[AWS] DevTools Evangelism: CodeDeploy Edition

This article is a machine translation of the contents of the following URL, which I wrote in Japanese:

https://qiita.com/Nana_777/items/c7ebc842c4557f8d811d

Introduction

This is the third post in the Japan AWS Top Engineers Advent Calendar 2025.

In the previous post, we discussed AWS CodeCommit, which manages system assets. This time, we'll discuss CodeDeploy, which is used to deploy source code and system configurations.

↓ Click here for the Japan AWS Top Engineers Advent Calendar 2025

https://qiita.com/advent-calendar/2025/aws-top-engineers

↓ Previous AWS CodeCommit post

https://dev.to/aws-builders/aws-devtools-evangelism-codecommit-edition-43e

What is AWS CodeDeploy?

CodeDeploy is a service that automates deployments for AWS services such as Amazon EC2 and Lambda.
AWS CodeDeploy enables safer deployments, making it easier to implement deployment strategies such as canary and blue-green deployments, which involve gradual deployments.

Deployment Strategy Examples

Blue-Green Deployment

The existing version and the new version are run simultaneously.
100% of traffic is sent to the new version while its operation is tested. If there are no problems with the new version, 100% of traffic is set to flow to the new version.
The new version's operation is monitored for a set period of time, and if there are any problems, traffic is returned to the existing version. If there are no problems, the existing version is discontinued.
While this allows for quick rollback, if there is a problem with the new version, it will temporarily affect 100% of traffic.

Canary Deployment

This type of deployment is similar to blue-green deployment, but instead of switching over 100% of traffic, traffic is gradually shifted at a fixed rate, such as 10%.
This method limits the scope of impact if there is a problem with the new version, but it takes a relatively long time for the deployment to complete (when 100% of traffic has been shifted to the new version).
Example: If you shift 10% of traffic per minute, it will take a total of 10 minutes.

↓I asked AI to draw a diagram like this, and it came up with this image.

Linear Deployment

This is also similar to blue-green deployment, but it initially shifts a small portion of traffic, say 10%, to the new version. If no issues are found within a certain period of time, the remaining 90% is shifted to the new version.

This method limits the impact of any issues with the new version and allows for faster deployment completion than linear deployment. However, because only a small portion of traffic is initially tested, there is a risk of missing issues due to unusual traffic patterns with a low probability of occurrence.

AWS CodeDeploy Components

Applications

Configuration Example

In the AWS CodeDeploy console, select "Applications" from the left menu.
Select Create Application to display the application creation screen.

When creating an application, you set the application name and computing platform.
You can choose the application platform from "EC2/On-Premises," "AWS Lambda," or "Amazon ECS."

Deployment Group

Configuration Example

After creating an application, create a deployment group to associate with it.

When creating a deployment group, you specify the deployment group name, service role, and deployment settings.
For the service role, select a previously created role, but select a role that has permissions to operate the service to be deployed.

For the deployment settings, you can choose the pre-defined "All At Once" setting, or choose linear or canary deployment, which are performed at a preset percentage.
*In this example, we chose linear deployment, which shifts 10 percent of traffic to the new version every minute.

There are no appropriate options for the percentage of options. If you don't have a detailed deployment method, you can create a deployment configuration to set detailed deployment methods (how often and at what rate deployment should proceed).

Detailed settings are optional, but they allow you to configure alarm settings and whether or not to enable rollback.
You can set this if you want to rollback if an updated Lambda function causes an error during deployment.
For example, you can set a CloudWatch alarm to fire when a Lambda function error occurs, and then set that alarm as an alarm on this deployment group screen.

Deployment

Deployment can be performed using the AWS console, but in practice, a deployment strategy is often implemented using IaC code.
This section explains deployment settings in the AWS console and in IaC code.

Deployment in the AWS Console

Creating a Lambda Function to Deploy

Create a Lambda function to deploy and an alias for the new version.
The Lambda function created as the existing version simply returns the message "Hello from Lambda!".

Creating a Lambda Function Version

Create a version of the current Lambda function.

*The version number is "3" because I tested it a little in advance.

Create an Alias

Create an alias to control traffic for each version.

Updating the Lambda Function

After updating the code, create a new version of this function.
The code sends the message "Hello from Lambda V2!"

Creating a New Version

I created a new version (the version is 5 because I tested it outside of validation).

Deploying with CodeDeploy

From the details screen of a deployment group you've already created, click "Create Deployment."

:::note warn
Deployment Group Role
Since this deployment involves Lambda, we'll add a policy for Lambda operations to the deployment group.
↓Add a policy for Lambda operations to this role.

:::

In the deployment settings, specify the Lambda function name and alias, as well as the current and new versions of the Lambda function to which traffic will be migrated.
In this example, we will gradually migrate traffic when upgrading the Lambda function from version 3 to version 5.

↓This configuration

version: 0.0
Resources:
- myLambdaFunction:
Type: AWS::Lambda::Function
Properties:
Name: "qiita-naolambda-2025"
Alias: "qiitaLambdaDeployTest"
CurrentVersion: "3"
TargetVersion: "5"

:::note warn
Deployment timing
When you create a deployment from the AWS console, the deployment begins immediately.
:::

You can monitor the deployment progress on the AWS CodeDeploy screen. In this example, we configured the deployment group to distribute traffic at 10% per minute, so you can see that it's progressing according to that setting.

You can also check the distribution of traffic to each version on the AWS Lambda alias screen.

When the deployment completes, all traffic will be assigned to the new version, and the deployment will be complete.

Deploying with IaC Code

Deployment is possible using CodeDeploy from the AWS console, but you can also write deployment settings in IaC code.
In actual system operations, configuration management and CI/CD are often used in IaC code to automate the reflection of system configuration and the execution of deployment strategies.
In my previous article, I also described implementing a deployment strategy using CDK and CodeDeploy, so please take a look.
*If I have time, I will add more information to this article.

↓ Previous deployment strategy articles

https://qiita.com/Nana_777/items/4627fc27713217ca93db

Finally

AWS CodeDeploy facilitates gradual deployment and quick, automated rollback in the event of issues.
While the appropriate deployment strategy will vary depending on your project, we encourage you to learn how to use AWS CodeDeploy to adapt to any deployment strategy.

Reference

↓ Official AWS CodeDeploy documentation

https://docs.aws.amazon.com/ja_jp/codedeploy/latest/userguide/welcome.html

↓ AWS CodeDeploy BlackBelt documentation (Japanese)

https://pages.awscloud.com/rs/112-TZM-766/images/20210126_BlackBelt_CodeDeploy.pdf