class ImagePipeline (construct)
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.ImageBuilder.Alpha.ImagePipeline |
 Go | github.com/aws/aws-cdk-go/awsimagebuilderalpha/v2#ImagePipeline |
 Java | software.amazon.awscdk.services.imagebuilder.alpha.ImagePipeline |
 Python | aws_cdk.aws_imagebuilder_alpha.ImagePipeline |
 TypeScript (source) | @aws-cdk/aws-imagebuilder-alpha ยป ImagePipeline |
Implements
IConstruct, IDependable, IResource, IEnvironment, IImage
Represents an EC2 Image Builder Image Pipeline.
See also: https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-pipelines.html
Example
const workflowPipeline = new imagebuilder.ImagePipeline(this, 'WorkflowPipeline', {
recipe: exampleImageRecipe,
workflows: [
{ workflow: imagebuilder.AwsManagedWorkflow.buildImage(this, 'BuildWorkflow') },
{ workflow: imagebuilder.AwsManagedWorkflow.testImage(this, 'TestWorkflow') }
]
});
Initializer
new ImagePipeline(scope: Construct, id: string, props: ImagePipelineProps)
Parameters
- scope
Construct - id
string - props
ImagePipeline Props
Construct Props
| Name | Type | Description |
|---|---|---|
| recipe | IRecipe | The recipe that defines the base image, components, and customizations used to build the image. |
| description? | string | The description of the image pipeline. |
| distribution | IDistribution | The distribution configuration used for distributing the image. |
| enhanced | boolean | If enabled, collects additional information about the image being created, including the operating system (OS) version and package list for the AMI. |
| execution | IRole | The execution role used to perform workflow actions to build this image. |
| image | ILog | The log group to use for images created from the image pipeline. |
| image | ILog | The log group to use for the image pipeline. |
| image | string | The name of the image pipeline. |
| image | IRepository | The container repository that Amazon Inspector scans to identify findings for your container images. |
| image | string[] | The tags for Image Builder to apply to the output container image that Amazon Inspector scans. |
| image | boolean | Indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image. |
| image | boolean | Whether to run tests after building an image. |
| infrastructure | IInfrastructure | The infrastructure configuration used for building the image. |
| schedule? | Image | The schedule of the image pipeline. |
| status? | Image | Indicates whether the pipeline is enabled to be triggered by the provided schedule. |
| tags? | { [string]: string } | The tags to apply to the image pipeline. |
| workflows? | Workflow[] | The list of workflow configurations used to build the image. |
recipe
Type:
IRecipe
The recipe that defines the base image, components, and customizations used to build the image.
This can either be an image recipe, or a container recipe.
description?
Type:
string
(optional, default: None)
The description of the image pipeline.
distributionConfiguration?
Type:
IDistribution
(optional, default: None)
The distribution configuration used for distributing the image.
enhancedImageMetadataEnabled?
Type:
boolean
(optional, default: true)
If enabled, collects additional information about the image being created, including the operating system (OS) version and package list for the AMI.
executionRole?
Type:
IRole
(optional, default: Image Builder will use the SLR if possible. Otherwise, an execution role will be generated)
The execution role used to perform workflow actions to build this image.
By default, the Image Builder Service Linked Role (SLR) will be created automatically and used as the execution role. However, when providing a custom set of image workflows for the pipeline, an execution role will be generated with the minimal permissions needed to execute the workflows.
imageLogGroup?
Type:
ILog
(optional, default: a log group will be created)
The log group to use for images created from the image pipeline.
By default, a log group will be created with the
format /aws/imagebuilder/<image-name>.
imagePipelineLogGroup?
Type:
ILog
(optional, default: a log group will be created)
The log group to use for the image pipeline.
By default, a log group will be created with the format
/aws/imagebuilder/pipeline/<pipeline-name>
imagePipelineName?
Type:
string
(optional, default: a name is generated)
The name of the image pipeline.
imageScanningEcrRepository?
Type:
IRepository
(optional, default: if scanning is enabled, a repository will be created by Image Builder if one is not provided)
The container repository that Amazon Inspector scans to identify findings for your container images.
If a
repository is not provided, Image Builder creates a repository named image-builder-image-scanning-repository
for vulnerability scanning.
imageScanningEcrTags?
Type:
string[]
(optional, default: None)
The tags for Image Builder to apply to the output container image that Amazon Inspector scans.
imageScanningEnabled?
Type:
boolean
(optional, default: false)
Indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.
imageTestsEnabled?
Type:
boolean
(optional, default: true)
Whether to run tests after building an image.
infrastructureConfiguration?
Type:
IInfrastructure
(optional, default: an infrastructure configuration will be created with the default settings)
The infrastructure configuration used for building the image.
A default infrastructure configuration will be used if one is not provided.
The default configuration will create an instance profile and role with minimal permissions needed to build the image, attached to the EC2 instance.
schedule?
Type:
Image
(optional, default: none, a manual image pipeline will be created)
The schedule of the image pipeline.
This configures how often and when a pipeline automatically creates a new image.
status?
Type:
Image
(optional, default: ImagePipelineStatus.ENABLED)
Indicates whether the pipeline is enabled to be triggered by the provided schedule.
tags?
Type:
{ [string]: string }
(optional, default: None)
The tags to apply to the image pipeline.
workflows?
Type:
Workflow[]
(optional, default: Image Builder will use a default set of workflows for the build to build, test, and distribute the image)
The list of workflow configurations used to build the image.
Properties
| Name | Type | Description |
|---|---|---|
| env | Resource | The environment this resource belongs to. |
| image | string | The ARN of the image pipeline. |
| image | string | The name of the image pipeline. |
| infrastructure | IInfrastructure | The infrastructure configuration used for the image build. |
| node | Node | The tree node. |
| stack | Stack | The stack in which this resource is defined. |
| execution | IRole | The execution role used for the image build. |
| static PROPERTY_INJECTION_ID | string | Uniquely identifies this class. |
env
Type:
Resource
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
imagePipelineArn
Type:
string
The ARN of the image pipeline.
imagePipelineName
Type:
string
The name of the image pipeline.
infrastructureConfiguration
Type:
IInfrastructure
The infrastructure configuration used for the image build.
node
Type:
Node
The tree node.
stack
Type:
Stack
The stack in which this resource is defined.
executionRole?
Type:
IRole
(optional)
The execution role used for the image build.
If there is no execution role, then the build will be executed with the AWSServiceRoleForImageBuilder service-linked role.
static PROPERTY_INJECTION_ID
Type:
string
Uniquely identifies this class.
Methods
| Name | Description |
|---|---|
| apply | Apply the given removal policy to this resource. |
| grant(grantee, ...actions) | Grant custom actions to the given grantee for the image pipeline. |
| grant | Grants the default permissions for building an image to the provided execution role. |
| grant | Grant read permissions to the given grantee for the image pipeline. |
| grant | Grant permissions to the given grantee to start an execution of the image pipeline. |
| on | Creates an EventBridge rule for Image Builder CVE detected events. |
| on | Creates an EventBridge rule for Image Builder events. |
| on | Creates an EventBridge rule for Image Builder image build completion events. |
| on | Creates an EventBridge rule for Image Builder image build failure events. |
| on | Creates an EventBridge rule for Image Builder image state change events. |
| on | Creates an EventBridge rule for Image Builder image success events. |
| on | Creates an EventBridge rule for Image Builder image pipeline automatically disabled events. |
| on | Creates an EventBridge rule for Image Builder wait for action events. |
| to | Returns a string representation of this construct. |
| static from | Import an existing image pipeline given its ARN. |
| static from | Import an existing image pipeline given its name. |
| static is | Return whether the given object is an ImagePipeline. |
applyRemovalPolicy(policy)
public applyRemovalPolicy(policy: RemovalPolicy): void
Parameters
- policy
RemovalPolicy
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
grant(grantee, ...actions)
public grant(grantee: IGrantable, ...actions: string[]): Grant
Parameters
- grantee
IGrantableโ The principal. - actions
stringโ The list of actions.
Returns
Grant custom actions to the given grantee for the image pipeline.
grantDefaultExecutionRolePermissions(grantee)
public grantDefaultExecutionRolePermissions(grantee: IGrantable): Grant[]
Parameters
- grantee
IGrantableโ The execution role used for the image build.
Returns
Grant[]
Grants the default permissions for building an image to the provided execution role.
grantRead(grantee)
public grantRead(grantee: IGrantable): Grant
Parameters
- grantee
IGrantableโ The principal.
Returns
Grant read permissions to the given grantee for the image pipeline.
grantStartExecution(grantee)
public grantStartExecution(grantee: IGrantable): Grant
Parameters
- grantee
IGrantableโ The principal.
Returns
Grant permissions to the given grantee to start an execution of the image pipeline.
onCVEDetected(id, options?)
public onCVEDetected(id: string, options?: OnEventOptions): Rule
Parameters
- id
stringโ Unique identifier for the rule. - options
Onโ Configuration options for the event rule.Event Options
Returns
Creates an EventBridge rule for Image Builder CVE detected events.
onEvent(id, options?)
public onEvent(id: string, options?: OnEventOptions): Rule
Parameters
- id
stringโ Unique identifier for the rule. - options
Onโ Configuration options for the event rule.Event Options
Returns
Creates an EventBridge rule for Image Builder events.
onImageBuildCompleted(id, options?)
public onImageBuildCompleted(id: string, options?: OnEventOptions): Rule
Parameters
- id
stringโ Unique identifier for the rule. - options
Onโ Configuration options for the event rule.Event Options
Returns
Creates an EventBridge rule for Image Builder image build completion events.
onImageBuildFailed(id, options?)
public onImageBuildFailed(id: string, options?: OnEventOptions): Rule
Parameters
- id
stringโ Unique identifier for the rule. - options
Onโ Configuration options for the event rule.Event Options
Returns
Creates an EventBridge rule for Image Builder image build failure events.
onImageBuildStateChange(id, options?)
public onImageBuildStateChange(id: string, options?: OnEventOptions): Rule
Parameters
- id
stringโ Unique identifier for the rule. - options
Onโ Configuration options for the event rule.Event Options
Returns
Creates an EventBridge rule for Image Builder image state change events.
onImageBuildSucceeded(id, options?)
public onImageBuildSucceeded(id: string, options?: OnEventOptions): Rule
Parameters
- id
stringโ Unique identifier for the rule. - options
Onโ Configuration options for the event rule.Event Options
Returns
Creates an EventBridge rule for Image Builder image success events.
onImagePipelineAutoDisabled(id, options?)
public onImagePipelineAutoDisabled(id: string, options?: OnEventOptions): Rule
Parameters
- id
stringโ Unique identifier for the rule. - options
Onโ Configuration options for the event rule.Event Options
Returns
Creates an EventBridge rule for Image Builder image pipeline automatically disabled events.
onWaitForAction(id, options?)
public onWaitForAction(id: string, options?: OnEventOptions): Rule
Parameters
- id
stringโ Unique identifier for the rule. - options
Onโ Configuration options for the event rule.Event Options
Returns
Creates an EventBridge rule for Image Builder wait for action events.
toString()
public toString(): string
Returns
string
Returns a string representation of this construct.
static fromImagePipelineArn(scope, id, imagePipelineArn)
public static fromImagePipelineArn(scope: Construct, id: string, imagePipelineArn: string): IImagePipeline
Parameters
- scope
Construct - id
string - imagePipelineArn
string
Returns
Import an existing image pipeline given its ARN.
static fromImagePipelineName(scope, id, imagePipelineName)
public static fromImagePipelineName(scope: Construct, id: string, imagePipelineName: string): IImagePipeline
Parameters
- scope
Construct - id
string - imagePipelineName
string
Returns
Import an existing image pipeline given its name.
The provided name must be normalized by converting all alphabetical characters to lowercase, and replacing all spaces and underscores with hyphens.
static isImagePipeline(x)
public static isImagePipeline(x: any): boolean
Parameters
- x
any
Returns
boolean
Return whether the given object is an ImagePipeline.