DEVHIDE
Login Or Sign up

Can 'codestar connections used' trigger aws event bridge?

557 Views Asked by At

Although AWS considers using git webhooks to be antiquated practice, the documentation on aws codestar connections seems to be a bit scarce. I want to create a generic pipeline that can be triggered when a new repository is committed to for the first time (that it contains a folder of TF config). To do this, I need to be able to monitor when an aws codestar connection is used. I think that doing it this way will mean that I can build something that scales better.

But there doesn't appear to be a well documented way to monitor when 'anything' accesses a codestar connection:

https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodestarconnections.html#awscodestarconnections-actions-as-permissions

aws-codestar-connections-actions

In the image above, one can see that there is an action that happens that needs a permission to work, but that is not directly accessible. In cloud trail, I found an action with a payload like this:

    "eventTime": "2021-07-06T11:22:46Z",
    "eventSource": "codestar-connections.amazonaws.com",
    "eventName": "UseConnection",
    "awsRegion": "us-east-1",
    "sourceIPAddress": "codepipeline.amazonaws.com",
    "userAgent": "codepipeline.amazonaws.com",
    "requestParameters": {
        "connectionArn": "arn:aws:codestar-connections:*:connection/",
        "referenceType": "COMMIT",
        "reference": {
            "FullRepositoryId": "GitHub-User/Github-Repo",
            "Commit": "SHA"
        }
    },

I believe that this is enough for me to use for what I want. I could create an SNS notification with a Lambda listener when this event triggers, but that requires setting up infrastructure to monitor CloudTrail events.

But while I was researching this, I noticed that AWS event bridge appears to know about codestar connections:

aws-eventbridge-codestar-connections

Note, if I take this a bit further, I can get something that looks like this:

{
  "source": [
    "aws.codestar-connections"
  ],
  "detail-type": [
    "AWS API Call via CloudTrail"
  ],
  "detail": {
    "eventSource": [
      "codestar-connections.amazonaws.com"
    ]
  }
}

... but I see no sample events, as it appears that I should, if they were there. And I'm unable to find documentation describing how to make codestar connections log the the UseConnection event to cloudwatch.

If this can be used, instead, then I can use a more direct approach without needing to build the infrastructure to monitor the CloudTrail events.

Can this be done?

amazon-web-services amazon-cloudwatch amazon-cloudtrail aws-event-bridge aws-codestar
Original Q&A
0

There are 0 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-CLOUDWATCH

Related Questions in AMAZON-CLOUDTRAIL

Related Questions in AWS-EVENT-BRIDGE

Related Questions in AWS-CODESTAR

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

dbora

Copyright © 2021 Jogjafile Inc.