- TAG TAG TAG everything you can!
- OPINIONATED always design cleanup pipeline along with a provisioning one. This will save you a lot of time when time come to remove all that mess.
👀Check CloudFormation Delete resource at pipeline.yaml
IMPORTANT This pipeline should have disable transition after Source stage. - MULTIPLE SOURCES for AWS CodePipeline. A simple example of how to replace git submodules (which are not supported by AWS CodePipleine) with multiple input sources for your AWS CodePipeline. Obviously might not work for all of your scenarios. But it works here 👍
👀Examine CloudFormation Create resource at pipeline.yaml. Pay attention to Source stage. - BEST PRACTICE Don't abuse CloudFormation Intrinsic Function ImportValue. Use it only when absolutely nessesary (example might be when you created CloudFormation Stacks during different deployment cycles). Use approach below whever it is possible.
- HOW TO Pass CloudFormation output from one stack to another Using Parameter Override Functions with CodePipeline.
👀You can find real example by examing CloudFormation Create resource at pipeline.yaml - HOW TO Use CloudFormation Condition Function IF and CloudFormation Pseudo parameter NoValue to CONDITIONALLY CREATE AWS CodePipeline STAGE.
👀Check CloudFormation Create and Delete resources at pipeline.yaml - HOW TO You can apply the same approach from above to conditionally attach AWS IAM Policies to your AWS IAM Roles.
👀Check CloudFormation CodePipelineRole resource at pipeline.yaml - BEST PRACTICE Document usage of AWS IAM Policies. So you know what to remove later in case of you stack changed (new CloudFormation template added and/or more importantely deleted).
👀Check CloudFormation CodePipelineRole resource at pipeline.yaml - TRADE-OFF Don't live you users behind in case you can't (or don't want) to automate. Give the a hint at least.
👀Check description for CloudFormation parameter BundledId at pipeline.yaml.
In fact this can be automated by using Custom CloudFormation Resource. Just not worthwhile in this particular case. Hence it is a TRADE-OFF.
📧Let us know if you badly need to automate this.