I'm in the process of setting up multiple AWS accounts. The plan is to create separate accounts for each environment - DEV, QA , UAT & PROD.
Our web application is hosted using elastic beanstalk. The CI/CD pipeline will tag and deploy a version to beanstalk application in DEV account for each commit - This is working great.
We are tying to figure out how to deploy a chosen tagged version to different AWS account (QA), we will have a beanstalk application created with same name in QA as well.
I'm looking for a better way to manage the releases, please share your thoughts.
You should be able to use Named Profiles to target different accounts. The syntax might look something like eb deploy --profile qa myapp-env-qa.
Related
We have a few different AWS accounts and I am looking to migrate the SNS configuration from one AWS account to another. Is that possible to migrate?
Many thanks for considering my request.
AWS does not have a 'migrate' capability.
A best-practice is to deploy "infrastructure as code" using CloudFormation or Terraform. Then, when you wish to deploy the same infrastructure to a different AWS Account, simply use the same template to deploy it.
If you did not deploy your initial infrastructure via a template, you might want to use https://former2.com/ to create a template based on existing infrastructure. You can then use that template to deploy the same resources in a different AWS Account.
If I am member of an organization on AWS, and I use my member account to upload an Elastic Beanstalk app to a specific region via CLI, will it show up for management account as well? Or do I need to change something in settings somewhere to make the app upload to organization's AWS and not my own console. Need clarification
Currently, I used my member account keys in CLI to create and deploy elastic beanstalk app in specific region. It is working fine. However, the organization management account cannot see the environment in their console.
Any clarification would be very much appreciated! As I am not expert in AWS and have only used it as IAM user before to deploy apps.
We are creating the backend of our mobile/web app in Amplify and we have two environments there
1- Amplify Prod
2- Amplify Dev
Currently all of our developers who have access to amplify can pull both dev and prod environment in their local systems by running the amplify pull command. What we are trying to figure out is that is there any way we can restrict them to pull the prod environment? Like when they try to pull the prod environment they need to provide a password for successful pull or just totally restrict them to pull the prod? TIA
How can I setup aws codepipeline with aws code commit + aws code build + elastic beanstalk without using jenkins, teamcity or any other 3rd party tool?
If you take parts of two solutions I put together, you should be able to come up with a comprehensive solution for Elastic Beanstalk, CodePipeline, CodeCommit, and CodeBuild.
I wrote a post on using CodeCommit and CodePipeline with Elastic Beanstalk here: Create a Pipeline for Elastic Beanstalk in CodePipeline using CloudFormation and CodeCommit. In it, I'm using the example Node.js app from AWS. The associated launch stack and code is here.
I wrote about CodeBuild, CodePipeline, CodeCommit, and CodeDeploy integration at Deploy to Production using AWS CodeBuild and the AWS Developer Tools Suite. The code for the post is described at CodeBuild and AWS Developer Tools Suite Lab.
Depending on which programming language you're using to configure and deploy your application, you'll use a different CodeBuild curated environment. To see a list of CodeBuild examples, go to CodeBuild samples. There's a specific one for Elastic Beanstalk for Java here.
Ultimately, you'll need to use CodeBuild to generate the ZIP file that Elastic Beanstalk uses. You orchestrate this CodeBuild action in CodePipeline and use the OutputArtifacts generated in your CodeBuild stage/action as an InputArtifacts to your ElasticBeastalk deploy action. As you see from the examples, everything can be defined in AWS CloudFormation. Hope this helps.
I have everything setup and working with rolling deploys and being able to do git aws.push but how do I add a authorized key to EB server so my CI server can deploy as well?
Since you are using Shippable, I found this guide on Continuous Delivery using Shippable and Amazon Elastic Beanstalk that shows how to set it up on their end. Specifically, step 3 is what you are looking for.
It doesn't look like you need an authorized key, instead, you just need to give an AWS ID and AWS Secret Key that will allow Shippable to make API calls on your behalf. To do this, I recommend creating an IAM role that is specifically for Shippable. That way you can revoke it if you ever need to and only give it the permissions that it needs.