Book Image

AWS Automation Cookbook

By : Nikit Swaraj
Book Image

AWS Automation Cookbook

By: Nikit Swaraj

Overview of this book

AWS CodeDeploy, AWS CodeBuild, and CodePipeline are scalable services offered by AWS that automate an application's build and deployment pipeline. In order to deliver tremendous speed and agility, every organization is moving toward automating their entire application pipeline. This book will cover all the AWS services required to automate your deployment to your instances. You'll begin by setting up and using one of the AWS services for automation –CodeCommit. Next, you'll learn how to build a sample Maven and NodeJS application using CodeBuild. After you've built the application, you'll see how to use CodeDeploy to deploy the application in EC2/Auto Scaling. You'll also build a highly scalable and fault tolerant Continuous Integration (CI)/Continuous Deployment (CD) pipeline using some easy-to-follow recipes. Following this, you'll achieve CI/CD for a microservice application and reduce the risk within your software development life cycle globally. You'll also learn to set up an infrastructure using CloudFormation templates and Ansible, and see how to automate AWS resources using AWS Lambda. Finally, you'll learn to automate instances in AWS and automate the deployment lifecycle of applications. By the end of this book, you'll be able to minimize application downtime and implement CI/CD, gaining total control over your software development lifecycle.
Table of Contents (11 chapters)

Setting up CodeCommit for SSH users using AWS CLI

In the previous recipe, we saw how we can access the repository using the username and password. In this section, we will use SSH private and public keys to access the repository. We will be accessing the repository using SSH connections.

This topic assumes that you already have, or know how to create, a pair of public/private keys. You should be familiar with SSH and its configuration files.

Getting ready

Before setting up CodeCommit for SSH users, we need the AWS CLI installed and configured with the respective AWS account. To install the AWS CLI on our development machine, we need to perform these steps:

  1. We need to install python-pip and AWS CLI tools. Usually, in CentOS/RHEL, python-pip comes with EPEL (Extra Package for Enterprise Linux):
    # yum install epel-release python-pip
# pip install awscli
  1. Once we have the awscli command installed in our system, we have to configure it using the access and secret Key, as well as the region we will use the AWS account in. If you remember, we had created a user while generating the https git credentials, but at that moment, we also downloaded another type of credentials, the secret and access key. So, we need that over here.
  2. Now, let's configure AWS CLI:
    awsstar@awsstar:~$ aws configure
AWS Access Key ID [None]: AKIxxxxxxxxxxxxxDDA
AWS Secret Access Key [None]: b+GEuc2u3xxxxxxxxxxxxxx+av/5eK
Default region name [None]: us-east-1
Default output format [None]:
  1. Once the configuration is done, let's try to list the repository:
    awsstar@awsstar:~$ aws codecommit list-repositories
"repositories": [
"repositoryName": "NixSrj",
"repositoryId": "73caf1e3-65a9-44bf-8c6a-a3bd3e0260b0"
"repositoryName": "ECS-POC",
"repositoryId": "62063220-b0fc-4519-9d54-896be46a7521"
"repositoryName": "terraform-Openshift",
"repositoryId": "20f88492-81bb-4068-8867-5d17a1d3ec5b"
  1. So it's showing the repository, which means the credentials are working fine and we are good to go to create a repository now.

How to do it...

  1. Create a repository, HelloWorld:
    awsstar@awsstar:~$ aws codecommit create-repository --repository-    name HelloWorld --repository-description "This repository includes     static page of HelloWorld"
"repositoryMetadata": {
"repositoryName": "HelloWorld",
"cloneUrlSsh": "ssh://",
"lastModifiedDate": 1501778613.664,
"repositoryDescription": "This repository includes static page of HelloWorld",
"cloneUrlHttp": "",
"creationDate": 1501778613.664,
"repositoryId": "53866a81-8576-4e79-ab5a-36882c33b717",
"Arn": "arn:aws:codecommit:us-east-1:160384169139:HelloWorld",
"accountId": "160384169139"
  1. Now, check it using the following command:
    awsstar@awsstar:~$ aws codecommit list-repositories
"repositories": [
"repositoryName": "HelloWorld",
"repositoryId": "53866a81-8576-4e79-ab5a-36882c33b717"
  1. Let's try to clone the HelloWorld repository from CodeCommit to our development machine; but before that, we have to establish SSH authentication. To do that, we have to perform the following operations to generate the SSH keys:
    awsstar@awsstar:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/awsstar/.ssh/id_rsa):
Created directory '/home/awsstar/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/awsstar/.ssh/id_rsa.
Your public key has been saved in /home/awsstar/.ssh/
The key fingerprint is:
SHA256:NMUiRSDRD9SxrSIcYm9A4BYau2TOaeEfk5TgRmy3i4o root@aa21529d724f
The key's randomart image is:
+---[RSA 2048]----+
|+=. o+o=+o. |
|=*o...+ o+. |
|+O=oo ++.. |
|Oo+*.. ..o |
|.*.+* . S |
|...oo. . |
|o . |
|E |
| |
  1. The preceding command will create two keys; one is the public key ( and the other one is the private key (id_rsa).
  2. Now, we have to upload the public key to the user of AWS we created:
    awsstar@awsstar:~$ cd .ssh
awsstar@awsstar:~/.ssh$ aws iam upload-ssh-public-key --user-name awsccuser --ssh-public-key-body "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCk437p8/JmhGOdM9oYNK/r1xpOnuA2cQNfYys7lnE9gXJdTEjniHNFcJZMkIVmtYQGAqEh37BWGfXl4s5iw/NSfkDuZf8zegAgyPryR0KTTUG2f/rrtyLtlAPlSXjtCmHakZzhwIoRJtzkDbSpKoUOD8fNnS3kKIwk7Dp3+gGLLgo9eoZdud9h/E5+NpORog7wg7xaTgg3mwa9StaPHKMxJNwNc71dIuUyAh2S6bDbHB3QWLNfrJABYqPq5HGFh3KLogH9GHBMajshLEOS4Ygk3uC8FzB+eP4oneuWd2n68N3qg5RmX0U5lAL8s3+ppuhmjlbSvDOdBUJdpgEL/AQZ awsstar@awsstar"
  1. We need to make a note of some details, such as the SSHPublicKeyId provided as output in thew JSON format, while uploading the SSH public key.
  2. We have to bring about some modification in the config file lying in $HOME/.ssh/config:
    awsstar@awsstar:~$ vi .ssh/config
IdentityFile ~/.ssh/id_rsa
  1. Once we are done saving the config file, let's see the connectivity between the development machine and AWS CodeCommit:
    awsstar@awsstar:~$ ssh
The authenticity of host ' (' can't be established.
RSA key fingerprint is SHA256:eLMY1j0DKA4uvDZcl/KgtIayZANwX6t8+8isPtotBoY.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ',' (RSA) to the list of known hosts.
You have successfully authenticated over SSH. You can use Git to interact with AWS CodeCommit. Interactive shells are not supported.Connection to closed by remote host.
Connection to closed.
  1. We get the output that says Successfully authenticated over SSH, so now we are ready to clone the repository. We can clone the SSH URL of the repository, which we obtain from the JSON output while creating the repository:
    awsstar@awsstar:~$ git clone ssh://
Cloning into 'HelloWorld'...
warning: You appear to have cloned an empty repository.
checking connectivity... done
awsstar@awsstar:~$ ls
  1. So, we cloned an empty repository; now it's time to put a sample index.html file in the CodeCommit HelloWorld repository:
     awsstar@awsstar:~/HelloWorld$ echo '<h1> Hello World </h1>' >     index.html
awsstar@awsstar:~/HelloWorld$ git add .
awsstar@awsstar:~/HelloWorld$ git commit -m " index.html push "
[master (root-commit) bc76f76] index.html push
1 file changed, 1 insertion(+)
create mode 100644 index.html
root@awsstar:~/HelloWorld# git push origin master
Counting objects: 3, done.
Writing objects: 100% (3/3), 233 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To ssh://
* [new branch] master -> master
  1. In this stage, we successfully pushed our local file into the AWS CodeCommit HelloWorld repository.