Perform a canary-based deployment using the blue/green strategy and AWS Lambda - AWS Prescriptive Guidance

Perform a canary-based deployment using the blue/green strategy and AWS Lambda

Created by Raju Banerjee (AWS)

Created by: AWS

Environment: PoC or pilot

Technologies: DevOps

AWS services: AWS CodeDeploy; AWS Lambda


This pattern guides you through the steps to set up a canary-based blue/green deployment using AWS CodeDeploy. CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon Elastic Compute Cloud (Amazon EC2), AWS Lambda, and your on-premises servers. Manually deploying applications to servers can take a long time and often results in errors that lead to downtime.

The purpose of a canary deployment is to reduce the risk of deploying a new version that impacts the workload. The method covered by this pattern incrementally deploys the new version, making it visible to new users in a slow fashion. As you gain confidence in the deployment, you can deploy it to replace the current version in its entirety.

By following this pattern, you can test both old and new application versions. You can use AWS cloud-native tools, with no need to maintain separate tools for deployment and no extra Amazon EC2 machine cost. The pattern supports AWS Identity and Access Management (IAM) authentication and audit features that use AWS CloudTrail to manage user activities.

Prerequisites and limitations


  • An application, with code defined in the AppSpec file

  • An active AWS account

  • A virtual private cloud (VPC)

  • An Amazon EC2 Auto Scaling group

  • A key pair (optional)

  • An IAM role

  • An Amazon Simple Notification Service (Amazon SNS) topic


  • The old version of code will not provide the automatic scaling feature.

  • Cleaning up the old environment will require a separate Lambda function. Or, wait 48 hours, and the environment will be cleaned by default.


Target technology stack

  • Amazon CloudWatch Events

  • IAM

  • Amazon SNS

  • AWS CodeBuild

  • AWS CodeDeploy

  • Amazon EC2

  • Application Load Balancer

  • AWS Lambda

Target architecture

Automation and scale

AWS CloudFormation can be used to automate the infrastructure creation.

Cleanup of the pilot environment can be automated by using a Python (Boto) script and the tags of the environment.



  • AWS CodeBuild – AWS CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy.

  • AWS CodeDeploy – AWS CodeDeploy is a deployment service that automates application deployments to EC2 instances, on-premises instances, serverless Lambda functions, or Amazon Elastic Container Service (Amazon ECS) services. You do not need to make changes to your existing code before you can use CodeDeploy.

  • AWS Lambda – AWS Lambda is a compute service that lets you run code without provisioning or managing servers.

  • AWS SNS – Amazon SNS is a web service that coordinates and manages the delivery or sending of messages to subscribing endpoints or clients. Subscribers, including Lambda functions, consume or receive the message or notification over one of the supported protocols when they are subscribed to the topic.

  • A launch template – A launch template specifies instance configuration information. Included are the ID of the Amazon Machine Image (AMI), the instance type, a key pair, security groups, and the other parameters that you use to launch EC2 instances.


Python code for the Lambda function:

import boto3 client = boto3.client('codedeploy') clientasg = boto3.client('autoscaling') autosg =[]  def lambda_handler(event, context): #Define the code-deploy related parameters here or pass it using lambda parameters.     codedeployappname="pattern-test"     codedeploymentgroup="pattern-testing"     albtargetgrouparn="arn:aws:elasticloadbalancing:us-east-1:************:targetgroup/green-target-group/0614b53e*******"       response = client.list_deployments(         applicationName=codedeployappname,         deploymentGroupName=codedeploymentgroup,         includeOnlyStatuses=[             'Succeeded',         ],     )  #Get the latest deployment event and fetch the id and ignore any autoscale events.     for i in range (len(response['deployments'])):         response3 = client.get_deployment(         deploymentId=(response['deployments'][i])     )         type01=(response3['deploymentInfo']['creator'])         if type01 == 'user':             deploymentinfo=(response['deployments'][i])               response4 = client.get_deployment(deploymentId=response['deployments'][i])             response5 = response4['deploymentInfo']['targetInstances']['autoScalingGroups'][0]             autosg.append(response5)     print (autosg[1])       response = clientasg.attach_load_balancer_target_groups(         AutoScalingGroupName=autosg[1],         TargetGroupARNs=[             albtargetgrouparn,         ]         )


TaskDescriptionSkills required
Create an AMI.

After the deployment of the first version is complete, create an AMI of the EC2 instance.

Cloud Administrator
Create a launch template.

Create a template for setting up the Auto Scaling group for application. The launch template uses the AMI ID of the AMI that you created in the first task. For more information about the commands and steps described in this and other epics, see the "Related resources" section at the end of this pattern.

Cloud Administrator
Set up automatic scaling.

Use the launch template to create the Auto Scaling group.

Cloud Administrator
TaskDescriptionSkills required
Create target groups for the Application Load Balancer.

Create two target groups: a Blue target group and a Green target group.

Cloud Administrator
Create the Application Load Balancer.

To divide traffic equally between the Blue and Green environments, add a forward action to the listener. You can also enable group level stickiness to maintain session. If a target group is sticky, requests routed to it remain on that target group for the duration of the session. The duration of stickiness can be between 1 second and 7 days.

Cloud Administrator
TaskDescriptionSkills required
Create a service role.

If you are configuring CodeDeploy for the first time, you must create an IAM role so that CodeDeploy can assume the role and perform operations.

Cloud Administrator
Create an application

Choose "Deploy" to start creating the application. Provide a name for the application, and choose "EC2/On-premises."

Cloud Adminstrator
Create the deployment group.

On the application page, create the deployment group, using the same name as your application.

Cloud Administrator
Configure the deployment group.

Under “Service role” choose the service role that you created in the first task. Under "Deployment type," choose “Blue/green.” Under "Environment configuration," choose “Automatically copy Amazon EC2 Auto Scaling group." Under "Deployment settings," choose ”Reroute traffic immediately." If your testing time takes more than two days, choose "Keep the original instances in the deployment group running.”

Cloud Administrator
Specify the target group for the Application Load Balancer.

Under "Load balancer," choose the Blue target group that you created.

Cloud Administrator
Configure the deployment trigger.

Expand the "Advanced - optional" section, and choose "Create trigger." Enter a name. In the "Events" field, choose “Deployment succeeds,” and then choose the SNS topic.

Cloud Administrator
TaskDescriptionSkills required
Create a new IAM role.

Create an IAM role that has permissions to update the Auto Scaling group and write logs to CloudWatch.

Cloud Administrator
Create the Lambda function.

Under "Runtime," choose the latest version of Python.

Cloud Administrator
Configure the Lambda function.

Update the function by using the Python code in the "Code" section of this pattern. For the trigger source, use the same SNS topic that you used when configuring the CodeDeploy deployment group.

Cloud Administrator
TaskDescriptionSkills required
Clean up the automatic scaling environment.

Copy the Deployment identifier from the CodeDeploy console and use it to search for the Auto Scaling group that is associated with the identifier. Delete the scaling group to clean up all the EC2 instances that are associated with this setup.

Cloud Administrator
Delete the load balancer and the target groups.Cloud Administrator
Delete the Lambda function.

Delete the Lambda function unless you plan to use it later for another purpose.

Cloud Administrator

Create a load balancer

Configure the Auto Scaling group

Configure CodeDeploy

Additional references