {
secretToken: webhookSecret,
},
filters: [{
jsonPath: "$.ref",
matchEquals: "refs/heads/main",
}],
});Key Resources: Pipeline, CustomActionType, Webhook
Use Cases: CI/CD automation, release orchestration, multi-stage deployments, approval workflows
CodeArtifact - Package Management
Managed artifact repository service for software package storage and retrieval.
import { codeartifact } from "@pulumi/aws";
// Create a domain
const domain = new codeartifact.Domain("packages", {
domain: "my-company",
});
// Create a repository
const repo = new codeartifact.Repository("npm-packages", {
repository: "npm-internal",
domain: domain.domain,
description: "Internal npm packages",
});
// Add upstream to public npm
const upstreamRepo = new codeartifact.Repository("npm-public", {
repository: "npm-public",
domain: domain.domain,
externalConnections: {
externalConnectionName: "public:npmjs",
},
});
new codeartifact.RepositoryEndpoint("npm-endpoint", {
repository: repo.repository,
domain: domain.domain,
format: "npm",
});Key Resources: Domain, Repository, RepositoryPermissionsPolicy, DomainPermissionsPolicy
Data Sources: getAuthorizationToken, getRepositoryEndpoint
Use Cases: Private package hosting, dependency caching, artifact versioning, package approval
Cloud9 - Cloud IDE
Cloud-based integrated development environment for writing, running, and debugging code.
import { cloud9 } from "@pulumi/aws";
// Create a development environment
const devEnv = new cloud9.EnvironmentEC2("dev", {
name: "developer-workspace",
instanceType: "t3.small",
automaticStopTimeMinutes: 30,
description: "Development environment for the team",
subnetId: subnet.id,
ownerArn: developerUser.arn,
});Key Resources: EnvironmentEC2, EnvironmentMembership
Use Cases: Remote development, pair programming, teaching, collaborative coding
CodeGuru - Code Reviews and Profiling
AI-powered code review and application profiling service.
import { codeguruprofiler } from "@pulumi/aws";
import { codegurureviewer } from "@pulumi/aws";
// Create a profiling group
const profilingGroup = new codeguruprofiler.ProfilingGroup("app-profiler", {
name: "my-application",
computePlatform: "Default",
agentOrchestrationConfig: {
profilingEnabled: true,
},
});
// Associate repository for code review
const repoAssociation = new codegurureviewer.RepositoryAssociation("code-review", {
repository: {
codecommit: {
name: repo.repositoryName,
},
},
});Key Resources:
- CodeGuru Profiler: ProfilingGroup
- CodeGuru Reviewer: RepositoryAssociation
Use Cases: Performance optimization, code quality, security vulnerabilities, best practices
X-Ray - Distributed Tracing
Analyze and debug distributed applications with end-to-end tracing.
import { xray } from "@pulumi/aws";
// Create a sampling rule
const samplingRule = new xray.SamplingRule("api-sampling", {
ruleName: "api-requests",
priority: 1000,
version: 1,
reservoirSize: 1,
fixedRate: 0.05,
urlPath: "/api/*",
host: "*",
httpMethod: "*",
serviceType: "*",
serviceName: "*",
resourceArn: "*",
});
// Create a group for filtering traces
const group = new xray.Group("errors", {
groupName: "error-traces",
filterExpression: "error = true OR fault = true",
});Key Resources: SamplingRule, Group, EncryptionConfig
Use Cases: Performance analysis, request tracing, service maps, error detection
Additional Developer Tools
CodeStar / CodeCatalyst
Unified development service for collaborative software development.
CodeConnections / CodeStar Connections
Connect to third-party source code repositories like GitHub, Bitbucket.
Related Services
- Lambda - Deploy serverless functions
- ECS - Deploy containerized applications
- ECR - Store Docker images
- CloudWatch - Application monitoring and logs
- SNS - Pipeline notifications
- EventBridge - Trigger pipelines from events
For complete service list, see All Services A-Z.
Install with Tessl CLI
npx tessl i tessl/npm-pulumi--aws