Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

code deploy error for ec2

0

below is code deploy cdk stack which is used

#!/usr/bin/env python3 from aws_cdk import ( Stack, RemovalPolicy, aws_iam as iam, aws_s3 as s3, aws_codedeploy as codedeploy, ) from constructs import Construct

class CodeDeployStack(Stack): def init(self, scope: Construct, construct_id: str, **kwargs): super().init(scope, construct_id, **kwargs)

    # =========================
    # CodeDeploy Service Role
    # =========================
    codedeploy_role = iam.Role(
        self,
        "CodeDeployServiceRole",
        role_name="codedeploy-service-role",
        assumed_by=iam.ServicePrincipal("codedeploy.amazonaws.com"),
        managed_policies=[
            iam.ManagedPolicy.from_aws_managed_policy_name(
                "service-role/AWSCodeDeployRole"
            ),
            iam.ManagedPolicy.from_aws_managed_policy_name(
                "service-role/AmazonEC2RoleforAWSCodeDeploy"
            ),
        ],
    )

    # =========================
    # Inline Policy (REFERENCE-STYLE)
    # =========================
    codedeploy_policy = iam.Policy(
        self,
        "CodeDeployPolicy",
        policy_name="codedeploy-policy",
        statements=[
            # EC2 + ASG discovery & lifecycle
            iam.PolicyStatement(
                actions=[
                    "ec2:DescribeInstances",
                    "ec2:DescribeTags",
                    "ec2:DescribeSecurityGroups",
                    "ec2:DescribeSubnets",
                    "ec2:DescribeVpcs",
                    "autoscaling:*",
                    "elasticloadbalancing:*",
                ],
                resources=["*"],
            ),

            # ✅ S3 ARTIFACT ACCESS (GENERIC, REUSABLE)
            iam.PolicyStatement(
                actions=[
                    "s3:PutObject",
                    "s3:PutObjectAcl",
                    "s3:GetObject",
                    "s3:ListBucket",
                    "s3:DeleteObject",
                ],
                resources=["*"],
            ),

            # CloudWatch Logs (agent + lifecycle hooks)
            iam.PolicyStatement(
                actions=[
                    "logs:CreateLogGroup",
                    "logs:CreateLogStream",
                    "logs:DescribeLogStreams",
                    "logs:PutLogEvents",
                ],
                resources=["*"],
            ),

            # CodeDeploy control plane
            iam.PolicyStatement(
                actions=[
                    "codedeploy:*",
                ],
                resources=["*"],
            ),

            # SSM (for instance communication / health)
            iam.PolicyStatement(
                actions=[
                    "ssm:Describe*",
                    "ssm:Get*",
                    "ssm:List*",
                    "ec2messages:*",
                    "ssmmessages:*",
                ],
                resources=["*"],
            ),
        ],
    )

    codedeploy_role.attach_inline_policy(codedeploy_policy)

    # =========================
    # Artifact Bucket (NO ACCESS LOGIC HERE)
    # =========================
    s3.Bucket(
        self,
        "CodeDeployBucket",
        bucket_name="codedeploy",
        versioned=True,
        block_public_access=s3.BlockPublicAccess.BLOCK_ALL,
        encryption=s3.BucketEncryption.S3_MANAGED,
        enforce_ssl=True,
        removal_policy=RemovalPolicy.RETAIN,
    )

    # =========================
    # CodeDeploy Application
    # =========================
    application = codedeploy.ServerApplication(
        self,
        "Application",
        application_name="app",
    )

    # =========================
    # Deployment Group
    # =========================
    codedeploy.ServerDeploymentGroup(
        self,
        "DeploymentGroup",
        application=application,
        deployment_group_name="app",
        role=codedeploy_role,
        ec2_instance_tags=codedeploy.InstanceTagSet(
            {"CodeDeploy": ["uat"]}
        ),
        deployment_config=codedeploy.ServerDeploymentConfig.ALL_AT_ONCE,
    )

.sh file used is #!/bin/bash set -euo pipefail

=========================

Configuration

=========================

APPLICATION_NAME="app" DEPLOYMENT_GROUP_NAME="app" S3_BUCKET="codedeploy" AWS_REGION="us-east-1"

Fixed ZIP name

ZIP_NAME="app.zip" S3_KEY="artifacts/${ZIP_NAME}"

=========================

Create Deployment Bundle

=========================

echo "Creating deployment bundle..." rm -f "${ZIP_NAME}"

zip -r "${ZIP_NAME}"
appspec.yml
deployment
managers
manager_utils
-x ".git"
-x "pycache"
-x "*.pyc"

Verify ZIP creation

if [ ! -f "${ZIP_NAME}" ]; then echo "❌ ZIP file was not created" exit 1 fi echo "✅ ZIP file created: ${ZIP_NAME}"

=========================

Upload to S3

=========================

echo "Uploading to S3: s3://${S3_BUCKET}/${S3_KEY}..." aws s3 cp "${ZIP_NAME}" "s3://${S3_BUCKET}/${S3_KEY}"
--region "${AWS_REGION}" \

=========================

Verify Upload

=========================

echo "Verifying S3 upload..." if aws s3 ls "s3://${S3_BUCKET}/${S3_KEY}" --region "${AWS_REGION}" | grep "${ZIP_NAME}" > /dev/null; then echo "✅ File successfully uploaded to S3: ${S3_KEY}" else echo "❌ File not found in S3: ${S3_KEY}" exit 1 fi

=========================

Trigger CodeDeploy Deployment

=========================

echo "Triggering CodeDeploy deployment..." DEPLOYMENT_ID=$(aws deploy create-deployment
--application-name "${APPLICATION_NAME}"
--deployment-group-name "${DEPLOYMENT_GROUP_NAME}"
--s3-location bucket="${S3_BUCKET}",key="${S3_KEY}",bundleType=zip
--ignore-application-stop-failures
--region "${AWS_REGION}"
--query "deploymentId"
--output text)

echo "✅ Deployment triggered: ${DEPLOYMENT_ID}"

=========================

Monitor Deployment Status

=========================

echo "Monitoring deployment status..." if aws deploy wait deployment-successful
--deployment-id "${DEPLOYMENT_ID}"
--region "${AWS_REGION}"; then echo "✅ Deployment completed successfully" else echo "❌ Deployment failed" exit 1 fi

but zip is not getting shown in s3 console

output is adding: adding: ✅ ZIP file created: badger-manager.zip Uploading to S3: s3://codedeploy/artifacts/app.zip... Verifying S3 upload... ❌ File not found in S3: artifacts/app.zip

please provide any missing thing in cdk code or in .sh deployment file

Topics
DevOpsDeveloper Tools
Tags
AWS CodeDeployDevOps
Language
English
asked 4 months ago37 views
1 Answer
0

The underlying issue arises from a misalignment between the S3 bucket configuration in your CDK stack and the object key referenced in your deployment script. In the CDK definition, the bucket is explicitly named codedeploy; however, S3 bucket names must be globally unique and cannot be reused across accounts. If the bucket creation failed or was substituted with a different physical name, the deployment script would be unable to locate the intended object. Furthermore, the script is generating and uploading badger-manager.zip while subsequently verifying against app.zip, resulting in the “❌ File not found” error.

Try this:

APPLICATION_NAME="app"
DEPLOYMENT_GROUP_NAME="app"
S3_BUCKET="codedeploy-123456789012-us-east-1"   # unique bucket name
AWS_REGION="us-east-1"

ZIP_NAME="app.zip"
S3_KEY="artifacts/${ZIP_NAME}"

echo "Creating deployment bundle..."
rm -f "${ZIP_NAME}"
zip -r "${ZIP_NAME}" appspec.yml deployment managers manager_utils -x ".git" -x "__pycache__" -x "*.pyc"

aws s3 cp "${ZIP_NAME}" "s3://${S3_BUCKET}/${S3_KEY}" --region "${AWS_REGION}"

aws s3 ls "s3://${S3_BUCKET}/${S3_KEY}" --region "${AWS_REGION}"

https://docs.aws.amazon.com/codedeploy/latest/userguide/tutorials-windows-upload-application.html

https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3_deployment-readme.html

https://docs.aws.amazon.com/codedeploy/latest/userguide/resource-kit.html

EXPERT
answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content