AWS::CodePipeline::Webhook WebhookAuthConfiguration - AWS CloudFormation

AWS::CodePipeline::Webhook WebhookAuthConfiguration

The authentication applied to incoming webhook trigger requests.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "AllowedIPRange" : String, "SecretToken" : String }

YAML

AllowedIPRange: String SecretToken: String

Properties

AllowedIPRange

The property used to configure acceptance of webhooks in an IP address range. For IP, only the AllowedIPRange property must be set. This property must be set to a valid CIDR range.

Required: No

Type: String

Minimum: 1

Maximum: 100

Update requires: No interruption

SecretToken

The property used to configure GitHub authentication. For GITHUB_HMAC, only the SecretToken property must be set.

Important

When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities.

Note

If a secret token was provided, it will be redacted in the response.

Required: No

Type: String

Minimum: 1

Maximum: 100

Update requires: No interruption