AWS CodeStar

(1)

AWS CodeStar

User Guide

(2)

AWS CodeStar: User Guide

Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be aﬃliated with, connected to, or sponsored by Amazon.

(3)

What Is AWS CodeStar?

AWS CodeStar is a cloud-based service for creating, managing, and working with software development projects on AWS. You can quickly develop, build, and deploy applications on AWS with an AWS CodeStar project. An AWS CodeStar project creates and integrates AWS services for your project development toolchain. Depending on your choice of AWS CodeStar project template, that toolchain might include source control, build, deployment, virtual servers or serverless resources, and more. AWS CodeStar also manages the permissions required for project users (called team members). By adding users as team members to an AWS CodeStar project, project owners can quickly and simply grant each team member role-appropriate access to a project and its resources.

Topics

• What Can I Do with AWS CodeStar? (p. 1)

• How Do I Get Started with AWS CodeStar? (p. 1)

What Can I Do with AWS CodeStar?

You can use AWS CodeStar to help you set up your application development in the cloud and manage your development from a single, centralized dashboard. Speciﬁcally, you can:

• Start new software projects on AWS in minutes using templates for web applications, web services, and more: AWS CodeStar includes project templates for various project types and programming languages. Because AWS CodeStar takes care of the setup, all of your project resources are conﬁgured to work together.

• Manage project access for your team: AWS CodeStar provides a central console where you can assign project team members the roles they need to access tools and resources. These permissions are applied automatically across all AWS services used in your project, so you don't need to create or manage complex IAM policies.

• Visualize, operate, and collaborate on your projects in one place: AWS CodeStar includes a project dashboard that provides an overall view of the project, its toolchain, and important events. You can monitor the latest project activity, like recent code commits, and track the status of your code changes, build results, and deployments, all from the same webpage. You can monitor what's going on in the project from a single dashboard and drill into problems to investigate.

• Iterate quickly with all the tools you need: AWS CodeStar includes an integrated development toolchain for your project. Team members push code, and changes are automatically deployed.

Integration with issue tracking allows team members to keep track of what needs to be done next. You and your team can work together more quickly and eﬃciently across all phases of code delivery.

How Do I Get Started with AWS CodeStar?

To get started with AWS CodeStar:

1.Prepare to use AWS CodeStar by following the steps in Setting Up AWS CodeStar (p. 2).

2.Experiment with AWS CodeStar by following the steps in the Getting Started with AWS CodeStar (p. 5) tutorial.

3.Share your project with other developers by following the steps in Add Team Members to an AWS CodeStar Project (p. 86).

4.Integrate your favorite IDE by following the steps in Use an IDE with AWS CodeStar (p. 51).

(7)

Step 1: Create an AWS Account

Setting Up AWS CodeStar

Before you can start using AWS CodeStar, you must complete the following steps.

Topics

• Step 1: Create an AWS Account (p. 2)

• Step 2: Create the AWS CodeStar Service Role (p. 2)

• Step 3: Conﬁgure the User's IAM Permissions (p. 2)

• Step 4: Create an Amazon EC2 Key Pair for AWS CodeStar Projects (p. 3)

• Step 5: Open the AWS CodeStar Console (p. 4)

• Next Steps (p. 4)

Step 1: Create an AWS Account

Create an AWS account by going to https://aws.amazon.com/ and choosing Sign Up.

Step 2: Create the AWS CodeStar Service Role

Create a service role (p. 111) that is used to give AWS CodeStar permission to administer AWS resources and IAM permissions on your behalf. You only need to create the service role once.

Important

You must be signed in as an IAM administrative user (or root account) to create a service role.

For more information, see Creating Your First IAM User and Group.

1. Open the AWS CodeStar console at https://console.aws.amazon.com/codestar/.

2. Choose Start project.

If you do not see Start project and are directed to the projects list page instead, the service role has been created. Skip to Conﬁgure Permissions for IAM Users (p. 2).

3. In Create service role, choose Yes, create role.

4. Exit the wizard. You come back to this later.

Step 3: Conﬁgure the User's IAM Permissions

You can use AWS CodeStar as an IAM user, a federated user, the root user, or an assumed role. If you choose an IAM user, AWS CodeStar helps you conﬁgure user access by managing IAM permissions for you. For information about what AWS CodeStar can do for IAM users versus federated users, see AWS CodeStar IAM Roles (p. 107).

If you have not set up any IAM users, see IAM user.

Conﬁgure Permissions for IAM Users

Complete these steps to set up IAM user permissions.

1. To perform this step, sign in to the IAM console as a root user, an IAM administrator user in the account, or an IAM user or federated user with the associated AdministratorAccess managed policy

(8)

Conﬁgure Permissions for Federated Users

or equivalent. Attach the AWSCodeStarFullAccess managed policy to the IAM user that is used to create the project.

2. Sign in to the AWS CodeStar console as the IAM user with AWSCodeStarFullAccess attached who will create the project, and then create your project as described in Step 1: Create an AWS CodeStar Project (p. 5). AWS CodeStar creates Owner, Contributor, and Viewer managed policies for the project. As the project creator, your Owner permissions are applied automatically.

3. After you have created your project, use your permissions to add other IAM users as team members to your project. For information, see Manage Permissions for AWS CodeStar Team Members (p. 89).

4. If your IAM user has already been added to one or more AWS CodeStar projects, it already has the policies and permissions required to access the service and resources for the projects you belong to.

To set up your local computer for working with AWS CodeStar projects, follow the steps in Getting Started (p. 10). You can also sign in to the AWS CodeStar console and conﬁgure your user proﬁle.

For more information, see Manage Display Information for Your AWS CodeStar User Proﬁle (p. 93) and Add a Public Key to Your AWS CodeStar User Proﬁle (p. 96).

Conﬁgure Permissions for Federated Users

To use AWS CodeStar as a federated user, the federated user must have IAM permissions that allow the user to use AWS CodeStar APIs and access any resources used in the projects (such as Amazon EC2 or AWS Lambda).

If you have not set up any federated users, see Federated User Access to AWS CodeStar (p. 108).

Complete these steps to set up federated user permissions:

1. Sign in to the IAM console as a root user, an IAM administrator user in the account, or an IAM user or federated user with the associated AdministratorAccess managed policy or equivalent.

Attach the AWSCodeStarFullAccess managed policy to the federated user role that is used to create the project. See Attach the AWSCodeStarFullAccess Managed Policy to the Federated User's Role (p. 108).

2. Sign in to the AWS CodeStar console as the IAM user with AWSCodeStarFullAccess attached who will create the project, and then create your project as described in Step 1: Create an AWS CodeStar Project (p. 5). AWS CodeStar creates Owner, Contributor, and Viewer managed policies for

the project. As the federated user project creator, your project Owner permissions are not applied automatically. You might not be able to access all project resources.

3. To give yourself access to all project resources, sign in to the console either as a root user, an IAM administrator user in the account, or an IAM user or federated user with the associated AdministratorAccess managed policy or equivalent. Attach your project's AWS CodeStar owner managed policy to the role you assume as a federated user. This allows you to manage and view all of the resources created for your project. For information, see Attach Your Project's AWS CodeStar Viewer/Contributor/Owner Managed Policy to the Federated User's Role (p. 109).

4. Sign in to the console as a root user, an IAM administrator user in the account, or an IAM user or federated user with the associated AdministratorAccess managed policy or equivalent. Grant

federated users access to your project by attaching the appropriate AWS CodeStar owner, contributor, or viewer managed policy to the user's role. For information, see Attach Your Project's AWS CodeStar Viewer/Contributor/Owner Managed Policy to the Federated User's Role (p. 109).

Step 4: Create an Amazon EC2 Key Pair for AWS CodeStar Projects

Many AWS CodeStar projects use AWS CodeDeploy or AWS Elastic Beanstalk to deploy code to Amazon EC2 instances. To access Amazon EC2 instances associated with your project, create an Amazon EC2 key

(9)

Step 5: Open the AWS CodeStar Console

pair for your IAM user. Your IAM user must have permissions to create and manage Amazon EC2 keys (for example, permission to take the ec2:CreateKeyPair and ec2:ImportKeyPair actions). For more information, see Amazon EC2 Key Pairs.

Step 5: Open the AWS CodeStar Console

Sign in to the AWS Management Console, and then open the AWS CodeStar console at https://

console.aws.amazon.com/codestar/.

Next Steps

Congratulations, you have completed the setup! To start working with AWS CodeStar, see Getting Started with AWS CodeStar (p. 5).

(10)

Step 1: Create an AWS CodeStar Project

Getting Started with AWS CodeStar

In this tutorial, you use AWS CodeStar to create a web application. This project includes sample code in a source repository, a continuous deployment toolchain, and a project dashboard where you can view and monitor your project.

By following the steps, you:

• Create a project in AWS CodeStar.

• Explore the project.

• Commit a code change.

• See your code change deployed automatically.

• Add other people to work on your project.

• Clean up project resources when they're no longer needed.

NoteIf you haven't already, ﬁrst complete the steps in Setting Up AWS CodeStar (p. 2), including Step 2: Create the AWS CodeStar Service Role (p. 2). You must be signed in with an account that is an administrative user in IAM. To create a project, you must sign in to the AWS Management Console using an IAM user that has the AWSCodeStarFullAccess policy.

Topics

• Step 1: Create an AWS CodeStar Project (p. 5)

• Step 2: Add display information for your AWS CodeStar User Proﬁle (p. 9)

• Step 3: View Your Project (p. 9)

• Step 4: Commit a Change (p. 10)

• Step 5: Add More Team Members (p. 13)

• Step 6: Clean Up (p. 14)

• Step 7: Get Your Project Ready for a Production Environment (p. 15)

• Tutorial: Creating and Managing a Serverless Project in AWS CodeStar (p. 15)

• Tutorial: Create a Project in AWS CodeStar with the AWS CLI (p. 25)

• Tutorial: Create an Alexa Skill Project in AWS CodeStar (p. 30)

• Tutorial: Create a Project with a GitHub Source Repository (p. 33)

Step 1: Create an AWS CodeStar Project

In this step, you create a JavaScript (Node.js) software development project for a web application. You use an AWS CodeStar project template to create the project.

Note

The AWS CodeStar project template used in this tutorial uses the following options:

• Application category: Web application

• Programming language: Node.js

• AWS Service: Amazon EC2

If you choose other options, your experience might not match what's documented in this tutorial.

(11)

To create a project in AWS CodeStar

1. Sign in to the AWS Management Console, and then open the AWS CodeStar console at https://

Make sure that you are signed in to the AWS Region where you want to create the project and its resources. For example, to create a project in US East (Ohio), make sure you have selected that AWS Region. For information about AWS Regions where AWS CodeStar is available, see Regions and Endpoints in the AWS General Reference .

2. On the AWS CodeStar page, choose Create project.

3. On the Choose a project template page, choose the project type from the list of AWS CodeStar project templates. You can use the ﬁlter bar to narrow your choices. For example, for a web application project written in Node.js to be deployed to Amazon EC2 instances, select the Web application, Node.js, and Amazon EC2 check boxes. Then choose from the templates available for that set of options.

For more information, see AWS CodeStar Project Templates (p. 37).

4. Choose Next.

5. In Project name, enter a name for the project, such as My First Project. In Project ID, the ID for the project is derived from this project name, but is limited to 15 characters.

For example, the default ID for a project named My First Project is my-first-projec. This project ID is the basis for the names of all resources associated with the project. AWS CodeStar uses this project ID as part of the URL for your code repository and for the names of related security access roles and policies in IAM. After the project is created, the project ID cannot be changed. To edit the project ID before you create the project, in Project ID, enter the ID you want to use.

For information about the limits on project names and project IDs, see Limits in AWS CodeStar (p. 141).

Note

Project IDs must be unique for your AWS account in an AWS Region.

6. Choose the repository provider, AWS CodeCommit or GitHub.

7. If you chose AWS CodeCommit, for Repository name, accept the default AWS CodeCommit repository name, or enter a diﬀerent one. Then skip ahead to step 9.

8. If you chose GitHub, you need to choose or create a connection resource. If you have an existing connection, choose it in the search ﬁeld. Otherwise, create a new connection now. Choose Connect to GitHub.

The Create a connection page displays.

NoteTo create a connection, you must have a GitHub account. If you are creating a connection for an organization, you must be the organization owner.

(12)

a. Under Create GitHub App connection, in Connection name, enter a name for your connection.

Choose Connect to GitHub.

The Connect to GitHub page displays and shows the GitHub Apps ﬁeld.

b. Under GitHub Apps, choose an app installation or choose Install a new app to create one.

Note

You install one app for all of your connections to a particular provider. If you have already installed the AWS Connector for GitHub app, choose it and skip this step.

c. On the Install AWS Connector for GitHub page, choose the account where you want to install the app.

NoteIf you previously installed the app, you can choose Conﬁgure to proceed to a

modiﬁcation page for your app installation, or you can use the back button to return to the console.

d. If the Conﬁrm password to continue page is displayed, enter your GitHub password, and then choose Sign in.

e. On the Install AWS Connector for GitHub page, keep the defaults, and choose Install.

f. On the Connect to GitHub page, the installation ID for your new installation appears in GitHub Apps.

After the connection is created, in the CodeStar create project page, the message Ready to connect displays.

NoteYou can view your connection under Settings in the Developer Tools console. For more information, see Getting started with connections.

(13)

g. For Repository owner, choose the GitHub organization or your personal GitHub account.

h. For Repository name, accept the default GitHub repository name, or enter a diﬀerent one.

i. Choose Public or Private.

NoteTo use AWS Cloud9 as your development environment, you must choose Public.

j. (Optional) For Repository description, enter a description for the GitHub repository.

9. If your project is deployed to Amazon EC2 instances and you want to make changes, conﬁgure your Amazon EC2 instances in Amazon EC2 Conﬁguration. For example, you can choose from available instance types for your project.

Note

Different Amazon EC2 instance types provide different levels of computing power and might have different associated costs. For more information, see Amazon EC2 Instance Types and Amazon EC2 Pricing.

If you have more than one virtual private cloud (VPC) or multiple subnets created in Amazon Virtual Private Cloud, you can also choose the VPC and subnet to use. However, if you choose an Amazon EC2 instance type that is not supported on dedicated instances, you cannot choose a VPC whose instance tenancy is set to Dedicated.

For more information, see What Is Amazon VPC? and Dedicated Instance Basics.

(14)

Step 2: Add display information for your AWS CodeStar User Proﬁle

In Key pair, choose the Amazon EC2 key pair you created in Step 4: Create an Amazon EC2 Key Pair for AWS CodeStar Projects (p. 3). Select I acknowledge that I have access to the private key ﬁle.

10. Choose Next.

11. Review the resources and conﬁguration details.

12. Choose Next or Create project. (The displayed choice depends on your project template.) It might take a few minutes to create the project, including the repository.

13. After your project has a repository, you can use the Repository page to conﬁgure access to it. Use the links in Next steps to conﬁgure an IDE, set up issue tracking, or add team members to your project.

Step 2: Add display information for your AWS CodeStar User Proﬁle

When you create a project, you're added to the project team as an owner. If this is the ﬁrst time you've used AWS CodeStar, you are asked to provide:

• Your display name to show to other users.

• The email address to show to other users.

This information is used in your AWS CodeStar user profile. User profiles are not project-specific, but are limited to an AWS Region. You must create a user profile in each AWS Region in which you belong to projects. Each profile can contain different information, if you prefer.

Enter a user name and email address, and then choose Next.

NoteThis user name and email address is used in your AWS CodeStar user profile. If your project uses resources outside of AWS (for example, a GitHub repository or issues in Atlassian JIRA), those resource providers might have their own user profiles, with different user names and email addresses. For more information, see the resource provider's documentation.

Step 3: View Your Project

Your AWS CodeStar project page is where you and your team view the status of your project resources, including the latest commits to your project, the state of your continuous delivery pipeline, and the performance of your instances. To see more information about any of these resources, choose the corresponding page from the navigation bar.

In your new project, the navigation bar contains the following pages:

• The Overview page contains information about your project's activity, project resources, and your project's README contents.

• The IDE page is where you connect your project to an integrated development environment (IDE) to modify, test, and push source code changes. It contains instructions for conﬁguring IDEs for both GitHub and AWS CodeCommit repositories and information about your AWS Cloud9 environments.

• The Repository page displays your repository details, including the name, provider, when it was last modiﬁed, and clone URLs. You can also see information about the most recent commit and view and create pull requests.

(15)

Step 4: Commit a Change

• The Pipeline page displays CI/CD information about your pipeline. You can view pipeline details such as name, most recent action, and status. You can see the history of the pipeline and release a change.

You can also view the status of the individual steps of your pipeline.

• The Monitoring page displays either Amazon EC2 or AWS Lambda metrics depending on your project's conﬁguration. For example, it displays the CPU utilization of any Amazon EC2 instances deployed to by AWS Elastic Beanstalk or CodeDeploy resources in your pipeline. In projects that use AWS Lambda, it displays invocation and error metrics for the Lambda function. This information is displayed by the hour. If you used the suggested AWS CodeStar project template for this tutorial, you should see a noticeable spike in activity as your application is ﬁrst deployed to those instances. You can refresh monitoring to see changes in your instance health, which can help you identify problems or the need for more resources.

• The Issues page is for integrating your AWS CodeStar project with an Atlassian JIRA project.

Conﬁguring this tile makes it possible for you and your project team to track JIRA issues from the project dashboard.

The navigation pane on the left side of the console is where you can navigate between your Project, Team, and Settings pages.

Step 4: Commit a Change

First, take a look at the sample application that was included in your project. See what the application looks like by choosing View application from anywhere in your project navigation. Your sample web application will be displayed in a new window or browser tab. This is the project sample that AWS CodeStar built and deployed.

If you'd like to look at the code, in the navigation bar choose Repository. Choose the link under Repository name and your project's repository opens in a new tab or window. Read the contents of the repository's readme ﬁle (README.md), and browse the content of those ﬁles.

In this step, you make a change to the code and then push the change to your repository. You can do this in one of several ways:

• If the project's code is stored in a CodeCommit or GitHub repository, you can use AWS Cloud9 to work with the code directly from your web browser, without installing any tools. For more information, see Create an AWS Cloud9 Environment for a Project (p. 53).

• If the project's code is stored in a CodeCommit repository, and you have Visual Studio or Eclipse installed, you can use the AWS Toolkit for Visual Studio or AWS Toolkit for Eclipse to more easily connect to the code. For more information, see Use an IDE with AWS CodeStar (p. 51). If you don't have Visual Studio or Eclipse, install a Git client, and follow the instructions later in this step.

• If the project's code is stored in a GitHub repository, you can use your IDE's tools for connecting to GitHub.

• For Visual Studio, you can use a tools such as the GitHub Extension for Visual Studio. For more information, see the Overview page on the GitHub Extension for Visual Studio website and Getting Started with GitHub for Visual Studio on the GitHub website.

• For Eclipse, you can use a tool such as EGit for Eclipse. For more information, see the EGit Documentation on the EGit website.

• For other IDEs, consult your IDE's documentation.

• For other types of code repositories, see the repository provider's documentation.

The following instructions show you how to make a minor change to the sample.

(16)

To set up your computer to commit changes (IAM user)

NoteIn this procedure, we assume that your project's code is stored in a CodeCommit repository. For other types of code repositories, see the repository provider's documentation, and then skip ahead to the next procedure, To clone the project repository and make a change (p. 12).

If the code is stored in CodeCommit and you are already using CodeCommit or you used the AWS CodeStar console to create an AWS Cloud9 development environment for the project, you don't need more conﬁguration. Skip ahead to the next procedure, To clone the project repository and make a change (p. 12).

1. Install Git on your local computer.

2. Sign in to the AWS Management Console and open the IAM console at https://

console.aws.amazon.com/iam/.

Sign in as the IAM user who will use Git credentials for connections to your AWS CodeStar project repository in CodeCommit.

3. In the IAM console, in the navigation pane, choose Users, and from the list of users, choose your IAM user.

4. On the user details page, choose the Security Credentials tab, and in HTTPS Git credentials for CodeCommit, choose Generate.

Note

You cannot choose your own user name or password for Git credentials. For more information, see Use Git Credentials and HTTPS with CodeCommit.

5. Copy the user name and password that IAM generated for you. You can choose Show and then copy and paste this information into a secure ﬁle on your local computer, or you can choose Download credentials to download this information as a .CSV ﬁle. You need this information to connect to CodeCommit.

After you have saved your credentials, choose Close.

Important

This is your only chance to save the user name and password. If you do not save them, you can copy the user name from the IAM console, but you cannot look up the password. You must reset the password and then save it.

To set up your computer to commit changes (federated user)

You can use the console to upload ﬁles to your repository, or you can use Git to connect from your local computer. If you are using federated access, follow these steps to use Git to connect to and clone your repository from your local computer.

NoteIn this procedure, we assume that your project's code is stored in a CodeCommit repository. For other types of code repositories, see the repository provider's documentation, and then skip ahead to the next procedure, To clone the project repository and make a change (p. 12).

1. Install Git on your local computer.

2. Install the AWS CLI.

3. Conﬁgure your temporary security credentials for a federated user. For information, see Temporary Access to CodeCommit Repositories. Temporary credentials consist of:

• AWS access key

• AWS secret key

• Session token

(17)

For more information about temporary credentials, see Permissions for GetFederationToken.

4. Connect to your repository using the AWS CLI credential helper. For information, see Setup Steps for HTTPS Connections to CodeCommit Repositories on Linux, macOS, or Unix with the AWS CLI Credential Helper or Setup Steps for HTTPS Connections to CodeCommit Repositories on Windows with the AWS CLI Credential Helper

5. The following example shows how to connect to a CodeCommit repository and push a commit to it.

Example: To clone the project repository and make a change Note

This procedure shows how to clone the project's code repository to your computer, make a change to the project's index.html ﬁle, and then push your change to the remote repository.

In this procedure, we assume that your project's code is stored in a CodeCommit repository and that you're using a Git client from the command line. For other types of code repositories or tools, see the provider's documentation for how to clone the repository, change the ﬁle, and then push the code.

1. If you used the AWS CodeStar console to create an AWS Cloud9 development environment for the project, open the development environment, and then skip to step 3 in this procedure. To open the development environment, see Open an AWS Cloud9 Environment for a Project (p. 54).

With your project open in the AWS CodeStar console, on the navigation bar, choose Repository.

In Clone URL, choose the protocol for the connection type you have set up for CodeCommit, and then copy the link. For example, if you followed the steps in the previous procedure to set up Git credentials for CodeCommit, choose HTTPS.

2. On your local computer, open a terminal or command line window and change directories to a temporary directory. Run the git clone command to clone the repository to your computer. Paste the link you copied. For example, for CodeCommit using HTTPS:

git clone https://git-codecommit.us-east-2.amazonaws.com/v1/repos/my-first-projec

The ﬁrst time you connect, you are prompted for the user name and password for the repository.

For CodeCommit, enter the Git credentials user name and password you downloaded in the previous procedure.

3. Navigate to the cloned directory on your computer and browse the contents.

4. Open the index.html ﬁle (in the public folder) and make a change to the ﬁle. For example, add a paragraph after the <H2> tag such as:

<P>Hello, world!</P>

Save the ﬁle.

5. At the terminal or command prompt, add your changed ﬁle, and then commit and push your change:

git add index.html

git commit -m "Making my first change to the web app"

git push

6. On the Repository page, view the changes in progress. You should see that the commit history for the repository is updated with your commit, including the commit message. In the Pipeline page, you can see the pipeline pick up your change to the repository and start building and deploying it.

After your web application is deployed, you can choose View application to view your change.

(18)

Step 5: Add More Team Members

NoteIf Failed is displayed for any of the pipeline stages, see the following for troubleshooting help:

• For the Source stage, see Troubleshooting AWS CodeCommit in the AWS CodeCommit User Guide.

• For the Build stage, see Troubleshooting AWS CodeBuild in the AWS CodeBuild User Guide.

• For the Deploy stage, see Troubleshooting AWS CloudFormation in the AWS CloudFormation User Guide.

• For other issues, see Troubleshooting AWS CodeStar (p. 142).

Step 5: Add More Team Members

Every AWS CodeStar project is already conﬁgured with three AWS CodeStar roles. Each role provides its own level of access to the project and its resources:

• Owner: Can add and remove team members, change the project dashboard, and delete the project.

• Contributor: Can change the project dashboard and contribute code if the code is stored in CodeCommit, but cannot add or remove team members or delete the project. This is the role you should choose for most team members in an AWS CodeStar project.

• Viewer: Can view the project dashboard, project code if the code is stored in CodeCommit, and the state of the project, but cannot move, add, or remove tiles from the project dashboard.

Important

If your project uses resources outside of AWS (for example, a GitHub repository or issues in Atlassian JIRA), access to those resources is controlled by the resource provider, not AWS CodeStar. For more information, see the resource provider's documentation.

Anyone who has access to an AWS CodeStar project might be able to use the AWS CodeStar console to access resources that are outside of AWS but are related to the project.

AWS CodeStar does not allow project team members to participate in any related AWS Cloud9 development environments for a project. To allow a team member to participate in a shared environment, see Share an AWS Cloud9 Environment with a Project Team Member (p. 55).

For more information about teams and project roles, see Working with AWS CodeStar Teams (p. 85).

To add a team member to an AWS CodeStar project (console)

2. Choose Projects from the navigation pane and choose your project.

3. In the side navigation pane for the project, choose Team.

4. On the Team members page, choose Add team member.

5. In Choose user, do one of the following:

• If an IAM user already exists for the person you want to add, choose the IAM user name from the list.

(19)

Step 6: Clean Up

NoteUsers who have already been added to another AWS CodeStar project appear in the Existing AWS CodeStar users list.

In Project role, choose the AWS CodeStar role (Owner, Contributor, or Viewer) for this user. This is an AWS CodeStar project-level role that can only be changed by an owner of the project. When applied to an IAM user, the role provides all permissions required to access AWS CodeStar project resources. It applies policies required for creating and managing Git credentials for code stored in CodeCommit in IAM or uploading Amazon EC2 SSH keys for the user in IAM.

Important

You cannot provide or change the display name or email information for an IAM user unless you are signed in to the console as that user. For more information, see Manage Display Information for Your AWS CodeStar User Proﬁle (p. 93).

Choose Add team member.

• If an IAM user does not exist for the person you want to add to the project, choose Create new IAM user. You will be redirected to the IAM console where you can create a new IAM user, see Creating IAM Users in the IAM user guide for more information. After you create your IAM user, return to the AWS CodeStar console, refresh the list of users, and choose the IAM user you created from the dropdown list. Enter the AWS CodeStardisplay name, email address, and project role you want to apply to this new user, and then choose Add team member.

NoteFor ease of management, at least one user should be assigned the Owner role for the project.

6. Send the new team member the following information:

• Connection information for your AWS CodeStar project.

• If the source code is stored in CodeCommit, instructions for setting up access with Git credentials to the CodeCommit repository from their local computers.

• Information about how the user can manage their display name, email address, and public Amazon EC2 SSH key, as described in Working with Your AWS CodeStar User Proﬁle (p. 93).

• One-time password and connection information, if the user is new to AWS and you created an IAM user for that person. The password expires the ﬁrst time the user signs in. The user must choose a new password.

Step 6: Clean Up

Congratulations! You've ﬁnished the tutorial. If you don't want to continue to use this project and its resources, you should delete it to avoid possible continued charges to your AWS account.

To delete a project in AWS CodeStar

2. Choose Projects in the navigation pane.

3. Select the project you want to delete and choose Delete.

Or, open the project and choose Settings from the navigation pane on the left side of the console.

On the project details page, choose Delete project.

4. In the Delete conﬁrmation page, enter delete. Keep Delete resources selected if you wish to delete project resources. Choose Delete.

(20)

Step 7: Get Your Project Ready for a Production Environment

Deleting a project can take several minutes. After it's deleted, the project no longer appears in the list of projects in the AWS CodeStar console.

Important

If your project uses resources outside of AWS (for example, a GitHub repository or issues in Atlassian JIRA), those resources are not deleted, even if you select the check box.

Your project cannot be deleted if any AWS CodeStar managed policies have been manually attached to roles that are not IAM users. If you have attached your project's managed policies to a federated user's role, you must detach the policy before you can delete the project. For more information, see ??? (p. 109).

Step 7: Get Your Project Ready for a Production Environment

After you have created your project, you are ready to create, test, and deploy code. Review the following considerations for maintaining your project in a production environment:

• Regularly apply patches and review security best practices for the dependencies used by your application. For more information, see Security Best Practices for AWS CodeStar Resources (p. 41).

• Regularly monitor the environment settings suggested by the programming language for your project.

Next Steps

Here are some other resources to help you learn about AWS CodeStar:

• The Tutorial: Creating and Managing a Serverless Project in AWS CodeStar (p. 15) uses a project that creates and deploys a web service using logic in AWS Lambda and can be called by an API in Amazon API Gateway.

• AWS CodeStar Project Templates (p. 37) describes other types of projects you can create.

• Working with AWS CodeStar Teams (p. 85) provides information about enabling others to help you work on your projects.

Tutorial: Creating and Managing a Serverless Project in AWS CodeStar

In this tutorial, you use AWS CodeStar to create a project that uses the AWS Serverless Application Model (AWS SAM) to create and manage AWS resources for a web service hosted in AWS Lambda.

AWS CodeStar uses AWS SAM, which relies on AWS CloudFormation, to provide a simpliﬁed way of creating and managing supported AWS resources, including Amazon API Gateway APIs, AWS Lambda functions, and Amazon DynamoDB tables. (This project does not use any Amazon DynamoDB tables.) For more information, see AWS Serverless Application Model (AWS SAM) on GitHub.

Prerequisite: Complete the steps in Setting Up AWS CodeStar (p. 2).

(21)

Overview

NoteYour AWS account might be charged for costs related to this tutorial, including costs for AWS services used by AWS CodeStar. For more information, see AWS CodeStar Pricing.

Topics

• Overview (p. 16)

• Step 1: Create the Project (p. 16)

• Step 2: Explore Project Resources (p. 17)

• Step 3: Test the Web Service (p. 19)

• Step 4: Set Up Your Local Workstation to Edit Project Code (p. 20)

• Step 5: Add Logic to the Web Service (p. 20)

• Step 6: Test the Enhanced Web Service (p. 22)

• Step 7: Add a Unit Test to the Web Service (p. 22)

• Step 8: View Unit Test Results (p. 24)

• Step 9: Clean Up (p. 24)

Overview

In this tutorial, you:

1. Use AWS CodeStar to create a project that uses AWS SAM to build and deploy a Python-based web service. This web service is hosted in AWS Lambda and can be accessed through Amazon API Gateway.

2. Explore the project's main resources, which include:

• The AWS CodeCommit repository where the project's source code is stored. This source code includes the web service's logic and deﬁnes related AWS resources.

• The AWS CodePipeline pipeline that automates the building of the source code. This pipeline uses AWS SAM to create and deploy a function to AWS Lambda, create a related API in Amazon API Gateway, and connect the API to the function.

• The function that is deployed to AWS Lambda.

• The API that is created in Amazon API Gateway.

3. Test the web service to conﬁrm that AWS CodeStar built and deployed the web service as expected.

4. Set up your local workstation to work with the project's source code.

5. Change the project's source code using your local workstation. When you add a function to the project and then push your changes to the source code, AWS CodeStar rebuilds and redeploys the web service.

6. Test the web service again to conﬁrm that AWS CodeStar rebuilt and redeployed as expected.

7. Write a unit test using your local workstation to replace some of your manual testing with an automated test. When you push the unit test, AWS CodeStar rebuilds and redeploys the web service and runs the unit test.

8. View the results of the unit tests.

9. Clean up the project. This step helps you avoid charges to your AWS account for costs related to this tutorial.

Step 1: Create the Project

In this step, you use the AWS CodeStar console to create a project.

1. Sign in to the AWS Management Console and open the AWS CodeStar console, at https://

(22)

Step 2: Explore Project Resources

NoteYou must sign in to the AWS Management Console using credentials associated with the IAM user you created or identiﬁed in Setting Up AWS CodeStar (p. 2). This user must have the AWSCodeStarFullAccess managed policy attached.

2. Choose the AWS Region where you want to create the project and its resources.

For information about AWS Regions where AWS CodeStar is available, see Regions and Endpoints in the AWS General Reference.

3. Choose Create project.

4. On the Choose a project template page:

• For Application type, select Web service.

• For Programming language, select Python.

• For AWS service, select AWS Lambda.

5. Choose the box that contains your selections. Choose Next.

6. For Project name, enter a name for the project (for example, My SAM Project). If you use a name diﬀerent from the example, be sure to use it throughout this tutorial.

For Project ID, AWS CodeStar chooses a related identiﬁer for this project (for example, my-sam- project). If you see a diﬀerent project ID, be sure to use it throughout this tutorial.

Leave AWS CodeCommit selected, and do not change the Repository name value.

7. Choose Next.

8. Review your settings and then choose Create Project.

If this is your ﬁrst time using AWS CodeStar in this AWS Region, for Display Name and Email, enter the display name and email address you want AWS CodeStar to use for your IAM user. Choose Next.

9. Wait while AWS CodeStar creates the project. This might take several minutes. Do not continue until you see the Project provisioned banner when you refresh.

Step 2: Explore Project Resources

In this step, you explore four of the project's AWS resources to understand how the project works:

• The AWS CodeCommit repository where the project's source code is stored. AWS CodeStar gives the repository the name my-sam-project, where my-sam-project is the name of the project.

• The AWS CodePipeline pipeline that uses CodeBuild and AWS SAM to automate building and

deploying the web service's Lambda function and API in API Gateway. AWS CodeStar gives the pipeline the name my-sam-project--Pipeline, where my-sam-project is the ID of the project.

• The Lambda function that contains the logic of the web service. AWS CodeStar gives the function the name awscodestar-my-sam-project-lambda-HelloWorld-RANDOM_ID, where:

• my-sam-project is the ID of the project.

• HelloWorld is the function ID as specified in the template.yaml file in the AWS CodeCommit repository. You explore this file later.

• RANDOM_ID is a random ID that AWS SAM assigns to the function to help ensure uniqueness.

• The API in API Gateway that makes it easier to call the Lambda function. AWS CodeStar gives the API the name awscodestar-my-sam-project--lambda, where my-sam-project is the ID of the project.

To explore the source code repository in CodeCommit

1. With your project open in the AWS CodeStar console, on the navigation bar, choose Repository.

(23)

Step 2: Explore Project Resources

2. Choose the link to your CodeCommit repository (My-SAM-Project) in Repository details.

3. In the CodeCommit console, on the Code page, the source code ﬁles for the project are displayed:

• buildspec.yml, which CodePipeline instructs CodeBuild to use during the build phase, to package the web service using AWS SAM.

• index.py, which contains the logic for the Lambda function. This function simply outputs the string Hello World and a timestamp, in ISO format.

• README.md, which contains general information about the repository.

• template-configuration.json, which contains the project ARN with placeholders used for tagging resources with the project ID

• template.yml, which AWS SAM uses to package the web service and create the API in API Gateway.

To view the contents of a ﬁle, choose it from the list.

For more information about using the CodeCommit console, see the AWS CodeCommit User Guide.

(24)

Step 3: Test the Web Service

To explore the pipeline in CodePipeline

1. To view information about the pipeline, with your project open in the AWS CodeStar console, on the navigation bar, choose Pipeline and you see the pipeline contains:

• A Source stage for getting the source code from CodeCommit.

• A Build stage for building the source code with CodeBuild.

• A Deploy stage for deploying the built source code and AWS resources with AWS SAM.

2. To view more information about the pipeline, in Pipeline details, choose your pipeline to open the pipeline in the CodePipeline console.

For information about using the CodePipeline console, see the AWS CodePipeline User Guide.

To explore project activity and AWS service resources on the Overview page

1. Open your project in the AWS CodeStar console and from the navigation bar, choose Overview.

2. Review the Project activity and Project resources lists.

To explore the function in Lambda

1. With your project open in the AWS CodeStar console, on the side navigation bar, choose Overview.

2. In Project resources, in the ARN column, choose the link for the Lambda function.

The function's code is displayed in the Lambda console.

For information about using the Lambda console, see the AWS Lambda Developer Guide.

To explore the API in API Gateway

1. With your project open in the AWS CodeStar console, on the side navigation bar, choose Overview.

2. In Project resources, in the ARN column, choose the link for the Amazon API Gateway API.

Resources for the API are displayed in the API Gateway console.

For information about using the API Gateway console, see the API Gateway Developer Guide.

Step 3: Test the Web Service

In this step, you test the web service that AWS CodeStar just built and deployed.

1. With your project still open from the previous step, on the navigation bar, choose Pipeline.

2. Make sure Succeeded is displayed for the Source, Build, and Deploy stages before you continue.

This might take several minutes.

NoteIf Failed is displayed for any of the stages, see the following for troubleshooting help:

(25)

Step 4: Set Up Your Local Workstation to Edit Project Code

3. Choose View Application.

On the new tab that opens in your web browser, the web service displays the following response output:

{"output": "Hello World", "timestamp": "2017-08-30T15:53:42.682839"}

Step 4: Set Up Your Local Workstation to Edit Project Code

In this step, you set up your local workstation to edit the source code in the AWS CodeStar project. Your local workstation can be a physical or virtual computer running macOS, Windows, or Linux.

1. With your project still open from the previous step:

• In the navigation bar, choose IDE, and then expand Access your project code.

• Choose View instructions underneath Command line interface.

If you have Visual Studio or Eclipse installed, choose View instructions underneath Visual Studio or Eclipse instead, follow the instructions, and then skip to Step 5: Add Logic to the Web Service (p. 20).

2. Follow the instructions to complete the following tasks:

a. Set up Git on your local workstation.

b. Use the IAM console to generate Git credentials for your IAM user.

c. Clone the project's CodeCommit repository onto your local workstation.

3. In the left navigation, choose Project to return to your project overview.

Step 5: Add Logic to the Web Service

In this step, you use your local workstation to add logic to the web service. Speciﬁcally, you add a Lambda function and then connect it to the API in API Gateway.

1. On your local workstation, go to the directory that contains the cloned source code repository.

2. In that directory, create a ﬁle named hello.py. Add the following code, and then save the ﬁle:

import json

def handler(event, context):

data = {

'output': 'Hello ' + event["pathParameters"]["name"]

} return {

'statusCode': 200, 'body': json.dumps(data),

'headers': {'Content-Type': 'application/json'}

}

(26)

Step 5: Add Logic to the Web Service

The preceding code outputs the string Hello and the string the caller sends to the function.

3. In the same directory, open the template.yml file. Add the following code to the end of the file, and then save the file:

Hello:

Type: AWS::Serverless::Function Properties:

FunctionName: !Sub 'awscodestar-${ProjectId}-lambda-Hello' Handler: hello.handler

Runtime: python3.7 Role:

Fn::GetAtt:

- LambdaExecutionRole - Arn

Events:

GetEvent:

Type: Api Properties:

Path: /hello/{name}

Method: get

AWS SAM uses this code to create a function in Lambda, add a new method and path to the API in API Gateway, and then connect this method and path to the new function.

NoteThe indentation of the preceding code is important. If you don't add the code exactly as it's shown, the project might not build correctly.

4. Run git add . to add your ﬁle changes to the staging area of the cloned repository Do not forget the period (.), which adds all changed ﬁles.

NoteIf you are using Visual Studio or Eclipse instead of the command line, the instructions for using Git might be diﬀerent. See the Visual Studio or Eclipse documentation.

5. Run git commit -m "Added hello.py and updated template.yaml." to commit your staged ﬁles in the cloned repository

6. Run git push to push your commit to the remote repository.

NoteYou might be prompted for the user name and password IAM generated for you earlier.

To keep from being prompted each time you interact with the remote repository, consider installing and configuring a Git credential manager. For example, on macOS or Linux, you can run git config credential.helper 'cache --timeout 900' in the terminal to be prompted no sooner than every 15 minutes. Or you can run git config credential.helper 'store --file

~/.git-credentials' to never be prompted again. Git stores your credentials in clear text in a plain ﬁle in your home directory. For more information, see Git Tools - Credential Storage on the Git website.

After AWS CodeStar detects the push, it instructs CodePipeline to use CodeBuild and AWS SAM to rebuild and redeploy the web service. You can watch the deployment progress on the Pipeline page.

AWS SAM gives the new function the name awscodestar-my-sam-project-lambda-Hello-RANDOM_ID, where:

• my-sam-project is the ID of the project.

• Hello is the function ID, as speciﬁed in the template.yaml ﬁle.

• RANDOM_ID is a random ID that AWS SAM assigns to the function for uniqueness.

(27)

Step 6: Test the Enhanced Web Service

In this step, you test the enhanced web service that AWS CodeStar built and deployed, based on the logic you added in the previous step.

1. With your project still open in the AWS CodeStar console, on the navigation bar, choose Pipeline.

2. Make sure the pipeline has run again and that Succeeded is displayed for the Source, Build, and Deploy stages before you continue. This might take several minutes.

NoteIf Failed is displayed for any of the stages, see the following for troubleshooting help:

3. Choose View Application.

On the new tab that opens in your web browser, the web service displays the following response output:

{"output": "Hello World", "timestamp": "2017-08-30T15:53:42.682839"}

4. In the tab's address box, add the path /hello/ and your ﬁrst name to the end of the URL (for example, https://API_ID.execute-api.REGION_ID.amazonaws.com/Prod/

hello/YOUR_FIRST_NAME), and then press Enter.

If your ﬁrst name is Mary, the web service displays the following response output:

{"output": "Hello Mary"}

Step 7: Add a Unit Test to the Web Service

In this step, you use your local workstation to add a test that AWS CodeStar runs on the web service. This test replaces the manual testing you did earlier.

1. On your local workstation, go to the directory that contains the cloned source code repository.

2. In that directory, create a ﬁle named hello_test.py. Add the following code, and then save the ﬁle.

from hello import handler def test_hello_handler():

event = {

'pathParameters': { 'name': 'testname'

(28)

Step 7: Add a Unit Test to the Web Service

} }

context = {}

expected = {

'body': '{"output": "Hello testname"}', 'headers': {

'Content-Type': 'application/json' },

'statusCode': 200 }

assert handler(event, context) == expected

This test checks whether the output of the Lambda function is in the expected format. If so, the test succeeds. Otherwise, the test fails.

3. In the same directory, open the buildspec.yml file. Replace the file's contents with the following code, and then save the file.

version: 0.2 phases:

install:

runtime-versions:

python: 3.7 commands:

- pip install pytest

# Upgrade AWS CLI to the latest version - pip install --upgrade awscli

pre_build:

commands:

- pytest build:

commands:

# Use AWS SAM to package the application by using AWS CloudFormation

- aws cloudformation package --template template.yml --s3-bucket $S3_BUCKET -- output-template template-export.yml

# Do not remove this statement. This command is required for AWS CodeStar projects.

# Update the AWS Partition, AWS Region, account ID and project ID in the project ARN on template-configuration.json file so AWS CloudFormation can tag project resources.

- sed -i.bak 's/\$PARTITION\$/'${PARTITION}'/g;s/\$AWS_REGION

\$/'${AWS_REGION}'/g;s/\$ACCOUNT_ID\$/'${ACCOUNT_ID}'/g;s/\$PROJECT_ID\

$/'${PROJECT_ID}'/g' template-configuration.json artifacts:

type: zip files:

- template-export.yml

- template-configuration.json

This build speciﬁcation instructs CodeBuild to install pytest, the Python test framework, into its build environment. CodeBuild uses pytest to run the unit test. The rest of the build speciﬁcation is the same as before.

4. Use Git to push these changes to the remote repository.

(29)

Step 8: View Unit Test Results

git add .

git commit -m "Added hello_test.py and updated buildspec.yml."

git push

Step 8: View Unit Test Results

In this step, you see whether the unit test succeeded or failed.

1. With your project still open in the AWS CodeStar console, on the navigation bar, choose Pipeline.

2. Make sure the pipeline has run again before you continue. This might take several minutes.

If the unit test was successful, Succeeded is displayed for the Build stage.

3. To view the unit test result details, in the Build stage, choose the CodeBuild link.

4. In the CodeBuild console, on the Build Project: my-sam-project page, in Build history, choose the link in the Build run column of the table.

5. On the my-sam-project:BUILD_ID page, in Build logs, choose the View entire log link.

6. In the Amazon CloudWatch Logs console, look in the log output for a test result similar to the following. In the following test result, the test passed:

...

============================= test session starts ==============================

platform linux2 -- Python 2.7.12, pytest-3.2.1, py-1.4.34, pluggy-0.4.0 rootdir: /codebuild/output/src123456789/src, inifile:

collected 1 item hello_test.py .

=========================== 1 passed in 0.01 seconds ===========================

...

If the test failed, there should be details in the log output to help you troubleshoot the failure.

Step 9: Clean Up

In this step, you clean up the project to avoid ongoing charges for this project.

If you want to keep using this project, you can skip this step, but your AWS account might continue to be charged.

1. With your project still open in the AWS CodeStar console, on the navigation bar, choose Settings.

2. In Project details, Choose Delete project.

3. Enter delete, keep the Delete resources box selected, and then choose Delete.

Important

If you clear this box, the project record is deleted from AWS CodeStar, but many of the project's AWS resources are retained. Your AWS account might continue to be charged.

If there is still an Amazon S3 bucket that AWS CodeStar created for this project, follow these steps to delete it. :

(30)

Next Steps

1. Open the Amazon S3 console, at https://console.aws.amazon.com/s3/.

2. In the list of buckets, choose the icon next to aws-codestar-REGION_ID-ACCOUNT_ID-my-sam- project--pipe, where:

• REGION_ID is the ID of the AWS Region for the project you just deleted.

• ACCOUNT_ID is your AWS account ID.

• my-sam-project is the ID of the project you just deleted.

3. Choose Empty Bucket. Enter the name of the bucket, and then choose Conﬁrm.

4. Choose Delete Bucket. Enter the name of the bucket, and then choose Conﬁrm.

Next Steps

Now that you have completed this tutorial, we suggest you review the following resources:

• The Getting Started with AWS CodeStar (p. 5) tutorial uses a project that creates and deploys a Node.js-based web application running on an Amazon EC2 instance.

• AWS CodeStar Project Templates (p. 37) describes other types of projects you can create.

• Working with AWS CodeStar Teams (p. 85) shows you how others can help you work on your projects.

Tutorial: Create a Project in AWS CodeStar with the AWS CLI

This tutorial shows you how to use the AWS CLI to create an AWS CodeStar project with sample source code and a sample toolchain template. AWS CodeStar provisions the AWS infrastructure and IAM resources speciﬁed in an AWS CloudFormation toolchain template. The project manages your toolchain resources to build and deploy your source code.

AWS CodeStar uses AWS CloudFormation to build and deploy your sample code. This sample code creates a web service that is hosted in AWS Lambda and can be accessed through Amazon API Gateway.

Prerequisites:

• Complete the steps in Setting Up AWS CodeStar (p. 2).

• You must have created an Amazon S3 storage bucket. In this tutorial, you upload the sample source code and toolchain template to this location.

NoteYour AWS account might be charged for costs related to this tutorial, including AWS services used by AWS CodeStar. For more information, see AWS CodeStar Pricing.

Topics

• Step 1: Download and Review the Sample Source Code (p. 26)

• Step 2: Download the Sample Toolchain Template (p. 26)

• Step 3: Test Your Toolchain Template in AWS CloudFormation (p. 27)

• Step 4: Upload Your Source Code and Toolchain Template (p. 27)

• Step 5: Create a Project in AWS CodeStar (p. 28)

(31)

Step 1: Download and Review the Sample Source Code

For this tutorial, there is a zip ﬁle available for download. It contains sample source code for a Node.js sample application on the Lambda compute platform. When the source code is placed in your repository, its folder and ﬁles appear as shown:

tests/

app.js buildspec.yml index.js package.json README.md template.yml

The following project elements are represented in your sample source code:

• tests/: Unit tests set up for this project's CodeBuild project. This folder is included in the sample code, but it is not required to create a project.

• app.js: Application source code for your project.

• buildspec.yml: The build instructions for your CodeBuild resource's build stage. This ﬁle is required for a toolchain template with an CodeBuild resource.

• package.json: The dependencies information for your application source code.

• README.md: The project readme ﬁle included in all AWS CodeStar projects. This ﬁle is included in the sample code, but it is not required to create a project.

• template.yml: The infrastructure template file or SAM template file included in all AWS CodeStar projects. This is different from the toolchain template.yml you upload later in this tutorial. This file is included in the sample code, but it is not required to create a project.

Step 2: Download the Sample Toolchain Template

The sample toolchain template provided for this tutorial creates a repository (CodeCommit), pipeline (CodePipeline), and build container (CodeBuild) and uses AWS CloudFormation to deploy your source code to a Lambda platform. In addition to these resources, there are also IAM roles that you can use to scope the permissions of your runtime environment, an Amazon S3 bucket that CodePipeline uses to store your deployment artifacts, and an CloudWatch Events rule that is used to trigger pipeline deployments when you push code to your repository. To align with AWS IAM best practices, scope down the policies of your toolchain roles deﬁned in this example.

Download and unzip the sample AWS CloudFormation template in YAML format.

When you run the create-project command later in the tutorial. this template creates the following customized toolchain resources in AWS CloudFormation. For more information about the resources created in this tutorial, see the following topics in the AWS CloudFormation User Guide:

• The AWS::CodeCommit::Repository AWS CloudFormation resource creates a CodeCommit repository.

• The AWS::CodeBuild::Project AWS CloudFormation resource creates an CodeBuild build project.

• The AWS::CodeDeploy::Application AWS CloudFormation resource creates a CodeDeploy application.

• The AWS::CodePipeline::Pipeline AWS CloudFormation resource creates a CodePipeline pipeline.

• The AWS::S3::Bucket AWS CloudFormation resource creates your pipeline's artifact bucket.

• The AWS::S3::BucketPolicy AWS CloudFormation resource creates the artifact bucket policy for your pipeline's artifact bucket.

AWS CodeStar

AWS CodeStar

User Guide

AWS CodeStar: User Guide

Table of Contents

What Is AWS CodeStar?

What Can I Do with AWS CodeStar?

How Do I Get Started with AWS CodeStar?

Setting Up AWS CodeStar

Step 1: Create an AWS Account

Step 2: Create the AWS CodeStar Service Role

Step 3: Conﬁgure the User's IAM Permissions

Conﬁgure Permissions for IAM Users

Conﬁgure Permissions for Federated Users

Step 4: Create an Amazon EC2 Key Pair for AWS CodeStar Projects

Step 5: Open the AWS CodeStar Console

Next Steps

Getting Started with AWS CodeStar

Step 1: Create an AWS CodeStar Project

Step 2: Add display information for your AWS CodeStar User Proﬁle

Step 3: View Your Project

Step 4: Commit a Change

Step 5: Add More Team Members

Step 6: Clean Up

Step 7: Get Your Project Ready for a Production Environment

Next Steps

Tutorial: Creating and Managing a Serverless Project in AWS CodeStar

Overview

Step 1: Create the Project

Step 2: Explore Project Resources

Step 3: Test the Web Service

Step 4: Set Up Your Local Workstation to Edit Project Code

Step 5: Add Logic to the Web Service

Step 6: Test the Enhanced Web Service

Step 7: Add a Unit Test to the Web Service

Step 8: View Unit Test Results

Step 9: Clean Up

Next Steps

Tutorial: Create a Project in AWS CodeStar with the AWS CLI

Step 1: Download and Review the Sample Source Code

Step 2: Download the Sample Toolchain Template