CI/CD Hands-On: Github (Actions) + AWS (EC2, CodeDeploy, S3) — Part 2
Table of Contents
Set IAM Role For CodeDeploy
In the previous story, we gave permission to EC2 for getting access to CodeDeploy resources. The target instance is now able to use CodeDeploy services to deploy an application. Next, we need to set up proper IAM roles for CodeDeploy to fetch source from a bucket and deploy the source file to EC2 instance — 3 & 4 steps on the image above.
Go to IAM > Roles and click
click roles .
On the next page, choose CodeDeploy as the use case and fill out the role details, skipping permissions that we do not have now.
I just added the role name and finished it. Then, you’ll see the role you made on the list. Switch back to CodeDeploy now to make an instance and hand the role over it.
First, create an application in CodeDeploy. Its compute platform should be EC2/On-premises. Be aware not to choose other platforms.
Once an application is made, go ahead
create development group since the CodeDeploy application requires at least one development group. Make a group name and assign the IAM role to its service role.
In-placeas deployment type to update your instance with the latest application revisions. If you want zero downtime deployment, you need to select
Environment configuration is in regard to selecting the instance target to deploy so that we choose
Amazon EC2 Instance with
Name key. Its value is the name of the EC2 instance we’ve made before.
Lastly, select deployment settings and load balancer, which are left with the default here.
Now you see one group created and named as what we have added like below. CodeDeploy settings get done! Let’s move on to S3 settings 👏
Make an S3 bucket
Move on to AWS S3 and create a new bucket, in which an application build file will be uploaded and transferred to the target instance for deployment.
Create an IAM user for AWS CLI
Now that we have all the instances we need to deploy an application, create an IAM user for AWS CLI(Command Line Interface), which is an entity that you create in AWS to represent the person or application that uses to interact with AWS. A user in AWS consists of a name and credentials. (see this for more information about IAM users)
Go to AWS IAM and click
Add users on the right side in the Users tab.
Set user name and select AWS credential type as
Access key — Programmatic access . Click and go to Permissions.
We will attach existing policies directly unless you already have your own group. Search
CodeDeployFullAccess , and click both to add.
Review what you set before confirming creating the user. Once you create it, AWS provides its credentials as a CSV file, which you need to download and keep in a private space so as not to forget.
Great! AWS Setups done 👊 . You did a very good job! We will see how it works through a Github action script in the next story.