AWS DevOps Engineer — Day1

Published in

Cloudnloud Tech Community

8 min readJul 21, 2023

What we are going to learn :

AWS Codecommit — Storing our code
AWS Codepipeline — automating our pipeline from code to Elastic Beanstalk
AWS CodeBuild — building and testing our code
AWS CodeDeploy — Deploying the code to Ec2 instance(Not Elastic Beanstalk)
AWS EC2-Imagebuilder — Automate the creation of virtual machine or container images
AWS CodeArtifact — Store, Publish and share software packages
AWS CodeGuru — automated code reviews using Machine Learing
AWS Amplify — Web and mobile applications

While compare AWS with other tools:

1. AWS CodeCommit:

· Private Git Repositories

· No size limit on Repositories

· Fully managed by AWS and highly available

· Code only available in AWS account (high secure)

· Security (encrypted, access control )

· Easily integrate with CI tools (AWS code build ,jenkins)

· Compare to GIT repositories (GitHub, Gitlab, Bitbucket) its very cheap

Compare code commit and github.

How to create Repository in codecommit and update content:

Just provider the basic info and create the repo

Once you created repository you are see connection stesp as https,ssh,https(GRC) . Commonly if you try to excute the using of root account ssh will disabled .

If you want test some code , Just upload one file and commit the changes .

default branch will be main . If you want you carete number of branches .

We have different futures available in code commit.

Repositories → we can see all list of branches
Code → to upload and main the code
Pull requests → if you want merge other branches to main branch
Commits → to see list of commits
Branches → create and maintain the list of branches
Git tags → use Git from a local repo connected to the CodeCommit repository.
Settings → to check our branch info , create notification rules ,Triggers ,Repository tags

How to use codecommit from local desktop :

First create any local environment ( windows or Linux ). Here i am create one ec2 instance and using that further implementation .

We need to create the credential to access repository to local for that go to IAM → user → security credential → create either SSH public keys for AWS CodeCommit or HTTPS Git credentials for AWS CodeCommit.

Once you created clone the repo to local using of credentails

If you want some more file in local repo and then push to code commit repo.

We are able to see all information in commit area.

We can easily migrate from git to code commit repo . Just follow below

Code commit cross region replication .

Using IAM policy we can restrict the branches security .

Codecommit — Pull request approval rules.

Specify a pool of users to approve and number of users who must approval PR

Specify IAM principal ARN(IAM users, Federated users, IAM roles, IAM groups)

2. AWS CodePipeline

Visual workflow to orchestrate your CI/CD

Source : Code commit,ECr,S3,Bitbucket,Github

Build : Codebuild, Jenkins, ClodBees, Teamcity

Test: CodeBuild, AWS Device Farm,3rd party tools ..

Deploy: CodeDeploy, Elastic Beanstalk ,cloudfomration, ecs,s3 ..

Involve: Lambda, Step functions

Stages: Build → test →Deploy → Loadtesting → approval → production

Code pipeline-Artifacts:

Each pipeline can create s3 artifacts

Artifacts store in an s3 bucket and passed on next stage

Using of codepipeline we can deploy code multi region and maintain CI/CD.

Just example of multi region deploy:

3. AWS CodeBuild:

AWS CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for popular programming languages and build tools such as Apache Maven, Gradle, and more. You can also customize build environments in CodeBuild to use your own build tools. CodeBuild scales automatically to meet peak build requests.

Source : codecommit,S3,Bitbucket,GitHub

Build instructions : Code file buildspec.yml or insert manually in console

Output logs : can be stored in Amazon s3 & cloud watch

Event Bridge: to detect failed build and trigger notification

Build projects can defind within codepipeline or codebuild

How to run CodeBuild

You can use the AWS CodeBuild or AWS CodePipeline console to run CodeBuild. You can also automate the running of CodeBuild by using the AWS Command Line Interface (AWS CLI) or the AWS SDKs.

In awscodebuild full depends on buildspec.yml file . We need understand basic overview before write yml file

Create default code build :

We have created build with out buildspec.yml so its will fail once we started .

So we have to update buildspec.yaml file then only it will sucess .

Updated buildspec.yaml file

How many way we can triggert the code build is :

4. Code Deploy :

odeDeploy is a deployment service that automates application deployments to Amazon EC2 instances, on-premises instances, serverless Lambda functions, or Amazon ECS services.

You can deploy a nearly unlimited variety of application content, including:

Code
Serverless AWS Lambda functions
Web and configuration files
Executables
Packages
Scripts
Multimedia files

Codedeploydefaultallatonce : Deploy as many instance as possible

Codedeploydefaulthalfattime: Deploy at half instance at a time

Codedeploydefaultoneattime: Deploy onmce one instance at a time

Using of codedeploy we can try many thing on all AWS services likeEc2,Ecs,Lambda ..etc

Code deploy troubleshoot :

If a code deploy deployment to ASG in underway and scale out event occurs , the new instance will be updated with the application revision that was most recent deployed

By default Codedeploy automatically starts follow-on deployment to update any outdated ec2 instances

5. AWS CodeArtifact

· Storing and retrieving these dependencies is called artifact management

· Traditionally you need to setup your own artifact management system

· Code artifact is secure , scalable and cost effctive artifact management for software development

· work with common dependency management tool such as Maven, Gradle, npm, yarn, pip and NuGet.

CodeArtifact — Upstream Repositories : Allow a package manager client to access the packages that contained is mopre than one repo using single repo endpoint.

CodeArtifact — External connection : Allow you fetch packages that are not already present in your code artifact repository

Code artifact-Retention: the retained package version is not afftected by changes to the upstream repository (delete ,update packages)

artifact domains :

it have below options

· deduplication storage

· fast copy

· easy sharing across multi repo

6. Amazon CodeGuru:

An ML-powered service for automated code review and application performance recommendation .

How it works

Integrate Amazon CodeGuru Security with your development pipeline to improve code quality and optimize application performance. Trained on decades of knowledge and experience, CodeGuru Security uses ML and automated reasoning to precisely identify code vulnerabilities

Its provide two functionalities :

· CodeGuru Reviewer

· CodeGuru Profiler

7. EC2 Image Builder:

· Used to automate the creation of virtual machine or container images

· Automate the creation ,maintain validate and test EC2 AMIs

· Can be run a schedule

· Free service (pay only underlying resource)

· Can publish AMI to multiple region and multiple accounts

Ec2 image builder- CI/CD Architecture

8. AWS Amplify

AWS Amplify is a complete solution that lets frontend web and mobile developers easily build, ship, and host full-stack applications on AWS, with the flexibility to leverage the breadth of AWS services as use cases evolve. No cloud expertise needed.

Authentication , Storage,API (REST ,GraphQL),CI/CD , Al/ML Predictions.