AWS CodePipeline is a native AWS solution that provides a continuous integration and continuous deployment pipeline offering to its clients. In this hands-on lab, we will implement AWS CodePipeline to deploy AWS infrastructure through AWS CloudFormation. We will add an action to our AWS CodePipeline that requires a manual approval intended to have any code commits reviewed prior to being deployed.
Successfully complete this lab by achieving the following learning objectives:
- Create an AWS IAM Role
In order to allow CloudFormation to act on our behalf, it is necessary to create an IAM role for CloudFormation. You will need to navigate to Identity and Access Management (IAM) and create a role. This role can be granted
AdministratorAccessfor the purposes of this lab, but keep in mind the principle of least privilege in a production environment.
- Create an AWS CodeCommit Repository and SNS Topic
Create a CodeCommit respository and upload the
s3Retain.yamlfile from the GitHub repository. You will also need to create a Simple Notification Service (SNS) topic and subscription using an email to which you have access in order to setup the manual approval for this lab.
- Create an AWS CodePipeline Pipeline
Create an AWS CodePipeline pipeline with a source provider of AWS CodeCommit using the repository that was created in the previous objective. Make sure to skip the build stage since we’ll be using code from AWS CodeCommit instead of building within the pipeline. In the deploy stage, you will need to deploy a CloudFormation stack with the Identity and Access Management (IAM) role that was created earlier. Once the pipeline has been deployed, modify the pipeline by implementing a manual approval step and go through the process of deploying the pipeline again. Observe the notification in your email and then approve the change in the AWS console.