AWS

Manage resources and execute AWS commands in workflows

Triggers

CloudWatch • On Alarm Listen to AWS CloudWatch alarm state change events

CodeArtifact • On Package Version Listen to AWS CodeArtifact package version events

CodePipeline • On Pipeline Listen to AWS CodePipeline pipeline execution state change events

EC2 • On Alarm Listen to CloudWatch alarm state change events for a specific EC2 instance

EC2 • On Image Listen to AWS EC2 AMI state change events

ECR • On Image Push Listen to AWS ECR image push events

ECR • On Image Scan Listen to AWS ECR image scan events

SNS • On Topic Message Listen to AWS SNS topic notifications

Actions

CodeArtifact • Copy Package Versions Copy package versions from one repository to another in the same domain

CodeArtifact • Create Repository Create an AWS CodeArtifact repository in a domain

CodeArtifact • Delete Package Versions Permanently delete one or more package versions from a repository

CodeArtifact • Delete Repository Delete an AWS CodeArtifact repository from a domain

CodeArtifact • Dispose Package Versions Delete assets and set package version status to Disposed (record remains)

CodeArtifact • Get Package Version Describe an AWS CodeArtifact package version

CodeArtifact • Update Package Versions Status Update the status of one or more package versions (Archived, Published, Unlisted)

CodePipeline • Get Pipeline Retrieve the definition of an AWS CodePipeline pipeline

CodePipeline • Get Pipeline Execution Retrieve the status and details of an AWS CodePipeline execution

CodePipeline • Retry Stage Execution Retry a failed stage in an existing AWS CodePipeline execution

CodePipeline • Run Pipeline Start an AWS CodePipeline execution and wait for it to complete

EC2 • Allocate Elastic IP Allocate a new Elastic IP address in a VPC

EC2 • Copy Image Copy an EC2 AMI image to another region

EC2 • Create Alarm Create a CloudWatch metric alarm scoped to an EC2 instance

EC2 • Create Image Create a new AMI image from an EC2 instance

EC2 • Create Instance Launch a new EC2 instance and wait for it to reach running state

EC2 • Delete Instance Terminate an EC2 instance and wait for termination

EC2 • Deregister Image Deregister an EC2 AMI image

EC2 • Disable Image Disable an EC2 AMI image

EC2 • Disable Image Deprecation Disable deprecation for an EC2 AMI image

EC2 • Enable Image Enable an EC2 AMI image

EC2 • Enable Image Deprecation Enable deprecation for an EC2 AMI image

EC2 • Get Alarm Fetch the current state and details of a CloudWatch alarm for an EC2 instance

EC2 • Get Image Get an EC2 AMI image by ID

EC2 • Get Instance Fetch the current state and details of an EC2 instance

EC2 • Get Instance Metrics Fetch CPU, network, and optional memory metrics for an EC2 instance via CloudWatch

EC2 • Manage Elastic IP Associate or disassociate an Elastic IP address with an EC2 instance

EC2 • Manage Instance Power Perform power operations on an EC2 instance

EC2 • Release Elastic IP Release an Elastic IP address back to the AWS address pool

EC2 • Update Instance Resize an EC2 instance or update its security groups

ECR • Get Image Get an ECR image by digest or tag

ECR • Get Image Scan Findings Get ECR image scan findings by digest or tag

ECR • Scan Image Scan an ECR image for vulnerabilities

ECS • Create Service Create an AWS ECS service

ECS • Describe Service Describe an AWS ECS service

ECS • Execute Command Execute a command in a running AWS ECS task container

ECS • Run Task Run a task in AWS ECS

ECS • Stop Task Stop a running AWS ECS task

ECS • Update Service Update an AWS ECS service configuration

Lambda • Run Function Invoke a Lambda function, optionally creating it from inline JavaScript

Prometheus • Create Workspace Create an Amazon Managed Service for Prometheus workspace

Prometheus • Delete Workspace Delete an Amazon Managed Service for Prometheus workspace

Prometheus • Get Workspace Get an Amazon Managed Service for Prometheus workspace

Prometheus • Update Workspace Update a Prometheus workspace alias

Route 53 • Create DNS Record Create a DNS record in an AWS Route 53 hosted zone

Route 53 • Delete DNS Record Delete a DNS record from an AWS Route 53 hosted zone

Route 53 • Upsert DNS Record Create or update a DNS record in an AWS Route 53 hosted zone

SNS • Create Topic Create an AWS SNS topic

SNS • Delete Topic Delete an AWS SNS topic

SNS • Get Subscription Get an AWS SNS subscription by ARN

SNS • Get Topic Get an AWS SNS topic by ARN

SNS • Publish Message Publish a message to an AWS SNS topic

SQS • Create Queue Create a new SQS queue

SQS • Delete Queue Delete an SQS queue

SQS • Get Queue Get metadata and attributes for an SQS queue

SQS • Purge Queue Purge all messages from an SQS queue

SQS • Send Message Send a message to an SQS queue

Instructions

Initially, you can leave the “IAM Role ARN” field empty, as you will be guided through the identity provider and IAM role creation process.

CloudWatch • On Alarm

Trigger key: aws.cloudwatch.onAlarm

The On Alarm trigger starts a workflow execution when a CloudWatch alarm transitions to the ALARM state.

Use Cases

• Incident response: Notify responders and open incidents when alarms fire
• Auto-remediation: Execute rollback or recovery workflows immediately
• Audit and reporting: Track alarm transitions over time

Configuration

• Region: AWS region where alarms are evaluated
• Alarms: Optional alarm name filters (supports equals, not-equals, and regex matches)
• State: Only trigger for alarms in the specified state (OK, ALARM, or INSUFFICIENT_DATA)

Event Data

Each alarm event includes:

• detail.alarmName: CloudWatch alarm name
• detail.state.value: Current alarm state
• detail.previousState.value: Previous alarm state

Example Data

{
  "data": {
    "account": "123456789012",
    "detail": {
      "alarmName": "HighCPUUtilization",
      "previousState": {
        "reason": "Threshold Crossed: 1 datapoint [35.0 (20/11/24 20:29:00)] was not greater than or equal to the threshold (90.0).",
        "timestamp": "2024-11-20T20:30:33.000+0000",
        "value": "OK"
      },
      "state": {
        "reason": "Threshold Crossed: 1 datapoint [95.0 (20/11/24 20:34:00)] was greater than or equal to the threshold (90.0).",
        "timestamp": "2024-11-20T20:35:33.000+0000",
        "value": "ALARM"
      }
    },
    "detail-type": "CloudWatch Alarm State Change",
    "id": "2f1ecf5c-8bc9-4b7d-9e76-8df420e8e1a7",
    "region": "us-east-1",
    "resources": [
      "arn:aws:cloudwatch:us-east-1:123456789012:alarm:HighCPUUtilization"
    ],
    "source": "aws.cloudwatch",
    "time": "2024-11-20T20:35:33Z",
    "version": "0"
  },
  "timestamp": "2026-02-10T12:00:00Z",
  "type": "aws.cloudwatch.alarm"
}

CodeArtifact • On Package Version

Trigger key: aws.codeArtifact.onPackageVersion

The On Package Version trigger starts a workflow execution when a package version is created, modified, or deleted in AWS CodeArtifact.

Use Cases

• Release automation: Trigger downstream workflows when a new package version is published
• Dependency monitoring: Notify teams about changes to shared libraries
• Compliance checks: Validate artifacts before promotion

Example Data

{
  "data": {
    "account": "123456789012",
    "detail": {
      "changes": {
        "assetsAdded": 1,
        "assetsRemoved": 0,
        "assetsUpdated": 0,
        "metadataUpdated": false,
        "statusChanged": true
      },
      "domainName": "example-domain",
      "domainOwner": "123456789012",
      "eventDeduplicationId": "5f87d1a3-2c1f-4ab0-8f55-8f4c2b4a5c76",
      "operationType": "Created",
      "packageFormat": "npm",
      "packageName": "@scope/example-package",
      "packageNamespace": null,
      "packageVersion": "1.2.3",
      "packageVersionRevision": "E30D52B451F42F41",
      "packageVersionState": "Published",
      "repositoryAdministrator": "arn:aws:sts::123456789012:assumed-role/ExampleRole/example-user",
      "repositoryName": "example-repo",
      "sequenceNumber": 1
    },
    "detail-type": "CodeArtifact Package Version State Change",
    "id": "d9e9ff4a-3514-3d2c-b6b8-1fb5e0b9d3b2",
    "region": "us-east-1",
    "resources": [
      "arn:aws:codeartifact:us-east-1:123456789012:repository/example-domain/example-repo"
    ],
    "source": "aws.codeartifact",
    "time": "2024-11-20T20:35:33Z",
    "version": "0"
  },
  "timestamp": "2026-03-10T14:25:30.31254162Z",
  "type": "aws.codeartifact.package.version"
}

CodePipeline • On Pipeline

Trigger key: aws.codepipeline.onPipeline

The On Pipeline trigger starts a workflow execution when AWS CodePipeline emits a pipeline execution state change event.

Use Cases

• Deployment visibility: Start workflows whenever pipeline state changes
• Incident response: Notify teams when a pipeline fails or is canceled
• Workflow orchestration: Trigger follow-up automations on specific pipeline states

Configuration

• Region: AWS region where pipeline execution events are observed
• Pipelines: Optional pipeline name filters (supports equals, not-equals, and regex matches)
• Pipeline States: Optional list of states to match (for example STARTED, SUCCEEDED, FAILED)

Event Data

Each event includes:

• detail.pipeline: CodePipeline pipeline name
• detail.execution-id: Pipeline execution ID
• detail.state: Pipeline execution state

Example Data

{
  "data": {
    "account": "123456789012",
    "detail": {
      "execution-id": "00000000-0000-0000-0000-000000000001",
      "execution-trigger": {
        "trigger-detail": "arn:aws:sts::123456789012:assumed-role/superplane-demo-role/SuperPlane-00000000-0000-0000-0000-000000000000",
        "trigger-type": "StartPipelineExecution"
      },
      "pipeline": "demo-pipeline",
      "pipeline-execution-attempt": 1,
      "start-time": "2026-02-24T15:21:42.016Z",
      "state": "STARTED",
      "version": 1
    },
    "detail-type": "CodePipeline Pipeline Execution State Change",
    "id": "00000000-0000-0000-0000-000000000002",
    "region": "us-east-1",
    "resources": [
      "arn:aws:codepipeline:us-east-1:123456789012:demo-pipeline"
    ],
    "source": "aws.codepipeline",
    "time": "2026-02-24T15:21:42Z",
    "version": "0"
  },
  "timestamp": "2026-02-24T15:21:52.212Z",
  "type": "aws.codepipeline.pipeline"
}

EC2 • On Alarm

Trigger key: aws.ec2.onAlarm

The On Alarm trigger starts a workflow execution when a CloudWatch alarm attached to a specific EC2 instance transitions to the configured state.

Use Cases

• Incident response: Trigger remediation workflows when a CPU, network, or status-check alarm fires
• Auto-scaling: React to alarms on individual instances without polling
• Audit: Record alarm state transitions for specific instances over time

Configuration

• Region: AWS region where the instance and alarms reside
• Instance: EC2 instance whose alarms to monitor (required)
• Alarm State: Only trigger for a specific state: ALARM, OK, or INSUFFICIENT_DATA (required)
• Alarm: Optionally restrict to a single alarm selected from the alarms attached to the chosen instance; leave empty to trigger on any alarm for that instance

Event Data

Each matched event includes the full EventBridge payload:

• detail.alarmName: CloudWatch alarm name
• detail.state.value: Current alarm state (ALARM / OK / INSUFFICIENT_DATA)
• detail.previousState.value: Previous alarm state
• detail.configuration: Full alarm configuration including metric, threshold, and dimensions
• region, account, time: Event envelope fields

Example Data

{
  "data": {
    "account": "123456789012",
    "detail": {
      "alarmName": "high cpu usage",
      "configuration": {
        "description": "The alarm",
        "metrics": [
          {
            "id": "56cf46e9-e800-a52b-b55b-7f3c770c24ef",
            "metricStat": {
              "metric": {
                "dimensions": {
                  "InstanceId": "i-1234567890abcdef0"
                },
                "name": "CPUUtilization",
                "namespace": "AWS/EC2"
              },
              "period": 30,
              "stat": "Average"
            },
            "returnData": true
          }
        ]
      },
      "previousState": {
        "reason": "Threshold Crossed: 1 datapoint [0.3166666666666666 (03/06/26 14:15:00)] was not greater than the threshold (20.0).",
        "reasonData": "{\"version\":\"1.0\",\"queryDate\":\"2026-06-03T14:15:45.660+0000\",\"startDate\":\"2026-06-03T14:15:00.000+0000\",\"statistic\":\"Average\",\"period\":30,\"recentDatapoints\":[0.3166666666666666],\"threshold\":20.0,\"evaluatedDatapoints\":[{\"timestamp\":\"2026-06-03T14:15:00.000+0000\",\"sampleCount\":1.0,\"value\":0.3166666666666666}]}",
        "timestamp": "2026-06-03T14:15:45.663+0000",
        "value": "OK"
      },
      "state": {
        "reason": "Threshold Crossed: 1 datapoint [31.3283485070315 (03/06/26 15:45:00)] was greater than the threshold (20.0).",
        "reasonData": "{\"version\":\"1.0\",\"queryDate\":\"2026-06-03T15:46:15.660+0000\",\"startDate\":\"2026-06-03T15:45:00.000+0000\",\"statistic\":\"Average\",\"period\":30,\"recentDatapoints\":[31.3283485070315],\"threshold\":20.0,\"evaluatedDatapoints\":[{\"timestamp\":\"2026-06-03T15:45:00.000+0000\",\"sampleCount\":2.0,\"value\":31.3283485070315}]}",
        "timestamp": "2026-06-03T15:46:15.662+0000",
        "value": "ALARM"
      }
    },
    "detail-type": "CloudWatch Alarm State Change",
    "id": "ccc0350a-524d-2f57-068b-1cebb2a4b6c0",
    "region": "us-east-1",
    "resources": [
      "arn:aws:cloudwatch:us-east-1:123456789012:alarm:high cpu usage"
    ],
    "source": "aws.cloudwatch",
    "time": "2026-06-03T15:46:15Z",
    "version": "0"
  },
  "timestamp": "2026-06-03T15:46:16.233981639Z",
  "type": "aws.ec2.alarm"
}

EC2 • On Image

Trigger key: aws.ec2.onImage

The On Image trigger starts a workflow execution when an EC2 AMI changes state.

Use Cases

• Image pipeline orchestration: Continue workflows when a new AMI becomes available
• Failure handling: Alert and remediate when AMI creation fails
• Compliance workflows: Run validation and distribution after image creation

Configuration

• Region: AWS region where AMI state changes are monitored
• Image State: State to trigger on (pending, available, failed)

Event Data

Each AMI state event includes:

• detail.ImageId: AMI ID (for example: ami-1234567890abcdef0)
• detail.State: AMI state
• detail.ErrorMessage: Error message for failed states (if available)

Example Data

{
  "data": {
    "account": "123456789012",
    "detail": {
      "ImageId": "ami-07f0e4f3e9c123abc",
      "State": "available"
    },
    "detail-type": "EC2 AMI State Change",
    "id": "f74f3de5-f9b7-4f3d-909a-531fc3ff2f14",
    "region": "us-east-1",
    "resources": [
      "arn:aws:ec2:us-east-1::image/ami-07f0e4f3e9c123abc"
    ],
    "source": "aws.ec2",
    "time": "2026-02-10T12:10:00Z",
    "version": "0"
  },
  "timestamp": "2026-02-10T12:10:01Z",
  "type": "aws.ec2.image"
}

ECR • On Image Push

Trigger key: aws.ecr.onImagePush

The On Image Push trigger starts a workflow execution when an image is pushed to an ECR repository.

Use Cases

• Build pipelines: Trigger builds and deployments on container pushes
• Security automation: Kick off scans or alerts for newly pushed images
• Release workflows: Promote artifacts when a tag is published

Configuration

• Repositories: Optional filters for ECR repository names
• Image Tags: Optional filters for image tags (for example: latest or ^v[0-9]+)

Event Data

Each image push event includes:

• detail.repository-name: ECR repository name
• detail.image-tag: Tag that was pushed
• detail.image-digest: Digest of the image

Example Data

{
  "data": {
    "account": "123456789012",
    "detail": {
      "action-type": "PUSH",
      "image-digest": "sha256:2c26b46b68ffc68ff99b453c1d30413413422f1642f0e2b8c7b8a0b8a96a909e",
      "image-tag": "latest",
      "repository-arn": "arn:aws:ecr:us-east-1:123456789012:repository/my-repo",
      "repository-name": "my-repo",
      "result": "SUCCESS"
    },
    "detail-type": "ECR Image Action",
    "id": "c1b45a2c-9c3f-4c52-bc98-5ea31ce17692",
    "region": "us-east-1",
    "resources": [
      "arn:aws:ecr:us-east-1:123456789012:repository/my-repo"
    ],
    "source": "aws.ecr",
    "time": "2024-01-01T12:00:00Z",
    "version": "0"
  },
  "timestamp": "2026-02-03T12:00:00Z",
  "type": "aws.ecr.image.push"
}

ECR • On Image Scan

Trigger key: aws.ecr.onImageScan

The On Image Scan trigger starts a workflow execution when an ECR image scan completes.

Use Cases

• Security automation: Notify teams or open issues on new findings
• Compliance checks: Gate promotions based on severity thresholds
• Reporting: Aggregate scan findings across repositories

Configuration

• Repositories: Optional filters for ECR repository names

Notes

• Enhanced scanning: Enhanced scanning events are sent by Amazon Inspector (aws.inspector2)

Event Data

Each image scan event includes:

• detail.scan-status: Scan status (for example: COMPLETE)
• detail.repository-name: ECR repository name
• detail.image-digest: Digest of the image
• detail.image-tags: Tags associated with the image
• detail.finding-severity-counts: Counts per severity level (if any)

Example Data

{
  "data": {
    "account": "123456789012",
    "detail": {
      "finding-severity-counts": {
        "CRITICAL": 10,
        "MEDIUM": 9
      },
      "image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234",
      "image-tags": [],
      "repository-name": "my-repo",
      "scan-status": "COMPLETE"
    },
    "detail-type": "ECR Image Scan",
    "id": "df8b66c7-62c7-4b8a-9a6b-6ad7d6d8b3a2",
    "region": "us-east-1",
    "resources": [
      "arn:aws:ecr:us-east-1:123456789012:repository/my-repo"
    ],
    "source": "aws.ecr",
    "time": "2024-01-01T12:00:00Z",
    "version": "0"
  },
  "timestamp": "2026-03-10T14:25:30.31254162Z",
  "type": "aws.ecr.image.scan"
}

SNS • On Topic Message

Trigger key: aws.sns.onTopicMessage

The On Topic Message trigger starts a workflow execution when a message is published to an AWS SNS topic.

Use Cases

• Event-driven automation: React to messages published by external systems
• Notification processing: Handle SNS payloads in workflow steps
• Routing and enrichment: Trigger downstream workflows based on topic activity

How it works

During setup, SuperPlane creates a webhook endpoint for this trigger and subscribes it to the selected SNS topic using HTTPS. SNS sends notification payloads to the webhook endpoint, which then emits workflow events.

Example Data

{
  "data": {
    "account": "123456789012",
    "detail": {
      "message": "{\"orderId\":\"ord_123\",\"status\":\"created\"}",
      "messageId": "95df01b4-ee98-5cb9-9903-4c221d41eb5e",
      "subject": "order.created",
      "timestamp": "2026-01-10T10:00:00Z",
      "topicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
    },
    "message": "{\"orderId\":\"ord_123\",\"status\":\"created\"}",
    "messageAttributes": {
      "eventType": {
        "Type": "String",
        "Value": "order.created"
      }
    },
    "messageId": "95df01b4-ee98-5cb9-9903-4c221d41eb5e",
    "region": "us-east-1",
    "subject": "order.created",
    "timestamp": "2026-01-10T10:00:00Z",
    "topicArn": "arn:aws:sns:us-east-1:123456789012:orders-events",
    "type": "Notification"
  },
  "timestamp": "2026-01-10T10:00:02.000000000Z",
  "type": "aws.sns.topic.message"
}

CodeArtifact • Copy Package Versions

Component key: aws.codeArtifact.copyPackageVersions

The Copy Package Versions component copies one or more package versions from a source repository to a destination repository in the same domain.

Use Cases

• Promotion: Copy approved versions from staging to production
• Replication: Mirror packages across repositories
• Migration: Move versions between repos in the same domain

Example Output

{
  "data": {
    "failedVersions": {},
    "successfulVersions": {
      "1.0.0": {
        "revision": "REVISION1",
        "status": "Published"
      },
      "1.0.1": {
        "revision": "REVISION2",
        "status": "Published"
      }
    }
  },
  "timestamp": "2026-03-26T19:29:35.841265352Z",
  "type": "aws.codeartifact.package.versions.copied"
}

CodeArtifact • Create Repository

Component key: aws.codeArtifact.createRepository

The Create Repository component creates a new repository in an AWS CodeArtifact domain.

Use Cases

• Automated setup: Create repositories as part of onboarding or pipeline setup
• Environment replication: Mirror repository structure across domains
• Workflow provisioning: Create a destination repository before copying packages

Example Output

{
  "data": {
    "repository": {
      "administratorAccount": "123456789012",
      "arn": "arn:aws:codeartifact:us-east-1:123456789012:repository/example-domain/my-repo",
      "createdTime": 1706961600,
      "description": "Example repository created by workflow",
      "domainName": "example-domain",
      "domainOwner": "123456789012",
      "name": "my-repo"
    }
  },
  "timestamp": "2026-03-26T19:29:35.841265352Z",
  "type": "aws.codeartifact.repository"
}

CodeArtifact • Delete Package Versions

Component key: aws.codeArtifact.deletePackageVersions

The Delete Package Versions component permanently removes package versions and their assets. Deleted versions cannot be restored. To remove from view but keep the option to restore later, use Update Package Versions Status to set status to Archived instead.

Use Cases

• Cleanup: Remove obsolete or invalid versions
• Compliance: Permanently remove versions that must not be retained
• Storage: Free space by deleting unused versions

Example Output

{
  "data": {
    "failedVersions": {},
    "successfulVersions": {
      "1.0.0": {
        "revision": "REVISION1",
        "status": "Deleted"
      }
    }
  },
  "timestamp": "2026-03-26T19:29:35.841265352Z",
  "type": "aws.codeartifact.packageVersions"
}

CodeArtifact • Delete Repository

Component key: aws.codeArtifact.deleteRepository

The Delete Repository component deletes a repository from an AWS CodeArtifact domain.

Use Cases

• Cleanup: Remove repositories after migration or deprecation
• Environment teardown: Delete temporary repositories created by workflows
• Lifecycle management: Enforce retention by deleting old repositories

Example Output

{
  "data": {
    "repository": {
      "administratorAccount": "123456789012",
      "arn": "arn:aws:codeartifact:us-east-1:123456789012:repository/example-domain/my-repo",
      "createdTime": 1706961600,
      "description": "Deleted repository",
      "domainName": "example-domain",
      "domainOwner": "123456789012",
      "name": "my-repo"
    }
  },
  "timestamp": "2026-03-26T19:29:35.841265352Z",
  "type": "aws.codeartifact.repository"
}

CodeArtifact • Dispose Package Versions

Component key: aws.codeArtifact.disposePackageVersions

The Dispose Package Versions component deletes the assets of package versions and sets their status to Disposed. The version record remains so you can still see it in ListPackageVersions with status Disposed; assets cannot be restored.

Use Cases

• Retention: Keep version metadata for audit while removing binary assets
• Storage: Free asset storage while preserving version history
• Lifecycle: Mark versions as disposed after a retention period

Example Output

{
  "data": {
    "failedVersions": {},
    "successfulVersions": {
      "1.0.0": {
        "revision": "REVISION1",
        "status": "Disposed"
      }
    }
  },
  "timestamp": "2026-03-26T19:29:35.841265352Z",
  "type": "aws.codeartifact.packageVersions"
}

CodeArtifact • Get Package Version

Component key: aws.codeArtifact.getPackageVersion

The Get Package Version component retrieves metadata for a specific package version in AWS CodeArtifact.

Use Cases

• Release automation: Resolve package metadata before promotion
• Audit trails: Capture version details for reporting
• Dependency checks: Validate status and origin of package versions

Example Output

{
  "data": {
    "assets": [
      {
        "hashes": {
          "sha256": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"
        },
        "name": "example-package-1.2.3.tgz",
        "size": 1234567890
      }
    ],
    "package": {
      "displayName": "example-package",
      "format": "npm",
      "homePage": "https://example.com/example-package",
      "licenses": [
        {
          "name": "MIT",
          "url": "https://opensource.org/licenses/MIT"
        }
      ],
      "namespace": "@scope",
      "origin": {
        "domainEntryPoint": {
          "externalConnectionName": "npmjs",
          "repositoryName": "example-repo"
        },
        "originType": "EXTERNAL"
      },
      "packageName": "@scope/example-package",
      "revision": "E30D52B451F42F41",
      "sourceCodeRepository": "https://github.com/example/example-package",
      "status": "Published",
      "summary": "Example package for demonstration.",
      "version": "1.2.3"
    }
  },
  "timestamp": "2026-02-03T12:00:00Z",
  "type": "aws.codeartifact.package.version"
}

CodeArtifact • Update Package Versions Status

Component key: aws.codeArtifact.updatePackageVersionsStatus

The Update Package Versions Status component sets the status of package versions to Archived, Published, or Unlisted.

Use Cases

• Lifecycle management: Archive old versions or publish after validation
• Visibility: Unlist versions without deleting them
• Compliance: Align version status with release policies

Example Output

{
  "data": {
    "failedVersions": {},
    "successfulVersions": {
      "1.0.0": {
        "revision": "REVISION1",
        "status": "Archived"
      },
      "1.0.1": {
        "revision": "REVISION2",
        "status": "Archived"
      }
    }
  },
  "timestamp": "2026-03-26T19:29:35.841265352Z",
  "type": "aws.codeartifact.packageVersions"
}

CodePipeline • Get Pipeline

Component key: aws.codepipeline.getPipeline

The Get Pipeline component retrieves the full definition of an AWS CodePipeline pipeline.

Use Cases

• Pipeline inspection: Fetch pipeline stages, actions, and configuration
• Workflow branching: Route workflow based on pipeline structure or version
• Audit and compliance: Retrieve pipeline definitions for auditing purposes

Configuration

• Region: AWS region where the pipeline exists
• Pipeline: Pipeline name to retrieve

Output

Emits the full pipeline definition including:

• Pipeline name, version, and role ARN
• All stages and their actions
• Pipeline metadata (ARN, creation date, last updated date)

Example Output

{
  "data": {
    "metadata": {
      "created": "2025-01-15T10:30:00Z",
      "pipelineArn": "arn:aws:codepipeline:us-east-1:123456789012:my-deploy-pipeline",
      "updated": "2026-02-20T14:00:00Z"
    },
    "pipeline": {
      "name": "my-deploy-pipeline",
      "roleArn": "arn:aws:iam::123456789012:role/pipeline-role",
      "stages": [
        {
          "actions": [
            {
              "actionTypeId": {
                "category": "Source",
                "owner": "AWS",
                "provider": "CodeStarSourceConnection",
                "version": "1"
              },
              "name": "SourceAction"
            }
          ],
          "name": "Source"
        },
        {
          "actions": [
            {
              "actionTypeId": {
                "category": "Deploy",
                "owner": "AWS",
                "provider": "CodeDeploy",
                "version": "1"
              },
              "name": "DeployAction"
            }
          ],
          "name": "Deploy"
        }
      ],
      "version": 3
    }
  },
  "timestamp": "2026-02-22T10:00:00.000000000Z",
  "type": "aws.codepipeline.pipeline"
}

CodePipeline • Get Pipeline Execution

Component key: aws.codepipeline.getPipelineExecution

The Get Pipeline Execution component retrieves the details of a specific AWS CodePipeline execution.

Use Cases

• Execution inspection: Fetch the status, trigger, and artifact revisions of a pipeline run
• Post-deploy checks: After a RunPipeline component, fetch details of that execution for logging
• Workflow branching: Route workflow based on execution status or trigger type
• Audit and compliance: Retrieve execution details for auditing purposes

Configuration

• Region: AWS region where the pipeline exists
• Pipeline: Pipeline name
• Execution ID: The ID of the specific execution to retrieve

Output

Emits the full pipeline execution details including:

• Execution ID, status, and status summary
• Pipeline name and version
• Trigger type and detail
• Artifact revisions (source code revisions involved)
• Execution mode and type

Example Output

{
  "data": {
    "artifactRevisions": [
      {
        "name": "SourceArtifact",
        "revisionChangeIdentifier": "abc123def456789",
        "revisionId": "abc123def456789",
        "revisionSummary": "Merge pull request #42 from feature/add-auth",
        "revisionUrl": "https://github.com/example/repo/commit/abc123def456789"
      }
    ],
    "executionMode": "SUPERSEDED",
    "executionType": "STANDARD",
    "pipelineExecutionId": "a1b2c3d4-5678-90ab-cdef-111122223333",
    "pipelineName": "my-deploy-pipeline",
    "pipelineVersion": 3,
    "status": "Succeeded",
    "statusSummary": "Pipeline completed successfully",
    "trigger": {
      "triggerDetail": "arn:aws:iam::123456789012:user/developer",
      "triggerType": "StartPipelineExecution"
    }
  },
  "timestamp": "2026-02-23T10:00:00.000000000Z",
  "type": "aws.codepipeline.pipeline.execution"
}

CodePipeline • Retry Stage Execution

Component key: aws.codepipeline.retryStageExecution

The Retry Stage Execution component retries a stage within an existing AWS CodePipeline execution.

Use Cases

• Recover failed deployments: Retry only failed actions in a failed stage
• Re-run full stage: Retry all actions for a stage when needed
• Workflow recovery: Continue orchestration after a transient failure

Configuration

• Region: AWS region where the pipeline exists
• Pipeline: Pipeline name
• Stage: Stage name to retry
• Pipeline Execution: Source execution to retry from
• Retry Mode: Choose between failed actions only or all actions

Output

Emits retry result metadata including:

• Pipeline name and stage
• Selected retry mode
• Source execution ID
• New execution ID created by the retry

Example Output

{
  "data": {
    "pipeline": {
      "name": "my-pipeline",
      "newExecutionId": "4444-5555-6666",
      "retryMode": "FAILED_ACTIONS",
      "sourceExecutionId": "1111-2222-3333",
      "stage": "Deploy"
    }
  },
  "timestamp": "2026-02-23T10:00:00.000000000Z",
  "type": "aws.codepipeline.stage.retry"
}

CodePipeline • Run Pipeline

Component key: aws.codepipeline.runPipeline

The Run Pipeline component triggers an AWS CodePipeline execution and waits for it to complete.

Use Cases

• CI/CD orchestration: Trigger deployments from SuperPlane workflows
• Pipeline automation: Run CodePipeline pipelines as part of workflow automation
• Multi-stage deployments: Coordinate complex deployment pipelines
• Workflow chaining: Chain multiple CodePipeline pipelines together

How It Works

1. Starts a CodePipeline execution with the specified pipeline name
2. Waits for the pipeline to complete (monitored via EventBridge webhook and polling)
3. Routes execution based on pipeline result:
   • Passed channel: Pipeline completed successfully
   • Failed channel: Pipeline failed or was cancelled

Configuration

• Region: AWS region where the pipeline exists
• Pipeline: Pipeline name or ARN to execute

Output Channels

• Passed: Emitted when pipeline completes successfully
• Failed: Emitted when pipeline fails or is cancelled

Notes

• The component automatically sets up EventBridge monitoring for pipeline completion
• Falls back to polling if webhook doesn’t arrive
• Can be cancelled, which will stop the running pipeline execution

Example Output

{
  "data": {
    "detail": {
      "execution-id": "a1b2c3d4-5678-90ab-cdef-111122223333",
      "pipeline": "my-deploy-pipeline",
      "state": "SUCCEEDED",
      "version": 1
    },
    "pipeline": {
      "executionId": "a1b2c3d4-5678-90ab-cdef-111122223333",
      "name": "my-deploy-pipeline",
      "state": "SUCCEEDED",
      "status": "Succeeded"
    }
  },
  "timestamp": "2026-02-10T14:35:22.518372841Z",
  "type": "aws.codepipeline.pipeline.finished"
}

EC2 • Allocate Elastic IP

Component key: aws.ec2.allocateElasticIP

The Allocate Elastic IP component allocates a new Elastic IP address to your AWS account in the selected region.

Use Cases

• Static public IPs: Reserve a public IPv4 address before launching or exposing a service
• Failover workflows: Allocate a replacement Elastic IP during disaster recovery
• Pre-provisioning: Reserve an address ahead of association with an instance or network interface
• BYOIP and IPAM: Allocate from your own address pools or VPC IPAM pools

Configuration

• Region: AWS region where the Elastic IP will be allocated
• IP source: Where the address comes from:
  • Amazon’s pool: Default public IPv4 address from AWS
  • BYOIP pool: Address from a public IPv4 pool you brought to your account
  • Customer-owned pool: Address from an on-premises pool for use with an Outpost
  • IPAM pool: Address from a VPC IPAM pool with a public IPv4 CIDR
• Pool: Required when using BYOIP, customer-owned, or IPAM sources (searchable pickers scoped to the selected region)
• Address (optional): Request a specific IPv4 address from the selected pool
• Tags (optional): Key/value tags applied to the Elastic IP at allocation time

Output

Emits the allocated Elastic IP details on the default output channel:

• allocationId, publicIp, domain, region

Important Notes

• Elastic IPs are allocated to your account and incur charges when not associated with a running instance
• The address is allocated for use in a VPC (domain: vpc)
• BYOIP, customer-owned, and IPAM pools must already exist in the target region

Example Output

{
  "data": {
    "allocationId": "eipalloc-0abc1234567890def",
    "domain": "vpc",
    "publicIp": "203.0.113.10",
    "region": "us-east-1"
  },
  "timestamp": "2026-05-21T12:01:00Z",
  "type": "aws.ec2.elastic-ip.allocated"
}

EC2 • Copy Image

Component key: aws.ec2.copyImage

The Copy Image component copies an AMI to another AWS region.

Use Cases

• Multi-region rollouts: Replicate golden images to deployment regions
• Disaster recovery: Keep AMI backups in secondary regions
• Promotion workflows: Copy validated images across environments

Configuration

• Destination Region: AWS region where the copied AMI is created
• Source Region: AWS region where the source AMI exists
• Source Image ID: AMI ID to copy
• Image Name: Name for the copied AMI
• Description: Optional AMI description

Completion behavior

• The component waits for EventBridge EC2 AMI State Change events for the copied AMI.
• It completes when the AMI state becomes available.
• It fails if the AMI state becomes failed.

Example Output

{
  "data": {
    "image": {
      "architecture": "x86_64",
      "creationDate": "2026-02-19T09:00:00.000Z",
      "description": "Copied for disaster recovery",
      "hypervisor": "xen",
      "imageId": "ami-0c0ffee1234567890",
      "imageType": "machine",
      "name": "my-app-2026-02-19",
      "ownerId": "123456789012",
      "region": "us-west-2",
      "rootDeviceName": "/dev/xvda",
      "rootDeviceType": "ebs",
      "state": "available",
      "virtualizationType": "hvm"
    }
  },
  "timestamp": "2026-02-19T09:00:00Z",
  "type": "aws.ec2.image"
}

EC2 • Create Alarm

Component key: aws.ec2.createAlarm

The Create Alarm component creates a CloudWatch metric alarm targeting a specific EC2 instance.

Use Cases

• Proactive monitoring: Set up CPU or network alarms as part of an instance provisioning workflow
• Auto-remediation: Create alarms that trigger downstream workflows when thresholds are crossed
• Compliance: Ensure every new instance has required alarms configured automatically

Configuration

• Region: AWS region where the EC2 instance and alarm reside
• Instance: EC2 instance to monitor
• Alarm Name: Unique name for the CloudWatch alarm
• Metric Name: EC2 CloudWatch metric to monitor (CPU, disk, network, status checks)
• Statistic: Aggregation function applied over the evaluation period (Average, Sum, Min, Max, SampleCount)
• Comparison Operator: How the metric is compared to the threshold (e.g. GreaterThanThreshold)
• Threshold: Numeric value to compare the metric against
• Period: Evaluation window in seconds (default: 300)
• Evaluation Periods: Number of consecutive periods that must breach the threshold before the alarm fires (default: 1)
• Alarm Description: Optional free-text description
• Treat Missing Data: How to treat missing data points (missing, ignore, breaching, notBreaching)
• Alarm Action (toggleable): EC2 automation action to execute when the alarm enters ALARM state — Recover, Reboot, Stop, or Terminate
• SNS Topic (on alarm) (toggleable): SNS topic ARN to publish a notification to when the alarm enters ALARM state

Output

Emits the created alarm details on the default output channel:

• alarmName, alarmArn, namespace, metricName
• statistic, threshold, comparisonOperator, stateValue
• period, evaluationPeriods, dimensions, region

Example Output

{
  "data": {
    "alarmArn": "arn:aws:cloudwatch:us-east-1:123456789012:alarm:cpuUsage",
    "alarmDescription": "Cpu alarm",
    "alarmName": "cpuUsage",
    "comparisonOperator": "GreaterThanThreshold",
    "dimensions": [
      {
        "name": "InstanceId",
        "value": "i-1234567890abcdef0"
      }
    ],
    "evaluationPeriods": 1,
    "metricName": "CPUUtilization",
    "namespace": "AWS/EC2",
    "period": 120,
    "region": "us-east-1",
    "stateReason": "Unchecked: Initial alarm creation",
    "stateValue": "INSUFFICIENT_DATA",
    "statistic": "Average",
    "threshold": 80,
    "treatMissingData": "ignore"
  },
  "timestamp": "2026-06-03T16:36:13.985915034Z",
  "type": "aws.ec2.alarm"
}

EC2 • Create Image

Component key: aws.ec2.createImage

The Create Image component creates a new Amazon Machine Image (AMI) from an EC2 instance.

Use Cases

• Golden image pipelines: Build immutable infrastructure images from validated instances
• Backup workflows: Snapshot instance state before deployments or migrations
• Release automation: Produce versioned AMIs as part of CI/CD

Configuration

• Region: AWS region where the instance runs
• Instance: EC2 instance ID to create an image from
• Image Name: Name for the AMI
• Description: Optional image description
• No Reboot: If enabled, create the image without rebooting the instance

Completion behavior

• The component waits for EventBridge EC2 AMI State Change events for the created AMI.
• It completes when the AMI state becomes available.
• It fails if the AMI state becomes failed.

Example Output

{
  "data": {
    "image": {
      "architecture": "x86_64",
      "creationDate": "2026-02-18T12:00:00.000Z",
      "description": "Golden image for production",
      "hypervisor": "xen",
      "imageId": "ami-07f0e4f3e9c123abc",
      "imageType": "machine",
      "name": "my-app-2026-02-18",
      "ownerId": "123456789012",
      "region": "us-east-1",
      "rootDeviceName": "/dev/xvda",
      "rootDeviceType": "ebs",
      "state": "available",
      "virtualizationType": "hvm"
    }
  },
  "timestamp": "2026-02-18T12:00:00Z",
  "type": "aws.ec2.image"
}

EC2 • Create Instance

Component key: aws.ec2.createInstance

The Create Instance component launches a new Amazon EC2 instance and waits until it reaches running state before emitting.

Use Cases

• Ephemeral compute: Provision temporary VMs for tests, builds, or automation
• Environment provisioning: Launch instances as part of deployment workflows
• On-demand capacity: Create additional compute when triggered by events

Configuration

• Name: Required value for the Name tag
• Region: AWS region where the instance will be launched
• Operating System: Quick Start operating system family, similar to the AWS launch wizard
• Image: Public AMI for the selected operating system. These are filtered to only show currently available images in the selected region for the chosen OS family
• Instance Type: EC2 instance type from the current generation catalog
• Subnet: VPC subnet for the primary network interface
• Firewall: Create a launch security group (like the AWS launch wizard) or use an existing one
• Allow SSH/HTTP/HTTPS from the internet: Ingress rules when creating a new security group
• Configure Root Volume (optional): Override the AMI root volume size and type
• Key Pair (optional): EC2 key pair for SSH access. These are filtered to show only key pairs available in the selected region
• User Data (optional): Shell script or cloud-init payload executed at launch
• Associate Public IP Address: Assign a public IPv4 address when the subnet supports it

Output

Emits instance details on the default output channel, including:

• instanceId — EC2 instance ID
• state — should be running
• publicIpAddress / privateIpAddress — network addresses when available
• publicDnsName / privateDnsName — DNS names when available

Example Output

{
  "data": {
    "imageId": "ami-07f0e4f3e9c123abc",
    "instanceId": "i-0abc1234567890def",
    "instanceType": "t3.micro",
    "keyName": "my-key",
    "launchTime": "2026-05-21T12:00:00.000Z",
    "name": "ephemeral-builder",
    "privateDnsName": "ip-10-0-1-25.ec2.internal",
    "privateIpAddress": "10.0.1.25",
    "publicDnsName": "ec2-54-198-10-42.compute-1.amazonaws.com",
    "publicIpAddress": "54.198.10.42",
    "region": "us-east-1",
    "state": "running",
    "subnetId": "subnet-0abc1234567890def",
    "vpcId": "vpc-0abc1234567890def"
  },
  "timestamp": "2026-05-21T12:01:00Z",
  "type": "aws.ec2.instance"
}

EC2 • Delete Instance

Component key: aws.ec2.deleteInstance

The Delete Instance component terminates an Amazon EC2 instance and waits until AWS reports it as terminated.

Use Cases

• Ephemeral cleanup: Tear down temporary instances after a workflow finishes
• Cost controls: Delete unused instances from automation
• Incident remediation: Terminate unhealthy instances after replacement capacity exists

Configuration

• Region: AWS region where the instance runs
• Instance: EC2 instance ID to terminate

Output

Emits a deletion payload on the default output channel:

• state — terminated

Example Output

{
  "data": {
    "instanceId": "i-0abc1234567890def",
    "state": "terminated"
  },
  "timestamp": "2026-05-21T12:05:00Z",
  "type": "aws.ec2.instance.deleted"
}

EC2 • Deregister Image

Component key: aws.ec2.deregisterImage

The Deregister Image component removes an AMI from your account in a region.

Use Cases

• Image lifecycle cleanup: Remove unused AMIs after promotion
• Compliance operations: Retire images that should no longer be launched
• Automation rollback: Clean up AMIs created by failed workflows

Configuration

• Region: AWS region where the AMI exists
• Image ID: AMI ID to deregister
• Delete Snapshots: If enabled, delete the snapshots associated with the AMI

Example Output

{
  "data": {
    "deregistered": true,
    "imageId": "ami-07f0e4f3e9c123abc",
    "region": "us-east-1",
    "requestId": "req-deregister"
  },
  "timestamp": "2026-02-19T09:10:00Z",
  "type": "aws.ec2.image.deregistered"
}

EC2 • Disable Image

Component key: aws.ec2.disableImage

The Disable Image component disables an AMI so it cannot be launched.

Use Cases

• Risk containment: Prevent new launches from vulnerable images
• Release control: Temporarily block image usage during maintenance
• Lifecycle governance: Enforce policies before image retirement

Configuration

• Region: AWS region where the AMI exists
• Image ID: AMI ID to disable

Example Output

{
  "data": {
    "disabled": true,
    "imageId": "ami-07f0e4f3e9c123abc",
    "region": "us-east-1",
    "requestId": "req-disable"
  },
  "timestamp": "2026-02-19T09:30:00Z",
  "type": "aws.ec2.image.disabled"
}

EC2 • Disable Image Deprecation

Component key: aws.ec2.disableImageDeprecation

The Disable Image Deprecation component removes the deprecation schedule from an AMI.

Use Cases

• Release extension: Keep an image available longer than planned
• Rollback support: Reopen older images for temporary use
• Policy exceptions: Remove deprecation when operational needs change

Configuration

• Region: AWS region where the AMI exists
• Image ID: AMI ID to remove deprecation from

Example Output

{
  "data": {
    "deprecationEnabled": false,
    "imageId": "ami-07f0e4f3e9c123abc",
    "region": "us-east-1",
    "requestId": "req-disable-deprecation"
  },
  "timestamp": "2026-02-19T09:50:00Z",
  "type": "aws.ec2.image.deprecationDisabled"
}

EC2 • Enable Image

Component key: aws.ec2.enableImage

The Enable Image component enables a previously disabled AMI.

Use Cases

• Release promotion: Re-enable AMIs after staged validation
• Operational recovery: Restore image availability after temporary restrictions
• Lifecycle workflows: Toggle image launchability based on policy checks

Configuration

• Region: AWS region where the AMI exists
• Image ID: AMI ID to enable

Example Output

{
  "data": {
    "enabled": true,
    "imageId": "ami-07f0e4f3e9c123abc",
    "region": "us-east-1",
    "requestId": "req-enable"
  },
  "timestamp": "2026-02-19T09:20:00Z",
  "type": "aws.ec2.image.enabled"
}

EC2 • Enable Image Deprecation

Component key: aws.ec2.enableImageDeprecation

The Enable Image Deprecation component sets a deprecation time for an AMI.

Use Cases

• Release lifecycle: Schedule AMI retirement dates
• Compliance enforcement: Ensure images expire on policy deadlines
• Operational hygiene: Phase out outdated images in a controlled window

Configuration

• Region: AWS region where the AMI exists
• Image ID: AMI ID to deprecate
• Deprecate At: RFC3339 timestamp when deprecation takes effect

Example Output

{
  "data": {
    "deprecateAt": "2026-04-01T00:00:00Z",
    "deprecationEnabled": true,
    "imageId": "ami-07f0e4f3e9c123abc",
    "region": "us-east-1",
    "requestId": "req-enable-deprecation"
  },
  "timestamp": "2026-02-19T09:40:00Z",
  "type": "aws.ec2.image.deprecationEnabled"
}

EC2 • Get Alarm

Component key: aws.ec2.getAlarm

The Get Alarm component describes a CloudWatch alarm and emits its current details.

Use Cases

• State inspection: Check whether an alarm is in ALARM, OK, or INSUFFICIENT_DATA state before taking action
• Alarm metadata lookup: Retrieve threshold, metric, and dimension details mid-workflow
• Audit: Record alarm configuration at a point in time

Configuration

• Region: AWS region where the alarm resides
• Alarm: CloudWatch alarm to describe, selected from all alarms in the chosen region (ec2.alarm resource picker)

Output

Emits the alarm details on the default output channel:

• alarmName, alarmArn, namespace, metricName
• statistic, threshold, comparisonOperator, stateValue
• period, evaluationPeriods, dimensions, region

Example Output

{
  "data": {
    "alarmArn": "arn:aws:cloudwatch:us-east-1:123456789012:alarm:cpuUsage",
    "alarmDescription": "Cpu alarm",
    "alarmName": "cpuUsage",
    "comparisonOperator": "GreaterThanThreshold",
    "dimensions": [
      {
        "name": "InstanceId",
        "value": "i-1234567890abcdef0"
      }
    ],
    "evaluationPeriods": 1,
    "metricName": "CPUUtilization",
    "namespace": "AWS/EC2",
    "period": 120,
    "region": "us-east-1",
    "stateReason": "Unchecked: Initial alarm creation",
    "stateValue": "INSUFFICIENT_DATA",
    "statistic": "Average",
    "threshold": 80,
    "treatMissingData": "ignore"
  },
  "timestamp": "2026-06-03T16:37:20.636935245Z",
  "type": "aws.ec2.alarm"
}

EC2 • Get Image

Component key: aws.ec2.getImage

The Get Image component retrieves metadata for an EC2 AMI.

Use Cases

• Release automation: Validate AMI metadata before deployment
• Operational checks: Inspect AMI state and ownership in workflows
• Traceability: Resolve AMI details by image ID

Configuration

• Region: AWS region of the AMI
• Image ID: AMI ID (for example: ami-1234567890abcdef0)

Example Output

{
  "data": {
    "image": {
      "architecture": "x86_64",
      "creationDate": "2026-02-18T12:00:00.000Z",
      "description": "Golden image for production",
      "hypervisor": "xen",
      "imageId": "ami-1234567890abcdef0",
      "imageType": "machine",
      "name": "my-app-2026-02-18",
      "ownerId": "123456789012",
      "region": "us-east-1",
      "rootDeviceName": "/dev/xvda",
      "rootDeviceType": "ebs",
      "state": "available",
      "virtualizationType": "hvm"
    }
  },
  "timestamp": "2026-02-18T12:00:00Z",
  "type": "aws.ec2.image"
}

EC2 • Get Instance

Component key: aws.ec2.getInstance

The Get Instance component describes an EC2 instance and emits its current details.

Use Cases

• State inspection: Check whether an instance is running or stopped before taking action
• IP resolution: Retrieve the public or private IP address of an instance at runtime
• Metadata lookup: Fetch instance type, AMI, VPC, and tags mid-workflow

Configuration

• Region: AWS region where the instance runs
• Instance: EC2 instance to describe

Output

Emits the instance details on the default output channel:

• instanceId, state, instanceType, imageId
• publicIpAddress, privateIpAddress, publicDnsName, privateDnsName
• subnetId, vpcId, region, name, launchTime

Example Output

{
  "data": {
    "imageId": "ami-07f0e4f3e9c123abc",
    "instanceId": "i-0abc1234567890def",
    "instanceType": "t3.micro",
    "keyName": "my-key",
    "launchTime": "2026-05-21T12:00:00.000Z",
    "name": "my-server",
    "privateDnsName": "ip-10-0-1-25.ec2.internal",
    "privateIpAddress": "10.0.1.25",
    "publicDnsName": "ec2-54-198-10-42.compute-1.amazonaws.com",
    "publicIpAddress": "54.198.10.42",
    "region": "us-east-1",
    "state": "running",
    "subnetId": "subnet-0abc1234567890def",
    "vpcId": "vpc-0abc1234567890def"
  },
  "timestamp": "2026-05-21T12:01:00Z",
  "type": "aws.ec2.instance"
}

EC2 • Get Instance Metrics

Component key: aws.ec2.getInstanceMetrics

The Get Instance Metrics component retrieves CloudWatch metrics for an EC2 instance over a configurable lookback window.

Note: CPU and network metrics are available for all instances. Memory metrics require the CloudWatch Agent to be installed and running on the instance.

Use Cases

• Performance monitoring: Sample CPU and network utilisation before making scaling decisions
• Incident investigation: Pull recent metrics when responding to an alert
• Capacity planning: Gather trend data to inform right-sizing
• Automated scaling: Use metric outputs to conditionally trigger resize or power operations

Configuration

• Region: AWS region where the instance runs
• Instance: EC2 instance to query metrics for
• Lookback Period: How far back to retrieve metrics — 1h, 6h, 24h, 7d, or 14d
• Include Memory: Fetch memory usage (requires the CloudWatch Agent on the instance)

Output

Returns averaged and aggregated metrics over the lookback window:

• instanceId, region, lookbackPeriod, start, end
• avgCpuUsagePercent: Average CPU utilisation percentage (null when CloudWatch returns no datapoints for the window)
• totalNetworkInBytes: Total inbound network bytes over the window
• totalNetworkOutBytes: Total outbound network bytes over the window
• avgNetworkInBytesPerSec: Average inbound bytes per second
• avgNetworkOutBytesPerSec: Average outbound bytes per second
• avgMemoryUsagePercent: Average memory utilisation (null when the CloudWatch Agent is unavailable, returns no datapoints, or the memory request fails)

Important Notes

• CPU and network metrics use basic monitoring (5-minute resolution) by default; enable detailed monitoring on the instance for 1-minute resolution
• Memory metrics require the CloudWatch Agent to be installed on the instance
• All metric values are rounded to two decimal places

Example Output

{
  "data": {
    "avgCpuUsagePercent": 0.18,
    "avgNetworkInBytesPerSec": 107.25,
    "avgNetworkOutBytesPerSec": 11.63,
    "end": "2026-05-29T08:50:49Z",
    "instanceId": "i-0abc1234567890def",
    "lookbackPeriod": "7d",
    "region": "eu-north-1",
    "start": "2026-05-22T08:50:49Z",
    "totalNetworkInBytes": 64866070,
    "totalNetworkOutBytes": 7032351
  },
  "timestamp": "2026-05-29T08:50:50.657831534Z",
  "type": "aws.ec2.instance.metrics"
}

EC2 • Manage Elastic IP

Component key: aws.ec2.manageElasticIP

The Manage Elastic IP component associates or disassociates an Elastic IP address with an EC2 instance.

Use Cases

• Static addressing: Attach a reserved Elastic IP to an instance after launch
• Failover: Re-associate an Elastic IP to a replacement instance
• Cleanup: Disassociate an Elastic IP before releasing it

Configuration

• Region: AWS region where the Elastic IP and instance reside
• Operation: Choose Associate or Disassociate
• Elastic IP (associate only): The allocated Elastic IP to attach
• Instance (associate only): EC2 instance to associate the Elastic IP with
• Association (disassociate only): The active Elastic IP association to remove

Output

Emits operation-specific details on the default output channel:

• Associate: associationId, allocationId, instanceId, region
• Disassociate: associationId, region

Important Notes

• The Elastic IP must be allocated before it can be associated
• Disassociating is required before releasing an Elastic IP
• Re-association to a different instance is allowed when the address is already associated elsewhere

Example Output

{
  "data": {
    "allocationId": "eipalloc-0abc1234567890def",
    "associationId": "eipassoc-0abc1234567890def",
    "instanceId": "i-0abc1234567890def",
    "region": "us-east-1"
  },
  "timestamp": "2026-05-21T12:03:00Z",
  "type": "aws.ec2.elastic-ip.associated"
}

EC2 • Manage Instance Power

Component key: aws.ec2.manageInstancePower

The Manage Instance Power component performs power management operations on an EC2 instance.

Use Cases

• Scheduled workloads: Start or stop instances on demand from a workflow
• Cost optimisation: Stop or hibernate non-production instances outside business hours
• Maintenance workflows: Stop an instance before resizing or patching, start it after
• Recovery: Reboot an instance experiencing issues

Configuration

• Region: AWS region where the instance runs
• Instance: EC2 instance to manage
• Operation: The power operation to perform:
  • Start: Start a stopped instance and wait for it to reach running state
  • Stop: Gracefully stop a running instance and wait for stopped state
  • Reboot: Reboot a running instance (completes once the reboot signal is sent)
  • Hibernate: Stop an instance and save RAM to disk (instance must have hibernation enabled)

Output

Emits instance details on the default output channel once the operation completes:

• instanceId, state, region
• publicIpAddress, privateIpAddress (start only)

Important Notes

• Hibernate requires the instance to have been launched with hibernation enabled
• Reboot emits immediately after the reboot signal is accepted; it does not wait for the OS to come back online

Example Output

{
  "data": {
    "imageId": "ami-0215d085326c25744",
    "instanceId": "i-0abc1234567890def",
    "instanceType": "t3.micro",
    "launchTime": "2026-05-28T09:41:14.000Z",
    "name": "preview-pr-5",
    "privateDnsName": "ip-10.0.1.25.eu-north-1.compute.internal",
    "privateIpAddress": "10.0.1.25",
    "publicDnsName": "ec2-54-198-10-42.eu-north-1.compute.amazonaws.com",
    "publicIpAddress": "54.198.10.42",
    "region": "eu-north-1",
    "state": "running",
    "subnetId": "subnet-0e7c8aa9b0a82aec5",
    "vpcId": "vpc-0049650f5a479c14b"
  },
  "timestamp": "2026-05-28T09:41:26.29656651Z",
  "type": "aws.ec2.instance.power.started"
}

EC2 • Release Elastic IP

Component key: aws.ec2.releaseElasticIP

The Release Elastic IP component releases an allocated Elastic IP address from your AWS account.

Use Cases

• Cost optimisation: Release unused Elastic IPs to avoid idle charges
• Cleanup workflows: Remove temporary addresses after a workflow completes
• Decommissioning: Release addresses when tearing down infrastructure

Configuration

• Region: AWS region where the Elastic IP was allocated
• Elastic IP: The allocated Elastic IP to release

Output

Emits a release confirmation on the default output channel:

• allocationId, region

Important Notes

• The Elastic IP must be disassociated before it can be released
• Released addresses may be allocated to another AWS account and cannot always be recovered

Example Output

{
  "data": {
    "allocationId": "eipalloc-0abc1234567890def",
    "region": "us-east-1"
  },
  "timestamp": "2026-05-21T12:02:00Z",
  "type": "aws.ec2.elastic-ip.released"
}

EC2 • Update Instance

Component key: aws.ec2.updateInstance

The Update Instance component resizes an EC2 instance to a new instance type and/or updates its security groups.

Use Cases

• Right-sizing: Scale an instance up or down based on observed utilisation
• Automated resizing: Use the output of Get Instance Metrics to conditionally resize
• Security posture updates: Replace the security groups attached to a running instance

Configuration

• Region: AWS region where the instance runs
• Instance: EC2 instance to update
• New Instance Type: Target instance type (e.g. t3.medium). The instance is stopped automatically, resized, and restarted. At least one of this field or Security Groups must be set.
• Security Group: Replace the instance’s security group. Takes effect immediately for VPC instances; does not require a stop/start cycle.
• Restart After Resize: Whether to start the instance after changing its type (default true). If unchecked the instance remains stopped after the type change.

Instance Type Change Lifecycle

1. The component records the current state of the instance.
2. If the instance is running it is stopped automatically.
3. Once stopped, ModifyInstanceAttribute is called with the new instance type.
4. If the instance was originally running and Restart After Resize is enabled, the instance is started again and the component waits for it to reach running state.

Output

Emits updated instance details on the default output channel:

• instanceId, instanceType, state, region
• publicIpAddress, privateIpAddress, name

Example Output

{
  "data": {
    "imageId": "ami-0215d085326c25744",
    "instanceId": "i-03976dc68f19ba526",
    "instanceType": "t3.micro",
    "keyName": "my-key",
    "launchTime": "2026-05-29T08:52:02.000Z",
    "name": "ephemeral-builder",
    "privateDnsName": "ip-10-0-1-25.ec2.internal",
    "privateIpAddress": "10.0.1.25",
    "publicDnsName": "ec2-54-198-10-42.compute-1.amazonaws.com",
    "publicIpAddress": "54.198.10.42",
    "region": "eu-north-1",
    "state": "running",
    "subnetId": "subnet-0e7c8aa9b0a82aec5",
    "vpcId": "vpc-0049650f5a479c14b"
  },
  "timestamp": "2026-05-29T08:52:13.71956816Z",
  "type": "aws.ec2.instance.updated"
}

ECR • Get Image

Component key: aws.ecr.getImage

The Get Image component retrieves image metadata from an ECR repository by digest, tag, or both.

Use Cases

• Release automation: Fetch image details before deployment
• Audit trails: Resolve digests and tags for traceability
• Security workflows: Enrich findings with image metadata

Configuration

• Region: AWS region of the ECR repository
• Repository: ECR repository name or ARN
• Image Digest: Digest of the image (optional)
• Image Tag: Tag of the image (optional)

At least one of Image Digest or Image Tag is required. If both are provided, the request includes both.

Example Output

{
  "data": {
    "artifactMediaType": "application/vnd.docker.container.image.v1+json",
    "imageDigest": "sha256:8f1d3e4f5a6b7c8d9e0f11121314151617181920212223242526272829303132",
    "imageManifestMediaType": "application/vnd.docker.distribution.manifest.v2+json",
    "imagePushedAt": "2026-02-03T12:00:00Z",
    "imageSizeInBytes": 48273912,
    "imageTags": [
      "latest",
      "v1.2.3"
    ],
    "registryId": "123456789012",
    "repositoryName": "my-repo"
  },
  "timestamp": "2026-02-03T12:00:00Z",
  "type": "aws.ecr.image"
}

ECR • Get Image Scan Findings

Component key: aws.ecr.getImageScanFindings

The Get Image Scan Findings component retrieves vulnerability scan results for an ECR image.

Use Cases

• Security automation: Pull scan findings to drive alerting or approvals
• Compliance checks: Validate images against severity thresholds
• Reporting: Capture scan summaries and findings for audits

Configuration

• Region: AWS region of the ECR repository
• Repository: ECR repository name or ARN
• Image Digest: Digest of the image (optional)
• Image Tag: Tag of the image (optional)

At least one of Image Digest or Image Tag is required. If both are provided, the request includes both.

Example Output

{
  "data": {
    "imageId": {
      "imageDigest": "sha256:8f1d3e4f5a6b7c8d9e0f11121314151617181920212223242526272829303132",
      "imageTag": "latest"
    },
    "imageScanFindings": {
      "findingSeverityCounts": {
        "HIGH": 1
      },
      "findings": [
        {
          "attributes": [
            {
              "key": "package_name",
              "value": "openssl"
            },
            {
              "key": "package_version",
              "value": "1.1.1k"
            }
          ],
          "description": "Example vulnerability in a package.",
          "name": "CVE-2024-12345",
          "severity": "HIGH",
          "uri": "https://example.com/cve-2024-12345"
        }
      ],
      "imageScanCompletedAt": "2026-02-03T12:05:00Z",
      "vulnerabilitySourceUpdatedAt": "2026-02-03T00:00:00Z"
    },
    "imageScanStatus": {
      "description": "Scan completed",
      "status": "COMPLETE"
    },
    "registryId": "123456789012",
    "repositoryName": "my-repo"
  },
  "timestamp": "2026-02-03T12:05:00Z",
  "type": "aws.ecr.image.scanFindings"
}

ECR • Scan Image

Component key: aws.ecr.scanImage

The Scan Image component scans an ECR image for vulnerabilities.

Use Cases

• Security automation: Scan images for vulnerabilities
• Compliance checks: Validate images against severity thresholds
• Reporting: Capture scan summaries and findings for audits

Configuration

• Region: AWS region of the ECR repository
• Repository: ECR repository name or ARN
• Image Digest: Digest of the image (optional)
• Image Tag: Tag of the image (optional)

At least one of Image Digest or Image Tag is required. If both are provided, the request includes both.

Example Output

{
  "data": {
    "imageId": {
      "imageDigest": "sha256:8f1d3e4f5a6b7c8d9e0f11121314151617181920212223242526272829303132",
      "imageTag": "latest"
    },
    "imageScanFindings": {
      "findingSeverityCounts": {
        "HIGH": 1
      },
      "findings": [
        {
          "attributes": [
            {
              "key": "package_name",
              "value": "openssl"
            },
            {
              "key": "package_version",
              "value": "1.1.1k"
            }
          ],
          "description": "Example vulnerability in a package.",
          "name": "CVE-2024-12345",
          "severity": "HIGH",
          "uri": "https://example.com/cve-2024-12345"
        }
      ],
      "imageScanCompletedAt": "2026-02-03T12:05:00Z",
      "vulnerabilitySourceUpdatedAt": "2026-02-03T00:00:00Z"
    },
    "imageScanStatus": {
      "description": "Scan completed",
      "status": "COMPLETE"
    },
    "registryId": "123456789012",
    "repositoryName": "my-repo"
  },
  "timestamp": "2026-02-03T12:05:00Z",
  "type": "aws.ecr.image.scanFindings"
}

ECS • Create Service

Component key: aws.ecs.createService

The Create Service component creates a new ECS service in a cluster.

Use Cases

• Provisioning workflows: Create a service during environment setup
• Deployment automation: Roll out new workloads from workflows
• Infrastructure orchestration: Configure ECS service settings as part of release pipelines

Notes

• You can pass advanced ECS CreateService fields through Additional ECS API Arguments.
• Do not combine Launch Type with Capacity Provider Strategy.

Example Output

{
  "data": {
    "service": {
      "clusterArn": "arn:aws:ecs:us-east-1:111122223333:cluster/superplane-demo-cluster",
      "createdAt": "2026-02-12T08:15:10Z",
      "desiredCount": 2,
      "enableExecuteCommand": true,
      "launchType": "FARGATE",
      "pendingCount": 0,
      "platformVersion": "1.4.0",
      "propagateTags": "SERVICE",
      "runningCount": 2,
      "schedulingStrategy": "REPLICA",
      "serviceArn": "arn:aws:ecs:us-east-1:111122223333:service/superplane-demo-cluster/superplane-api",
      "serviceName": "superplane-api",
      "status": "ACTIVE",
      "taskDefinition": "arn:aws:ecs:us-east-1:111122223333:task-definition/superplane-api:5",
      "taskSets": []
    }
  },
  "timestamp": "2026-02-12T08:15:32.101112131Z",
  "type": "aws.ecs.service"
}

ECS • Describe Service

Component key: aws.ecs.describeService

The Describe Service component fetches details about a single ECS service.

Use Cases

• Deployment checks: Inspect running/desired task counts before or after deployment
• Operational visibility: Fetch service status and task definition details in workflows
• Automation branching: Route workflow execution based on ECS service state

Example Output

{
  "data": {
    "service": {
      "clusterArn": "arn:aws:ecs:us-west-1:123456789012:cluster/production-cluster-alpha",
      "createdAt": "2026-01-20T10:12:33Z",
      "deployments": [
        {
          "createdAt": "2026-01-20T10:12:33Z",
          "desiredCount": 3,
          "id": "ecs-svc/8473629182736450912",
          "pendingCount": 0,
          "runningCount": 3,
          "status": "PRIMARY",
          "taskDefinition": "arn:aws:ecs:us-west-1:123456789012:task-definition/api-gateway-service:7",
          "updatedAt": "2026-01-20T10:18:11Z"
        }
      ],
      "desiredCount": 3,
      "enableExecuteCommand": true,
      "events": [
        {
          "createdAt": "2026-01-20T10:18:11Z",
          "id": "d91b5e4a-7a5f-4b1d-bdb4-3d4f8f8a9912",
          "message": "(service api-gateway-service-prod) has reached a steady state."
        },
        {
          "createdAt": "2026-01-20T10:17:02Z",
          "id": "a12f9c47-92c3-4c9f-8d12-88d6ab3f8e72",
          "message": "(service api-gateway-service-prod) (deployment ecs-svc/8473629182736450912) deployment completed."
        },
        {
          "createdAt": "2026-01-20T10:13:05Z",
          "id": "c7a8e3b1-11f2-4fbc-9d8e-2194bb0eaf55",
          "message": "(service api-gateway-service-prod) has started 3 tasks: (task 9f8e7d6c5b4a3210e1f2a3b4c5d6e7f8)."
        }
      ],
      "launchType": "FARGATE",
      "networkConfiguration": {
        "awsvpcConfiguration": {
          "assignPublicIp": "DISABLED",
          "securityGroups": [
            "sg-0a1b2c3d4e5f6a7b8",
            "sg-1b2c3d4e5f6a7b8c9"
          ],
          "subnets": [
            "subnet-01a2b3c4d5e6f7a8b",
            "subnet-09f8e7d6c5b4a3210"
          ]
        }
      },
      "pendingCount": 0,
      "platformVersion": "1.4.0",
      "propagateTags": "SERVICE",
      "runningCount": 3,
      "schedulingStrategy": "REPLICA",
      "serviceArn": "arn:aws:ecs:us-west-1:123456789012:service/production-cluster-alpha/api-gateway-service-prod",
      "serviceName": "api-gateway-service-prod",
      "status": "ACTIVE",
      "taskDefinition": "arn:aws:ecs:us-west-1:123456789012:task-definition/api-gateway-service:7",
      "taskSets": []
    }
  },
  "timestamp": "2026-01-20T12:45:09.123456789Z",
  "type": "aws.ecs.service"
}

ECS • Execute Command

Component key: aws.ecs.executeCommand

The Execute Command component runs ECS Exec against a running task container.

Use Cases

• Operational debugging: Run diagnostics inside a live task
• Runtime inspection: Check process state or config from workflows
• Automated remediation: Trigger one-off commands in containerized services

Notes

• ECS Exec must be enabled and properly configured for the task/service.
• Interactive mode opens an ECS session and returns session connection details.

Example Output

{
  "data": {
    "command": {
      "clusterArn": "arn:aws:ecs:us-east-1:111122223333:cluster/superplane-demo-cluster",
      "containerArn": "arn:aws:ecs:us-east-1:111122223333:container/superplane-demo-cluster/aaaaaaaa11111111bbbbbbbb22222222/2d7f98c1e4d14f98a4d1f36e6f4f5d23",
      "containerName": "api",
      "interactive": false,
      "session": {
        "sessionId": "ecs-execute-command-0f2ea5a931534f9f8f37f7e706a2c100",
        "streamUrl": "wss://ssmmessages.us-east-1.amazonaws.com/v1/data-channel/ecs-execute-command-0f2ea5a931534f9f8f37f7e706a2c100?role=publish_subscribe",
        "tokenValue": "AQoDYXdzEJr//////////wEaDAi4cUd2QqXQwq2NAiD3rWkK9mYc9..."
      },
      "taskArn": "arn:aws:ecs:us-east-1:111122223333:task/superplane-demo-cluster/aaaaaaaa11111111bbbbbbbb22222222"
    }
  },
  "timestamp": "2026-02-12T09:10:21.445566778Z",
  "type": "aws.ecs.executeCommand"
}

ECS • Run Task

Component key: aws.ecs.runTask

The Run Task component starts one or more ECS tasks and completes based on task lifecycle events.

Use Cases

• One-off workloads: Execute ad-hoc jobs on ECS
• Batch processing: Trigger task runs from workflow events
• Operational automation: Run remediation or maintenance tasks

Completion behavior

• Always waits for tasks to leave startup states (for example, PENDING) before completing.
• If Timeout (seconds) is set, waits for all tracked tasks to reach STOPPED, or completes with timeout when that deadline is reached.

Notes

• For Fargate tasks, set Network Configuration using the ECS awsvpcConfiguration format.
• Use Capacity Provider Strategy when you want ECS to choose capacity providers; it cannot be combined with Launch Type.

Example Output

{
  "data": {
    "failures": [],
    "tasks": [
      {
        "clusterArn": "arn:aws:ecs:us-east-1:111122223333:cluster/superplane-demo-cluster",
        "createdAt": "2026-02-10T14:30:01Z",
        "desiredStatus": "RUNNING",
        "group": "family:superplane-ecs-task",
        "lastStatus": "RUNNING",
        "launchType": "FARGATE",
        "platformVersion": "1.4.0",
        "startedBy": "",
        "stoppedReason": "",
        "taskArn": "arn:aws:ecs:us-east-1:111122223333:task/superplane-demo-cluster/aaaaaaaa11111111bbbbbbbb22222222",
        "taskDefinitionArn": "arn:aws:ecs:us-east-1:111122223333:task-definition/superplane-ecs-task:1"
      }
    ],
    "timedOut": false
  },
  "timestamp": "2026-02-10T14:30:37.633534466Z",
  "type": "aws.ecs.task"
}

ECS • Stop Task

Component key: aws.ecs.stopTask

The Stop Task component requests ECS to stop a running task and waits for the task to reach STOPPED.

Use Cases

• Operational control: Stop ad-hoc or long-running tasks from workflows
• Remediation: Terminate unhealthy tasks during automated incident response
• Cost control: Stop no-longer-needed background workloads

Notes

• ECS sends a SIGTERM signal and then force-stops the task if it does not exit gracefully.
• Reason is optional and appears in ECS task stop metadata when provided.

Example Output

{
  "data": {
    "task": {
      "clusterArn": "arn:aws:ecs:us-east-1:111122223333:cluster/superplane-demo-cluster",
      "createdAt": "2026-02-10T14:30:01Z",
      "desiredStatus": "STOPPED",
      "group": "family:superplane-ecs-task",
      "lastStatus": "STOPPED",
      "launchType": "FARGATE",
      "platformVersion": "1.4.0",
      "startedBy": "",
      "stoppedReason": "stopping",
      "taskArn": "arn:aws:ecs:us-east-1:111122223333:task/superplane-demo-cluster/aaaaaaaa11111111bbbbbbbb22222222",
      "taskDefinitionArn": "arn:aws:ecs:us-east-1:111122223333:task-definition/superplane-ecs-task:1"
    }
  },
  "timestamp": "2026-02-10T14:31:19.987196041Z",
  "type": "aws.ecs.task"
}

ECS • Update Service

Component key: aws.ecs.updateService

The Update Service component updates configuration for an existing ECS service.

Use Cases

• Deployments: Roll out a new task definition
• Scaling workflows: Change desired count dynamically
• Operational tuning: Update deployment, network, or tag behavior

Notes

• You can pass advanced ECS UpdateService fields through Additional ECS API Arguments.
• Do not combine Launch Type with Capacity Provider Strategy.

Example Output

{
  "data": {
    "service": {
      "clusterArn": "arn:aws:ecs:us-east-1:111122223333:cluster/superplane-demo-cluster",
      "createdAt": "2026-02-12T08:15:10Z",
      "desiredCount": 3,
      "enableExecuteCommand": true,
      "launchType": "FARGATE",
      "pendingCount": 1,
      "platformVersion": "1.4.0",
      "propagateTags": "SERVICE",
      "runningCount": 2,
      "schedulingStrategy": "REPLICA",
      "serviceArn": "arn:aws:ecs:us-east-1:111122223333:service/superplane-demo-cluster/superplane-api",
      "serviceName": "superplane-api",
      "status": "ACTIVE",
      "taskDefinition": "arn:aws:ecs:us-east-1:111122223333:task-definition/superplane-api:6",
      "taskSets": []
    }
  },
  "timestamp": "2026-02-12T09:00:03.987654321Z",
  "type": "aws.ecs.service"
}

Lambda • Run Function

Component key: aws.lambda.runFunction

The Run Lambda component invokes a Lambda function.

Use Cases

• Automated workflows: Trigger Lambda functions from SuperPlane workflows
• Event processing: Process events from other applications
• Data transformation: Transform data in real-time
• API integrations: Call Lambda functions from other applications

How It Works

1. Invokes the specified Lambda function with the provided payload
2. Returns the function’s response including status code, payload, and log output
3. Optionally creates a new Lambda function from inline JavaScript code

Example Output

{
  "data": {
    "payload": {
      "message": "hello from lambda"
    },
    "report": {
      "billedDuration": "100 ms",
      "duration": "89.81 ms",
      "initDuration": "160.97 ms",
      "maxMemoryUsed": "82 MB",
      "memorySize": "128 MB"
    },
    "requestId": "9f8d2b5e-1c7a-4d62-8f1a-0f8b8e4f3a12"
  },
  "timestamp": "2026-03-26T19:29:35.841265352Z",
  "type": "aws.lambda.run"
}

Prometheus • Create Workspace

Component key: aws.prometheus.createWorkspace

The Create Workspace component creates an Amazon Managed Service for Prometheus workspace.

Configuration

• Region: AWS region for the workspace
• Alias: Optional workspace alias
• KMS Key ARN: Optional customer managed AWS KMS key ARN for encryption
• Client Token: Optional idempotency token
• Tags: Optional workspace tags

Example Output

{
  "data": {
    "workspace": {
      "alias": "example-workspace-created",
      "arn": "arn:aws:aps:us-east-1:123456789012:workspace/ws-22222222-2222-4222-8222-222222222222",
      "status": {
        "statusCode": "CREATING"
      },
      "tags": {
        "purpose": "example"
      },
      "workspaceId": "ws-22222222-2222-4222-8222-222222222222"
    }
  },
  "timestamp": "2026-01-01T00:10:00.000000000Z",
  "type": "aws.prometheus.workspace"
}

Prometheus • Delete Workspace

Component key: aws.prometheus.deleteWorkspace

The Delete Workspace component deletes an Amazon Managed Service for Prometheus workspace.

Notes

AWS does not immediately delete metrics data that has already been ingested. It is permanently deleted within one month.

Configuration

• Region: AWS region of the workspace
• Workspace: Target workspace
• Client Token: Optional idempotency token

Example Output

{
  "data": {
    "deleted": true,
    "workspaceId": "ws-11111111-1111-4111-8111-111111111111"
  },
  "timestamp": "2026-01-01T00:15:00.000000000Z",
  "type": "aws.prometheus.workspace.deleted"
}

Prometheus • Get Workspace

Component key: aws.prometheus.getWorkspace

The Get Workspace component retrieves details for an Amazon Managed Service for Prometheus workspace.

Configuration

• Region: AWS region of the workspace
• Workspace: Target workspace

Example Output

{
  "data": {
    "workspace": {
      "alias": "example-workspace",
      "arn": "arn:aws:aps:us-east-1:123456789012:workspace/ws-11111111-1111-4111-8111-111111111111",
      "createdAt": "2026-01-01T00:00:00Z",
      "prometheusEndpoint": "https://aps-workspaces.us-east-1.amazonaws.com/workspaces/ws-11111111-1111-4111-8111-111111111111/",
      "status": {
        "statusCode": "ACTIVE"
      },
      "tags": {
        "environment": "example"
      },
      "workspaceId": "ws-11111111-1111-4111-8111-111111111111"
    }
  },
  "timestamp": "2026-01-01T00:05:00.000000000Z",
  "type": "aws.prometheus.workspace"
}

Prometheus • Update Workspace

Component key: aws.prometheus.updateWorkspace

The Update Workspace component updates the alias for an Amazon Managed Service for Prometheus workspace.

Configuration

• Region: AWS region of the workspace
• Workspace: Target workspace
• Alias: New workspace alias
• Client Token: Optional idempotency token

Example Output

{
  "data": {
    "alias": "example-workspace-updated",
    "updated": true,
    "workspaceId": "ws-22222222-2222-4222-8222-222222222222"
  },
  "timestamp": "2026-01-01T00:20:00.000000000Z",
  "type": "aws.prometheus.workspace.updated"
}

Route 53 • Create DNS Record

Component key: aws.route53.createRecord

The Create DNS Record component creates a new DNS record in an AWS Route 53 hosted zone.

Use Cases

• Domain management: Create DNS records for new services or endpoints
• Automated provisioning: Set up DNS entries as part of infrastructure workflows
• Multi-environment setup: Create environment-specific DNS records automatically

How It Works

1. Connects to AWS Route 53 using the integration credentials
2. Creates a new DNS record in the specified hosted zone
3. Returns the change status and submission timestamp

Example Output

{
  "data": {
    "change": {
      "id": "/change/C1234567890ABC",
      "status": "INSYNC",
      "submittedAt": "2026-01-28T10:30:00.000Z"
    },
    "record": {
      "name": "api.example.com",
      "type": "A"
    }
  },
  "timestamp": "2026-01-28T10:30:00.000Z",
  "type": "aws.route53.change"
}

Route 53 • Delete DNS Record

Component key: aws.route53.deleteRecord

The Delete DNS Record component deletes a DNS record from an AWS Route 53 hosted zone.

Use Cases

• Cleanup: Remove DNS records when decommissioning services
• Environment teardown: Delete DNS entries for temporary environments
• Migration: Remove old DNS records after migrating to new endpoints

How It Works

1. Connects to AWS Route 53 using the integration credentials
2. Deletes the specified DNS record from the hosted zone
3. The record name, type, TTL, and values must match the existing record exactly
4. Returns the change status and submission timestamp

Example Output

{
  "data": {
    "change": {
      "id": "/change/C5555555555GHI",
      "status": "INSYNC",
      "submittedAt": "2026-01-28T10:30:00.000Z"
    },
    "record": {
      "name": "api.example.com",
      "type": "A"
    }
  },
  "timestamp": "2026-01-28T10:30:00.000Z",
  "type": "aws.route53.change"
}

Route 53 • Upsert DNS Record

Component key: aws.route53.upsertRecord

The Upsert DNS Record component creates or updates a DNS record in an AWS Route 53 hosted zone.

Use Cases

• Idempotent updates: Safely create or update DNS records without checking existence first
• Rolling deployments: Update DNS records to point to new infrastructure
• Failover management: Switch DNS records between primary and secondary endpoints

How It Works

1. Connects to AWS Route 53 using the integration credentials
2. Creates the DNS record if it doesn’t exist, or updates it if it does
3. Returns the change status and submission timestamp

Example Output

{
  "data": {
    "change": {
      "id": "/change/C9876543210DEF",
      "status": "INSYNC",
      "submittedAt": "2026-01-28T10:30:00.000Z"
    },
    "record": {
      "name": "api.example.com",
      "type": "A"
    }
  },
  "timestamp": "2026-01-28T10:30:00.000Z",
  "type": "aws.route53.change"
}

SNS • Create Topic

Component key: aws.sns.createTopic

The Create Topic component creates an AWS SNS topic and returns its metadata.

Use Cases

• Provisioning workflows: Create topics as part of environment setup
• Automation bootstrap: Prepare topics before publishing messages
• Self-service operations: Provision messaging resources on demand

Example Output

{
  "data": {
    "attributes": {
      "DisplayName": "Orders Events",
      "Owner": "123456789012",
      "TopicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
    },
    "contentBasedDeduplication": false,
    "displayName": "Orders Events",
    "fifoTopic": false,
    "name": "orders-events",
    "owner": "123456789012",
    "topicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
  },
  "timestamp": "2026-01-10T10:00:02.000000000Z",
  "type": "aws.sns.topic"
}

SNS • Delete Topic

Component key: aws.sns.deleteTopic

The Delete Topic component deletes an AWS SNS topic.

Use Cases

• Cleanup workflows: Remove temporary topics after execution
• Lifecycle management: Decommission unused messaging resources
• Rollback automation: Remove topics created in failed provisioning runs

Example Output

{
  "data": {
    "deleted": true,
    "topicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
  },
  "timestamp": "2026-01-10T10:00:02.000000000Z",
  "type": "aws.sns.topic.deleted"
}

SNS • Get Subscription

Component key: aws.sns.getSubscription

The Get Subscription component retrieves metadata and attributes for an AWS SNS subscription.

Use Cases

• Subscription audits: Inspect endpoint and delivery configuration
• Workflow enrichment: Load subscription metadata before downstream actions
• Validation: Confirm subscription existence and protocol

Example Output

{
  "data": {
    "attributes": {
      "Endpoint": "https://example.com/sns/events",
      "Protocol": "https",
      "RawMessageDelivery": "true",
      "TopicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
    },
    "endpoint": "https://example.com/sns/events",
    "owner": "123456789012",
    "pendingConfirmation": false,
    "protocol": "https",
    "rawMessageDelivery": true,
    "subscriptionArn": "arn:aws:sns:us-east-1:123456789012:orders-events:7f8a3d50-f160-4d2d-8f8a-fb95d7f86a51",
    "topicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
  },
  "timestamp": "2026-01-10T10:00:02.000000000Z",
  "type": "aws.sns.subscription"
}

SNS • Get Topic

Component key: aws.sns.getTopic

The Get Topic component retrieves metadata and attributes for an AWS SNS topic.

Use Cases

• Configuration audits: Verify topic settings and attributes
• Workflow enrichment: Load topic metadata before downstream actions
• Validation: Confirm topic existence and ownership

Example Output

{
  "data": {
    "attributes": {
      "DisplayName": "Orders Events",
      "Owner": "123456789012",
      "TopicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
    },
    "contentBasedDeduplication": false,
    "displayName": "Orders Events",
    "fifoTopic": false,
    "name": "orders-events",
    "owner": "123456789012",
    "topicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
  },
  "timestamp": "2026-01-10T10:00:02.000000000Z",
  "type": "aws.sns.topic"
}

SNS • Publish Message

Component key: aws.sns.publishMessage

The Publish Message component sends a message to an AWS SNS topic.

Use Cases

• Event fan-out: Broadcast workflow results to multiple subscribers
• Notifications: Send operational updates to users and systems
• Automation: Trigger downstream subscribers through SNS delivery

Example Output

{
  "data": {
    "messageId": "a730a53a-a86d-5fcb-9ad1-ff72b8d0f104",
    "topicArn": "arn:aws:sns:us-east-1:123456789012:orders-events"
  },
  "timestamp": "2026-01-10T10:00:02.000000000Z",
  "type": "aws.sns.message.published"
}

SQS • Create Queue

Component key: aws.sqs.createQueue

The Create Queue component creates a new AWS SQS queue.

Configuration

• Region: AWS region for the SQS queue
• Queue Name: Name of the queue to create

Example Output

{
  "data": {
    "queueName": "my-created-queue",
    "queueUrl": "https://sqs.us-east-1.amazonaws.com/123456789012/my-created-queue"
  },
  "timestamp": "2026-02-11T12:00:00Z",
  "type": "aws.sqs.queue"
}

SQS • Delete Queue

Component key: aws.sqs.deleteQueue

The Delete Queue component deletes an AWS SQS queue.

Configuration

• Region: AWS region of the SQS queue
• Queue: Target SQS queue to delete

Example Output

{
  "data": {
    "deleted": true,
    "queueUrl": "https://sqs.us-east-1.amazonaws.com/123456789012/my-queue"
  },
  "timestamp": "2026-02-11T12:00:00Z",
  "type": "aws.sqs.queue.deleted"
}

SQS • Get Queue

Component key: aws.sqs.getQueue

The Get Queue component retrieves metadata and attributes for an AWS SQS queue.

Configuration

• Region: AWS region of the SQS queue
• Queue: Target SQS queue

Example Output

{
  "data": {
    "attributes": {
      "DelaySeconds": "0",
      "MaximumMessageSize": "262144",
      "MessageRetentionPeriod": "345600",
      "QueueArn": "arn:aws:sqs:us-east-1:123456789012:my-queue",
      "ReceiveMessageWaitTimeSeconds": "0",
      "VisibilityTimeout": "30"
    },
    "queueUrl": "https://sqs.us-east-1.amazonaws.com/123456789012/my-queue"
  },
  "timestamp": "2026-02-11T12:00:00Z",
  "type": "aws.sqs.queue"
}

SQS • Purge Queue

Component key: aws.sqs.purgeQueue

The Purge Queue component removes all messages from an AWS SQS queue.

Configuration

• Region: AWS region of the SQS queue
• Queue: Target SQS queue to purge

Example Output

{
  "data": {
    "purged": true,
    "queueUrl": "https://sqs.us-east-1.amazonaws.com/123456789012/my-queue"
  },
  "timestamp": "2026-02-11T12:00:00Z",
  "type": "aws.sqs.queue.purged"
}

SQS • Send Message

Component key: aws.sqs.sendMessage

The Send Message component publishes a message to an AWS SQS queue.

Configuration

• Region: AWS region of the SQS queue
• Queue: Target SQS queue
• Message Body: The message payload to send

Example Output

{
  "data": {
    "messageId": "d84c1b4d-1f3b-4b6c-9d9f-5c3a2b1f9e7a",
    "queueUrl": "https://sqs.us-east-1.amazonaws.com/123456789012/my-queue"
  },
  "timestamp": "2026-02-11T12:00:00Z",
  "type": "aws.sqs.message"
}