Step Functions

State Machines to Manage Onboarding Process for New AWS Accounts

How To Setup a CodePipeline

Input Parameter Values

• CloudformationLambdaExecutionRoleArn:

  Enter ARN of IAM Role for Cloudformation to create changesets and target stack. If you already created one or more CodePipeline that uses Cloudformation, this role should have been created already, so you can use the same role, 'cloudformation-lambda-execution-role'. If not, please create a role with the same name with Trust Relationships and Policy Document defined here.

• CodePipelineServiceRoleArn:

  Enter ARN of IAM Role for CodePipeline to be executed. If you already created one or more CodePipeline, this role should have been created already, so you can use the same role, 'AWS-CodePipeline-Service'. If not, please create a role with the same name with Trust Relationships and Policy Document defined here.

• CustomAuthorizerIAMRoleName:

  Enter the NAME (not ARN) of IAM Role that has the permission for API Gateway to invoke custom authorizer Lambda Function. (See here for Trust Relationships and Policy Document).

• CustomAuthorizerLambdaName:

  Enter the NAME (not ARN) of custom authorizer Lambda Function. (See here for the Lambda Function Project for Custom Authorizer using SSO Server).

• EncryptionLambdaName:

• GitHubPersonalAccessToken:

  Access Token for CodeBuild to access to the this Github repository. (See here to find how to generate the access token).

• GitHubSourceRepositoryBranch: master

• GitHubSourceRepositoryName: aws-services-onboarding

• GitHubSourceRepositoryOwner: SungardAS

• ParameterOverrides: { "AccountLogGroupName": "/SungardAS/Alerts/Account", "SubscriptionFilterDestinationArn": "arn:aws:logs:<region>:<account>:destination:<destination_name>" }

• ProjectImage: aws/codebuild/nodejs:8.11.0

Input JSON for Execution

This project is maintained by the Labs group at Sungard Availability Services

GitHub: https://sungardas.github.io

Blog: http://blog.sungardas.com/CTOLabs/