├── .gitignore ├── create.sh ├── delete.sh ├── images ├── action-1-added.png ├── action-1-generate-changeset.png ├── action-2-executechangeset.png ├── add-generate-changeset-action.png ├── add-stage2.png ├── advanced.png ├── api-gateway.png ├── api-url.png ├── assumed-role.png ├── attach-policy.png ├── build-environment.png ├── build-run1.png ├── choose-codebuild.png ├── choose-codecommit.png ├── choose-repo-and-branch.png ├── cloudformation.png ├── codebuild-failure.png ├── codepipeline-service-role.png ├── create-pipeline.png ├── creation-complete.png ├── details-link.png ├── done.png ├── executechangeset-details.png ├── failed-build.png ├── find-role.png ├── generate-changeset-settings.png ├── infrastructure.png ├── link-execution-details.png ├── login-to-aws.png ├── name-your-project.png ├── navigate-iam.png ├── navigate-to-codepipeline.png ├── no-deployment.png ├── parallel-actions.png ├── pipeline-ui.png ├── pipeline.png ├── result.png ├── review-pipeline.png ├── review-stack.png ├── role-details.png ├── service-role.png ├── success.png ├── switch-role2.png ├── verify-change.png └── verify-role.png ├── prep ├── go.yaml ├── iam-cfnrole.yaml ├── iam-pipelinerole.yaml ├── iam-user.yaml ├── iam-userrole.yaml ├── repo.yaml └── s3bucket.yaml ├── readme.md └── update.sh /.gitignore: -------------------------------------------------------------------------------- 1 | *output.yaml 2 | .vscode 3 | node_modules -------------------------------------------------------------------------------- /create.sh: -------------------------------------------------------------------------------- 1 | pass=$1 2 | aws cloudformation package --template-file ./prep/go.yaml --output-template-file ./output.yaml --s3-bucket pg23deploybucket --profile ecs-training --region eu-west-1 3 | aws cloudformation create-stack --stack-name pg23setup --template-body file://./output.yaml --parameters ParameterKey=PgUserPassword,ParameterValue=$pass --profile ecs-training --region eu-west-1 --capabilities=CAPABILITY_NAMED_IAM -------------------------------------------------------------------------------- /delete.sh: -------------------------------------------------------------------------------- 1 | aws cloudformation delete-stack --stack-name pg23setup --profile ecs-training --region eu-west-1 -------------------------------------------------------------------------------- /images/action-1-added.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/action-1-added.png -------------------------------------------------------------------------------- /images/action-1-generate-changeset.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/action-1-generate-changeset.png -------------------------------------------------------------------------------- /images/action-2-executechangeset.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/action-2-executechangeset.png -------------------------------------------------------------------------------- /images/add-generate-changeset-action.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/add-generate-changeset-action.png -------------------------------------------------------------------------------- /images/add-stage2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/add-stage2.png -------------------------------------------------------------------------------- /images/advanced.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/advanced.png -------------------------------------------------------------------------------- /images/api-gateway.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/api-gateway.png -------------------------------------------------------------------------------- /images/api-url.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/api-url.png -------------------------------------------------------------------------------- /images/assumed-role.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/assumed-role.png -------------------------------------------------------------------------------- /images/attach-policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/attach-policy.png -------------------------------------------------------------------------------- /images/build-environment.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/build-environment.png -------------------------------------------------------------------------------- /images/build-run1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/build-run1.png -------------------------------------------------------------------------------- /images/choose-codebuild.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/choose-codebuild.png -------------------------------------------------------------------------------- /images/choose-codecommit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/choose-codecommit.png -------------------------------------------------------------------------------- /images/choose-repo-and-branch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/choose-repo-and-branch.png -------------------------------------------------------------------------------- /images/cloudformation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/cloudformation.png -------------------------------------------------------------------------------- /images/codebuild-failure.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/codebuild-failure.png -------------------------------------------------------------------------------- /images/codepipeline-service-role.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/codepipeline-service-role.png -------------------------------------------------------------------------------- /images/create-pipeline.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/create-pipeline.png -------------------------------------------------------------------------------- /images/creation-complete.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/creation-complete.png -------------------------------------------------------------------------------- /images/details-link.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/details-link.png -------------------------------------------------------------------------------- /images/done.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/done.png -------------------------------------------------------------------------------- /images/executechangeset-details.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/executechangeset-details.png -------------------------------------------------------------------------------- /images/failed-build.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/failed-build.png -------------------------------------------------------------------------------- /images/find-role.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/find-role.png -------------------------------------------------------------------------------- /images/generate-changeset-settings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/generate-changeset-settings.png -------------------------------------------------------------------------------- /images/infrastructure.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/infrastructure.png -------------------------------------------------------------------------------- /images/link-execution-details.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/link-execution-details.png -------------------------------------------------------------------------------- /images/login-to-aws.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/login-to-aws.png -------------------------------------------------------------------------------- /images/name-your-project.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/name-your-project.png -------------------------------------------------------------------------------- /images/navigate-iam.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/navigate-iam.png -------------------------------------------------------------------------------- /images/navigate-to-codepipeline.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/navigate-to-codepipeline.png -------------------------------------------------------------------------------- /images/no-deployment.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/no-deployment.png -------------------------------------------------------------------------------- /images/parallel-actions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/parallel-actions.png -------------------------------------------------------------------------------- /images/pipeline-ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/pipeline-ui.png -------------------------------------------------------------------------------- /images/pipeline.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/pipeline.png -------------------------------------------------------------------------------- /images/result.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/result.png -------------------------------------------------------------------------------- /images/review-pipeline.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/review-pipeline.png -------------------------------------------------------------------------------- /images/review-stack.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/review-stack.png -------------------------------------------------------------------------------- /images/role-details.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/role-details.png -------------------------------------------------------------------------------- /images/service-role.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/service-role.png -------------------------------------------------------------------------------- /images/success.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/success.png -------------------------------------------------------------------------------- /images/switch-role2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/switch-role2.png -------------------------------------------------------------------------------- /images/verify-change.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/verify-change.png -------------------------------------------------------------------------------- /images/verify-role.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DevOpsPlayground/Hands-on-with-Serverless-CI-CD-Pipelines-on-AWS/1bf835f175dcf991126e56e286a1e232f2616d35/images/verify-role.png -------------------------------------------------------------------------------- /prep/go.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: "2010-09-09" 2 | Parameters: 3 | PgUserPassword: 4 | Type: String 5 | MinLength: "9" 6 | MaxLength: "41" 7 | AllowedPattern: "[a-zA-Z0-9]*" 8 | RepositoryName: 9 | Type: String 10 | Default: pg23repo 11 | Resources: 12 | User: 13 | Type: AWS::CloudFormation::Stack 14 | Properties: 15 | TemplateURL: ./iam-user.yaml 16 | Parameters: 17 | pUserPassword: !Ref PgUserPassword 18 | UserRole: 19 | DependsOn: User 20 | Type: AWS::CloudFormation::Stack 21 | Properties: 22 | TemplateURL: ./iam-userrole.yaml 23 | Parameters: 24 | RepositoryName: !Ref RepositoryName 25 | CodeCommitRepo: 26 | Type: AWS::CloudFormation::Stack 27 | Properties: 28 | TemplateURL: ./repo.yaml 29 | Parameters: 30 | RepositoryName: !Ref RepositoryName 31 | CfnRole: 32 | Type: AWS::CloudFormation::Stack 33 | Properties: 34 | TemplateURL: ./iam-cfnrole.yaml 35 | PipelineRole: 36 | Type: AWS::CloudFormation::Stack 37 | Properties: 38 | TemplateURL: ./iam-pipelinerole.yaml 39 | S3Bucket: 40 | Type: AWS::CloudFormation::Stack 41 | Properties: 42 | TemplateURL: ./s3bucket.yaml -------------------------------------------------------------------------------- /prep/iam-cfnrole.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: "2010-09-09" 2 | Resources: 3 | CFNRole: 4 | Type: AWS::IAM::Role 5 | Properties: 6 | RoleName: pg23-cloudformation-role 7 | AssumeRolePolicyDocument: 8 | Statement: 9 | - Action: ['sts:AssumeRole'] 10 | Effect: Allow 11 | Principal: 12 | Service: [cloudformation.amazonaws.com] 13 | Version: '2012-10-17' 14 | 15 | Path: / 16 | Policies: 17 | - PolicyName: CloudFormationRole 18 | PolicyDocument: 19 | Version: '2012-10-17' 20 | Statement: 21 | - Action: 22 | - cloudwatch:* 23 | - logs:* 24 | - s3:* 25 | - iam:* 26 | - codepipeline:* 27 | - ecr:* 28 | - SNS:* 29 | - lambda:* 30 | - apigateway:* 31 | - cloudformation:* 32 | - codedeploy:* 33 | Effect: Allow 34 | Resource: '*' -------------------------------------------------------------------------------- /prep/iam-pipelinerole.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: "2010-09-09" 2 | Resources: 3 | PipelineRole: 4 | Type: AWS::IAM::Role 5 | Properties: 6 | RoleName: pg23-codepipeline-role 7 | AssumeRolePolicyDocument: 8 | Version: '2012-10-17' 9 | Statement: 10 | - Action: ['sts:AssumeRole'] 11 | Effect: Allow 12 | Principal: 13 | Service: [codepipeline.amazonaws.com] 14 | - Action: ['sts:AssumeRole'] 15 | Effect: Allow 16 | Principal: 17 | Service: [codebuild.amazonaws.com] 18 | - Action: ['sts:AssumeRole'] 19 | Effect: Allow 20 | Principal: 21 | Service: [events.amazonaws.com] 22 | Path: / 23 | Policies: 24 | - PolicyName: CodePipelineAccess 25 | PolicyDocument: 26 | Version: '2012-10-17' 27 | Statement: 28 | - Action: 29 | - codepipeline:* 30 | - s3:* 31 | - cloudformation:CreateStack 32 | - cloudformation:DescribeStacks 33 | - cloudformation:DeleteStack 34 | - cloudformation:UpdateStack 35 | - cloudformation:CreateChangeSet 36 | - cloudformation:ExecuteChangeSet 37 | - cloudformation:DeleteChangeSet 38 | - cloudformation:DescribeChangeSet 39 | - cloudformation:SetStackPolicy 40 | - cloudwatch:* 41 | - logs:* 42 | - iam:PassRole 43 | - sns:* 44 | - sts:AssumeRole 45 | - codecommit:* 46 | - ecr:* 47 | Effect: Allow 48 | Resource: '*' 49 | - PolicyName: CodeCommitAccess 50 | PolicyDocument: 51 | Version: '2012-10-17' 52 | Statement: 53 | - Action: 54 | - 'codecommit:*' 55 | - 'sts:AssumeRole' 56 | Effect: Allow 57 | Resource: '*' 58 | - PolicyName: CodeBuildAccess 59 | PolicyDocument: 60 | Version: '2012-10-17' 61 | Statement: 62 | - Action: 63 | - codebuild:* 64 | - logs:* 65 | Effect: Allow 66 | Resource: '*' -------------------------------------------------------------------------------- /prep/iam-user.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: '2010-09-09' 2 | Description: 'DevOps Playground Meetup user account setup.' 3 | Metadata: 4 | AWS::CloudFormation::Interface: 5 | ParameterGroups: 6 | - Label: 7 | default: "DevOps Playground Account Setup" 8 | Parameters: 9 | - pUserPassword 10 | 11 | ParameterLabels: 12 | pUserPassword: 13 | default: "User Password" 14 | 15 | 16 | Parameters: 17 | pUserPassword: 18 | NoEcho: "true" 19 | Description: The user account password 20 | Type: String 21 | MinLength: "8" 22 | MaxLength: "41" 23 | AllowedPattern: "[a-zA-Z0-9]*" 24 | ConstraintDescription: must contain only alphanumeric characters. 25 | 26 | 27 | Resources: 28 | meetupUser: 29 | Type: "AWS::IAM::User" 30 | Properties: 31 | LoginProfile: 32 | Password: !Ref pUserPassword 33 | PasswordResetRequired: "false" 34 | Path: "/" 35 | UserName: "pg23meetup" 36 | -------------------------------------------------------------------------------- /prep/iam-userrole.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: '2010-09-09' 2 | Description: 'DevOps Playground Meetup Service Role setup.' 3 | 4 | Parameters: 5 | RepositoryName: 6 | Type: String 7 | Resources: 8 | UserRole: 9 | Type: "AWS::IAM::Role" 10 | Properties: 11 | AssumeRolePolicyDocument: 12 | Version: "2012-10-17" 13 | Statement: 14 | - Effect: "Allow" 15 | Principal: 16 | AWS: 17 | - !Sub "arn:aws:iam::${AWS::AccountId}:user/pg23meetup" 18 | Action: 19 | - "sts:AssumeRole" 20 | MaxSessionDuration: 10800 21 | Path: "/" 22 | RoleName: "pg23meetuprole" 23 | Policies: 24 | - PolicyName: Pg23UserRolePolicy 25 | PolicyDocument: 26 | Version: '2012-10-17' 27 | Statement: 28 | - Action: 29 | - s3:* 30 | Effect: Allow 31 | Resource: '*' 32 | - Action: 33 | - codepipeline:* 34 | Effect: Allow 35 | Resource: '*' 36 | - Action: 37 | - cloudformation:DescribeStacks 38 | - cloudformation:ListChangeSets 39 | - cloudformation:ListExports 40 | - cloudformation:ListImports 41 | - cloudformation:ListStackInstances 42 | - cloudformation:ListStackResources 43 | - cloudformation:ListStacks 44 | - cloudformation:ListStackSetOperationResults 45 | - cloudformation:ListStackSetOperations 46 | - cloudformation:ListStackSets 47 | - cloudformation:Describe* 48 | - cloudformation:Get* 49 | - cloudformation:EstimateTemplateCost 50 | Effect: Allow 51 | Resource: '*' 52 | - Action: 53 | - codebuild:* 54 | Effect: Allow 55 | Resource: '*' 56 | - Action: 57 | - codecommit:* 58 | Effect: Allow 59 | Resource: '*' 60 | - Action: 61 | - iam:* 62 | Effect: Allow 63 | Resource: '*' 64 | - Action: 65 | - iam:CreateUser 66 | - iam:DeleteUser 67 | - iam:UpdateUser 68 | - iam:UpdateGroup 69 | - iam:DeleteLoginProfile 70 | - iam:DeleteGroup 71 | - iam:CreateGroup 72 | - iam:GetAccountSummary 73 | - iam:GetLoginProfile 74 | - iam:ListAccessKeys 75 | - iam:ListAccountAliases 76 | - iam:ListAttachedGroupPolicies 77 | - iam:ListAttachedUserPolicies 78 | - iam:ListEntitiesForPolicy 79 | - iam:ListGroupPolicies 80 | - iam:ListGroups 81 | - iam:ListGroupsForUser 82 | - iam:ListInstanceProfiles 83 | - iam:ListInstanceProfilesForRole 84 | - iam:ListMFADevices 85 | - iam:ListOpenIDConnectProviders 86 | - iam:ListSAMLProviders 87 | - iam:ListServerCertificates 88 | - iam:ListServiceSpecificCredentials 89 | - iam:ListSigningCertificates 90 | - iam:ListSSHPublicKeys 91 | - iam:ListUserPolicies 92 | - iam:ListUsers 93 | - iam:ListVirtualMFADevices 94 | - iam:GenerateCredentialReport 95 | - iam:GenerateServiceLastAccessed* 96 | - iam:GetAccessKeyLastUsed 97 | - iam:GetAccountAuthorizationDetails 98 | - iam:GetAccountPasswordPolicy 99 | - iam:GetContextKeysForCustomPolicy 100 | - iam:GetContextKeysForPrincipalPolicy 101 | - iam:GetCredentialReport 102 | - iam:GetGroup 103 | - iam:GetGroupPolicy 104 | - iam:GetInstanceProfile 105 | - iam:GetOpenIDConnectProvider 106 | - iam:GetSAMLProvider 107 | - iam:GetServerCertificate 108 | - iam:GetServiceLastAccessedDetails* 109 | - iam:GetSSHPublicKey 110 | - iam:GetUser 111 | - iam:GetUserPolicy 112 | - iam:SimulateCustomPolicy 113 | - iam:SimulatePrincipalPolicy 114 | - iam:AddClientIDToOpenIDConnectProvider 115 | - iam:AddRoleToInstanceProfile 116 | - iam:AddUserToGroup 117 | - iam:ChangePassword 118 | - iam:CreateAccessKey 119 | - iam:CreateAccountAlias 120 | - iam:CreateInstanceProfile 121 | - iam:CreateLoginProfile 122 | - iam:CreateOpenIDConnectProvider 123 | - iam:CreateSAMLProvider 124 | - iam:CreateServiceLinkedRole 125 | - iam:CreateServiceSpecificCredential 126 | - iam:CreateVirtualMFADevice 127 | - iam:DeactivateMFADevice 128 | - iam:DeleteAccessKey 129 | - iam:DeleteAccountAlias 130 | - iam:DeleteInstanceProfile 131 | - iam:DeleteOpenIDConnectProvider 132 | - iam:DeleteSAMLProvider 133 | - iam:DeleteRole 134 | - iam:DeleteServerCertificate 135 | - iam:DeleteServiceLinkedRole 136 | - iam:DeleteServiceSpecificCredential 137 | - iam:DeleteSigningCertificate 138 | - iam:DeleteSSHPublicKey 139 | - iam:DeleteVirtualMFADevice 140 | - iam:RemoveClientIDFromOpenIDConnectProvider 141 | - iam:RemoveRoleFromInstanceProfile 142 | - iam:RemoveUserFromGroup 143 | - iam:ResetServiceSpecificCredential 144 | - iam:ResyncMFADevice 145 | - iam:UpdateAccessKey 146 | - iam:UpdateAccountPasswordPolicy 147 | - iam:UpdateLoginProfile 148 | - iam:UpdateOpenIDConnectProviderThumbprint 149 | - iam:UpdateSAMLProvider 150 | - iam:UpdateServerCertificate 151 | - iam:UpdateServiceSpecificCredential 152 | - iam:UpdateSigningCertificate 153 | - iam:UpdateSSHPublicKey 154 | - iam:UploadServerCertificate 155 | - iam:UploadSigningCertificate 156 | - iam:UploadSSHPublicKey 157 | Effect: Deny 158 | Resource: '*' 159 | - Action: 160 | - events:ListRuleNamesByTarget 161 | - events:PutRule 162 | - events:PutTargets 163 | Effect: Allow 164 | Resource: '*' 165 | - Action: 166 | - sts:AssumeRole 167 | Effect: Allow 168 | Resource: '*' 169 | - Action: 170 | - logs:* 171 | Effect: Allow 172 | Resource: '*' 173 | - Action: 174 | - apigateway:* 175 | Effect: Allow 176 | Resource: '*' 177 | - Action: 178 | - cloudwatch:* 179 | Effect: Allow 180 | Resource: '*' -------------------------------------------------------------------------------- /prep/repo.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: 2010-09-09 2 | 3 | Parameters: 4 | RepositoryName: 5 | Type: String 6 | Resources: 7 | pg23repo: 8 | Type: "AWS::CodeCommit::Repository" 9 | Properties: 10 | RepositoryDescription: "CodeCommit repository for project" 11 | RepositoryName: !Ref RepositoryName -------------------------------------------------------------------------------- /prep/s3bucket.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: 2010-09-09 2 | 3 | Resources: 4 | pg23deploybucket: 5 | Type: "AWS::S3::Bucket" 6 | Properties: 7 | BucketName: pg23appdeploybucket -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | # Serverless CI/CD with AWS 2 | 3 | This content has also been distributed as a medium blog post :- 4 | 5 | https://medium.com/@paulforsyth/serverless-ci-cd-with-aws-part-1-the-console-story-d0796d2cdd0c 6 | 7 | ![](images/infrastructure.png) 8 | 9 | - [Overview](#overview) 10 | - [Hands On](#hands-on) 11 | - [Logging in to AWS Console](#logging-in-to-aws-console) 12 | - [Creating the Pipeline](#creating-the-pipeline) 13 | - [Define the Source](#define-the-source) 14 | - [Define the Build](#define-the-build) 15 | - [Observe the failure](#observe-the-failure) 16 | - [Diagnose the build](#diagnose-the-build) 17 | - [Fix the build!](#fix-the-build) 18 | - [Re-run the pipeline](#re-run-the-pipeline) 19 | - [Add a new stage](#add-a-new-stage) 20 | - [Add a generate changeset action](#add-a-generate-changeset-action) 21 | - [Add an execute changeset action](#add-an-execute-changeset-action) 22 | - [Re-run the pipeline again](#re-run-the-pipeline-again) 23 | - [This is what success looks like!](#this-is-what-success-looks-like) 24 | - [Verify the deployment](#verify-the-deployment) 25 | - [Commit a change!](#commit-a-change) 26 | - [Verify the change!](#verify-the-change) 27 | - [Additional Features](#additional-features) 28 | - [Conclusion](#conclusion) 29 | - [One more thing...](#one-more-thing) 30 | - [Resources](#resources) 31 | 32 | # Overview 33 | Serverless is fast becoming the new default compute model for many software projects. The attractive pay as you go pricing model, rapid scaling and reduced ops overhead are very compelling advantages to any organisation shipping software. 34 | 35 | While applications are moving to this new compute model, we're often still left with some traditional infrastructure in the form of build servers and nodes. This remains a burden for ops due to having to perform OS patching, build server updates and managing fleets of build nodes as well as monitoring for performance and right-sizing both server and build nodes on an ongoing basis. This leaves also a potential single point of failure where build servers are shared amongst different services being deployed - downtime of the server/nodes can mean delays in shipping. 36 | 37 | In this playground we're going to remove some of that burden by creating a serverless CI/CD pipeline on AWS using CodePipeline, CodeBuild and CloudFormation. This pipeline will be deploying a simple nodejs express application to lambda. 38 | 39 | # Hands On 40 | 41 | ### Logging in to AWS Console 42 | You can skip this section if you are using your own AWS account and have appropriate IAM access (detailed in addendum) 43 | 44 | First we need to login to the console (credentials provided separately) - also ensure that we are in the eu-west-1 region. 45 | https://ecsd-training.signin.aws.amazon.com/console 46 | 47 | ![](images/login-to-aws.png) 48 | 49 | The user that we logged into won't have many permissions at this stage so we need to assume an appropriate role. Follow this link in order to do that 50 | 51 | https://signin.aws.amazon.com/switchrole?roleName=pg23meetuprole&account=ecsd-training 52 | 53 | ![](images/switch-role2.png) 54 | 55 | Just click the "Switch Role" button to continue back to the console 56 | 57 | Also switch your region to Ireland (eu-west-1), the default setup assumes this. 58 | 59 | You should now see an indicator in the top right showing that you are currently assuming a role. 60 | 61 | ![](images/assumed-role.png) 62 | 63 | ### Creating the pipeline 64 | 65 | Next we need to navigate to the CodePipeline user interface. 66 | ![](images/navigate-to-codepipeline.png) 67 | 68 | Click the "Create Pipeline" button. If there are no pipelines listed you'll see a getting started screen instead so just click "Get started" to get to the next step 69 | 70 | ![](images/pipeline-ui.png) 71 | 72 | You now need to give your pipeline a name - this needs to be unique so try and follow convention e.g. firstnamelastinitial-pg23-pipeline (e.g. paulf-pg23-pipeline) 73 | 74 | ![](images/create-pipeline.png) 75 | 76 | Click the "Next Step" button to continue 77 | 78 | ### Define the source 79 | 80 | The first step in our pipeline is to grab our source code. In our case this is provided in a codecommit repository but other options are available for github and AWS S3. The branch we'll be deploying is the master branch. 81 | 82 | If you are using your own account then you should use the contents of the repository https://github.com/ecsdigital/devopsplayground23-app - push this into your own CodeCommit repository and simply substitute the repository name in the steps here, the easiest way I've found is to checkout that repo, add a remote and push to your new remote repo. 83 | 84 | Choose CodeCommit. 85 | 86 | ![](images/choose-codecommit.png) 87 | 88 | Pick the repository "pg23repo" and the branch master 89 | 90 | ![](images/choose-repo-and-branch.png) 91 | 92 | Leave the "Change detection options" at their default - for CodeCommit and s3 this will use CloudWatch events to detect changes in order to trigger the pipeline, github will use webhooks. 93 | 94 | Click the "Next Step" button to continue 95 | 96 | ### Define the Build 97 | 98 | Next you need to pick your build provider. This can be a number of different options (some are not shown in the drop down, such as teamcity as these can be defined if you create your codebuild configuration using cloudformation), but for our purposes we're going to use CodeBuild. 99 | 100 | ![](images/choose-codebuild.png) 101 | 102 | A number of additional fields will now appear which will need to be populated in order to create our codebuild configuration. 103 | 104 | Firstly we want to "Create a new build project" and fill out the name field 105 | 106 | ![](images/name-your-project.png) 107 | 108 | Next we need to define the build environment. This can be achieved by either using an AWS provided CodeBuild container or by specifying a docker image of your choosing from either Amazon ECR or another docker repository. 109 | 110 | We are going to use a standard linux ubuntu image with the nodejs10 environment. 111 | 112 | ![](images/build-environment.png) 113 | 114 | The build specification defines the steps and commands you need to run in order to perform the build (e.g. npm install) as well as defining which artifacts are output from the process to be consumed by subsequent pipeline stages. You can feed parameters into the build spec by using environment variables which are injected into the container at runtime. 115 | 116 | For more information on the buildspec see https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html 117 | 118 | We have provided the buildspec for the project so just leave the "Use the buildspec.yml in the source code root directory" selected, all we're doing in the buildspec is validating and packaging a cloudformation template. 119 | 120 | Also leave the Cache set to "No cache". 121 | 122 | Scroll down to the AWS CodeBuild service role section. 123 | 124 | ![](images/service-role.png) 125 | 126 | You can choose to either create an IAM role for this build project or re-use an existing one. At the time of writing if you re-use an existing one you can only do so 9 times as each time you re-use it will add an additional policy to the existing role and there's a limit of 10. 127 | 128 | For this demo choose "Create a service role in your account", a sensible default name should already be populated but keep note of it for later as we may need additional permissions applied to that role in order to complete the build 129 | 130 | No VPC is required for this particular build but if for example you wanted to update the database schema of an RDS instance in a VPC you would need to configure this. 131 | 132 | The advanced section we won't be altering but worth talking through some of the options there. 133 | 134 | ![](images/advanced.png) 135 | 136 | Timeout - How long before you consider your build dead in the water. This is important to reduce cost, set it to something reasonable - too large and you may incur additional cost if a build stalls, too short and your builds may become intermittent especially where access to public artifcats is required (e.g. npm). 137 | 138 | Privileged - If you are building docker images using CodeBuild then you need this. Often the use case is that CodeBuild will build and push a docker image and then that is rolled out to ECS using Cloudformation to replace the image on the service. 139 | 140 | Compute Type - this determines the performance level of your container and also your cost per build minute. 141 | 142 | Environment Variables - these are the variables available within your buildspec execution so if you need to parameterise your build you'd do it in this way. 143 | 144 | Click "Save build project". This takes a few seconds as it also has to create the service role. 145 | 146 | When creation is complete, hit the "Next step" button 147 | 148 | ![](images/creation-complete.png) 149 | 150 | ### Skip deployment for now 151 | 152 | For now select No Deployment - we'll come back and add this step later. 153 | 154 | ![](images/no-deployment.png) 155 | 156 | Click "Next step" 157 | 158 | ### Select a service role 159 | 160 | CodePipeline requires a role in order to perform actions. You can either create a new role which will apply a default set of permissions or assume an existing one. 161 | 162 | Select the existing "pg23-codepipeline-role" for this example 163 | 164 | ![](images/codepipeline-service-role.png) 165 | 166 | The minimum set of permissions required by the codepipeline role and how you define a custom role is outlined in aws documentation which can be found here https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-custom-role.html 167 | 168 | Click "Next step" to proceed. 169 | 170 | ### Review the pipeline 171 | 172 | The final stage is to review the pipeline settings. 173 | 174 | ![](images/review-pipeline.png) 175 | 176 | Once you're happy with the settings, click "Create Pipeline" 177 | 178 | Your build should now run. 179 | 180 | ![](images/build-run1.png) 181 | 182 | ### Observe the failure 183 | 184 | The build will fail! 185 | 186 | ![](images/failed-build.png) 187 | 188 | ### Diagnose the build 189 | 190 | To fix the build we need to know what went wrong. 191 | 192 | In the failed build step, click on the details link. 193 | 194 | ![](images/details-link.png) 195 | 196 | And then click the "Link to execution details". 197 | 198 | ![](images/link-execution-details.png) 199 | 200 | This will take us to the codebuild history for that execution. You will see in the build logs that we are missing a permission for PutObject on S3. This permission needs to be assigned to the CodeBuild role defined earlier. 201 | 202 | ![](images/codebuild-failure.png) 203 | 204 | ### Fix the build 205 | 206 | Navigate to the IAM user interface. 207 | 208 | ![](images/navigate-iam.png) 209 | 210 | Select Roles on the left and fine the role you created for your CodeBuild configuration. 211 | 212 | ![](images/find-role.png) 213 | 214 | Click on the role link to get to the details of the role 215 | 216 | ![](images/role-details.png) 217 | 218 | Click the "Attach Policy" button. 219 | 220 | Type "S3" in the search box. 221 | 222 | For this demo let's just assign "AmazonS3FullAccess" - in a real environment you'd define an appropriate policy for your bucket for least privilege. Select the "AmazonS3FullAccess" role by clicking the checkbox to its left. 223 | 224 | ![](images/attach-policy.png) 225 | 226 | Click the "Attach Policy" button down the bottom right. 227 | 228 | Observe that the Permissions tab now lists "AmazonS3FullAccess" in addition to existing policies. 229 | 230 | ![](images/verify-role.png) 231 | 232 | ### Re-run the pipeline 233 | 234 | Go back to your pipeline and click the "Release" button. This time the pipeline should succeed and we are ready to define our deployment steps! 235 | 236 | ![](images/success.png) 237 | 238 | SUCCESS! 239 | 240 | Ok so we've verified that the cloudformation template is valid and packaged up for deployment. We could add steps in here to perform unit tests, linting, static analysis etc here but let's try and deploy our application. 241 | 242 | ### Add a new stage 243 | 244 | Deployment of a SAM template needs to consist of two steps as CloudFormation stack creation currently does not support template transforms. 245 | 246 | We instead need to generate a change set and then apply the change set to a new or existing CloudFormation stack. 247 | 248 | This will require two pipeline actions. 249 | 250 | First, lets add a new stage to the pipeline 251 | 252 | In your pipeline, click the "Edit" button. 253 | 254 | You will see the UI change to show additional controls which allow you to modify your pipeline's workflow. 255 | 256 | Next you should click the +Stage button below the build stage as highlighted in the image. Give the stage a name and we can proceed to creating the action. 257 | 258 | ![](images/add-stage2.png) 259 | 260 | ### Add a generate changeset action 261 | 262 | The first action we need is one which takes the output of our build (the packaged sam template), and generates a change set for our cloudformation stack. 263 | 264 | On the stage click the + Action button. A pane should appear to the right, in this pane choose Deploy as the Action Category 265 | 266 | ![](images/add-generate-changeset-action.png) 267 | 268 | Give the action a name and select AWS CloudFormation as the Deployment Provider 269 | 270 | ![](images/action-1-generate-changeset.png) 271 | 272 | In the next section, select Action Mode "Create or replace a change set". 273 | 274 | Set a stack name. 275 | 276 | Set a change set name. 277 | 278 | For the template you need to refer to a previous build output, in our case that will be the artifact MyAppBuild and the template output.yaml so as the Template you specify MyAppBuilc::output.yaml 279 | 280 | Template configuration can be left blank 281 | 282 | Select CAPABILITY_IAM in the capabilities field. 283 | 284 | And finally select the pre-configured role pg23-cloudformation-role - this is the role assumed by CloudFormation when deploying the app. 285 | 286 | ![](images/generate-changeset-settings.png) 287 | 288 | The advanced section allows you to define parameter overrids for your CloudFormation deployment but that is not necessary for our example. 289 | 290 | In Input artifacts 1, specify MyAppBuild - this tells the action to copy the artifacts from the CodeBuild section. 291 | 292 | We don't require any output artifacts, but these would be used to pass along to other build steps if required. 293 | 294 | Click Add Action to complete. 295 | 296 | ![](images/action-1-added.png) 297 | 298 | ### Add an execute changeset action 299 | 300 | As before, add another action under the GenerateChangeset one to indicate you want it to happen afterwards. 301 | 302 | Again, give the action a name and select AWS CloudFormation as the provider. 303 | 304 | Action mode needs to be set to Execute a change set. 305 | 306 | The Stack name needs to match the one from the previous action 307 | 308 | The change set name also needs to match the one from the previous action. 309 | 310 | Specify MyAppBuild as the input artifact. 311 | 312 | ![](images/action-2-executechangeset.png) 313 | 314 | Now click "Save pipeline changes" 315 | 316 | Your pipeline should now look like follows:- 317 | 318 | ![](images/pipeline.png) 319 | 320 | 321 | ### Re-run the pipeline again 322 | 323 | Click "Release change" to run the pipeline again with the deployment steps now defined. 324 | 325 | If things are going well, the build should pass then on the CloudFormation list you should observe a new stack being created and reviewed. 326 | 327 | ![](images/review-stack.png) 328 | 329 | ### This is what success looks like! 330 | 331 | If everything goes to plan the pipeline should complete as follows:- 332 | 333 | ![](images/done.png) 334 | 335 | ### Verify the deployment 336 | 337 | So we're deployed! We now have an API we can hit, but need to first find the endpoint. Hit the details link on the ExecuteChangeSet task to goto the resultant CloudFormation build. 338 | 339 | ![](images/executechangeset-details.png) 340 | 341 | Click the Resources drop down and click on the link to the ServerlessRestApi 342 | 343 | ![](images/cloudformation.png) 344 | 345 | This will take you to the API gateway console. 346 | 347 | Click on the gateway which is named similar to your CloudFormation stack 348 | 349 | ![](images/api-gateway.png) 350 | 351 | Then click Stages and Prod, the url should appear in a pane to the right. 352 | 353 | ![](images/api-url.png) 354 | 355 | If you open this url in another tab you'll see the result of the request to the lambda function hosted behind that api. 356 | 357 | ![](images/result.png) 358 | 359 | Result! 360 | 361 | ### Commit a change 362 | 363 | Lets make a change to the app. In the interactive session I'll merge a pull request, but if doing this on your own go ahead and make some changes to the app.js file so that something obvious is different. 364 | 365 | When merging back / pushing the change to master, your build pipeline should begin to run again. 366 | 367 | 368 | ### Verify the change 369 | 370 | Once the build has completed, refresh the browser tab that you made the request to your api with. Hopefully the change will be reflected in the result. 371 | 372 | ![](images/verify-change.png) 373 | 374 | # Additional Features 375 | 376 | These are some of the features available and worth being aware of at the time of writing:- 377 | 378 | ## CodePipeline 379 | 380 | Pipelines are not restricted to just one sequence of events. You can also have actions which run in parallel. 381 | 382 | ![](images/parallel-actions.png) 383 | 384 | Out of the box providers surfaced in the UI are currently: 385 | 386 | - Source Providers: 387 | - CodeCommit (AWS git implementation) 388 | - Github integration via webhooks and oauth tokens. 389 | - Amazon S3 390 | 391 | - Build Providers: 392 | - CodeBuild 393 | - Jenkins (https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-four-stage-pipeline.html?icmpid=docs_acp_console#tutorials-four-stage-pipeline-prerequisites) 394 | - Solano CI 395 | 396 | - Deployment Providers: 397 | - Amazon ECS (Deploy to existing ecs/eks/fargate cluster) 398 | - AWS CloudFormation (featured here) 399 | - AWS CodeDeploy 400 | - AWS Elastic Beanstalk 401 | 402 | Other providers are available such as TeamCity. These are implemented as custom actions. 403 | 404 | - Additional Action Types: 405 | - Approval Actions (manually prompt a user to approve a build, use in conjunction with SNS for notification via email etc) 406 | - Test (Jenkins, CodeBuild, BlazeMeter, Ghost Inspector UI Testing, Nouvola, Runscope API Monitoring). 407 | - Invoke Lambda allows you to do custom actions during stages 408 | 409 | CodePipeline is also extensible through custom actions and providers(https://docs.aws.amazon.com/codepipeline/latest/userguide/actions-create-custom-action.html) 410 | 411 | ## CodeBuild 412 | 413 | Support of Linux/Windows containers for builds. 414 | 415 | Custom Docker images can be used to reduce build time by installing necessary dependencies, or depencencies which are not available on the amazon image. Optimized images can reduce the time and therefore cost of builds. 416 | 417 | ## CloudFormation 418 | 419 | Bread and butter of AWS automation. Worthy of a topic in itself. The entire build pipeline itself can be provisioned using CloudFormation - I'll follow up later with an example on this, but this would allow you to version control your release process separately from your application build + deployment code. 420 | 421 | # Conclusion 422 | 423 | So now we have a pipeline which can continuously deploy changes from our master branch to our deployment environment. 424 | 425 | Other additions we can make to this pipeline include additional stages (such as uat), manual approval (requiring human intervention in order to continue) as well as other actions such as running tests. 426 | 427 | So hopefully now you have an idea of some of the things CodePipeline, CodeBuild and CloudFormation are capable of and have an appetite to explore further functionality. 428 | 429 | # One more thing 430 | 431 | As a sidenote, CodePipeline and CodeBuild also generate events which can be consumed and fed into CloudWatch as metrics. This can be used to build dashboards showing the performance of your pipeline and development process. This can be a powerful tool in diagnosing issues with your SDLC by examining the various metrics with regards to feedback, failure and deployment rate. 432 | 433 | This dashboard was borrowed from Stelligent 434 | 435 | https://stelligent.com/2017/11/16/codepipeline-dashboard/ 436 | 437 | The code can be found here: https://github.com/stelligent/pipeline-dashboard 438 | 439 | What interesting metrics can you pick out of your pipeline? 440 | 441 | # Resources 442 | 443 | ### CodePipeline 444 | 445 | Product Details 446 | https://aws.amazon.com/codepipeline/details/ 447 | 448 | Documentation 449 | https://docs.aws.amazon.com/codepipeline/latest/userguide/welcome.html 450 | 451 | CodePipeline custom role 452 | https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-custom-role.html 453 | 454 | CodePipeline custom actions 455 | https://docs.aws.amazon.com/codepipeline/latest/userguide/actions-create-custom-action.html 456 | 457 | TeamCity integration 458 | https://aws.amazon.com/blogs/devops/building-end-to-end-continuous-delivery-and-deployment-pipelines-in-aws-and-teamcity/ 459 | 460 | ### CodeBuild 461 | 462 | Product Details 463 | https://aws.amazon.com/codebuild/details/ 464 | 465 | Documentation 466 | https://docs.aws.amazon.com/codebuild/latest/userguide/welcome.html 467 | 468 | CodeBuild custom role 469 | https://docs.aws.amazon.com/codebuild/latest/userguide/setting-up.html#setting-up-service-role 470 | 471 | ### CloudFormation 472 | 473 | Product Details 474 | https://aws.amazon.com/cloudformation/details/ 475 | 476 | Documentation 477 | https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html 478 | 479 | ### CodeCommit 480 | 481 | Product Details 482 | https://aws.amazon.com/codecommit/details/ 483 | 484 | Documentation 485 | https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html 486 | 487 | ### Lambda 488 | 489 | Product Details 490 | https://aws.amazon.com/lambda/ 491 | 492 | Documentation 493 | https://docs.aws.amazon.com/lambda/latest/dg/welcome.html 494 | 495 | ### Serverless Application Model 496 | 497 | Deploying lambda-based applications 498 | https://docs.aws.amazon.com/lambda/latest/dg/deploying-lambda-apps.html 499 | 500 | ### Stelligent Codepipeline Dashboards 501 | https://stelligent.com/2017/11/16/codepipeline-dashboard/ 502 | 503 | https://github.com/stelligent/pipeline-dashboard 504 | 505 | -------------------------------------------------------------------------------- /update.sh: -------------------------------------------------------------------------------- 1 | pass=$1 2 | aws cloudformation package --template-file ./prep/go.yaml --output-template-file ./output.yaml --s3-bucket pg23deploybucket --profile ecs-training --region eu-west-1 3 | aws cloudformation update-stack --stack-name pg23setup --template-body file://./output.yaml --parameters ParameterKey=PgUserPassword,ParameterValue=$pass --profile ecs-training --region eu-west-1 --capabilities=CAPABILITY_NAMED_IAM --------------------------------------------------------------------------------