AWS CodeDeploy - AWS GovCloud (US)

AWS CodeDeploy

AWS CodeDeploy is a deployment service that enables developers to automate the deployment of applications to instances and to update the applications as required.

How AWS CodeDeploy Differs for AWS GovCloud (US)

  • The new AWS CodeDeploy console is not available in the AWS GovCloud (US) Regions

  • Use SSL (HTTPS) when you make calls to the service in AWS GovCloud (US) Regions. In other regions, you can use HTTP or HTTPS.

  • Several procedures in the CodeDeploy User Guide require the customer to substitute the name of a region-specific Amazon S3 bucket or bucket ARN. These procedures are for tasks such as restricting bucket access and downloading installation files, samples, and templates. In AWS GovCloud (US) Regions, the formats for accessing these resources do not follow the same patterns as for other regions.

Documentation for AWS CodeDeploy

Use the values presented here to complete CodeDeploy procedures in the AWS GovCloud (US).

CodeDeploy Amazon S3 Resources Bucket

Name of the Amazon S3 bucket containing CodeDeploy files:


CodeDeploy Amazon S3 Bucket ARN

ARN of the Amazon S3 bucket containing CodeDeploy files:


wget Download Command

wget command for downloading the CodeDeploy agent on Linux and Ubuntu instances:


Sample Application Locations

Location of sample CodeDeploy applications:

  • Amazon Linux, Red Hat Enterprise Linux, and Ubuntu Server instances:
  • Windows Server instances:

AWS CloudFormation Template Location

Location of AWS CloudFormation template for launching Amazon EC2 instance configured for CodeDeploy deployments:

Links for downloading CodeDeploy installer and updater for Windows Server instances:

  • Installer:
  • Updater:

For more information about AWS CodeDeploy, see the AWS CodeDeploy documentation.

ITAR Boundary

AWS GovCloud (US) has an ITAR boundary, which defines where customers are allowed to store ITAR-controlled data for this service in AWS GovCloud (US) Regions. To maintain ITAR compliance, you must place ITAR-controlled data on the applicable part of the ITAR boundary. If you do not have any ITAR-controlled data in AWS GovCloud (US) Regions, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted ITAR-Regulated Data Not Permitted

All deployments, including your application revision, managed in AWS CodeDeploy support ITAR-regulated data.

The following CodeDeploy metadata fields are not permitted to contain ITAR-regulated data:

Application Details:

  • Name

Deployment Groups:

  • Deployment group name

  • Service Role name

  • EC2 Auto Scaling group names

  • EC2 instance tag key

  • EC2 instance tag group name

  • On-premise Instances tag key

  • On-premise Instances tag group

  • Load Balancer ALB target group

  • Load Balancer NLB target group

  • Deployment trigger name

  • Deployment trigger SNS Topic

  • Deployment CloudWatch alarms

Deployment Configuration:

  • Deployment configuration name

  • Deployment description