AWS CodePipeline
User Guide (API Version 2015-07-09)

The procedures in this guide support the new console design. If you choose to use the older version of the console, you will find many of the concepts and basic procedures in this guide still apply. To access help in the new console, choose the information icon.

Grant Amazon SNS Permissions to an AWS CodePipeline Service Role

If you plan to use Amazon SNS to publish notifications to topics when approval actions require review, the service role you use in your AWS CodePipeline operations must be granted permission to access the Amazon SNS resources. You can use the IAM console to add this permission to your service role.

  1. Sign in to the AWS Management Console and open the IAM console at


    Make sure you are signed in to the AWS Management Console with the same account information you used in Getting Started with AWS CodePipeline.

  2. In the IAM console, in the navigation pane, choose Roles.

  3. Choose the name of the service role you use in your AWS CodePipeline operations.

  4. On the Permissions tab, in the Inline Policies area, choose Create Role Policy.


    If the Create Role Policy button is not available, expand the Inline Policies area, and then choose click here.

  5. On the Set Permissions page, choose Custom Policy, and then choose Select.

  6. On the Review Policy page, in the Policy Name field, type a name to identify this policy, such as SNSPublish.

  7. Paste the following into the Policy Document field:

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sns:Publish", "Resource": "*" } ] }
  8. Choose Apply Policy.