Continuous Deployment using GitHub Actions and AWS EC2 — Part IV: Configure CodeDeploy Agent

Mansoor Khan
6 min readMay 13, 2023

--

Install CodeDeployAgent

CodeDeploy-agent must be installed in your EC2 instance in order to create deployment of your application from the Git repository using CodeDeploy Service.

First of all, ssh into your EC2 instance and run the following commands to install the codeDeploy-agent on your server.

sudo apt update
sudo apt install -y ruby
sudo apt install wget
wget https://bucket-name.s3.region-identifier.amazonaws.com/latest/install

bucket-name is the Amazon S3 bucket containing the CodeDeploy Resource Kit files for your region and region-identifier is the identifier for your region. Use the following link to find the bucket name and region identifier for your instance: list of bucket names and region identifiers

For example:

wget https://aws-codedeploy-us-east-2.s3.us-east-2.amazonaws.com/latest/install

Once it’s installed, change the permissions and start the codeDeploy-agent:

sudo chmod +x ./install
sudo ./install auto
sudo service codedeploy-agent start

Configure CodeDeploy on EC2 console

Search for CodeDeploy from the services menu in your AWS EC2 console

On the CodeDeploy page, click on applications under the Deploy menu item on the left

Click on create application

Add an application name and your compute platform. In my case, I chose EC2/On-premises.

Click on create application to get to the following screen

In order to create a new deployment, you need to create a deployment group. But before that, we need to create IAM roles that are required for code deployment.

Creating IAM Role and Service Role for AWS CodeDeploy

There are two types of IAM roles that needs to be created:

Instance Role and Service.

Instance Role

In the first step, we need to create the instance role using AWS IAM. This role is important as it gives the proper permission to EC2 to access and read files from S3 buckets.

To create it, go to AWS Management Console and log in using our AWS Account. Then, proceed to IAM in the console and click on Roles. Once we have entered the Roles page, click on Create Role.

We will create roles for EC2 instance, therefore select EC2 as our use case.

Add the following policy:

  • AmazonEC2RoleForAWSCodeDeploy

Then, give the EC2 role a name and Click on Create Role

Service Role

Next, we need to create the IAM service role which will give the AWS CodeDeploy access and read the EC2 instance tags. Go to the Roles page and then Click on Create Role.

Select EC2 and proceed to add the following policy:

  • AWSCodeDeployRole

Then, give the service role a name (CodeDeploy_Role) and Click on Create Role. After that, we need to edit the trust relationship of the service role.

In order to do this, we need to go to the Roles page and click on the service role name that we have created.

You will see the trust relationships tab on the next page and click on Edit trust relationships.

Edit the policy document as below:

{
"Version": "2012–10–17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"codedeploy.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}

Once edited, click on Update Trust Policy.

All set! Now IAM roles are done.

Creating deployment group

Let’s move on to creating deployment group now. Click on create deployment group button on your application details page.

Choose a deployment group name and enter the service role as CodeDeploy_Role (created earlier).

From the Environment configuration choose Amazon EC2 instances. If you have an EC2 instance associated with your account, you should see a message “1 unique matched instance” just below the selected option.

Create a tag named development in your EC2 instance. Add the same tag here so that this deployment configuration is associated with the correct EC2 instance.

In the advanced section, un-check Enable Load Balancing (unless you want to provision a load balancer) and choose Roll back when a deployment fails. Click on Create deployment group. This will create a deployment group that assists in code deployment to your EC2 instance.

Before you proceed to create your first deployment, create a file named appspec.yml in your project root directory. This file can be used to handle before/after install hooks, specify deployment destination etc. Read more here: https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file.html

Sample appspec.yml contents for a basic HTML website:
version: 0.0

version: 0.0
os: linux
files:
- source: /
destination: /var/www/<application directory>

Once you’ve created and pushed the appspec.yml file to your repository, go to the development group details page and click on create deployment.

In the revision type, choose My application is stored in GitHub

Under the GitHub token name, type your GitHub username, add your repository name and commit ID of the commit that you want to deploy as a first deployment to the EC2 server.

Additional settings can be checked based on your preferences.

And that’s all we need. Click on Create deployment to start the deployment. Check the status of the deployment on Developer Tools -> CodeDeploy -> Deployments page.

If you see the status as succeeded that your code has been successfully deployed to your EC2 instance.

Photo by benjamin lehman on Unsplash

Congratulations! You’ve managed to deploy your application via AWS CodeDeploy Agent on to your AWS EC2 server.

In the next tutorial, we will learn how to create a deployment pipeline (continuous deployment) so that once you push your code to a specific branch on GitHub, it will trigger deployment using GitHub Actions.

--

--