Codestar is a service offered by Amazon that facilitates the creation, management, and working with software development projects on AWS. Users gain the ability to quickly develop, build, and deploy applications on AWS with a Codestar project.
AWS CodeStar project can be used to create and integrate Amazon services with the user’s project development toolchain. Based on the CodeStar project template chosen by the user, the toolchain will include source control, build, deployment, virtual servers (in case servers are needed) or server less resources and other resources.
CodeStar is also used to manage the permissions which are required for project users. Users can be added as team members to an AWS CodeStar project, and project owners have the ability to easily grant access to the team members based on the roles they have been assigned to in the project and the resources.
Features of AWS CodeStar
- CodeStar can be used to set up application development in the cloud.
- It can be used to manage the user’s application with the help of a single, centralized dashboard.
- Creating new software projects on AWS in minutes, with the help of templates meant to be used to build web applications, web services, and much more.
- CodeStar consists of templates meant to work in various programming languages.
- All the resources required by the software project will be set up and configured to work together by CodeStar itself.
- CodeStar facilitates a central console which can be used to assign project team members certain roles which are needed by them to access certain tools and resources.
- When the team members get these permissions, they are automatically applied to all the AWS services which are used by the project, thereby avoiding the creation and management of complex IAM policies.
- AWS CodeStar comes with a project dashboard that can be used to show an overall view of the project, the toolchain and other important events.
- The user’s latest project activity, which includes recent code commits can be viewed.
- The status of code changes, the build results, and deployments can all be tracked from the same webpage.
- A single dashboard can be used to view all the events going on within a project, and the problems can be identified so as to provide solutions to them.
- AWS CodeStar comes with an integrated development toolchain for the user’s project, which can be used by the team members to push code. The changes will automatically get deployed.
- It is integrated with issue tracking, thereby allowing team members to keep track of the next operation which needs to be performed.
- All the phases of code delivery can be worked upon by the team members to deliver efficient results.
Setting up CodeStar
- Sign into the AWS account.
- Create an AWS CodeStar service role, which helps in the creation and management of AWS resources and IAM permissions. The service role has to be created only once.
- It is important to note that the user should be signed in as an IAM administrative user (or a root account) to create a service role.
- Open the AWS CodeStar console.
- Click on the ‘Start project’.
- In the ‘Create service role’, click on ‘Yes, create role’.
- Now exit the wizard.
AWS CodeStar can be used as an IAM user, a federated user, a root user or an assumed role. If the user uses CodeStar as an IAM user, CodeStar can be used to help configure the user access by managing the IAM permissions for the user.
Setting up IAM user permissions
- Sign in to IAM console as the root user or an IAM administrator user or an IAM user or a federated user.
- Attach the AWSCodeStarFullAccess managed policy to the IAM user with the help of which the project is being created.
- Sign into the AWS CodeStar console as the IAM user along with the AWSCodeStarFullAccess.
- AWS CodeStar will create the owner, contributor, and the viewer managed policies for the project.
- The owner permissions are applied automatically to the project when the IAM user creates the project.
- Once the project has been created, the permissions can be used to add other IAM users as team members for the projects.
- Configuring permission for the federated users:
- If AWS CodeStar is used as a federated user, this user needs to have IAM permissions so as to allow the user to use CodeStar APIs and access the resources that are used in the projects.
- Sign in to the IAM console as a root user, or an IAM administrator user or an IAM federated user with the associated AdministratorAccess managed policy.
- The AWSCodeStarFullAccess managed policy should be attached to this federated user role which is being used to create the project.
- Sign into AWS CodeStar console as an IAM user with AWSCodeStarFullAccess managed policy attached. Now create the project.
- After this, AWS CodeStar creates the owner, contributor, and viewer managed policies for the newly created project.
- When the project is created as a federated user, the owner permissions are not applied automatically, hence all the project resources might not be easily accessed.
- For the user to gain access to all the resources of the project, it is suggested to sign in as the root user or an IAM administrator or an IAM user or a federated user who is associated with the AdministratorAccess managed policy or its equivalent.
- The project’s owner manged policy needs to be attached to the role which the user assumes as a federated user.
- This operation allows the user to manage and view all the resources that have been created for the project.
Amazon EC2 key pair creation for AWS CodeStar projects
Certain CodeSatr projects need AWS CodeDeploy or AWS Elastic Beanstalk so as to deploy code to Amazon EC2 instances. If the EC2 instance associated with the project needs to be accessed, EC2 key pair needs to be created for the IAM user.
The IAM user needs to have permissions to create and manage these EC2 key pairs.
In this post, we understood how CodeStar can be used to efficiently deploy code to deliver results quickly.