This series of Articles will cover setting up of end to end AWS DevSecOps CI/CD Pipelines. We will start from an easier and faster side in a very basic component and will then setup the complete pipeline.
DESIRED PRODUCT AT THE END OF THIS SERIES
This can be a very good starting point for someone who starting a career as a DevOps Engineer and also showcasing on Github profile.
So Lets kick in the first Step. The tutorials of CD pipeline are available on AWS student hub but i have made this more easier.
DESIRED PRODUCT AT THE END OF THIS PART
Pre Requisites
Will to learn.
You must have an AWS account (free tier is sufficient)
Must have a Github account.
Downloaded Git and Visual Studio Code on your local machine.
Time.
Step 1 : Create an IAM Role
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
In the IAM console, in the navigation pane, choose Policies, and then choose Create policy.
On the Specify permissions page, choose JSON.
Remove the example JSON code.
Paste the following code: { "Version": "2012-10-17", "Statement": [ { "Action": [ "s3:Get*", "s3:List*" ], "Effect": "Allow", "Resource": "*" } ]}
Choose Next.
On the Review and create page, in the Policy name box, type CodeDeployDemo-EC2-Permissions.
(Optional) For Description, type a description for the policy.
Choose Create policy.
In the navigation pane, choose Roles, and then choose Create role.
Under Use case, choose the EC2 use case.
Choose Next.
In the list of policies, select the check box next to the policy you just created (CodeDeployDemo-EC2-Permissions). If necessary, use the search box to find the policy.
To use Systems Manager to install or configure the CodeDeploy agent, select the check box next to AmazonSSMManagedInstanceCore. This AWS managed policy enables an instance to use Systems Manager service core functionality. If necessary, use the search box to find the policy.
Choose Next.
On the Name, review, and create page, in Role name, enter a name for the service role (for example, CodeDeployDemo-EC2-Instance-Profile), and then choose Create role.
You've now created an IAM instance profile to attach to your Amazon EC2 instances.
Configure Elastic Beanstalk
In a new browser tab, open the AWS Elastic Beanstalk console.
Choose the orange Create Application button.
Choose Web server environment under the Configure environment heading.
In the text box under the heading Application name, enter DevOpsGettingStarted.
In the Platform dropdown menu, under the Platform heading, select Node.js . Platform branch and Platform version will automatically populate with default selections.
Confirm that the radio button next to Sample application under the Application code heading is selected.
Confirm that the radio button next to Single instance (free tier eligible) under the Presets heading is selected.
Select Next.
On the Configure service access screen, choose Use an existing service role for Service Role.
For EC2 instance profile dropdown list, the values displayed in this dropdown list may vary, depending on whether you account has previously created a new environment.
Now that you've created an IAM Role, and refreshed the list, it displays as a choice in the dropdown list. Select the IAM Role you just created from the EC2 instance profile dropdown list.
Choose Skip to Review on the Configure service access page.
The Review page displays a summary of all your choices.
Choose Submit at the bottom of the page to initialize the creation of your new environment.
While waiting for deployment, you should see:
A screen that will display status messages for your environment.
After a few minutes have passed, you will see a green banner with a checkmark at the top of the environment screen.
Once you see the banner, you have successfully created an AWS Elastic Beanstalk application and deployed it to an environment.
Connect Git
In a new browser tab, navigate to GitHub and make sure you are logged into your account.
In that same tab, open the aws-elastic-beanstalk-express-js-sample repo.
Choose the white Fork button on the top right corner of the screen. Next, you will see a small window asking you where you would like to fork the repo.
Verify it is showing your account and choose Create a fork. After a few seconds, your browser will display a copy of the repo in your account under Repositories.
Go to the repository and choose the green Code button near the top of the page.
To clone the repository using HTTPS, confirm that the heading says Clone with HTTPS. If not, select the Use HTTPS link.
Choose the white button with a clipboard icon on it (to the right of the URL)
If you're on a Mac or Linux computer, open your terminal. If you're on Windows, launch Git Bash.5. In the terminal or Bash platform, whichever you are using, enter the following command and paste the URL you just copied in Step 2 when you clicked the clipboard icon. Be sure to change "YOUR-USERNAME" to your GitHub username. You should see a message in your terminal that starts with Cloning into. This command creates a new folder that has a copy of the files from the GitHub repo.git clone https://github.com/YOUR-USERNAME/aws-elastic-beanstalk-express-js-sample
In the new folder there is a file named app.js. Open app.js in your favorite code editor.
Change the message in line 5 to say something other than "Hello World!" and save the file.
Go to the folder created with the name aws-elastic-beanstalk-express-js-sample/ and Commit the change with the following commands:git add app.jsgit commit -m "change message"
Push the local changes to the remote repo hosted on GitHub with the following command. Note that you need to configure Personal access tokens (classic) under Developer Settings in GitHub for remote authentication.git push
Configure Code Build
In a new browser tab, open the AWS CodeBuild console.
Choose the orange Create project button.
In the Project name field, enter Build-DevOpsGettingStarted.
Select GitHub from the Source provider dropdown menu.
Confirm that the Connect using OAuth radio button is selected.
Choose the white Connect to GitHub button. A new browser tab will open asking you to give AWS CodeBuild access to your GitHub repo.
Choose the green Authorize aws-codesuite button.
Enter your GitHub password.
Choose the orange Confirm button.
Select Repository in my GitHub account.
Enter aws-elastic-beanstalk-express-js-sample in the search field.
Confirm that Managed Image is selected.
Select Amazon Linux 2 from the Operating system dropdown menu.
Select Standard from the Runtime(s) dropdown menu.
Select aws/codebuild/amazonlinux2-x86_64-standard:3.0 from the Image dropdown menu.
Confirm that Always use the latest image for this runtime version is selected for Image version.
Confirm that Linux is selected for Environment type.
Confirm that New service role is selected.
Select Insert build commands.
Choose Switch to editor.
Replace the Buildspec in the editor with the code below
:version: 0.2phases: build: commands: - npm i --saveartifacts: files: - '*/'
Choose the orange Create build project button. You should now see a dashboard for your project.
Creating a New Pipeline
In a browser window, open the AWS CodePipeline console.
Choose the orange Create pipeline button. A new screen will open up so you can set up the pipeline.
In the Pipeline name field, enter Pipeline-DevOpsGettingStarted.
Confirm that New service role is selected.
Choose the orange Next button.
Select GitHub version 1 from the Source provider dropdown menu.
Choose the white Connect to GitHub button. A new browser tab will open asking you to give AWS CodePipeline access to your GitHub repo.
Choose the green Authorize aws-codesuite button. Next, you will see a green box with the message You have successfully configured the action with the provider.
From the Repository dropdown, select the repo you created in Connect Git step.
Select main from the branch dropdown menu.
Confirm that GitHub webhooks is selected.
Choose the orange Next button.
From the Build provider dropdown menu, select AWS CodeBuild. Select Build-DevOpsGettingStarted under Project name.Choose the orange Next button.
Configure the deploy stage
Select AWS Elastic Beanstalk from the Deploy provider dropdown menu.
Select the field under Application name and confirm you can see the app DevOpsGettingStarted created in Step Above.
Select DevOpsGettingStarted-env from the Environment name textbox.
Choose the orange Next button. You will now see a page where you can review the pipeline configuration.
Choose the orange Create pipeline button
Open the AWS CodePipeline console.
You should see the pipeline we created, which was called Pipeline-DevOpsGettingStarted. Select this pipeline.
Choose the white Edit button near the top of the page.
Choose the white Add stage button between the Build and Deploy stages.
In the Stage name field, enter Review.
Choose the orange Add stage button.
In the Review stage, choose the white Add action group button.
Under Action name, enter Manual_Review.
From the Action provider dropdown, select Manual approval.
Confirm that the optional fields have been left blank.
Choose the orange Done button.
Choose the orange Save button at the top of the page.
Choose the orange Save button to confirm the changes. You will now see your pipeline with four stages: Source, Build, Review, and Deploy.
In your favorite code editor, open the app.js file from Connect Git.
Change the message in Line 5.
Save the file.
Open your preferred Git client.
Navigate to the folder created in Connect Git.
Commit the change and push with the following commands:git add app.jsgit commit -m "Full pipeline test"git push
Navigate to the AWS CodePipeline console.
Select the pipeline named Pipeline-DevOpsGettingStarted. You should see the Source and Build stages switch from blue to green.
When the Review stage switches to blue, choose the white Review button.
Write an approval comment in the Comments textbox.
Choose the orange Approve button.
Wait for the Review and Deploy stages to switch to green.
Select the AWS Elastic Beanstalk link in the Deploy stage. A new tab listing your Elastic Beanstalk environments will open.
Select the URL in the Devopsgettingstarted-env row. You should see a webpage with a white background and the text you had in your most recent GitHub commit.
Congratulations! You have a fully functional continuous delivery pipeline hosted on AWS.
Top comments (0)