Setting Up a Pipeline with a Manual Approval in AWS CodePipeline

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

AWS CodePipeline is a native AWS solution that provides a continuous integration and continuous deployment pipeline offering to its clients. In this hands-on lab, we will implement AWS CodePipeline to deploy AWS infrastructure through AWS CloudFormation. We will add an action to our AWS CodePipeline that requires a manual approval intended to have any code commits reviewed prior to being deployed.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create an AWS IAM Role
  1. From the AWS console, navigate to Identity and Access Management (IAM).
  2. Select Roles from the left-hand menu.
  3. Click Create role.
  4. Select CloudFormation as the service that will use this role.
  5. Click Next: Permissions.
  6. Select the checkbox for the AdministratorAccess permissions policy.
  7. Click Next: Tags > Next: Review.
  8. Enter pipelineperms4CF as the role name.
  9. Click Create role.
Create an AWS CodeCommit Repository and SNS Topic
  1. Download the file listed in the lab instructions for later use in the lab.
  2. From the AWS console, navigate to CodeCommit and click Create repository.
  3. Enter pipeline4cf as the repository name.
  4. Click Create.
  5. Click Add file > Upload file.
  6. Click Choose file.
  7. Select the s3Retain.yaml file downloaded from the lab GitHub.
  8. Enter your name as the author name.
  9. Enter your email address as the email address.
  10. Click Commit changes.
  11. Navigate to Simple Notification Service (SNS).
  12. Enter manualapprove as the topic name.
  13. Click Next step > Create topic.
  14. Click Create subscription.
  15. Choose Email as the protocol.
  16. Enter your email address as the endpoint.
  17. Click Create subscription.
  18. Navigate to your inbox, open the AWS Notification - Subscription Confirmation message, and click the Confirm subscription link.
Create an AWS CodePipeline Pipeline
  1. Navigate to CodePipeline.
  2. Click Create pipeline.
  3. Enter ManualApprove4CF as the pipeline name.
  4. Ensure New service role is selected.
  5. Ensure Allow AWS CodePipeline to create service role so it can be used with this new pipeline is checked.
  6. Expand the Advanced settings section and ensure the Default location and Default AWS Managed Key options are selected.
  7. Click Next.
  8. On the Add source stage page, set the following values:
    • Source provider: AWS CodeCommit
    • Repository name: pipeline4cf
    • Branch name: main
    • Change detection options: Amazon CloudWatch Events (recommended)
  9. Click Next > Skip build stage > Skip.
  10. On the Add deploy stage page, set the following values:
    • Deploy provider: AWS CloudFormation
    • Region: US East – (N. Virginia)
    • Action mode: Create or update a stack
    • Stack name: deploywithmanualapprove
    • Artifact name: SourceArtifact
    • File name: S3Retain.yaml
    • Role name: pipelineperm4cf
  11. Click Next > Create pipeline.
  12. Click the AWS CloudFormation link in the Deploy panel.
  13. Once CloudFormation shows complete, return to the CodePipeline service and verify the manualapprove pipeline status shows Succeeded in the Deploy panel.
  14. Click Edit > + Add stage between the Source and Deploy panels.
  15. Enter manualapprove as the stage name.
  16. Click + Add action group.
  17. Enter manualapproval for the action name.
  18. Select Manual approval for the action provider.
  19. Select the SNS topic ARN created earlier in the lab.
  20. Click Done > Save > Save.
  21. Click Release change to restart the pipeline.
  22. Click Release.
  23. Navigate to your email, open the APPROVAL NEEDED... message.
  24. Navigate back to Code Pipeline.
  25. Click Review in the Manual approve panel.
  26. Enter Looks good — approved. in the comments, and click Approve.

Additional Resources

Our lab use case involves solving a pending problem with our code deployment pipeline. There have been a series of deployments that resulted in unexpected downtime to our client's web application. There have been cases where our QA team did not approve source code before being deployed to the production environment. Our management team has instructed our DevOps team to implement an approval process to keep this from reoccurring. Our solution is to build an AWS CodePipeline pipeline and add a stage that requires manual approval before deploying the source code to production.

Luckily, AWS CodePipeline enables us to easily implement a manual approval process. In this lab, we will build an AWS CodePipeline pipeline that will deploy a web application. We will build in a stage with a manual approval action right after the code repository and before the deployment stage.

Log in to the live AWS environment using the credentials provided.

Make sure you're in the N. Virginia (us-east-1) region throughout the lab.

Download the file needed for this lab: GitHub File for CodePipeline with Manual Approval.

NOTE: The Branch name has changed from 'master' to 'main.'

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?