What we’re doing

We’ll set up an AWS CodePipeline pipeline that uses AWS CloudFormation to create a stack from a template.


Since we’re focused on the pipeline and its integraiton with CloudFormation, please have the following ready:

  • Create an AWS CodeCommit rep to contain your template
  • Create a CloudFormation template that contains instructions to create your infrastructure
  • Create a stack from the template, using an S3 bucket to feed CloudFormation. We won’t need that bucket once the pipeline is built

Once set up, you should be able to successfully run

aws codecommit list-repositories

and see your repo.

Creating the pipeline

Tricky setup of the role

You must have a role defined for CodePipeline to assume to work with CloudFormation.

I create a role and attached the following policies to it:

  • AWSCodeCommit

And added a trust relationship;

  "Version": "2012-10-17",
  "Statement": [
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": "cloudformation.amazonaws.com"
      "Action": "sts:AssumeRole"

Basic setup

Navigate to CodePipeline, and create a new one:


Accept the defaults and move on, selecting “CodeCommit” as the source provider, as well as your repo and branch:


Next, skip the “Build Phase” screen, getting to the “Add Deploy” stage:


In action mode, select “Create or update a stack, entering the stack name. In the “Template” section, select “SourceArtifact” under “Artifact name”, and type in the template’s file name in “File name”. An example:


Now, type in the role ARN that you created above, and create the pipeline:


The pipeline will run automatically this one time, but going forward, the pipeline will run each time you commit and push code to the repo.

What happened with my AWS account?

Once deployed, these will be the visible changes to your account:

  • A new CodeCommit repo exists
  • A new Pipeline exists
  • A CloudFormation stack from the template you provided