AWS CodeDeploy
User Guide (API Version 2014-10-06)

The procedures in this guide support the new console design. If you choose to use the older version of the console, you will find many of the concepts and basic procedures in this guide still apply. To access help in the new console, choose the information icon.

Troubleshoot Instance Issues

Tags must be set correctly

Use the list-deployment-instances command to confirm the instances used for a deployment are tagged correctly. If an Amazon EC2 instance is missing in the output, use the Amazon EC2 console to confirm the tags have been set on the instance. For more information, see Working with Tags in the Console in the Amazon EC2 User Guide for Linux Instances.


If you tag an instance and immediately use AWS CodeDeploy to deploy an application to it, the instance might not be included in the deployment. This is because it can take several minutes before AWS CodeDeploy can read the tags . We recommend that you wait at least five minutes between the time you tag an instance and attempt to deploy to it.

AWS CodeDeploy agent must be installed and running on instances

To verify the AWS CodeDeploy agent is installed and running on an instance, see Verify the AWS CodeDeploy Agent Is Running.

To install, uninstall, or reinstall the AWS CodeDeploy agent, see Install or Reinstall the AWS CodeDeploy Agent.

Deployments do not fail for up to an hour when an instance is terminated during a deployment

AWS CodeDeploy provides a one-hour window for each deployment lifecycle event to run to completion. This provides ample time for long-running scripts.

If anything occurs that prevents scripts from running to completion while a lifecycle event is in progress (for example, if an instance is terminated or the AWS CodeDeploy agent is shut down), it might take up to an hour for the status of the deployment to be displayed as Failed. This is true even if the timeout period specified in the script is shorter than an hour. This is because when the instance is terminated, the AWS CodeDeploy agent will shut down and will be unable to process any additional scripts.

If an instance is terminated between lifecycle events or before the first lifecycle event step starts, however, the timeout occurs after just five minutes.

Analyzing log files to investigate deployment failures on instances

If the status of an instance in the deployment is anything other than Succeeded, you can review the deployment log file data to help identify the problem. For information about accessing deployment log data, see View Log Data for AWS CodeDeploy EC2/On-Premises Deployments.

Create a new AWS CodeDeploy log file if it was accidentally deleted

If you accidentally delete the deployment log file on an instance, AWS CodeDeploy does not create a replacement log file. To create a new log file, sign in to the instance, and then run these commands:

For an Amazon Linux, Ubuntu Server, or RHEL instance, run these commands in this order, one at a time:

sudo service codedeploy-agent stop
sudo service codedeploy-agent

For a Windows Server instance:

powershell.exe -Command Restart-Service -Name codedeployagent

Troubleshooting “InvalidSignatureException – Signature expired: [time] is now earlier than [time]” deployment errors

AWS CodeDeploy requires accurate time references in order to perform its operations. If your instance's date and time are not set correctly, they may not match the signature date of your deployment request, which AWS CodeDeploy will therefore reject.

To avoid deployment failures related to incorrect time settings, see the following topics: