AWS CodePipeline deployment with a Manual Approval
AWS Cloud Hands on Lab Practice Series
Project Overview —
AWS CodePipeline to deploy AWS resources through AWS CloudFormation and add action on AWS CodePipeline that requires a manual approval intended to have any code commits reviewed prior to being deployed.
SOLUTIONS ARCHITECTURE OVERVIEW -
First Let’s understand the real world use case -
Source Control Integration: CodePipeline seamlessly integrates with popular source control repositories like AWS CodeCommit, GitHub, and Bitbucket. It can automatically detect changes in your source code repository and trigger the pipeline.
Customizable Stages and Actions: CodePipeline allows you to define multiple stages, such as build, test, and deploy, to represent different phases of your release process. Within each stage, you can configure various actions, such as building code, running tests, and deploying applications.
Integration with AWS Services: CodePipeline integrates with other AWS services, including AWS CodeBuild for building applications, AWS CodeDeploy for application deployments, and AWS CloudFormation for infrastructure provisioning. This allows for a seamless workflow and enables automated deployments across multiple AWS resources.
Artifact Management: CodePipeline manages the flow of artifacts, which are the intermediate or final outputs of each action in the pipeline. It ensures that the artifacts are passed between stages securely and efficiently, enabling consistent and reliable deployments.
Manual Approvals: CodePipeline supports manual approval actions, allowing you to introduce human intervention points in the pipeline. This feature is useful when you need to perform manual checks, security reviews, or approvals before promoting changes to production environments.
Overall, AWS CodePipeline simplifies and automates the software release process, enabling teams to achieve faster and more reliable application deployments while ensuring flexibility and control.
PREREQUISITE —
AWS Account with Admin Access.
AWS IAM Role with Administrator Access for AWS CodePipeline.
Download the CFT file needed for this lab from my GitHub Repo.
AWS Services Usage —
AWS CodeCommit, AWS CodePipeline, s3, IAM, CloudFormation, SNS
STEP BY STEP GUIDE -
STEP 1 :
Create an AWS CodeCommit Repository and SNS Topic.
Navigate to CodeCommit and click Create repository.
Enter CFPipeline as the repository name and Click Create.
STEP 2 :
Click Add file -> Click Upload file -> Click Choose file.
Select the S3CFT.yaml file that was downloaded from GitHub Repo.
Enter your name as the author name.
Enter your email address as the email address. (The same will be used by SNS Topic)
Click Commit changes.
STEP 3 :
Navigate to Simple Notification Service (SNS).
In the Create topic box on the main SNS page, enter PipelineApproval as the topic name and Click Next step.
Accept the defaults on the next page by clicking Create topic.
Click Create subscription & Choose Email as the protocol.
Enter your email address as the endpoint.
Click Create subscription.
STEP 4 :
- Navigate to your email inbox, open the AWS Notification — Subscription Confirmation message, and click the Confirm subscription link.
STEP 5 :
Navigate to the AWS CodePipeline console.
Create an AWS CodePipeline Pipeline -> Click Create pipeline.
Enter CFTPipeline as the pipeline name.
Ensure New service role is selected.
Ensure Allow AWS CodePipeline to create service role so it can be used with this new pipeline is checked.
Expand the Advanced settings section and ensure the Default location and Default AWS Managed Key options are selected and Click Next.
STEP 6 :
- Now, On the Add source stage page, set the following values:
- Source provider: AWS CodeCommit
- Repository name: CFPipeline
- Branch name: main
- Change detection options: Amazon CloudWatch Events
- Output artifact format: CodePipeline default
- Click Next.
- Click Skip build stage -> Click Skip.
STEP 7 :
- Now, On the Add deploy stage page, set the following values:
- Deploy provider: AWS CloudFormation.
- Region: US East — (N. Virginia).
- Action mode: Create or update a stack.
- Stack name: NewS3bucket.
- Artifact name: SourceArtifact
- File name: S3CFT.yaml
- Role name: CFPipelinerole (from Prerequisite)
- Click Next -> Create pipeline.
STEP 8 :
Click the AWS CloudFormation link in the Deploy panel.
Once CloudFormation shows complete, return to the CodePipeline service.
Verify the CFTPipeline status shows Succeeded in the Deploy panel.
STEP 9 :
Select our pipeline -> Click Edit.
Click + Add stage between the Source and Deploy panels.
Enter approval as the stage name and click Add stage.
Click + Add action group.
In the Edit action dialog box, set the following values:-
Action name: US East — (N. Virginia).
Action provider: Create or update a stack.
SNS topic ARN: NewS3bucket.
Click Done > Save > Save.
Click Release change to restart the pipeline -> Click Release.
STEP 10 :
Navigate to your email inbox, and open the APPROVAL NEEDED message to see what your team would receive in a real-world environment.
Navigate back to CodePipeline.
Click Review in the Manual approve panel.
Enter Looks Good ! in the comments, and click Approve.
Check CloudFormation Stack -> New Stack NewS3bucket created.
- IMP NOTE — This DEMO/POC might incur some charges if kept active for long time. So please make sure to clean up the environment once done.
I am Kunal Shah, AWS Certified Solutions Architect, helping clients to achieve optimal solutions on the Cloud. Cloud Enabler by choice, DevOps Practitioner having 7+ Years of overall experience in the IT industry.
I love to talk about Cloud Technology, DevOps, Digital Transformation, Analytics, Infrastructure, Dev Tools, Operational efficiency, Serverless, Cost Optimization, Cloud Networking & Security.
aws #community #builders #devops #CodePipeline #CodeCommit #sns #CloudFormation #CICD #serverless #infrastructure
You can reach out to me @ acloudguy.in
Top comments (0)