Deploying Application Stack Updates to AWS Environments
Deploy application stack updates to existing environments (for example, deploying an AWS SAM template to a different staging environment)
Deploying Application Stack Updates to AWS Environments
This guide focuses on the mechanisms and strategies for updating existing application stacks across different environments (Development, Staging, Production) using AWS Infrastructure as Code (IaC) and deployment services.
Learning Objectives
- Update IaC Templates: Modify and deploy AWS SAM and CloudFormation templates to existing stacks.
- Manage Environment Parity: Use parameters and configurations to differentiate between staging and production environments.
- Execute Deployment Strategies: Implement Canary, Blue/Green, and Linear shifts using AWS CodeDeploy.
- Handle Runtime Configurations: Utilize API Gateway staging variables and Lambda aliases to manage environment-specific logic.
Key Terms & Glossary
- AWS SAM (Serverless Application Model): An extension of CloudFormation specifically for serverless applications, simplifying the definition of functions, APIs, and tables.
- Stack: A collection of AWS resources managed as a single unit via CloudFormation.
- Change Set: A preview of changes CloudFormation will make to your stack before you execute the update.
- Staging Variable: A name-value pair used in API Gateway to change the behavior of an API stage (e.g., pointing to a different Lambda alias).
- Lambda Alias: A pointer to a specific Lambda function version, allowing you to promote code (e.g., from
PRODtoDEV) without changing the client-side configuration.
The "Big Idea"
Updating application stacks is not just about changing code; it's about consistent promotion. The goal is to ensure that the template used in a Staging environment is identical to the one used in Production, with only environment-specific "knobs" (Parameters) changing. This reduces "environment drift" and ensures that a successful test in Staging accurately predicts success in Production.
Formula / Concept Box
| Deployment Strategy | Mechanism | Traffic Shift | Risk Level |
|---|---|---|---|
| All-at-Once | In-place or replacement | 100% immediate shift | High (Downtime risk) |
| Canary | CodeDeploy / Lambda Alias | 10% for X mins, then 100% | Low (Early warning) |
| Linear | CodeDeploy | 10% every X mins until 100% | Medium (Slower rollout) |
| Blue/Green | New Stack / Environment | DNS or Load Balancer swap | Very Low (Easy rollback) |
Hierarchical Outline
- Infrastructure as Code (IaC) Updates
- AWS SAM CLI: Using
sam deployto push updates. - Parameter Overrides: Using
--parameter-overridesto pass environment-specific values (e.g.,DBName=prod-db). - Configuration Files: Using
samconfig.tomlto define multiple environments (e.g.,[staging.deploy.parameters]).
- AWS SAM CLI: Using
- Environment Management
- API Gateway Stages: Differentiating
dev,test, andprodendpoints. - Lambda Aliases: Using aliases (e.g.,
STABLE,LATEST) for traffic shifting. - AWS AppConfig: Managing application-level configurations without redeploying code.
- API Gateway Stages: Differentiating
- Deployment Automation
- AWS CodeDeploy: Automating the rollout to EC2, Lambda, or ECS.
- Deployment Groups: Defining the target instances or functions for the update.
Visual Anchors
Deployment Pipeline Flow
Lambda Alias Traffic Shifting
\begin{tikzpicture}[node distance=2cm, every node/.style={rectangle, draw, rounded corners, minimum height=1cm, minimum width=2.5cm, align=center}] \node (client) {Client Request}; \node (alias) [right=of client, fill=blue!10] {Lambda Alias$PROD)}; \node (v1) [above right=of alias, fill=green!10] {Version 1$Old)}; \node (v2) [below right=of alias, fill=yellow!10] {Version 2$New)};
\draw[->, thick] (client) -- (alias); \draw[->, thick] (alias) -- node[above, sloped] {90%} (v1); \draw[->, thick, dashed] (alias) -- node[below, sloped] {10% (Canary)} (v2); \end{tikzpicture}
Definition-Example Pairs
- Parameter Mapping: The process of using a single template but injecting different values per environment.
- Example: A CloudFormation template defines
DBInstanceClassas a parameter. In Staging, you passt3.microto save costs; in Production, you passr5.largefor performance.
- Example: A CloudFormation template defines
- Rollback Configuration: Automated reversal of a deployment if health checks fail.
- Example: Using CloudWatch Alarms to trigger a CodeDeploy rollback if the
5XXErrorrate on a new Lambda version exceeds 1% during the first 10 minutes of deployment.
- Example: Using CloudWatch Alarms to trigger a CodeDeploy rollback if the
Worked Examples
Scenario: Deploying a SAM Template to Staging
Goal: Update an existing Lambda function in the staging environment with a specific database connection string.
- Modify the Template: In
template.yaml, define a parameter:yamlParameters: EnvName: Type: String Default: dev - Run Deploy Command: Use the SAM CLI to target the existing staging stack:
bash
sam deploy \ --stack-name my-app-staging \ --parameter-overrides EnvName=staging DBConn=jdbc:mysql://staging-db:3306 \ --capabilities CAPABILITY_IAM - Verify: Log into the console and check the Change Set tab in CloudFormation to see exactly which resources (e.g., Lambda environment variables) will be modified.
Checkpoint Questions
- What AWS service allows you to preview changes to a stack before they are applied?
- If you want to shift 10% of traffic to a new Lambda version every 5 minutes, which CodeDeploy configuration should you use?
- How do API Gateway Staging Variables interact with Lambda functions?
- What is the benefit of using
samconfig.tomlfor multi-environment deployments?
▶Click to see answers
- AWS CloudFormation Change Sets.
- Linear10PercentEvery5Minutes.
- They can be passed as part of the context or used to dynamically determine which Lambda Alias or function ARN to invoke.
- It allows you to store environment-specific deployment parameters (like stack name and S3 bucket) so you don't have to type long CLI commands manually for every update.