Setting Up a Pipeline with a Manual Approval in AWS CodePipeline

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

AWS CodePipeline is a native AWS solution that provides a continuous integration and continuous deployment pipeline offering to its clients. In this hands-on lab, we will implement AWS CodePipeline to deploy AWS infrastructure through AWS CloudFormation. We will add an action to our AWS CodePipeline that requires a manual approval intended to have any code commits reviewed prior to being deployed.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create an AWS IAM Role

In order to allow CloudFormation to act on our behalf, it is necessary to create an IAM role for CloudFormation. You will need to navigate to Identity and Access Management (IAM) and create a role. This role can be granted AdministratorAccess for the purposes of this lab, but keep in mind the principle of least privilege in a production environment.

Create an AWS CodeCommit Repository and SNS Topic

Create a CodeCommit respository and upload the s3Retain.yaml file from the GitHub repository. You will also need to create a Simple Notification Service (SNS) topic and subscription using an email to which you have access in order to setup the manual approval for this lab.

Create an AWS CodePipeline Pipeline

Create an AWS CodePipeline pipeline with a source provider of AWS CodeCommit using the repository that was created in the previous objective. Make sure to skip the build stage since we’ll be using code from AWS CodeCommit instead of building within the pipeline. In the deploy stage, you will need to deploy a CloudFormation stack with the Identity and Access Management (IAM) role that was created earlier. Once the pipeline has been deployed, modify the pipeline by implementing a manual approval step and go through the process of deploying the pipeline again. Observe the notification in your email and then approve the change in the AWS console.

Additional Resources

Our lab use case involves solving a pending problem with our code deployment pipeline. There have been a series of deployments that resulted in unexpected downtime to our client's web application. There have been cases where our QA team did not approve source code before being deployed to the production environment. Our management team has instructed our DevOps team to implement an approval process to keep this from reoccurring. Our solution is to build an AWS CodePipeline pipeline and add a stage that requires manual approval before deploying the source code to production.

Luckily, AWS CodePipeline enables us to easily implement a manual approval process. In this lab, we will build an AWS CodePipeline pipeline that will deploy a web application. We will build in a stage with a manual approval action right after the code repository and before the deployment stage.

Log in to the live AWS environment using the credentials provided.

Make sure you're in the N. Virginia (us-east-1) region throughout the lab.

Download the file needed for this lab: GitHub File for CodePipeline with Manual Approval.

NOTE: The Branch name has changed from 'master' to 'main.'

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?