How to Validate Pull Requests in AWS: Complete Beginner Guide
By Braincuber Team
Published on April 8, 2026
Manual testing is a bottleneck. When your project grows and developers push code frequently, working pull requests can easily break. Instead of wasting 15 hours a week manually pulling branches, building, and checking for basic compilation errors or broken tests, you need to automate it. Imagine managing 100-150 PRs every week. The time you spend repetitively validating those could buy your firm a whole set of new features. We will set up automated validation using AWS CodeBuild, CodeCommit, and Lambda.
What You'll Learn:
- Connect AWS CodeCommit to CloudWatch events
- Trigger AWS CodeBuild from new pull requests
- Post build statuses automatically to PR comments
- Build Lambda functions for webhook-style handling
- Ensure buggy PRs are caught before code review
The Automated Architecture
Let’s understand our workflow step by step before we touch the console. This event-driven architecture handles everything without polling.
PR Creation
A new PR is created or an existing PR is updated in CodeCommit.
Trigger Build
A CloudWatch event watches the repository and sends data to a Lambda function. This function triggers a CodeBuild project to build the latest commit and comments on the PR that the build has started.
Post Results
After CodeBuild finishes, another CloudWatch event sends results to a second Lambda function. This automatically comments the pass/fail results back onto the PR.
Setting Up The Base Project
For simplicity, we assume a Node.js TypeScript application where the build phase compiles 'app.ts' to 'app.js'. Your CodeBuild project needs a buildspec.yml in the root wrapper to know what commands to run.
version: 0.2
phases:
install:
commands:
- n 12.12
- curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
- echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
- apt update
- apt install yarn
- yarn install
# pre_build:
# commands:
# - yarn test
build:
commands:
- yarn build
MonoRepos Note
If you're dealing with a MonoRepo, you might have separate buildspec.yml files. You will have to selectively pass the buildspec file path as an environment variable depending on files changed.
Configuring the CodeBuild Project
Set up a basic CodeBuild project targeting your CodeCommit repository. Select branch as the reference type. Let it use your environment image defaults and the buildspec file we just discussed.
Lambda Function 1: Triggering CodeBuild
This Lambda receives the PR event and fires off CodeBuild while sending a "Build Started" notification to the PR.
const AWS = require('aws-sdk');
const codecommit = new AWS.CodeCommit();
const codebuild = new AWS.CodeBuild();
exports.handler = async (event) => {
try {
console.log('Received Event: ', event);
const { destinationCommit, sourceCommit, pullRequestId } = event.detail;
const pullRequestName = event.detail.title;
const sourceBranch = event.detail.sourceReference.split('/').pop();
const triggerParams = { sourceBranch, sourceCommit, destinationCommit, pullRequestId, pullRequestName };
const codeBuildResult = await triggerCodebuild(triggerParams);
await postBuildStartedCommentOnPR({ sourceCommit, destinationCommit, pullRequestId, buildId: codeBuildResult.build.id });
return { statusCode: 200 };
} catch (error) {
console.log('An Error Occurred', error);
return { error };
}
};
async function postBuildStartedCommentOnPR({ sourceCommit, destinationCommit, pullRequestId, buildId }) {
const logLink = `https://${process.env.REGION}.console.aws.amazon.com/codesuite/codebuild/projects/ValidatePullRequest/build/${buildId}`;
const parameters = {
afterCommitId: sourceCommit, beforeCommitId: destinationCommit,
content: `Build For Validating The Pull Request has been started. Timestamp: **${Date.now()}** Check [CodeBuild Logs](${logLink})`,
pullRequestId, repositoryName: process.env.REPOSITORY_NAME
};
return codecommit.postCommentForPullRequest(parameters).promise();
}
async function triggerCodebuild({ sourceBranch, sourceCommit, destinationCommit, pullRequestId, pullRequestName }) {
const parameters = {
projectName: process.env.CODEBUILD_PROJECT,
sourceVersion: `refs/heads/${sourceBranch}^{${sourceCommit}}`,
environmentVariablesOverride: [
{ name: 'pullRequestId', value: pullRequestId, type: 'PLAINTEXT' },
{ name: 'sourceCommit', value: sourceCommit, type: 'PLAINTEXT' },
{ name: 'destinationCommit', value: destinationCommit, type: 'PLAINTEXT' },
{ name: 'pullRequestName', value: pullRequestName, type: 'PLAINTEXT' }
]
};
return codebuild.startBuild(parameters).promise();
}
Lambda Function 2: Posting Results
The second Lambda captures the result from CodeBuild and automatically posts it back into your pull request feed. This means your reviewers never have to check out the branch to know if it compiles or passes tests.
const AWS = require('aws-sdk');
const codecommit = new AWS.CodeCommit();
exports.handler = async (event) => {
try {
const parameters = await getParameters(event);
await codecommit.postCommentForPullRequest(parameters).promise();
return { statusCode: 200 };
} catch (error) {
console.log('An Error Occurred', error);
return { error };
}
};
async function getParameters(event) {
const buildId = event.detail['build-id'].split('/')[1];
const buildStatus = event.detail['build-status'];
const vars = event.detail['additional-information'].environment['environment-variables'];
let afterCommitId, beforeCommitId, pullRequestId;
for (const el of vars) {
if (el.name === 'pullRequestId') pullRequestId = el.value;
if (el.name === 'sourceCommit') afterCommitId = el.value;
if (el.name === 'destinationCommit') beforeCommitId = el.value;
}
const logLink = `https://${process.env.REGION}.console.aws.amazon.com/codesuite/codebuild/projects/ValidatePullRequest/build/${buildId}`;
const content = `Build Result: **${buildStatus}** Timestamp: **${Date.now()}** Check [CodeBuild Logs](${logLink})`;
return { afterCommitId, beforeCommitId, content, pullRequestId, repositoryName: process.env.REPOSITORY_NAME };
}
Configuring CloudWatch Events
Wrap this up by mapping your CloudWatch Events. Create one rule that activates on CodeCommit Pull Request State Changes, targeting your first Lambda. Then create a second rule listening to CodeBuild Build State Changes (focusing on FAILED and SUCCEEDED), targeting your second Lambda. Make sure you grant your Lambdas sufficient IAM permissions.
Frequently Asked Questions
Can I expand this to MonoRepos?
Yes, you'll need logic to selectively trigger builds depending on what directories changed instead of rebuilding everything instantly.
Can we get notified in Slack?
Absolutely. In your second Lambda, intercept the build failure and fire an HTTP POST request to your Slack webhook URL.
Do I have to use CodeCommit?
No. If using GitHub or Bitbucket, you can configure webhooks to hit an API Gateway endpoint which then triggers the CodeBuild process.
What IAM policies are needed?
Your Lambda roles need permissions for CodeBuild StartBuild and CodeCommit PostCommentForPullRequest actions.
Is this cost efficient?
Highly. Lambda runs only on events, keeping idle costs at zero, and CodeBuild charges per minute of runtime.
Struggling with AWS Automation?
Our cloud engineers can build the perfect CI/CD pipeline tailored to your monorepo logic, saving you countless hours of manual review.