Automated EC2 Deployment Pipeline Using AWS CodePipeline and GitHub

This project outlines an automated deployment pipeline using AWS CodePipeline, CodeDeploy, and GitHub to deliver application scripts to Amazon EC2 instances with minimal manual intervention.

• The GitHub repository contains two critical files:
  • appspec.yml – defines lifecycle hooks and the target deployment directory.
  • script.sh – handles post-deployment tasks such as logging and report generation.
• When code is pushed to the repository:
  • CodePipeline is triggered automatically.
  • It retrieves the latest code and passes it to CodeDeploy, skipping the build stage.
• The deployment artifact:
  • Is temporarily stored in an S3 bucket managed by CodePipeline.
  • Is sent to two Amazon Linux 2 EC2 instances.
• The EC2 instances are configured with:
  • IAM roles that include AmazonSSMManagedInstanceCore for secure Systems Manager access.
  • Inline policies that grant s3:GetObject access to retrieve artifacts.
• CodeDeploy:
  • Locates the EC2 targets and deploys files to /home/ec2-user/testhelloworld.
  • Executes script.sh using the AfterInstall hook.
• From the user’s perspective, the process is seamless:
  • A developer pushes code to GitHub.
  • Within minutes, the latest changes are deployed securely and automatically to production.

This architecture enables secure, auditable, and repeatable deployments using AWS-native tools and promotes best practices in continuous delivery.

STEP ONE: Create Amazon EC2 Linux Instances

A. To create an instance role

1. Open the IAM console at https://console.aws.amazon.com/iam/.
2. From the console dashboard, choose Roles.
3. Choose Create role.
4. Select AWS service > EC2 > Next: Permissions.
5. Search and select policies:
   • AWSSystemsManagerDefaultEC2InstanceManagementRoleeployAction
   • AmazonSSMManagedInstanceCore
6. Choose Next: Tags, then Next: Review.
7. Name it EC2InstanceRole.
8. Choose Create role.

B. To launch instances

1. Open the EC2 console: https://console.aws.amazon.com/ec2/
2. Choose Instances > Launch instances.
3. Set Name to MyInstances.
4. Select Amazon Linux 2 AMI (Free tier eligible).
5. Choose t2.micro instance type.
6. Select or create a key pair.
7. Enable network settings.
8. In Advanced details, choose the IAM role EC2InstanceRole.
9. Set Number of instances to 2.
10. Click Launch instance.

STEP TWO: Create and Add a Script File to Your Repository

In your GitHub repo, create script.sh for post-deployment tasks:

touch script.sh
chmod +x script.sh

#!/bin/bash
echo "Running post-deployment tasks..."
systemctl restart myapp.service
npm install
python3 manage.py migrate
echo "Deployment complete!" >> /var/log/deploy.log

Save and commit:

git add script.sh
git commit -m "Add post-deployment script"
git push origin main

If using AWS CodeDeploy, add appspec.yml:

version: 0.0
os: linux
files:
  - source: /
    destination: /home/ec2-user/myapp

hooks:
  AfterInstall:
    - location: script.sh
      timeout: 300
      runas: ec2-user

To create:

cd path/to/your-repo
touch appspec.yml
code appspec.yml

Commit and push:

git add appspec.yml
git commit -m "Add appspec.yml for AWS CodeDeploy"
git push origin main

STEP THREE: Add Artifact Bucket Permissions

1. Go to your pipeline in CodePipeline console > Settings > Note the S3 bucket ARN.
2. Go to IAM console > Roles > select EC2InstanceRole.
3. Under Permissions tab, click Add inline policy.
4. Add this policy, replace *BucketName*:

{
  "Effect": "Allow",
  "Principal": "*",
  "Action": "s3:GetObject",
  "Resource": "arn:aws:s3:::*BucketName*"
}

STEP FOUR: Creating Your Pipeline

1. Go to CodePipeline console and click Create pipeline.
2. Name: MyPipeline. Choose custom pipeline. Use existing service role.
3. Source stage: GitHub via GitHub App > Choose repo > Next.
4. Skip build stage.
5. Deploy stage:
   • Target directory: /home/ec2-user/testhelloworld
   • PostScript path: test/script.sh
6. Review and click Create pipeline.

STEP FIVE: Test Your Pipeline

1. Make a change in GitHub and push it.
2. Open your pipeline in CodePipeline.
3. Watch pipeline run through the stages.
4. Deployment occurs automatically to EC2 instances.
5. Check logs if errors occur (e.g., "No such file").