Hitesh Sahu
Hitesh SahuHitesh Sahu
  1. Home
  2. β€Ί
  3. posts
  4. β€Ί

  5. …

  6. β€Ί

  7. 9 Development

Loading ⏳
Please wait...

πŸͺ This website uses cookies

No personal data is stored on our servers however third party tools Google Analytics cookies to measure traffic and improve your website experience. Learn more

Cover Image for AWS Code Management & CI/CD

AWS Code Management & CI/CD

Use AWS Code Commit, Code Build, Code Deploy & Code Pipeline to automate code build, test & deploy on AWS

Hitesh Sahu
Hitesh Sahu

Mon Sep 29 2025

Code Management

Cloud9:

Online IDE

Code Star:

Simplified Dashboard for all AWS pipeline tools

  • Integration with JIRA, Github issues
  • Supported Language: Java,HTML5, NodeJS, PHP, Ruby, Python, C#, Go
  • Cloud9 for Web IDE
  • Limited Customization
  • Internally use Lambda, Beanstalk, EC2 to create environment

AWS CodeGuru

ML powered service for automate code review & performance recommend

  • Reviewer: Automated code review using static code analysis
    • Identify Critical issue
    • Security holes
    • resource leaks
  • Support
    • JAVA & Python.
    • Github, BitBucket & CodeCommit
  • Profiler: Profile performance in real time in AWS or on premises
    • Optimize CPU usage
    • Space Optimization
    • Anomaly Detection

Code Commit:

Store code in git like repos

  • Private Git Repo in AWS Cloud VPC
  • No Repo Size Limit
  • IAM Role to mange user access & used IAM Assume Role to share credential
  • Encrypted at rest using KMS
  • Encrypted in transit using SSH & HTTP
  • Lambda & SNS can be integrated to trigger code Analysis for Sensitive Data
Feature CodeCommit GitHub
Authentication SSH & HTTPS βœ… βœ…
AWS CodeBuild Pipeline Support βœ… βœ…
Code Review(PR) βœ… βœ…
Security IAM Role Github Auth
Hosted by AWS Github
UI Min Complete

Code Pipeline

Visual Tool to Orchestrate Code COMMIT, BUILD, TEST, DEPLOY on AWS

  • Source: Github, Bit Bucket, CodeCommit, S3, ECR
  • Build: Jenkins, CodeBuild, TeamCity
  • Test: CodeBuild, Device farm etc
  • Deploy: CodeDeploy, Beanstalk, CLoudFormation, ECS, S3
  • Staging: Production, Dev, Staging
  • Monitoring: Using CLoudwatch Logs & Cloudtrail

ActionGroup:

Pipeline Stages can have multiple Action Groups

  • Actions Can be defined parallel or Sequential for a stage

Code Artifact

hold build dependencies between pipeline stages in S3 Bucket

  • Integration with Maven, Gradle, npm, pip etc
  • Can proxy public Artifacts to Artifact repo

AWS Pipeline

Code Build

Fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy.

  • With CodeBuild, you don’t need to provision, manage, and scale your own build servers, it is serverless.
  • Monitor: Use Cloudwatch Metrics for build stats & Fail events
  • Uses S3 to cache & store artifacts
  • Supported environments:
    • Android, Java, .NET
    • Ruby, Python, NodeJS, PHP, Go
    • Docker to setup custom environment
  • Run outside VPC but can be execute withing a VPC to access DB for testing. VPC Configuration need to be defined:
    • VPC ID
    • SubnetID
    • Security Group ID

CodeBuild Agent

run CodeBuild on local machine for troubleshooting

buildspec.yml

Build Instruction for code build at the root directory of project

|

env: env Variable

  • plaintext
  • parameter store: SSM parameter
  • secret: AWS Secret Manger

phases

  • install: warmup by install dependency
  • pre_build: run before build
  • build: run during build phase
  • post_build: run after build to clean up

artifacts

  • file to upload on S3

cache

  • file to cache for next build

Code Deploy

Automate Provision & Deploy Code

CodeDeploy Agent

Continuously Poll CodeDeploy for Artifact to be deployed.

  • EC2 Instance or on premise server must run code deploy agent
  • Artifact to deploy must store in S3 or GitHub
  • Agent Fetch Code and appsepc to deploy code
  • Agent report success failure to CodeDeploy
  • Compute Platform: Can deploy Code to
    • EC2/ On-premises:
    • Lambda
    • ECS.

appspec.yml

Instruction for code to deploy at the root directory of project

  • files : how to copy from S3/ Github

    • source
    • destination

  • hooks: instruction to follow on different phases

    • Application Stop
    • Download Bundle
    • Before Install
    • install
    • After Install
    • ApplicationStart
    • Validate Service <-- Run at the end to send Success/Fail Result
    • BeforeAllow Traffic
    • Allow Traffic
    • After Allow Traffic

Deployment Type

Method to deploy pp to Deployment Group

1. In Place

  • Works With: EC2/ OnPremise

2. Blue/Green:

  • Works with: EC2, Lambda, ECS
  • Must use ELB

Terminology

  • Application: revision to deploy

  • Application Revision: Code + appspec.yml

  • Target Revision: Most recent revision to deploy to Deploymnt Group

  • Deployment Config: set of rules for success/failure

    • Configs
      • One at a time: stop if 1 EC2 fails
      • Half at a time: Take half down & upgrade
      • All at Once: Deploy at all result in downtime but fast
      • Custom: deploy to fix number of host75%

  • Deployment Group: group of ec2 instance

  • IAM Instance Profile: give EC2 access to GitHub & S3 to fetch code from

  • Service Role: IAM role for codedeploy to perform action on EC2, ASG, ELB