AWS CodePipeline is a native AWS solution that provides a continuous integration and continuous deployment pipeline offering to its clients. In this hands-on lab, we will implement AWS CodePipeline to deploy AWS infrastructure through AWS CloudFormation. We will add an action to our AWS CodePipeline that requires a manual approval intended to have any code commits reviewed prior to being deployed.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Create an AWS IAM Role
- From the AWS console, navigate to Identity and Access Management (IAM).
- Select Roles from the left-hand menu.
- Click Create role.
- Select CloudFormation as the service that will use this role.
- Click Next: Permissions.
- Select the checkbox for the
AdministratorAccess
permissions policy. - Click Next: Tags > Next: Review.
- Enter pipelineperms4CF as the role name.
- Click Create role.
- Create an AWS CodeCommit Repository and SNS Topic
- Download the file listed in the lab instructions for later use in the lab.
- From the AWS console, navigate to CodeCommit and click Create repository.
- Enter pipeline4cf as the repository name.
- Click Create.
- Click Add file > Upload file.
- Click Choose file.
- Select the
s3Retain.yaml
file downloaded from the lab GitHub. - Enter your name as the author name.
- Enter your email address as the email address.
- Click Commit changes.
- Navigate to Simple Notification Service (SNS).
- Enter manualapprove as the topic name.
- Click Next step > Create topic.
- Click Create subscription.
- Choose Email as the protocol.
- Enter your email address as the endpoint.
- Click Create subscription.
- Navigate to your inbox, open the
AWS Notification - Subscription Confirmation
message, and click the Confirm subscription link.
- Create an AWS CodePipeline Pipeline
- Navigate to CodePipeline.
- Click Create pipeline.
- Enter ManualApprove4CF as the pipeline name.
- Ensure New service role is selected.
- Ensure Allow AWS CodePipeline to create service role so it can be used with this new pipeline is checked.
- Expand the Advanced settings section and ensure the Default location and Default AWS Managed Key options are selected.
- Click Next.
- On the Add source stage page, set the following values:
- Source provider: AWS CodeCommit
- Repository name: pipeline4cf
- Branch name: main
- Change detection options: Amazon CloudWatch Events (recommended)
- Click Next > Skip build stage > Skip.
- On the Add deploy stage page, set the following values:
- Deploy provider: AWS CloudFormation
- Region: US East – (N. Virginia)
- Action mode: Create or update a stack
- Stack name: deploywithmanualapprove
- Artifact name: SourceArtifact
- File name: S3Retain.yaml
- Role name: pipelineperm4cf
- Click Next > Create pipeline.
- Click the AWS CloudFormation link in the Deploy panel.
- Once CloudFormation shows complete, return to the CodePipeline service and verify the
manualapprove
pipeline status showsSucceeded
in the Deploy panel. - Click Edit > + Add stage between the Source and Deploy panels.
- Enter manualapprove as the stage name.
- Click + Add action group.
- Enter manualapproval for the action name.
- Select Manual approval for the action provider.
- Select the SNS topic ARN created earlier in the lab.
- Click Done > Save > Save.
- Click Release change to restart the pipeline.
- Click Release.
- Navigate to your email, open the
APPROVAL NEEDED...
message. - Navigate back to Code Pipeline.
- Click Review in the Manual approve panel.
- Enter Looks good — approved. in the comments, and click Approve.