Why does my deployment just sit there doing nothing?

First thing to check: is the CodeDeploy agent actually running? SSH to your instance and run `sudo service codedeploy-agent status`. If it's stopped, start it with `sudo service codedeploy-agent start`. If it keeps dying, you'll see `ERROR [codedeploy-agent(31743)]: Cannot reach InstanceService` in `/var/log/aws/codedeploy-agent/codedeploy-agent.log`. This usually means your security group is blocking outbound HTTPS to AWS endpoints. Second most common issue: IAM permissions. The instance needs the right role to pull deployments. You'll get a generic "Access Denied" error that tells you nothing. Check if your EC2 instance profile includes the CodeDeployRole permissions, and make sure the trust policy allows EC2 to assume the role.

How much does this actually cost me?

EC2 deployments are free, which is the only nice thing AWS has ever done for us. On-premises deployments cost $0.02 per instance per deployment. If you're deploying to 1000 servers twice a week, that's $40/week just for the deployment service. The real cost is the infrastructure. Blue/green deployments double your instance costs during deployment. A 30-minute deploy on 10 large instances costs an extra $10-15 in EC2 charges.

Can I deploy to my on-premises servers?

Yeah, but it's a pain in the ass. You need to install the agent, configure IAM credentials, and make sure your servers can reach AWS endpoints. The agent polls AWS every few minutes for deployment commands. Pro tip: the agent installation breaks on Ubuntu 20.04 if you don't have Python 2.7 installed with this cryptic error: `ERROR: Could not find a version that satisfies the requirement botocore`. Good luck figuring that out from the error message. Took me 6 hours of debugging to realize Ubuntu's Python 3 default wasn't good enough for AWS's legacy agent.

Why did my deployment fail with no useful error message?

Welcome to CodeDeploy debugging hell. Check these in order: 1. CloudWatch logs - look for the deployment group logs 2. `/var/log/aws/codedeploy-agent/` on the instance - actual deployment logs 3. Your AppSpec file YAML syntax 4. File permissions in your deployment bundle 5. Script timeouts (default is 300 seconds, might not be enough)

How do I debug when the automatic rollback doesn't work?

Automatic rollback fails when the health check configuration is wrong or when CloudWatch alarms don't trigger properly. You'll need to manually rollback by creating a new deployment with the previous revision. The "stop and rollback" button in the console works about 60% of the time. When it doesn't work, you get to watch it sit there with a "Stopping deployment..." spinner for 20 minutes before giving up and manually fixing production at 3am. Fun fact: the button is completely useless once the deployment reaches the "ApplicationStart" phase - learned that one during a midnight incident when our entire API was returning 503s.

Does this work with Jenkins/GitHub Actions/other CI/CD tools?

Yeah, CodeDeploy has APIs so you can trigger deployments from pretty much anything. The Jenkins plugin works most of the time. GitHub Actions integration requires some custom scripting but it's doable. The easiest approach is using AWS CLI from your CI tool: ```bash aws deploy create-deployment --application-name myapp --deployment-group-name prod --s3-location bucket=mybucket,key=myapp.zip,bundleType=zip ```

In-place vs Blue/Green - which one should I use?

**In-place**: Updates your existing servers directly. Cheaper because you don't need extra instances, but if something breaks, your users see errors until you fix it or rollback. Rolling updates help but don't eliminate the risk. **Blue/green**: Spins up completely new instances, deploys there, then switches traffic. Safer because rollback is instant, but costs double during deployment and takes longer. Use blue/green for production if you can afford the extra cost. Use in-place for staging or if you're cheap.

What happens when Auto Scaling launches new instances?

New instances automatically get the latest deployment. The instance starts in "Pending" state, CodeDeploy runs the deployment, and if it succeeds, the instance goes "InService". If deployment fails, Auto Scaling kills the instance and tries again. This works great until you have a bad deployment that keeps failing - then Auto Scaling gets stuck in a loop of launching and killing instances.

Can I store my code in S3?

Yes, and versioned S3 buckets work fine. You zip up your code, upload to S3, then tell CodeDeploy to deploy from that S3 location. Just remember S3 has eventual consistency, so if you upload and immediately deploy, you might get the old version. Wait a few seconds between upload and deployment.

What are the actual limits I need to worry about?

- 1,000 applications per region (you'll never hit this) - 1,000 deployment groups per application (also unlikely) - 1,300 concurrent deployments per account (plenty for most use cases) - 1 concurrent deployment per deployment group (this prevents deploying the same app twice simultaneously) The "1 per deployment group" limit is what actually bites you. If you try to deploy the same application to the same deployment group while another deployment is running, you'll get blocked until the first one finishes. Congratulations, you now know enough about CodeDeploy to be dangerous. When you inevitably run into issues that aren't covered here (and you will), you'll need some actual documentation that doesn't suck. Here are the resources that might actually help you.

Currently viewing the AI version

Switch to human version

AWS CodeDeploy: AI-Optimized Technical Reference

Service Overview

AWS CodeDeploy automates software deployments across EC2, Lambda, and ECS platforms. Eliminates manual SSH deployments but introduces AWS-specific complexity and failure modes.

Deployment Platforms & Capabilities

EC2 and On-Premises

Agent-based: CodeDeploy agent runs on target servers
Critical Failure Mode: Agent randomly stops responding - check /var/log/aws/codedeploy-agent/ and restart service
Network Requirements: Outbound HTTPS access to AWS APIs required
Ubuntu 20.04 Issue: Agent installation fails without Python 2.7 - cryptic error: ERROR: Could not find a version that satisfies the requirement botocore

Lambda Functions

Traffic Shifting: Canary deployments work reliably (unlike custom implementations)
Performance: Deployment process is functional but AWS-controlled timing

ECS Containers

Blue/Green Strategy: Functional but slow due to ECS performance limitations
Process: New containers → traffic shift → old container termination

Cost Structure

Deployment Type	Cost	Hidden Costs
EC2	Free	None
On-Premises	$0.02/instance/deployment	Scales rapidly (1000 servers × 2 weekly = $40/week)
Blue/Green	Free service	2x infrastructure costs during deployment

Real-World Cost Example

30-minute deploy on 10 large instances: $10-15 additional EC2 charges
Blue/Green temporarily doubles all instance costs

Critical Configuration: AppSpec File

Lifecycle Phases (Execution Order)

ApplicationStop - Terminates application
BeforeInstall - Pre-installation scripts
Install - File copying
AfterInstall - Post-installation (migrations, permissions)
ApplicationStart - Application startup
ValidateService - Health checks

Most Common Failure Point

ValidateService phase - 70% of deployment failures occur here due to:

Incorrect health check scripts
Insufficient timeout values (default: 300 seconds per lifecycle event)
Wrong file permissions

Production-Ready AppSpec Template

version: 0.0
os: linux
files:
  - source: /
    destination: /var/www/html
hooks:
  BeforeInstall:
    - location: scripts/install_dependencies.sh
      timeout: 300
      runas: root
  ApplicationStart:
    - location: scripts/start_server.sh
      timeout: 60
      runas: root
  ValidateService:
    - location: scripts/health_check.sh
      timeout: 30

Blue/Green Deployment Reality

Traffic Shifting Options

Strategy	Behavior	Use Case	Risk Level
Canary	10% traffic for 5 minutes, then 100%	Production safety	Low - catches issues before full deployment
Linear	10% increments every 10 minutes	Paranoid deployments	Lowest - fine-grained control
All-at-once	Immediate 100% traffic shift	High confidence deployments	High - YOLO mode

Automatic Rollback Limitations

Detection Time: 5-10 minutes typical, up to 1 hour maximum per lifecycle event
Success Rate: ~70% reliable rollback execution
Real Failure Example: E-commerce checkout broke during Black Friday, 8-minute detection window, $30K lost sales
Critical Limitation: Health checks depend on load balancer configuration

Critical Failure Modes & Solutions

1. IAM Permissions (Primary Failure Cause)

Symptom: Deployment stuck in "Pending" status for hours
Root Cause: Service role vs. instance role permission conflicts
Cost Impact: $200+ in duplicated blue/green infrastructure during troubleshooting
Solution: Verify CodeDeploy service role AND EC2 instance profile permissions separately

2. Agent Connectivity Issues

Symptom: Silent deployment failures
Diagnosis: Check security groups and NACLs for outbound HTTPS
Log Location: /var/log/aws/codedeploy-agent/codedeploy-agent.log
Common Error: ERROR [codedeploy-agent(31743)]: Cannot reach InstanceService

3. File Permissions

Symptom: Deployment fails after file copy
Root Cause: Agent runs as root, application runs as different user
Solution: Use chown/chmod in AfterInstall hooks

4. YAML Syntax Errors

Impact: 3am debugging sessions for indentation issues
Prevention: YAML validation in CI/CD pipeline

Service Limits (Production Impact)

Limit	Value	Real-World Impact
Applications per region	1,000	Never reached
Deployment groups per application	1,000	Rarely reached
Concurrent deployments per account	1,300	Sufficient for most use cases
Concurrent deployments per group	1	Blocks simultaneous deployments

Critical Bottleneck: The "1 per deployment group" limit prevents parallel deployments of same application.

Integration Complexity

CI/CD Tool Compatibility

Jenkins: Plugin works 85% of time
GitHub Actions: Requires custom scripting, solid once configured
GitLab CI/CD: Manual setup, 3-day configuration typical
Azure DevOps: Optimized for Azure, AWS integration poor

AWS CLI Integration

aws deploy create-deployment --application-name myapp --deployment-group-name prod --s3-location bucket=mybucket,key=myapp.zip,bundleType=zip

Auto Scaling Integration

Behavior

New instances automatically receive latest deployment
Failed deployments trigger instance termination and retry
Critical Issue: Bad deployments create infinite launch/kill loops

S3 Storage Considerations

Versioned S3 buckets work reliably
Eventual Consistency Risk: Wait seconds between upload and deployment to avoid deploying old versions

Troubleshooting Decision Tree

Deployment Stuck: Check agent status → verify IAM → check connectivity
Generic Errors: CloudWatch logs → instance logs at /var/log/aws/codedeploy-agent/ → AppSpec syntax → permissions
Rollback Failures: Manual rollback required → create new deployment with previous revision
"Stop and Rollback" Button: 60% success rate, useless after ApplicationStart phase

Competitive Analysis: When CodeDeploy Makes Sense

Choose CodeDeploy When:

Heavy AWS integration required
Blue/green deployments needed out-of-box
Team already familiar with AWS IAM complexity
Budget allows for infrastructure duplication costs

Avoid CodeDeploy When:

Multi-cloud deployments required
Team lacks AWS expertise
Budget constraints prevent blue/green costs
Simple deployment needs don't justify complexity

Resource Requirements

Time Investment

Initial Setup: 1-2 days for basic configuration
IAM Troubleshooting: 6+ hours typical for permission issues
Production Readiness: 1-2 weeks including testing and monitoring setup

Expertise Requirements

Mandatory: AWS IAM understanding
Recommended: YAML, bash scripting, AWS networking
Critical: CloudWatch log analysis for troubleshooting

Migration Considerations

Breaking Changes

Agent updates occasionally break compatibility
AppSpec format changes require deployment bundle updates
IAM policy changes affect existing deployments

Operational Intelligence

Default timeouts will fail in production - always customize
Health check configuration is more critical than documentation suggests
Blue/green cost doubling often surprises finance teams
Manual rollback capability is essential backup plan

Useful Links for Further Investigation

Official Resources and Documentation

Link	Description
AWS CodeDeploy User Guide	The official AWS CodeDeploy User Guide, providing comprehensive documentation that is surprisingly readable compared to other AWS services.
CodeDeploy API Reference	Detailed API documentation for AWS CodeDeploy, essential for programmatic interaction and automating deployment processes.
AWS CodeDeploy Pricing	Official pricing details and a calculator for AWS CodeDeploy, including information on potential on-premises deployment fees.
CodeDeploy FAQ	Official Frequently Asked Questions for AWS CodeDeploy, offering useful answers to common inquiries and operational concerns.
CodeDeploy Getting Started Guide	A step-by-step tutorial designed to help users quickly get started with AWS CodeDeploy, aiming for a successful initial setup.
AWS CodeDeploy Console Access Guide	Instructions on how to access and navigate the AWS CodeDeploy web console effectively and without encountering common issues.
AWS CLI CodeDeploy Commands	Reference documentation for AWS CLI commands specific to CodeDeploy, useful for scripting and automation when the console is insufficient.
CodeDeploy Product Integrations	Details on various third-party tool integrations with AWS CodeDeploy, including Jenkins, GitHub Actions, and configuration management systems.
CodeDeploy Agent on GitHub	The open-source repository for the AWS CodeDeploy agent, providing flexibility for custom operating system environments and community contributions.
AWS SDK Documentation	Comprehensive documentation for AWS Software Development Kits (SDKs) across multiple programming languages, facilitating programmatic interaction with AWS services.
Blue/Green Deployments Whitepaper	An AWS architectural whitepaper offering guidance and best practices for implementing zero-downtime blue/green deployment strategies.
CodeDeploy CloudFormation Templates	Reference for AWS CloudFormation templates specifically designed for CodeDeploy, enabling automated infrastructure as code setup and management.
DevOps Blog - CodeDeploy Articles	The AWS DevOps Blog featuring technical articles, tutorials, and real-world implementation examples related to AWS CodeDeploy deployments.
AWS re:Post CodeDeploy Forum	The official AWS re:Post forum for CodeDeploy, a community-driven platform for finding solutions and discussing deployment-related issues.
Stack Overflow CodeDeploy Questions	A collection of questions and answers on Stack Overflow tagged with 'aws-code-deploy', often providing practical troubleshooting information.
AWS Support	Official contact page for AWS Support, offering various support plans for technical assistance and issue resolution for AWS services.
AWS Training and Certification	Official AWS training and certification programs designed to help users develop expertise in AWS services and cloud technologies.
CloudWatch Metrics for CodeDeploy	Documentation on configuring Amazon CloudWatch metrics for CodeDeploy, enabling robust deployment monitoring and alerting capabilities.
AWS X-Ray Integration	Information on integrating AWS X-Ray with CodeDeploy for distributed tracing, helping to analyze and debug deployment-related application changes.
CloudTrail CodeDeploy Events	Documentation on monitoring CodeDeploy events using AWS CloudTrail, essential for audit logging, compliance, and security analysis.

AWS CodeDeploy: AI-Optimized Technical Reference

Service Overview

Deployment Platforms & Capabilities

EC2 and On-Premises

Lambda Functions

ECS Containers

Cost Structure

Real-World Cost Example

Critical Configuration: AppSpec File

Lifecycle Phases (Execution Order)

Most Common Failure Point

Production-Ready AppSpec Template

Blue/Green Deployment Reality

Traffic Shifting Options

Automatic Rollback Limitations

Critical Failure Modes & Solutions

1. IAM Permissions (Primary Failure Cause)

2. Agent Connectivity Issues

3. File Permissions

4. YAML Syntax Errors

Service Limits (Production Impact)

Integration Complexity

CI/CD Tool Compatibility

AWS CLI Integration

Auto Scaling Integration

Behavior

S3 Storage Considerations

Troubleshooting Decision Tree

Competitive Analysis: When CodeDeploy Makes Sense

Choose CodeDeploy When:

Avoid CodeDeploy When:

Resource Requirements

Time Investment

Expertise Requirements

Migration Considerations

Breaking Changes

Operational Intelligence

Useful Links for Further Investigation

Official Resources and Documentation

Related Tools & Recommendations

GitLab CI/CD - The Platform That Does Everything (Usually)

GitLab Container Registry

GitHub Enterprise vs GitLab Ultimate - Total Cost Analysis 2025

Jenkins + Docker + Kubernetes: How to Deploy Without Breaking Production (Usually)

Jenkins Production Deployment - From Dev to Bulletproof

Jenkins - The CI/CD Server That Won't Die

Azure DevOps Services - Microsoft's Answer to GitHub

Fix Azure DevOps Pipeline Performance - Stop Waiting 45 Minutes for Builds

AWS CodeBuild - Managed Builds That Actually Work

GitHub Actions Marketplace - Where CI/CD Actually Gets Easier

GitHub Actions Alternatives That Don't Suck

GitHub Actions + Docker + ECS: Stop SSH-ing Into Servers Like It's 2015

PostgreSQL Alternatives: Escape Your Production Nightmare

AWS RDS Blue/Green Deployments - Zero-Downtime Database Updates

CircleCI - Fast CI/CD That Actually Works

Amazon EC2 - Virtual Servers That Actually Work

Lambda Alternatives That Won't Bankrupt You

Stop Your Lambda Functions From Sucking: A Guide to Not Getting Paged at 3am

AWS Lambda - Run Code Without Dealing With Servers

Three Stories That Pissed Me Off Today