Skip to content

Instantly share code, notes, and snippets.

@MrCoffey
Last active November 21, 2016 14:54
Show Gist options
  • Save MrCoffey/0885eda5e3d54dc5750d2fea84454e57 to your computer and use it in GitHub Desktop.
Save MrCoffey/0885eda5e3d54dc5750d2fea84454e57 to your computer and use it in GitHub Desktop.
Basic AWS CodePloy Policies configuration
# This is an appspec.yml template file for use with AWS CodeDeploy.
# The lines in this template starting with the hashtag symbol are
# instructional comments and can be safely left in the file or
# ignored.
# For help completing this file, see the "AppSpec File Reference" in the
# "AWS CodeDeploy User Guide" at
# http://docs.aws.amazon.com/codedeploy/latest/userguide/app-spec-ref.html
# Don't touch version, that's Amazons stuff.
version: 0.0
# Specify "os: linux" if this revision targets Amazon Linux,
# Red Hat Enterprise Linux (RHEL), or Ubuntu Server
# instances.
# Specify "os: windows" if this revision targets Windows Server instances.
# (You cannot specify both "os: linux" and "os: windows".)
os: linux
# os: windows
# During the Install deployment lifecycle event (which occurs between the
# BeforeInstall and AfterInstall events), copy the specified files
# in "source" starting from the root of the revision's file bundle
# to "destination" on the instance.
# Specify multiple "source" and "destination" pairs if you want to copy
# from multiple sources or to multiple destinations.
# If you are not copying any files to the instance, then remove the
# "files" section altogether. A blank or incomplete "files" section
# may cause associated deployments to fail.
files:
- source: /
destination: /opt/phoenix-codedeploy
# For deployments to Amazon Linux, Ubuntu Server, or RHEL instances,
# you can specify a "permissions"
# section here that describes special permissions to apply to the files
# in the "files" section as they are being copied over to
# the instance.
hooks:
# For each deployment lifecycle event, specify multiple "location" entries
# if you want to run multiple scripts during that event.
# You can specify "timeout" as the number of seconds to wait until failing the deployment
# if the specified scripts do not run within the specified time limit for the
# specified event. For example, 900 seconds is 15 minutes. If not specified,
# the default is 1800 seconds (30 minutes).
# Note that the maximum amount of time that all scripts must finish executing
# for each individual deployment lifecycle event is 3600 seconds (1 hour).
# Otherwise, the deployment will stop and AWS CodeDeploy will consider the deployment
# to have failed to the instance. Make sure that the total number of seconds
# that are specified in "timeout" for all scripts in each individual deployment
# lifecycle event does not exceed a combined 3600 seconds (1 hour).
# For deployments to Amazon Linux, Ubuntu Server, or RHEL instances,
# you can specify "runas" in an event to
# run as the specified user. For more information, see the documentation.
# If you are deploying to Windows Server instances,
# remove "runas" altogether.
# If you do not want to run any commands during a particular deployment
# lifecycle event, remove that event declaration altogether. Blank or
# incomplete event declarations may cause associated deployments to fail.
# During the ApplicationStop deployment lifecycle event, run the commands
# in the script specified in "location" starting from the root of the
# revision's file bundle.
ApplicationStop:
- location: deploy/application-stop.sh
timeout: 100
# runas:
# During the BeforeInstall deployment lifecycle event, run the commands
# in the script specified in "location".
BeforeInstall:
- location: deploy/before-install.sh
timeout: 300
# During the AfterInstall deployment lifecycle event, run the commands
# in the script specified in "location".
AfterInstall:
- location: deploy/after-install.sh
timeout: 300
# During the ApplicationInstall deployment lifecycle event, run the commands
# in the script specified in "location".
ApplicationStart:
- location: deploy/application-start.sh
timeout: 180
# During the ValidateService deployment lifecycle event, run the commands
# in the script specified in "location".

Instructions

Go to you AWS console then select IAM from the services menu then select Create policy Create Your Own Policy and use the following configuration

// Policy Role for Code Deploy
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "autoscaling:PutLifecycleHook",
        "autoscaling:DeleteLifecycleHook",
        "autoscaling:RecordLifecycleActionHeartbeat",
        "autoscaling:CompleteLifecycleAction",
        "autoscaling:DescribeAutoscalingGroups",
        "autoscaling:PutInstanceInStandby",
        "autoscaling:PutInstanceInService",
        "ec2:Describe*"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}

Then you will need to create a new EC2 custom policy


// Policy Trust for Code Deploy
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": [
          "codedeploy.us-west-2.amazonaws.com",
          "codedeploy.us-east-1.amazonaws.com"
        ]
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

// Instance Role for EC2 Instance
{ 
    "Version": "2012-10-17", 
    "Statement": [   
      {     
          "Action": [       
              "s3:Get*",       
              "s3:List*"     
          ],     
          "Effect": "Allow",     
          "Resource": "*"   
      } 
    ]
}

1.) When server is booted run the following commands as root.

yum -y update

yum install -y aws-cli

cd /home/ec2-user

2.) Here you will setup your AWS access, secret, and region.

aws s3 cp s3://aws-codedeploy-us-east-1/latest/install . --region us-east-1

chmod +x ./install

3.) This is simply a quick hack to get the agent running faster.

sed -i "s/sleep(.*)/sleep(10)/" install

./install auto

4.) Verify it is running.

service codedeploy-agent status

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment