Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(codepipeline-actions): show status reason in the pipeline for fa…
…iled change set executions (aws#29534) ### Reason for this change The CodePipeline ExecuteChangeSet action can now show a summary of why the change set execution failed. But, it needs an additional IAM permission: `cloudformation:DescribeStackEvents`. With the current action policy generated by CDK, I get the following message in the pipeline when a change set execution fails: ``` Additional Information: Failed to execute change set. Current stack status: UPDATE_ROLLBACK_COMPLETE. Status reason is not available because IAM role associated with the action does not have CloudFormation DescribeStackEvents permission ``` ### Description of changes Added `cloudformation:DescribeStackEvents` permission to the policy generated for the ChangeSetExecute pipeline action. ### Description of how you validated changes Updated unit tests and integ test with the new permission. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https:/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https:/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
- Loading branch information