AWS CodePipeline with AWS OpsWorks Stacks - Chef 11 Stacks - AWS OpsWorks

AWS CodePipeline with AWS OpsWorks Stacks - Chef 11 Stacks


The AWS OpsWorks Stacks service reached end of life on May 26, 2024 and has been disabled for both new and existing customers. We strongly recommend customers migrate their workloads to other solutions as soon as possible. If you have questions about migration, reach out to the AWS Support Team on AWS re:Post or through AWS Premium Support.

AWS CodePipeline lets you create continuous delivery pipelines that track code changes from sources such as CodeCommit, Amazon Simple Storage Service (Amazon S3), or GitHub. The example in this topic describes how to create and use a simple pipeline from CodePipeline as a deployment tool for code that you run on AWS OpsWorks Stacks layers. In this example, you create a pipeline for a simple PHP app, and then instruct AWS OpsWorks Stacks to run the app on all of the instances in a layer in a Chef 11.10 stack (in this case, a single instance).


This topic describes how to use a pipeline to run and update an app on a Chef 11.10 stack. For information about how to use a pipeline to run and update an app on a Chef 12 stack, see AWS CodePipeline with AWS OpsWorks Stacks - Chef 12 Stacks. Content delivered to Amazon S3 buckets might contain customer content. For more information about removing sensitive data, see How Do I Empty an S3 Bucket? or How Do I Delete an S3 Bucket?.


Before you start this walkthrough, be sure that you have administrator permissions to perform all of the following tasks. You can be a member of a group that has the AdministratorAccess policy applied, or you can be a member of a group that has the permissions and policies shown in the following table. As a security best practice, you should belong to a group that has permissions to do the following tasks, instead of assigning required permissions to individual users.

For more information about creating a security group in IAM and assigning permissions to the group, see Creating IAM user groups. For more information about managing AWS OpsWorks Stacks permissions, see Best Practices: Managing Permissions.

Permissions Recommended Policy to Attach to Group

Create and edit stacks, layers, and instances in AWS OpsWorks Stacks.


Create, edit, and run templates in AWS CloudFormation.


Create, edit, and access Amazon S3 buckets.


Create, edit, and run pipelines in CodePipeline, especially pipelines that use AWS OpsWorks Stacks as the provider.


You must also have an Amazon EC2 key pair. You will be prompted to provide the name of this key pair when you run the AWS CloudFormation template that creates the sample stack, layer, and instance in this walkthrough. For more information about obtaining a key pair in the Amazon EC2 console, see Create a Key Pair in the Amazon EC2 documentation. The key pair should be in the US East (N. Virginia) Region. You can use an existing key pair if you already have one in that region.

Other Supported Scenarios

This walkthrough creates a simple pipeline that includes one Source and one Deploy stage. However, you can create more complex pipelines that use AWS OpsWorks Stacks as a provider. The following are examples of supported pipelines and scenarios:

  • You can edit a pipeline to add a Chef cookbook to the Source stage and an associated target for updated cookbooks to the Deploy stage. In this case, you add a Deploy action that triggers the updating of your cookbooks when you make changes to the source. The updated cookbook is deployed before your app.

  • You can create a complex pipeline, with custom cookbooks and multiple apps, and deploy to an AWS OpsWorks Stacks stack. The pipeline tracks changes to both the application and cookbook sources, and redeploys when you have made changes. The following shows an example of a similar, complex pipeline:

For more information about working with CodePipeline, see the CodePipeline documentation.