On the CodeDeploy Dashboard, click on Applications in the left-hand menu to view a list of CodeDeploy applications.
Select an application to explore its details, including Deployment groups, Deployment configurations, and Revisions.
Deployment Groups:
Under the selected application, review the Deployment groups to see the environment (e.g., EC2 instances, Lambda functions) where the application is deployed. Select a deployment group to view its settings, including Service role, Deployment settings, and Load balancer configuration.
Deployment History:
In the Deployments section of the selected application, review the deployment history to see details of past deployments, including statuses, start and end times, and any errors encountered.
3. Exploring the AWS Well-Architected Framework Pillars
Under the selected application, navigate to Deployment groups and select a deployment group to review its Deployment settings. Check the deployment configuration (e.g., CodeDeployDefault.OneAtATime, CodeDeployDefault.HalfAtATime) to understand how instances or functions are updated during a deployment.
Monitoring and Alarms:
For each deployment group, explore Alarms to see if CloudWatch alarms are configured to monitor the deployment health. Monitoring helps detect issues early and facilitates quick remediation.
Deployment History:
In the Deployments section, review recent deployment logs and statuses. Logs provide insights into the deployment process, helping identify any issues and improving operational practices.
Revision Management:
Check the Revisions tab to view the versions of the application being deployed. Proper revision management ensures that you can easily roll back to a stable version if a deployment fails.
In the Deployment group settings, review the Service role used by CodeDeploy. Ensure that the role follows the principle of least privilege, granting only the necessary permissions for the deployment.
Access to Repositories:
Under Application details, check the source repository settings. Verify that source repositories (e.g., S3, GitHub) have appropriate access controls to prevent unauthorized modifications to the code being deployed.
Load Balancer:
If a Load balancer is configured, examine its use in the Deployment group settings. Properly integrating load balancers with your deployment process helps manage traffic during deployment, ensuring that only healthy instances receive traffic.
Encryption:
If your deployment artifacts are stored in S3, ensure that they are encrypted. While this is managed outside CodeDeploy, it is essential to verify for secure deployment processes.
Under the Deployment group settings, check the deployment configuration (e.g., AllAtOnce, OneAtATime, Canary). These settings determine the speed and manner in which deployments are rolled out. Using strategies like OneAtATime can reduce downtime and impact in case of deployment failures.
Automatic Rollbacks:
Explore the Rollback settings in the Deployment group to verify if Automatic rollback is enabled for failed deployments or alarm conditions. Automatic rollbacks enhance reliability by reverting to the last known stable state.
Monitoring Deployments:
In the Deployments section, use Deployment logs to monitor deployment events and detect issues in real time. Regular monitoring of deployments ensures that issues are promptly identified and resolved.
Health Checks:
Check if Health checks (e.g., EC2 instance health) are configured for the deployment group. This ensures that only healthy instances are used in production, improving the reliability of your application.
In the Deployment group settings, review the Instance selection. Ensure that only the required instances are targeted for deployment, avoiding unnecessary costs.
Deployment Configurations:
Evaluate the Deployment configuration (e.g., rolling, canary) to optimize resource usage during deployments. Using configurations like OneAtATime minimizes the number of instances undergoing an update simultaneously, which can reduce costs associated with excessive resource scaling.
Monitoring and Logs:
In the Deployments section, check Logs to identify any repetitive errors or issues during deployments. Addressing these issues early can avoid costly re-deployments and downtime.
In the Deployments section, review the Deployment duration to assess the speed of deployments. Quick and efficient deployments reduce downtime and improve the overall performance of your application.
Auto Scaling Integration:
In the Deployment group settings, check if Auto Scaling is integrated. Auto-scaling during deployments ensures that the application scales automatically to meet demand, optimizing performance.
Load Balancer Integration:
If a Load balancer is used, verify that it is correctly integrated to manage traffic during deployment. Proper load balancing ensures smooth performance during updates by directing traffic only to healthy instances.
Deployment Settings:
Under Deployment group settings, review the Deployment configuration to ensure it aligns with your application's performance requirements. For example, using canary deployments can reduce the risk of performance degradation by gradually rolling out changes.
If CloudWatch alarms are used with your CodeDeploy deployment groups, explore them in the CloudWatch service to review their configurations. Alarms can monitor key metrics such as CPU usage, memory consumption, and error rates to enhance both reliability and performance.
Log in to the AWS Management Console of securitytooling account.
AWS Config and Security Hub:
If AWS Config and Security Hub are enabled, use them to review compliance findings related to CodeDeploy configurations, such as ensuring that deployment roles follow security best practices.