This is the AWS scaffolder actions plugin for backstage.io.
It provides scaffolder actions to:
- Create AWS resources using the AWS Cloud Control API
- Post an event to AWS EventBridge via the
PutEvents
API - Publish files to an Amazon S3 bucket
- Create and publish files to a new AWS CodeCommit repository
This guide assumes that you are familiar with the general Getting Started documentation and have assumes you have an existing Backstage application.
Install the backend package in your Backstage app:
yarn workspace backend add @alithya-oss/plugin-scaffolder-backend-module-aws-core
Add the scaffolder module to the packages/backend/src/index.ts
:
const backend = createBackend();
// ...
backend.add(import('@alithya-oss/plugin-scaffolder-backend-module-aws-core'));
// ...
backend.start();
Update the file packages/backend/src/plugins/scaffolder.ts
to add the scaffolder actions needed, for example:
import { CatalogClient } from '@backstage/catalog-client';
import { createRouter } from '@backstage/plugin-scaffolder-backend';
import { Router } from 'express';
import type { PluginEnvironment } from '../types';
import { createBuiltinActions } from '@backstage/plugin-scaffolder-backend';
import { ScmIntegrations } from '@backstage/integration';
import { createAwsCloudControlCreateAction } from '@alithya-oss/plugin-scaffolder-backend-module-aws-core';
export default async function createPlugin(
env: PluginEnvironment,
): Promise<Router> {
const catalogClient = new CatalogClient({
discoveryApi: env.discovery,
});
const integrations = ScmIntegrations.fromConfig(env.config);
const builtInActions = createBuiltinActions({
integrations,
catalogClient,
config: env.config,
reader: env.reader,
});
const actions = [
...builtInActions,
// Add the new scaffolder action along side other custom actions
createAwsCloudControlCreateAction(),
];
return await createRouter({
actions,
logger: env.logger,
config: env.config,
database: env.database,
reader: env.reader,
catalogClient,
identity: env.identity,
permissions: env.permissions,
});
}
Each action is documented below.
This scaffolder action creates AWS resources using the AWS Cloud Control API.
Note: Creating AWS resources using this mechanism is generally discouraged unless for exceptional use-cases. We strongly recommend relying on infrastructure-as-code to create AWS resources, and using this action for anything that is strictly related to bootstrapping a project.
The IAM role(s) used by Backstage will require the following permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["cloudcontrol:CreateResource"],
"Resource": "*"
}
]
}
Note: This policy does not reflect least privilege and you should further limit the policy to the appropriate AWS resources.
The scaffolder action can be included in a software template like so:
steps:
- id: create-ecr-repository
name: Create ECR Repository
action: aws:cloudcontrol:create
input:
typeName: 'AWS::ECR::Repository'
desiredState: '{"RepositoryName": "${{ parameters.name }}-ecr-repository"}'
wait: true
maxWaitTime: 20