My AWS devops concepts are still fuzzy and I could use some help. Here is what I am tyring to do - I have a CloudFormation nested stack which contains few lambdas, eventbridge, api gateways etc. I pushed my code to CodeCommit and set up a ci/cd pipeline with cross-account roles etc. I have two accounts set up – dev and QA. The code, pipeline and CodeCommit are all set up in dev account and whenever a change is pushed to CodeCommit in dev, the pipeline will run to push the changes to QA. I have followed the steps mentioned here: https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-create-cross-account.html#pipelines-create-cross-account-create
The pipeline is working. However, the deployment is failing because the stack is failing to create. This could be due to incorrect access set up. Here is my question and this is where I am not very clear on the concepts:
- I am uploading all the code for lambdas (in zip files) and the nested stack templates into an S3 bucket and pushing the same code to CodeCommit. Is it required to put this code in two places? If I just choose CodeCommit – how do I rewrite the following code which is currently pointing to an S3 bucket?
CreateOrder:
Type: AWS::Serverless::Function
Properties:
CodeUri:
Bucket: my-code-bucket
Key: lambdas/create-order/index.js.zip
FunctionName: createOrder
Handler: index.handler
Runtime: nodejs14.x
Role: !Ref LambdaExecutionRole
My guess is the stack is failing to create in QA because it is looking for 'my-code-bucket' in QA which doesn't exist. Is that a correct guess?
- Can the pipeline create a new stack in a QA environment or do I need to create the stack manually for the first time and then execute a changeset in the subsequent deploys? What is the best approach to handle this? Thanks.
