17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz

ichowicz | Sep, 2023 | AWS i…

Get unlimited access to the best of Medium for less than $1/week. Become a member

AWS DevOps: Continuous Docker Deployment

to AWS Fargate from GitHub using Terraform
Antoine Cichowicz · Follow
Published in AWS in Plain English Open in app
9 min read · Sep 5

Search
Listen Share More

Solution Architecture:

AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub architecture

Introduction:
In the ever-evolving landscape of DevOps practices, the ability to streamline and
automate application deployment processes is crucial. In this article, we will
explore a hands-on guide for achieving Continuous Docker Deployment to AWS
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 1/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Fargate from a GitHub repository using Terraform. This DevOps pipeline will allow
developers to push code changes to a GitHub repository and have them
automatically deployed to an AWS Fargate cluster.

AWS Key Components:

The provided Terraform code leverages these AWS services to create an automated
deployment pipeline for your application, ensuring scalability, reliability, and
security throughout the process.

Amazon Virtual Private Cloud (VPC): Is a secure, isolated private cloud hosted.

Amazon Subnets: Public and private subnets within the VPC for isolating
resources based on security requirements.

Amazon Internet Gateway (IGW): Provides internet connectivity to instances in

the public subnets.

Amazon NAT Gateway: Enables instances in the private subnets to initiate

outbound traffic to the internet while preventing incoming connections.

Amazon Security Group (SG): Defines inbound and outbound traffic rules to
control network access to instances.

Amazon Application Load Balancer (ALB): Distributes incoming application

traffic across multiple targets, such as Amazon ECS containers.

Amazon ECS Cluster: Manages containers using the AWS Fargate launch type,
abstracting the underlying infrastructure.

Amazon ECS Task Definition: Specifies the parameters for running containers
within an Amazon ECS service.

Amazon Elastic Container Registry (ECR): A fully managed Docker container

registry that stores, manages, and deploys container images.

Amazon IAM Roles and Policies: Define permissions for different services,
allowing them to interact securely.

AWS CodeBuild Project: Builds, tests, and packages your source code, producing
a ready-to-deploy container image.

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 2/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

AWS CodePipeline: Creates an end-to-end CI/CD pipeline that automates the

build, test, and deployment process.

Amazon CloudWatch Event Rule: Monitors changes in the CodeBuild build

status and triggers notifications.

Amazon SNS Topic: Allows publishing and subscribing to notifications and

messages.

IAM Roles for CodePipeline and CodeBuild: Provides permissions for the
pipeline and build processes to access required resources.

IAM Policies: Define permissions for roles to access necessary AWS services and
resources.

Project Workflow:
Here’s the project workflow for the provided Terraform code that sets up a
Continuous Docker Deployment to AWS Fargate from GitHub using Terraform:

1. VPC and Networking: Create a VPC with specified CIDR blocks, public and
private subnets across availability zones, an IGW for public subnet
communication, configure NAT Gateway for private subnet outbound
communication and set up route tables for public and private subnets.

2. Security Group: Create a security group for the ALB. Allow incoming traffic on
ports 80 and 5000 for the ALB. Allow all outbound traffic.

3. Application Load Balancer (ALB): Create an ALB with specified attributes and
subnets and set up ALB target groups and listeners.

4. Amazon ECS Cluster and Task Definition: Create an ECS cluster, define an ECS
task definition for the application, configure the container definition for the
Flask app, an IAM policy for ECS task execution.

5. IAM Roles and Policies for CodePipeline and CodeBuild: Define IAM roles for
CodePipeline and CodeBuild, IAM policies with necessary permissions for ECS,
S3, CloudWatch Logs, and attach the policies to the respective roles.

6. Amazon CodeBuild Project: Set up an Amazon CodeBuild project, configure the

project to build from the specified GitHub repository and define build
environment, source, and artifacts.

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 3/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

7. Amazon CodePipeline: Create an Amazon CodePipeline with a source stage

from GitHub, configure the source webhook for GitHub repository, create a
build stage using the CodeBuild project and define an S3 artifact store.

8. Amazon SNS Topic: Create an Amazon SNS topic for CodeBuild notifications,
configure topic policy to allow CloudWatch Events to publish to the topic and
create an IAM role for CloudWatch Events.

9. CloudWatch Events: Set up a CloudWatch Events rule to capture CodeBuild state

changes and define event pattern to capture IN_PROGRESS, SUCCEEDED,
FAILED, and STOPPED states.

10. CloudWatch Events Target and Notification: Configure CloudWatch Events to

target the SNS topic and subscribe the specified email address to the SNS topic
for notifications.

11. Amazon ECR Repository: Create an ECR repository for Docker images.

12. Docker Image Build and Push: Use a local-exec provisioner to build and push
the Docker image to the ECR repository.

13. Deployment to Fargate with CodePipeline: The CodePipeline deployment stage

will automatically deploy the new Docker image to ECS Fargate and the
application will be available through the ALB.

It’s a comprehensive DevOps workflow that ensures continuous deployment of

Docker applications to AWS Fargate while providing notifications and monitoring
through SNS and CloudWatch.

Getting Started:
Prerequisites:
Before we dive into the details of the deployment pipeline, make sure you have the
following prerequisites in place:

AWS account: With permissions to create resources specified in the code.

Fork GitHub Repo: Fork and clone your own Yris-ops/aws-devops-continuous-

docker-deployment-to-aws-fargate GitHub repository.

GitHub Token: Create an token in GitHub and provide access to the repo scopes.

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 4/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Terraform: Installed on your local machine.

Docker: Installed on your local machine.

Implementation:
Terraform: All the resource provisioning for this solution is written in a
Terraform configuration, which is available in the GitHub repository.

Deployment Steps:
1. Clone this repo on the local machine.

2. Fork this repo on your GitHub account.

3. Modify the necessary parameters in the vars.tf file to suit your needs, such as
region, VPC parameters, GitHub token, nomenclatures, etc.

4. Deploy the Terraform configuration with the following command: terraform init
&& terraform apply — auto-approve.

5. Wait 5 to 10 minutes until all resources are deployed.

Key Components for Continuous Deployment on AWS Fargate:

1. Virtual Private Cloud (VPC):

The VPC defines an isolated network in the cloud where you can deploy your AWS
resources. It’s used to host your subnets, security groups, alb, and other networking
resources.

2. Subnets:

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 5/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Subnets are logical partitions of your VPC network that can be spread across
different availability zones to ensure high availability of your resources. A minimum
of 2 AZ is required for alb deployment and resilient architecture.

3. Internet Gateway:

The internet gateway enables your resources in the VPC to communicate with the
internet.

4. NAT Gateway:

The NAT Gateway allows resources in private subnets to access the internet without
directly exposing those resources.

5. Route Tables:

Route tables define how network traffic is directed between different resources
within your VPC.

6. Security Groups:

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 6/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Security groups are virtual firewalls that control incoming and outgoing traffic for
your instances. They act as instance-level firewalls.

7. Elastic Container Service (ECS):

ECS is a container management service that enables you to run and manage
containerized applications. It offers flexible deployment options for Docker
containers.

8. ECS Cluster:

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 7/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

An ECS cluster is a group of EC2 or Fargate resources that allows you to run
containerized tasks and services.

9. Task Definition:

The ECS task definition is a template for defining how a containerized application
should run, including Docker images, exposed ports, etc.

10. IAM Roles and Policies:

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 8/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

IAM (Identity and Access Management) is used to manage roles and permissions. In
my case, roles and policies are created to allow services to authenticate and access
other services.

11. CodePipeline:

AWS CodePipeline is a continuous deployment service that automates the process of

releasing your code changes. It coordinates actions such as building, testing, and
deploying.

12. CodeBuild:

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 9/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

AWS CodeBuild is a fully managed build service that compiles your code, runs tests,
and produces deployable artifacts.

13. S3 (Amazon Simple Storage Service):

S3 is a scalable object storage service used to store build artifacts.

14. CloudWatch Events:

CloudWatch Events allows you to monitor and respond to changes in the state of
AWS resources. In case, it’s used to detect changes in CodeBuild build statuses.

15. SNS (Simple Notification Service):

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 10/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Subscribers to this topic can receive notifications via email, allowing them to stay
informed about the status of deployments.

16. Load Balancer (ALB):

The Application Load Balancer (ALB) distributes incoming traffic across different
IPs of your application based on defined routing rules.

17. Target Groups:

Target groups are used with the load balancer to direct traffic to specific instances
based on defined criteria.

18. GitHub Token:

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 11/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

GitHub token with repository access rights.

19. To Access Application:

1. Copy and paste the Terraform deployment output in your favorite browser.

2. Go to the AWS Management Console and navigate to the EC2 service and go on
Load Balancer section. You can access the application by copy and paste the ALB
DNS.

Let’s take a look at the application:

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 12/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Test Deployment:
1. Modify your application’s app.py file. Change what you want in the code, text,
color, font, text size, etc… Save the changes.

2. Commit the modification to your Github repository.

3. Wait a few minutes for the new tasks to run and go to the ALB DNS to see your
application update.

You can follow the update in the CodeBuild and CodePipeline services.

CleanUp Resources:
To clean up the Terraform deployment, you can follow these steps:

1. Open the AWS Management Console and navigate to the S3 Bucket service and
empty your S3 Bucket.

2. Navigate to the ECR Repository service and delete your repository.

3. To remove the resources created by this Terraform main.tf, run the following
command: terraform destroy --auto-approve

4. Wait the deletion to complete, it may take some time to remove all the
resources.

Conclusion:
Implementing a Continuous Docker Deployment pipeline to AWS Fargate from a
GitHub repository using Terraform empowers development teams to deliver

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 13/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

software efficiently and reliably. Automation reduces the risk of human error and
ensures that code changes are quickly and consistently deployed to production
environments.

By following the steps outlined in this article, you’ll establish a robust deployment
process that leverages the power of AWS services, Docker containers, and
infrastructure-as-code principles. This approach sets the stage for faster
development cycles, better collaboration, and increased confidence in your
application deployments.

If you found this article helpful, please hit the Follow 👉 and Clap 👏 buttons to
help me write more articles like this.
Thank You 🩵

🔔 Follow me on LinkedIn | GitHub | Twitter

In Plain English
Thank you for being a part of our community! Before you go:

Be sure to clap and follow the writer! 👏

You can find even more content at PlainEnglish.io 🚀
Sign up for our free weekly newsletter. 🗞️
Follow us on Twitter(X), LinkedIn, YouTube, and Discord.

DevOps AWS Terraform Iac Github

Follow

Written by Antoine Cichowicz

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 14/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

132 Followers · Writer for AWS in Plain English

AWS GameDayWorld Championship 2022 EMEA Top 5, FinOps Fnd, geek, nerd, running

More from Antoine Cichowicz and AWS in Plain English

Antoine Cichowicz

Start Stop ECS Fargate Scheduler with SNS Notification: A Cost-Effective

FinOps Solution for…
Managing the costs associated with running Fargate tasks can be a challenge, especially if
you’re running them outside of business hours…

2 min read · Mar 11

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 15/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Ajay Kumar Yegireddi in AWS in Plain English

DevSecOps: Deploying the 2048 Game on Docker and Kubernetes with

Jenkins CI/CD
Hello friends, we will be deploying a React Js 2048 Game. We will be using Jenkins as a CICD
tool and deploying our application on a Docker…

11 min read · Sep 24

150 1

Cloudmize in AWS in Plain English

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 16/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Cloud Architect vs. Cloud Engineer: Choosing the Right Career Path
Making an important career decision in cloud computing

4 min read · Sep 21

371 7

Antoine Cichowicz in AWS Tip

Introducing Yriser: An Open-Source FinOps Tool for Efficient Tag

Management
Introduction:

3 min read · Jul 18

62

See all from Antoine Cichowicz

See all from AWS in Plain English

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 17/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Recommended from Medium

Samsonk in AWS Tip

Run AWS on Your Laptop. Introduction to LocalStack.

What is LocalStack

5 min read · Aug 18

827 7

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 18/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Nithin G

DevOps Tools for 2024

In the rapidly evolving landscape of software development and IT operations, DevOps has
emerged as a transformative approach that aims to…

3 min read · Aug 20

212 6

Lists

General Coding Knowledge

20 stories · 443 saves

Icon Design
30 stories · 116 saves

Generative AI Recommended Reading

52 stories · 309 saves

New_Reading_List
174 stories · 150 saves

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 19/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Matteo Bianchi

2023 DevOps is terrible.

My analysis of modern DevOps evolution into Platform Engineering. Just a new trend or a
revolution in the IT industry?

7 min read · Sep 21

1.2K 27

Aman Pathak in DevOps.dev

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 20/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Deploy Static Website on AWS S3 + AWS Cloudfront + Route53 + AWS

Certificate Manager using…
Deploy Static Website on AWS S3 + AWS Cloudfront + Route53 + AWS Certificate Manager
using Terraform

7 min read · Jun 12

13

Dipan Saha

Creating Professional AWS Architecture Diagrams: Tools and Techniques

Amazon Web Services (AWS) offers a wide range of services that can be used to build robust
and scalable applications. However, with the…

4 min read · Apr 26

23

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 21/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…

Stephen Cleary in Protagona

Building AWS Infrastructure with a GitLab CICD Pipeline and Terraform

In this article we will be walking you through setting up a GitLab CICD pipeline using Terraform
and AWS.

13 min read · Sep 14

136 1

See more recommendations

https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 22/22