NextWork.

org

Build a Web
App and IDE in
AWS
Jaydeep Barot
 Jaydeep Barot
NextWork Student NextWork.org

Set up an IAM User

An IAM user is a person or service that has access to resources in a cloud ,like
AWS. Each IAM user has their own login,credentials,permissions that define
what actions they can take. It's a way to way to securely manage who can
access what in cloud

The importance of IAM users

t’s important to use IAM users because they help securely manage access to
cloud resources. By assigning individual permissions, you control what each
user can do, minimizing risks and ensuring that users have only the access
they need for their task

I created an IAM user with Administrator access

 Jaydeep Barot
NextWork Student NextWork.org

Environments & IDEs

What is an environment?
An environment is a set of requirements/resources required to run and build
your software application.

What is an IDE?
An IDE is a general term for software that help developers write, debug, and
manage code efficiently.
 Jaydeep Barot
NextWork Student NextWork.org

Launch a Cloud9 IDE

The benefit of using Cloud9
Using Cloud9 has the benefit that u can access it through a web browser from
anywhere, without needing to install heavy software on your computer (most
IDEs have to be downloaded
 Jaydeep Barot
NextWork Student NextWork.org

Maven & Java

Maven is a build automation and project management tool primarily used for
Java projects. It helps developers manage project dependencies, compile
code, run tests, and package the project into deployable formats like JAR or
WAR files.

Maven is required in this project because It helps streamline the development

workflow by handling tasks like compiling code, running tests, and packaging
the app for deployment in the cloud.

Java is a high-level, object-oriented programming language known for its

platform independence, meaning code written in Java can run on any device
with a Java Virtual Machine (JVM).

Java is required in this project because it provides a reliable, scalable, and

platform-independent environment for developing and running the web
application.
 Jaydeep Barot
NextWork Student NextWork.org

Create the Application

To create a simple Java web app, I ran the command mvn archetype:generate \
-DgroupId=com.nextwork.app \ -DartifactId=nextwork-web-project \ -
DarchetypeArtifactId=maven-archetype-webapp \ -DinteractiveMode=false

Once the web app was created, my IDE’s file explorer was populated with
'src/main/webapp' directory, which contains the web application's resources.

To customise this web app’s display, I updated the h2 tag in index.jsp file with
my Name.
 NextWork.org

Set up a Git
Repo with
AWS
Jaydeep Barot
 Jaydeep Barot
NextWork Student NextWork.org

Introducing Today's Project!

What is AWS CodeCommit?
AWS CodeCommit is a cloud-based Git repository service that helps you store
and manage your code securely. It's useful because it makes collaboration
easier, keeps your code backed up in the cloud, and integrates well with other
AWS services for seam

How I'm using CodeCommit in this project

I used AWS CodeCommit in today's project to store and track my code
changes. After making updates in my AWS Cloud9 code editor, I pushed them
to CodeCommit, which kept my code safe and accessible for future
collaboration or version control.

One thing I didn't expect...

One thing I didn’t expect in this project was how smoothly the integration
between AWS Cloud9 and CodeCommit would work.

This project took me...

I completed this project in 30-40 mins
 Jaydeep Barot
NextWork Student NextWork.org

Create a Git repository

What is Git?
Git is a version control system that helps developers track changes in their
code over time. It makes collaboration easy, allowing multiple people to work
on a project simultaneously,keep track of revisions, and revert to earlier
versions when needed

What is a Git repository?

A Git repository is a storage space where your project's files, along with their
complete history of changes, are saved. It allows you to track edits, collaborate
with others, and manage different versions of your project, all in one organized
place.
 Jaydeep Barot
NextWork Student NextWork.org

My first commit
I initialized a Git repo by running the command git init in Cloud9, which sets up a
new repository in the current directory, allowing me to start tracking changes in
my project.

I used three commands to push local changes to

CodeCommit
The first command I ran was git add ., which adds all my changed files to a
staging area. This prepares the files, organizing them so I can commit them
later, ensuring everything I've updated is ready to be saved in my project's
history.

The second command I ran was git commit -m "Initial commit. Updated
index.jsp.", which saves the changes to my local repository. The -m allows me
to add a message, explaining what the changes were, like updating the
index.jsp file in this case.

The third command I ran was git push -u origin main, which pushes my
committed changes to the remote repository. The -u sets the default branch for
future pushes, so next time I can just run git push without needing to specify
the branch or repositor
 Jaydeep Barot
NextWork Student NextWork.org

Creating a Repository
 Jaydeep Barot
NextWork Student NextWork.org

Git in action
Making changes in Cloud9
I wanted to see Git working in action, so I updated Index.jsp by adding a
paragraph to track changes.

The importance of committing changes

I tried seeing these changes in my CodeCommit repository, but this didn’t work
because the changes were only made in my local repository, not pushed to
CodeCommit yet.

I finally saw the changes in my CodeCommit repository after pushing them

from my AWS Cloud9 code editor to the CodeCommit platform (origin branch).
It worked once I synced everything properly
 NextWork.org

Dependencies
and
CodeArtifact
Jaydeep Barot
 Jaydeep Barot
NextWork Student NextWork.org

Introducing today's project!

What is AWS CodeArtifact?
AWS CodeArtifact is a managed artifact repository that stores, publishes, and
shares software packages in formats like Maven, npm, and PyPI. It streamlines
dependency management, ensures version control, and provides secure
access, enhancing developm

How I used CodeArtifact in this project

I used AWS CA in today's project to store and manage dependencies for my
web app. By connecting my development environment to CodeArtifact, I
ensured seamless access to packages, enabling efficient builds and better
organization of my project

One thing I didn't expect in this project was...

One thing I didn't expect in this project was the complexity of configuring IAM
policies and repository settings.I thought the setup would be
straightforward,but managing access and permissions was essential for
seamless integration with AWS services

This project took me...

I completed this project in 30-40 mins
 Jaydeep Barot
NextWork Student NextWork.org

My project has three artifact repositories

The local repository is like your personal toolbox for storing software packages
you've downloaded on your computer. When building a project, it checks this
repository first to see if the required packages are already available,saving time
and effort

Upstream repository is a central location where software packages are stored

and shared. If a package isn't found in your local repository, the system fetches
it from the upstream repository to ensure all dependencies for your project are
available

The public repository is a shared, online storage space where developers

upload software packages for others to access. It allows projects to fetch
dependencies from a central source when they're not found locally or
upstream.
 Jaydeep Barot
NextWork Student NextWork.org

Connecting my project with

CodeArtifact
I connected my web app project (via my Cloud9 IDE) to CodeArtifact so it can
easily fetch and manage the necessary dependencies from the right
repositories. This ensures my project can access and use external packages
efficiently.

I created a new file, settings.xml, in my web app

settings.xml is a config file that tells your project where to find and connect to
repositories. It stores details like repository URLs and credentials, helping your
project fetch the dependencies it needs for building and running.

The snippets of code define how to connect to a repository for dependencies.

The servers section stores authentication details, profiles directs Maven to use
a specific repository, and mirrors sets a backup repository in case the main one
fails.
 Jaydeep Barot
NextWork Student NextWork.org

Testing the connection

To test the connection between Cloud9 and
CodeArtifact, I compiled my web app
Compiling means transforming source code written in a programming language
into machine code or an executable format that a computer can understand
and run. This process checks for errors and prepares the code for execution.

Success!
After compiling, I checked the CodeArtifact repository and found a list of
packages. These packages were downloaded from the upstream or Maven
Central Repository and are now stored as copies within CodeArtifact, ready for
use in my project.
 Jaydeep Barot
NextWork Student NextWork.org

Create IAM policies

The importance of IAM policies
also created an IAM policy because it grants necessary permissions to other
DevOps services like AWS CodeBuild and AWS CodePipeline.This ensures they
can access the packages stored in CodeArtifact,allowing seamless integration
and resource management

I defined my IAM policy using JSON

This policy will allow actions such as obtaining an authorization token,
accessing the repository endpoint, and reading from the repository. It also
permits getting a service bearer token specifically for CodeArtifact, ensuring
secure access to resou
 NextWork.org

Package an
App with
CodeBuild
Jaydeep Barot
 Jaydeep Barot
NextWork Student NextWork.org

Introducing today's project!

What is AWS CodeBuild?
AWS CodeBuild is a fully managed service that compiles source code, runs
tests, and creates deployable packages. It's useful because it automates the
build process, allowing developers to quickly build, test, and deploy
applications without managing

How I used CodeBuild in this project

I used AWS CodeBuild to automate the build process for my web app. It
compiled the source code, packaged it into a WAR file, and stored the output in
an S3 bucket for easy deployment. It streamlined the process without needing
manual intervention.

One thing I didn't expect in this project was...

One thing I didn’t expect in this project was encountering the YAML file error
during the build process. It required some troubleshooting with Git and file
tracking to resolve, but it was a good learning experience in managing build
configurations.

This project took me...

This project took 30-40 mins
 Jaydeep Barot
NextWork Student NextWork.org

Set up an S3 bucket
I started my project by creating an S3 bucket, which will later store an important
build artifact generated during the build process I'm setting up with CodeBuild.
This bucket will be key for managing and storing the results of the build.

The key artifact that this S3 bucket will capture is called a WAR file (Web
application Resource).

This artifact is important because it guarantees that any server hosting my web
app will have all the necessary resources and tools to run the application
smoothly, ensuring everything is in place for a successful deployment.
 Jaydeep Barot
NextWork Student NextWork.org

Set up a CodeBuild project

Source
My CodeBuild project's Source configuration refers to where the build retrieves
the code. I chose AWS CodeCommit as the provider, with the nextwork-web-
project repository on the main branch as the source for the build process.

Environment
My CodeBuild project's Environment configuration means the setup where the
build process runs. I selected an ec2 instance running Amazon Linux 2 and
Java Coretto 8 as runtime.

Artifacts
My CodeBuild project's Artifacts configuration means the output of the build
process.I selected an S3 bucket nextwork-build-artifacts-jaydeep,as the
storage location, with the build artifacts packaged into a ZIP file for easy
retrieval and deployment

Logs
My CodeBuild project's Logs configuration tracks the build's output and errors.
I selected CloudWatch logs, with logs sent to the nextwork-build-logs group
and the webapp stream, to monitor and troubleshoot the build process.
 Jaydeep Barot
NextWork Student NextWork.org

Create a buildspec.yml file

I created a buildspec.yml file in my project because it gives CodeBuild the
instructions to compile, build, and package the app. It sets the Java runtime,
gets the authentication token from CodeArtifact, and defines the output artifact
for deployment
 Jaydeep Barot
NextWork Student NextWork.org

Create a CodeBuild build

project
My buildspec.yml file has four stages
The first two phases in my file are the install and pre_build phases. The install
phase sets the Java runtime,and the pre_build phase initializes the environment
and retrieves the authorization token needed to access the CodeArtifact repo

The third phase in my buildspec.yml file is the build phase. In this phase, it runs
the command to compile the project using Maven, which processes the source
code and prepares it for packaging.

The fourth phase in my buildspec.yml file is the post_build phase. During this
phase, it runs the command to package the application using Maven, creating
the final artifact needed for deployment.
 Jaydeep Barot
NextWork Student NextWork.org

Modify CodeBuild’s IAM role

Before building my CodeBuild project, I modified
its service role first.
My CodeBuild project's service role was initially created when I set up the
CodeBuild project, and I verified the settings for creating a new service role.

I attached a new policy named codeartifact-nextwork-consumer-policy to my

CodeBuild project's IAM role, granting it access to the packages and
dependencies needed for compilation later on.

Attaching this policy means that my CodeBuild project can now access the
necessary packages and dependencies stored in CodeArtifact, enabling it to
compile the application successfully and ensuring a smoother build process.
 Jaydeep Barot
NextWork Student NextWork.org

My first project build 💪

To build my project, all I had to do was go to the CodeBuild console, select the
nextwork-web-build project, and click on "Start build." I then monitored the logs
until the build was complete, which took about 5 minutes.

The build process in CodeBuild took about 5 minutes to complete, during which
I monitored the logs to ensure everything was running smoothly.

Once the build is complete, I checked my S3 bucket named nextwork-build-

artifacts. Inside, I found a packaged WAR file within a zip named nextwork-
web-project.zip.

I saw a nextwork-web-project.zip file in the S3 bucket, which verified that the

build was completed successfully.
 NextWork.org

Deploy an App
with
CodeDeploy
Jaydeep Barot
 Jaydeep Barot
NextWork Student NextWork.org

Introducing today's project!

What is AWS CodeDeploy?
AWS CodeDeploy is a deployment service that automates application updates
across various compute platforms, ensuring smooth and consistent
deployments, minimizing downtime, and simplifying the release process.

How I'm using AWS CodeDeploy in this project

I used AWS CodeDeploy to automate the deployment of my web application
from an S3 bucket to an EC2 instance, allowing for efficient updates and easy
management of application versions.

One thing I didn't expect...

I didn't expect the complexity of setting up the IAM roles and policies required
for seamless integration between CodeDeploy and other AWS services.

This project took me...

I Completed this project in 40-50 mins
 Jaydeep Barot
NextWork Student NextWork.org

Set up an EC2 instance

I set up an EC2 instance and VPC to create a dedicated production
environment for deploying my web app, ensuring it runs in a separate,
controlled space.

We manage production and development environments separately because it

ensures that new features can be tested without disrupting the live app. This
approach helps maintain stability for users while allowing ongoing development
and experimentation.

To set up my EC2 instance and VPC, I used Aws Cloudformation.

 Jaydeep Barot
NextWork Student NextWork.org

Bash scripts
Scripts are collections of commands stored in a file, so when you execute a
script, you're instructing the system to follow each line of code you've written.
Bash is one particular scripting language used for this purpose.

I used three scripts for my project's deployment

The first script I created was install_dependencies.sh, which installs essential
software for my application on the EC2 instance. It sets up Apache Tomcat and
HTTPD, ensuring a consistent environment for every deployment of my
application

The second script I created was start_server.sh, which starts the Tomcat and
HTTPD services on my EC2 instance. This ensures that the necessary services
are running, allowing my web app to function properly every time it is deployed.

The third script I created was stop_server.sh, which stops the Tomcat and
HTTPD services on my EC2 instance. It checks if each service is running and, if
so, stops them, ensuring that the application can be safely shut down when
needed
 Jaydeep Barot
NextWork Student NextWork.org

Bash scripts
 Jaydeep Barot
NextWork Student NextWork.org

CodeDeploy’s IAM Role

I created an IAM service role for CodeDeploy because to grant it the necessary
access to other AWS services, like EC2, enabling it to deploy my web app
effectively.

To set up CodeDeploy’s IAM role, I used the AWS managed policy called
AWSCodeDeployRole, which automatically grants the essential permissions
that CodeDeploy typically requires.
 Jaydeep Barot
NextWork Student NextWork.org

CodeDeploy application
A CodeDeploy application refers to a saved configuration or setup template that
outlines the process for deploying my web app.

To create a CodeDeploy application, I had to select a compute platform, which

means I chose the type of environment where my application will be deployed,
such as EC2, AWS Lambda, or Amazon ECS, to match my deployment needs.

The compute platform I chose was EC2 because I have experience using EC2
as my web server. This gives me complete control over the server setup, which
is ideal for deploying my web application and learning the intricacies of server
management.
 Jaydeep Barot
NextWork Student NextWork.org

Deployment group
A deployment group means a set of instances or servers targeted for a
deployment. It allows you to manage how and where updates are rolled out in
your application environment.

Two key configurations for a deployment group

Environment means the specific setup of resources where your application
runs, like EC2 instances. It defines how your web app will be hosted, ensuring
the right infrastructure is in place for deployment.

A CodeDeploy Agent is software installed on EC2 instances that enables

CodeDeploy to communicate with them. It manages the deployment process,
ensuring that the application is properly deployed and monitored during
updates.
 Jaydeep Barot
NextWork Student NextWork.org

CodeDeploy application
To create my deployment, I had to set up a revision location, which means I
specified where CodeDeploy could find my app's artifacts, ensuring it knew
where to retrieve the files needed for the deployment.

My revision location was my S3 bucket containing the WAR/zip file for my

application. This allowed CodeDeploy to access the latest build artifacts for
deployment.

To visit my web app, I had to visit the EC2 console to select my WebServer EC2
instance and then click on the open address link to access my application in the
browser.
 NextWork.org

Automate with
Cloud
Formation
Jaydeep Barot
 Jaydeep Barot
NextWork Student NextWork.org

Introducing today's project!

What is AWS CloudFormation?
AWS CloudFormation is a service that helps you define and provision AWS
infrastructure using code. It simplifies resource management, enables version
control, and ensures consistent environments.

How I used CloudFormation in this project

In today's project, I utilized CloudFormation to automate the deployment of
multiple AWS resources, including S3 buckets, IAM roles, and CodeBuild
projects, ensuring a streamlined and repeatable setup.

One thing I didn't expect in this project was...

I didn’t expect the complexity of managing dependencies between resources,
which led to circular dependency errors that required careful planning to
resolve

This project took me...

I Completed this project in 40-50 mins
 Jaydeep Barot
NextWork Student NextWork.org

CloudFormation templates
A CloudFormation template is a text file that defines the AWS resources needed
for your application, allowing you to create, update, or delete them
automatically using CloudFormation.
 Jaydeep Barot
NextWork Student NextWork.org

IaC generator
I created a CloudFormation template using the IaC generator, which scanned
my account’s resources and provided a list of those I could automatically add to
a template for easy deployment.

Not all resources could be added to my template

The resources I couldn’t add to a template were my Cloud9 environment,
CodeCommit repository, and CodeBuild project due to their specific
configuration needs

The resources that I could add to my template include my CodeArtifact domain,

local CodeArtifact repository, IAM policy for CodeArtifact, and S3 bucket.
 Jaydeep Barot
NextWork Student NextWork.org

Manually adding resources

After downloading the generated template, I manually defined two more
resources . CodeCommit repository and a CodeBuild project

I had to manually define these resources because they required detailed

configurations or manual setup, making it impossible to create them
automatically using the IaC generator.

I also needed to ensure reference consistency in the template, which required

replacing placeholder values with the correct configuration names for my build
artifacts bucket and the IAM service role for CodeBuild.
 Jaydeep Barot
NextWork Student NextWork.org

Testing my template
Before testing my template, I removed any possible resource overlaps between
the existing resources in my AWS account and those I plan to deploy with this
template.

A stack is a collection of AWS resources created or managed as a single unit by

AWS CloudFormation

The result of my first test was: the template failed to deploy.

 Jaydeep Barot
NextWork Student NextWork.org

Unpacking the first error

My first template test failed because CloudFormation tried to attach IAM
policies before the IAM role was fully created.

To fix this error, I edited my CloudFormation

template.
I added the line DependsOn: "MY CODEBUILD IAM ROLE's NAME IN THE
CLOUDFORMATION TEMPLATE" to the IAM policy configuration, ensuring
CloudFormation creates the CodeBuild service role before creating the IAM
policies.
 Jaydeep Barot
NextWork Student NextWork.org

Fixing the first error

The DependsOn attribute ensures that one resource is created only after
another resource is successfully created, preventing issues during stack
creation.

The DependsOn line was added to four different parts of my template : the 3
IAM policies and the CodeBuild project
 Jaydeep Barot
NextWork Student NextWork.org

Second template test

I gave my CloudFormation template another test! But this time, I couldn’t create
the stack because of an error. This is known as a Circular Dependency.

This error indicates that two components of your CloudFormation template are
dependent on each other, creating a circular reference. This confuses
CloudFormation because it cannot determine which resource to create first.

To fix this error, I deleted references to the IAM policies off of the IAM
CodeBuild service role configuration.
 Jaydeep Barot
NextWork Student NextWork.org

My final template test 👏

In my final test, creating the new stack was a
great success
I could verify all the deployed resources by Switching tabs to the Resource tab
of my CloudFormation Stack

Not all the resources in the list had a shortcut URL, because some resources
are deployed in a specific region ,which often stops AWS from producing a
shortcut link.
 NextWork.org

CI/CD with
CodePipeline
Jaydeep Barot
 Jaydeep Barot
NextWork Student NextWork.org

Introducing Today's Project!

What is AWS CodePipeline?
AWS CodePipeline is a fully managed CI/CD service that automates the build,
test, and deployment processes. It streamlines development workflows,
accelerates application delivery, and ensures consistent updates, enhancing
overall software quality.

How I used CodePipeline in this project

I used AWS CodePipeline to automate the CI/CD process for today's project.

One thing I didn't expect in this project was...

One thing I didn't expect in this project was how smoothly the integration
between AWS CodePipeline and other services like CodeCommit and
CodeBuild worked.

This project took me...

I completed this project in 40-50 mins
 Jaydeep Barot
NextWork Student NextWork.org

CI/CD Pipeline
A CI/CD pipeline is a system that automates the process of building, testing,
and deploying code. It ensures that new updates are quickly and safely
delivered to users, helping developers catch errors early and release features
more efficiently.

My CI/CD pipeline has three stages

The source stage is where the CI/CD pipeline begins.The source stage refers to
the original code for my web app, which is currently stored in CodeCommit.

The build stage refers to the service that handles the creation of my web app.
CodeBuild compiles the code, runs tests, and packages it for deployment. This
step ensures that the code is functioning as expected before moving to the
next stages.

The deploy stage is where the tested and built code is released to the
production environment. It ensures that the latest version of the app is available
to users, automating the process of moving the code from development to live
servers.
 Jaydeep Barot
NextWork Student NextWork.org

CI/CD Pipeline
 Jaydeep Barot
NextWork Student NextWork.org

Releasing a Change
My CI/CD pipeline is triggered by a commit made in my local Cloud9
environment, which then updates my CodeCommit repository

I tested my pipeline's trigger by making two updates to my web app’s source

code. The changes involved editing the index.jsp file and uploading a folder of
image assets to the web app folder within my project files.

Once my pipeline executed successfully, I checked the IPv4 address of my

web server thats hosting my web app.
 Jaydeep Barot
NextWork Student NextWork.org

Trigger A Rollback
A rollback in a pipeline refers to reverting the code version that a specific stage
of the pipeline is currently referencing.

I initiated a rollback on the deploy stage.

'I checked the source stage, and learnt that the source stage was unaffected
by the rollback and stayed using the latest version of my source code.
 Jaydeep Barot
NextWork Student NextWork.org

Reverting a Rollback
After the rollback was completed, the appearance of my web app reverted to
the previous state, reflecting the original index.jsp file prior to any updates,
along with the previous set of image assets that were uploaded.

To update my Deploy stage to the latest version of the source code,I initiated a
change in my CodePipeline.This release ensures that the most recent version
of the source code is referenced throughout the source, build, and deploy
stages of the pipe