How to Set Up CI/CD on AWS
📘 Chapter 3: Automating Deployments with CodeDeploy
🔍 Overview
AWS CodeDeploy is a fully managed deployment service
that automates the process of releasing application updates to compute services
like Amazon EC2, AWS Lambda, and Amazon ECS. It enables
safe and repeatable deployments with minimal downtime, rollback options, and
hooks for custom actions during different stages of deployment.
This chapter will cover:
- Types
of deployments supported by CodeDeploy
- How
to configure EC2 and Lambda deployments
- Writing
the appspec.yml file
- Managing
deployment groups
- Handling
lifecycle hooks and rollbacks
- Integrating
CodeDeploy into a CI/CD pipeline
🧠 1. What is AWS
CodeDeploy?
AWS CodeDeploy automates code delivery to:
- EC2
instances (traditional in-place or blue/green)
- AWS
Lambda functions
- ECS
services (containerized)
It decouples deployment logic from your CI tool and ensures
that updates are applied consistently.
🔑 Key Features
|
Feature |
Benefit |
|
In-place
deployments |
Updates the existing
instance directly |
|
Blue/green deployments |
Spins up new
instances and switches traffic |
|
Rollback options |
Reverts to last known
good version automatically |
|
Lifecycle hooks |
Run scripts
before/after key phases of deployment |
|
Centralized
monitoring |
Real-time tracking of
deployment status |
🚀 2. Deployment Types
✅ EC2 Deployment
Used when deploying traditional apps to virtual machines.
|
Strategy |
Description |
|
In-place |
Stops the app,
replaces code, restarts it on same instance |
|
Blue/Green |
Launches new
instances, deploys app, switches traffic |
✅ Lambda Deployment
- Supports
canary, linear, and all-at-once traffic shifting
- No
infrastructure to manage
- Uses
aliases and versions to handle routing
✅ ECS Deployment
- Deploys
new Docker images to ECS services
- Integrated
with CodePipeline and Fargate
🛠️ 3. Setting Up EC2
Deployment with CodeDeploy
✅ Step 1: Install CodeDeploy
Agent
Install on each EC2 instance (Amazon Linux):
bash
sudo
yum update -y
sudo
yum install ruby wget -y
cd
/home/ec2-user
wget
https://bucket-name.s3.region.amazonaws.com/latest/install
chmod
+x ./install
sudo
./install auto
sudo
service codedeploy-agent start
✅ Use CodeDeploy EC2 IAM Role
with AmazonEC2RoleforAWSCodeDeploy policy.
✅ Step 2: Create an Application
in CodeDeploy
bash
aws
deploy create-application \
--application-name MyApp \
--compute-platform Server
✅ Step 3: Create a Deployment
Group
bash
aws
deploy create-deployment-group \
--application-name MyApp \
--deployment-group-name MyAppDG \
--deployment-config-name
CodeDeployDefault.OneAtATime \
--ec2-tag-filters
Key=Name,Value=MyEC2Instance,Type=KEY_AND_VALUE \
--service-role-arn
arn:aws:iam::123456789012:role/CodeDeployServiceRole
📄 4. Writing the
appspec.yml File
This file tells CodeDeploy how to install, stop, start, and
validate the app.
✅ Basic Structure (EC2)
yaml
version:
0.0
os:
linux
files:
- source: /
destination: /var/www/html
hooks:
BeforeInstall:
- location: scripts/stop_app.sh
timeout: 180
runas: root
AfterInstall:
- location: scripts/install_dependencies.sh
timeout: 180
runas: root
ApplicationStart:
- location: scripts/start_app.sh
timeout: 180
runas: root
📄 Sample Hook Script
(start_app.sh)
bash
#!/bin/bash
cd
/var/www/html
npm
start &
📝 Ensure scripts are executable
(chmod +x script.sh)
✅ For Lambda Deployments
yaml
version:
0.0
Resources:
- myLambdaFunction:
Type: AWS::Lambda::Function
Properties:
Name: MyFunction
Alias: live
CurrentVersion: 5
TargetVersion: 6
🔄 5. Creating a
Deployment (CLI or Console)
✅ CLI for EC2:
bash
aws
deploy create-deployment \
--application-name MyApp \
--deployment-group-name MyAppDG \
--s3-location
bucket=my-bucket,bundleType=zip,key=MyAppBundle.zip
✅ CLI for Lambda:
bash
aws
deploy create-deployment \
--application-name MyLambdaApp \
--deployment-group-name MyLambdaDG \
--revision
revisionType=AppSpecContent,appSpecContent={content=...}
🧪 6. Monitoring
Deployments
✅ In Console:
- CodeDeploy
→ Deployments → View status per instance
- See
logs per lifecycle hook
✅ CLI:
bash
aws
deploy get-deployment \
--deployment-id d-XXXXXXXX
🔁 7. Rollbacks and
Failures
You can configure automatic rollbacks in the
deployment group.
✅ Enable Auto Rollback
bash
aws
deploy update-deployment-group \
--application-name MyApp \
--deployment-group-name MyAppDG \
--auto-rollback-configuration
enabled=true,events=DEPLOYMENT_FAILURE
🧩 Summary Table – EC2
Deployment Components
|
Component |
Purpose |
|
appspec.yml |
Deployment
instructions |
|
Deployment Group |
Target EC2 or
Lambda resources |
|
CodeDeploy Agent |
Installed on EC2 to
receive updates |
|
Lifecycle Hooks |
Control
custom logic before/after install |
|
Auto Rollbacks |
Revert to last version
if deployment fails |
FAQs
❓1. What is CI/CD, and how does it work on AWS?
Answer:
CI/CD stands for Continuous Integration and Continuous Delivery/Deployment. On
AWS, you can implement CI/CD using tools like CodeCommit (source control),
CodeBuild (build & test), CodeDeploy (deployment), and CodePipeline
(orchestration). These services automate the entire software delivery process
from code changes to production releases.
❓2. Do I need to use AWS CodeCommit to set up CI/CD on AWS?
Answer:
No. You can integrate AWS CI/CD tools with external repositories like GitHub,
GitLab, or Bitbucket. AWS CodePipeline and CodeBuild support webhook-based
triggers and OAuth integrations with these platforms.
❓3. What is the difference between CodePipeline and CodeDeploy?
Answer:
- CodePipeline
is the orchestration tool that automates the flow from code to build to
deployment.
- CodeDeploy
is specifically responsible for deploying your built application to
compute targets like EC2, Lambda, or ECS.
❓4. How secure is the CI/CD process on AWS?
Answer:
Very secure—each service uses IAM roles with least privilege, encryption
in transit and at rest, audit logging via CloudTrail, and VPC/private
connections if needed. You can also integrate AWS Secrets Manager or Key
Management Service (KMS) for secret management.
❓5. What kind of applications can I deploy using AWS CI/CD?
Answer:
You can deploy web apps, microservices, REST APIs, containerized apps
(ECS/EKS), mobile backends, static sites, or serverless functions. AWS CI/CD
supports Node.js, Python, Java, Go, Ruby, .NET, and more.
❓6. Is there a cost associated with AWS CI/CD tools?
Answer:
Yes, but the pricing is very granular:
- CodePipeline:
$1 per active pipeline/month
- CodeBuild:
Pay per build minute
- CodeDeploy:
Free for EC2 and Lambda (extra for on-premise)
- CodeCommit:
Free for up to 5 active users
❓7. Can I set up CI/CD for containerized applications?
Answer:
Absolutely. AWS CI/CD can build Docker images with CodeBuild, store them
in Amazon ECR, and deploy them to ECS, EKS, or Fargate
using CodePipeline and CodeDeploy integrations.
❓8. What is a buildspec.yml file?
Answer:
buildspec.yml is a YAML configuration file used by CodeBuild. It defines
how to install dependencies, run tests, build code, and package artifacts
during a CI/CD pipeline execution.
❓9. Can I use CodePipeline with GitHub Actions or Jenkins?
Answer:
Yes. You can trigger a CodePipeline from a GitHub webhook or use a CodePipeline
source action for GitHub. Jenkins can also trigger CodePipeline stages via
API or use AWS CLI commands in post-build steps.
Tutorials are for educational purposes only, with no guarantees of comprehensiveness or error-free content; TuteeHUB disclaims liability for outcomes from reliance on the materials, recommending verification with official sources for critical applications.
Explore Other Libraries
Please allow ads on our site
Kindly log in to use this feature. We’ll take you to the login page automatically.
Login
Comments(0)