feat(scheduler-targets): add CodePipeline as target for scheduler (#27799)

Closes #27449

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Author: daschaa

packages/@aws-cdk/aws-scheduler-targets-alpha/README.md

@@ -33,6 +33,7 @@ The following targets are supported:
 7. `targets.InspectorStartAssessmentRun`: [Start an Amazon Inspector assessment run](#start-an-amazon-inspector-assessment-run)
 8. `targets.KinesisStreamPutRecord`: [Put a record to an Amazon Kinesis Data Streams](#put-a-record-to-an-amazon-kinesis-data-streams)
 9. `targets.KinesisDataFirehosePutRecord`: [Put a record to a Kinesis Data Firehose](#put-a-record-to-a-kinesis-data-firehose)
+10. `targets.CodePipelineStartPipelineExecution`: [Start a CodePipeline execution](#start-a-codepipeline-execution)
 
 ## Invoke a Lambda function
 
@@ -270,3 +271,21 @@ new Schedule(this, 'Schedule', {
   }),
 });
 ```
+
+## Start a CodePipeline execution
+
+Use the `CodePipelineStartPipelineExecution` target to start a new execution for a CodePipeline pipeline.
+
+The code snippet below creates an event rule with a CodePipeline pipeline as target which is
+called every hour by Event Bridge Scheduler.
+
+```ts
+import * as codepipeline from 'aws-cdk-lib/aws-codepipeline';
+
+declare const pipeline: codepipeline.Pipeline;
+
+new Schedule(this, 'Schedule', {
+  schedule: ScheduleExpression.rate(Duration.minutes(60)),
+  target: new targets.CodePipelineStartPipelineExecution(pipeline),
+});
+```

packages/@aws-cdk/aws-scheduler-targets-alpha/lib/codepipeline-start-pipeline-execution.ts

@@ -0,0 +1,40 @@
+import { ISchedule, IScheduleTarget } from '@aws-cdk/aws-scheduler-alpha';
+import { Names } from 'aws-cdk-lib';
+import { IPipeline } from 'aws-cdk-lib/aws-codepipeline';
+import { IRole, PolicyStatement } from 'aws-cdk-lib/aws-iam';
+import { ScheduleTargetBase, ScheduleTargetBaseProps } from './target';
+import { sameEnvDimension } from './util';
+
+/**
+ * Use an AWS CodePipeline pipeline as a target for AWS EventBridge Scheduler.
+ */
+export class CodePipelineStartPipelineExecution extends ScheduleTargetBase implements IScheduleTarget {
+  constructor(
+    private readonly pipeline: IPipeline,
+    private readonly props: ScheduleTargetBaseProps = {},
+  ) {
+    super(props, pipeline.pipelineArn);
+  }
+
+  protected addTargetActionToRole(schedule: ISchedule, role: IRole): void {
+    const region = this.pipeline.env.region ?? '';
+    const account = this.pipeline.env.account ?? '';
+
+    if (!sameEnvDimension(region, schedule.env.region)) {
+      throw new Error(`Cannot assign pipeline in region ${region} to the schedule ${Names.nodeUniqueId(schedule.node)} in region ${schedule.env.region}. Both the schedule and the pipeline must be in the same region.`);
+    }
+
+    if (!sameEnvDimension(account, schedule.env.account)) {
+      throw new Error(`Cannot assign pipeline in account ${account} to the schedule ${Names.nodeUniqueId(schedule.node)} in account ${schedule.env.region}. Both the schedule and the pipeline must be in the same account.`);
+    }
+
+    if (this.props.role && !sameEnvDimension(this.props.role.env.account, account)) {
+      throw new Error(`Cannot grant permission to execution role in account ${this.props.role.env.account} to invoke target ${Names.nodeUniqueId(this.pipeline.node)} in account ${account}. Both the target and the execution role must be in the same account.`);
+    }
+
+    role.addToPrincipalPolicy(new PolicyStatement({
+      actions: ['codepipeline:StartPipelineExecution'],
+      resources: [this.pipeline.pipelineArn],
+    }));
+  }
+}

packages/@aws-cdk/aws-scheduler-targets-alpha/lib/index.ts

@@ -1,4 +1,5 @@
 export * from './codebuild-start-build';
+export * from './codepipeline-start-pipeline-execution';
 export * from './event-bridge-put-events';
 export * from './inspector-start-assessment-run';
 export * from './kinesis-data-firehose-put-record';