• We want to deploy our application automatically to many EC2 instances
  • There are several ways to handle deployments using open source tools (Ansible, Terraform, Chef, Puppet, etc…)
  • We can use the managed Service AWS CodeDeploy
  • Each EC2 Machine (or On Premise machine) must be running the
    CodeDeploy Agent
  • The agent is continuously polling AWS CodeDeploy for work to do
  • CodeDeploy sends appspec.yml file.
  • Application is pulled from GitHub or S3
  • EC2 will run the deployment instructions
  • CodeDeploy Agent will report of success / failure of deployment on
    the instance

  • EC2 instances are grouped by deployment group (dev / test / prod)
  • Lots of flexibility to define any kind of deployments
  • CodeDeploy can be chained into CodePipeline and use artifacts from
  • CodeDeploy can re-use existing setup tools, works with any application,
    auto scaling integration
  • Note: Blue / Green only works with EC2 instances (not on premise)
  • Support for AWS Lambda deployments, EC2
  • CodeDeploy does not provision resources


EC2 Setup

Because EC2 will read data from S3 we need to create and assign S3ReadOnly Role.

IAM -> Create role -> EC2 -> AmazonS3ReadOnlyAccess -> Next -> Review -> Role Name (S3ReadOnly) -> Create role

First we need to launch EC2 instance.

EC2 -> Launchh instance -> Amazon Linux 2 AMI (HVM), SSD Volume Type -> Select -> T2.micro -> Configure instance details ->

You can use existing key pair and default security group.

EC2 instance is running and we need to connect to it and install CodeDeploy agent. Choose your instance from list and click Connect

and then again Connect

After you connect to the instance run following commands:

This is the output:

Codebuild agent has been installed and his proces id is 3857.

We also need to give a tags to the instance:


Application and Deployment Group

Create Application -> Application name [CodeDeployDemo] -> Compute platform [EC2/OnPremises] -> Create Application

First we need  a role with CodeDeploy permissions that grants AWS CodeDeploy access to your target instances.

IAM -> Roles -> Create role -> CodeDeploy (Allows CodeDeploy to call AWS services such as Auto Scaling on your behalf) -> Next: Permissions -> AWSCodeDeployRole -> Next -> Next -> Role name [CodeDeployRole] -> Create role

Also we need S3 bucket where deployment puts files:

From inside my-webpage katalog we should zip and send files to the s3 bucket aws-devops-course-miro:

As we see in the s3 bucket aws-devops-course-miro we now have files:

In order to create a new deployment, you must first create a deployment group.

Create Deployment Group -> Deployment group name [MyDevelopmentInstances] -> Service role [CodeDeployRole] -> Deployment type [In Place] -> Environment Configuration -> Amazon EC2 Instances -> Key Value [Environment Development] ->

We have 1 unique matched instance.

-> Deployment Configuration [CodeDeployDefaultAllAtOnce] -> Disable Load Balancing -> Create Deployment Group

Deployment group has been created and now we need a deployment.

Create deployment -> Deployment group [MyDevelopmentInstances]

-> Create deployment.

Deployment has been created.

And application is running on the EC2 instance.


Additional deployment groups

We can launch more instances like which was launched before to create more deploment groups.

EC2 -> Actions -> Image and templates -> Launch more like this -> Edit instance details -> Number of Instances [4] -> in User data ->

-> Review and Launch -> Launch -> Choose key pair

Modify tags for three of running instances. Three instances must have “environment -> production” tags and two of them “development” tags.

Go to the CodeDeploy and run new deployment group for application CodeDeployDemo.

The same role:

Add to deployment group instances tagged as production:

Remove load balancer and click on Create deployment group

Now we have 2 deployments group for application CodeDeployDemo:

Now let’s deploy the application o new deployment group:

We have problem  in deployment:

So in the deplyments settings we need to change the configuration:

After we change this setting we should again create deployment:


Appspec.yml file.

On the deployment we used such an appsppec.yml file:

Files section means that de deploy will copy index.html file to the /var/www/html destination.

ApplicationStop hook:

Check if httpd proces is running. If yes the stop it.

AfterInstall hook:

Copy instance id and instance availability zone from instance metadata. Puts info to the index.html file.  Change the permissons to the index.html file.

BeforeInstall hook:

Install apache server.

ApplicationStart hook:

Starts apache serwer.

ValidateService hook:

Check if on the local web server there is “Congratulations” word.


Monitoring deployments with Amazon CloudWatch Events

You can use Amazon CloudWatch Events to detect and react to changes in the state of an instance or a deployment (an “event”) in your CodeDeploy operations.

CloudWatch -> Events -> Rules -> Create rule

First you need to create a Lambda function to pass a notification to a Slack channel whenever deployments fail and then:

We can use CloudWatch alarm actions to automatically stop, terminate, reboot, or recover Amazon EC2 instances when a deployment or instance event you specify occurs.


Monitoring deployments with SNS.

You can add triggers to a CodeDeploy deployment group to receive notifications about events related to deployments or instances in that deployment group. These notifications are sent to recipients who are subscribed to an Amazon SNS topic you have made part of the trigger’s action.

Developer Tools -> CodeDeploy -> Applications -> CodeDeployDemo -> MyProductionInstances -> Edit -> Advanced - optional -> Create Trigger

Create trigger ->

Save Changes ->



You can configure a deployment group or deployment to automatically roll back when a deployment fails or when a monitoring threshold you specify is met.

Developer Tools -> CodeDeploy -> Applications -> CodeDeployDemo -> MyProductionInstances -> Edit -> Advanced - optional

If we want to rollback only when a deploments fails we should use such a configuration:

If we want to rollback based on alarm thresholds:

We should create an CloudWatch alarm first:

CloudWatch -> Alarms -> Create alarm -> Select metric -> EC2 -> Per instance -> CPUUtulization -> Select metric

Conditions -> Grater than 70 -> Next

Choose a SNS Topic:

Next ->

Create alarm ->

After we have created an alarm we can add it to alarms:

Add alarm ->

Add alarm -> X

If alarm goes up the deployment will be rolled back.

Save changes ->


On-Premise Instances Setup

An on-premises instance have to run the CodeDeploy agent and connect to public AWS service endpoints.


Deploy to AWS Lambda

Developer Tools -> CodeDeploy -> Applications -> Create application

-> Create application

Now we need to create a specific role for CodeDeploy to Lambda.

IAM -> Roles -> Create role -> CodeDeploy -> CodeDeploy for Lambda -> Next: Permissions

Next: Tags -> Next: Review

Create role ->

Developer Tools -> CodeDeploy -> Applications -> LambdaDeploymentApplication -> Create deployment group

Create Deployment Group ->