Mastering AWS CI/CD: Continuous Integration and Continuous Delivery for Developers

This study guide covers the core AWS DevOps tools and practices essential for the AWS Certified Developer - Associate (DVA-C02) exam, focusing on Domain 3: Deployment.

Learning Objectives

By the end of this guide, you should be able to:

• Identify the core AWS CI/CD services: CodeCommit, CodeBuild, CodeDeploy, and CodePipeline.
• Describe different Lambda deployment packaging options (Zip vs. Container Image).
• Configure and differentiate between deployment strategies like Blue/Green, Canary, and Rolling.
• Update Infrastructure as Code (IaC) templates (SAM/CloudFormation) for automated pipelines.
• Manage application environments and perform rollbacks in case of failure.

Key Terms & Glossary

• Continuous Integration (CI): The practice of frequently merging code changes into a central repository, followed by automated builds and tests.
• Continuous Delivery (CD): An extension of CI where code changes are automatically prepared for a release to production.
• Continuous Deployment: A step beyond delivery where every change that passes the pipeline is automatically deployed to production without manual intervention.
• Artifact: A file or set of files (e.g., a .zip, .jar, or Docker image) produced by the build process that is ready for deployment.
• Webhook: A mechanism that triggers a pipeline or action when an event occurs in a source repository (e.g., a git push).

The "Big Idea"

The "Big Idea" behind CI/CD is to shorten the feedback loop. By automating the path from a developer's machine to the production environment, teams can release features faster, reduce human error in deployments, and ensure that software is always in a releasable state. It transforms deployment from a high-risk event into a routine, automated process.

Formula / Concept Box

Deployment Strategies Comparison

Hierarchical Outline

1. AWS CI/CD Service Stack
   • AWS CodeCommit: Managed Git-based version control. Secure and highly scalable.
   • AWS CodeBuild: Managed build service that compiles code, runs tests, and produces artifacts. Uses a buildspec.yml file.
   • AWS CodeDeploy: Automates code deployment to EC2, Lambda, ECS, and On-premises.
   • AWS CodePipeline: The orchestrator that links source, build, and deploy stages together.
2. Deployment Management
   • Lambda Packaging: Can be packaged as .zip files (max 50MB direct / 250MB unzipped) or Container Images (up to 10GB).
   • API Gateway Stages: Uses stage variables to point to different Lambda aliases (e.g., PROD vs DEV).
3. Infrastructure as Code (IaC)
   • AWS SAM: An extension of CloudFormation for serverless applications.
   • CloudFormation: Uses JSON/YAML templates to define and provision infrastructure.

Visual Anchors

The CI/CD Pipeline Workflow

Blue/Green Deployment Traffic Shift

\begin{tikzpicture}[node distance=2cm] \draw[thick] (0,3) node[draw, rectangle] (R) {Traffic Router (ALB/Route53)}; \draw[fill=blue!20] (-2,0) rectangle (-0.5,1.5) node[pos=.5] {Blue (V1)}; \draw[fill=green!20] (0.5,0) rectangle (2,1.5) node[pos=.5] {Green (V2)}; \draw[->, thick] (R) -- (-1.25,1.5); \draw[->, dashed, thick] (R) -- (1.25,1.5); \node at (2.5,2.5) [text width=3cm, align=left] {\small 1. Provision Green \ 2. Test Green \ 3. Swap Traffic}; \end{tikzpicture}

Definition-Example Pairs

• In-Place Deployment: A deployment where the existing instances are stopped and the new version is installed.
  • Example: Updating a single EC2 instance by stopping the web server, replacing the code, and restarting it.
• Manual Approval: A step in a pipeline where a human must review and click "Approve" before the process continues.
  • Example: A manager reviewing the results of a Staging build before allowing CodePipeline to deploy to Production.
• Linear Deployment (Lambda): A traffic-shifting strategy where traffic grows by a fixed percentage every X minutes.
  • Example: Shifting 10% of traffic to a new Lambda version every 1 minute until 100% is reached.

Worked Examples

Example 1: Updating a SAM Template for a New Environment

To deploy a serverless app to a new environment (e.g., testing), you must update the Parameters section of your AWS SAM template.

1. Open template.yaml.
2. Define a parameter for the environment name:
   yamlCopy

   Parameters: EnvName: Type: String Default: dev
3. Use the parameter in resource names or environment variables using !Ref EnvName.
4. Deploy using the CLI: sam deploy --parameter-overrides EnvName=testing.

Example 2: Configuring a Canary Release for Lambda

Using CodeDeploy and Lambda Aliases:

1. Create a Lambda function version and an alias called live.
2. In the AppSpec.yml file, specify the Type: AWS::Lambda::Function.
3. Set DeploymentPreference to Canary10Percent5Minutes.
4. CodeDeploy will shift 10% of traffic to the new version, wait 5 minutes, and then shift the remaining 90% if no CloudWatch Alarms are triggered.

Checkpoint Questions

1. Which file is required by AWS CodeBuild to define build commands and artifact locations?
2. What is the main difference between a "Rolling" deployment and a "Blue/Green" deployment regarding resource count?
3. True or False: AWS CodePipeline can use GitHub or Bitbucket as a source provider.
4. How does API Gateway handle different versions of an API without changing the URL?

[!TIP] Always ensure your CodeBuild service-role has the necessary permissions to upload artifacts to S3, or your pipeline will fail at the Build stage.

▶Click to see answers

1. buildspec.yml
2. Rolling uses existing resources (no extra cost/capacity initially), while Blue/Green provisions a full set of new resources (temporarily doubling capacity/cost).
3. True.
4. By using Stages (e.g., /prod, /dev) and stage variables.