Git Sync for Seamless Infrastructure Source-to-Live Integration
Trying out the new AWS Cloudformation feature to automate stack deployments syncing source Code with live Infrastructure.
Published Jan 19, 2024
Git Sync is a recent update on AWS Cloudformation that lets you automate your IAC workflow. Before Git Sync, we had to create an AWS CodePipeline workflow that would get triggered once code was pushed to the source code repository, starting the build in AWS CodeBuild, and a command to AWS Cloudformation would run. A better method was to skip the build and directly use AWS Cloudformation as AWS CodePipeline's deployment provider. Now, all that hassle is not required, thanks to the new Git management of stacks. Let's Dive in!
According to the documentation, Git Sync supports GitHub, GitHub Enterprise, GitLab, and BitBucket. Let's go ahead and create a GitHub repository!
Now that we have the repository, we must have a Yaml file ready to launch. For this, we will use the template below.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
KeyName:
Type: String
Description: Key pair to use for the EC2 instance
Default: main # Set the default key pair name
AMI:
Type: AWS::EC2::Image::Id
Description: AMI ID for the EC2 instance
Resources:
MySecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow SSH and HTTP traffic
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
MyEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: !Ref AMI
InstanceType: t2.micro
KeyName: !Ref KeyName
SecurityGroupIds:
- !Ref MySecurityGroup
Now, let's head over to AWS Cloudformation!
I didn't take long to notice the shiny new feature waiting to be explored.
Let's go ahead and choose the option to Sync from Git. It looks like we are going to use AWS Codestar Connection APIs. Codestar connection is already supported in AWS by other services such as AWS Proton, CodeGuru, App Runner, etc.
Another file that Git Sync introduces is the stack deployment file, which contains the specifics, such as parameters to use in our stack. We can pass parameters through this file in our repo or have Cloudformation create one. I will send one parameter through here, and let's see what kind of file it creates later.
To add a git repository, we need to have a Codestar connection. Let's get that done right away. Make sure you have the GitHub credentials at the ready.
Authorize it
You will be prompted to provide an app, which is your GitHub username. Go ahead and select that.
Here, we have the connection to GitHub secured through a Codestar connection.
Before moving to the next step, let's quickly add our file to the repository.
Here, we have committed a YAML file to the repository we will use.
Let's configure an IAM role quickly so Cloudformation can create resources.
Allow an administrator access:
Give the role a name and use the role back in Cloudformation.
Here, we have a Cloudformation stack with Git Sync enabled, as shown in the green tick mark.
I noticed an immediate pull request to create the stack deployment file.
You have to go ahead and merge it.
The file below is the file that was added to our repository by Git Sync.
With this, we can exclude the default values of the parameters in our main file.
Finally, the resources are provisioned.
Now, we have a fully functioning automation from commits to resource provisioning that works quickly.
Thank you for watching the demonstration, hope it clarified or gave you an idea about Git Sync in Cloudformation.