Sean Feeney
Architect of the digital age

A CodePipeline for cross-account CloudFormation deployment

10 September 2017

A best practice for modern application hosting is to run identical non-prod and prod environments. The prod environment should be locked down so that no manual changes can occur to it, reinforcing another best practice of making all infrastructure changes through code and promoting through a pipeline.

One AWS-native approach is to use CodePipeline for your infrastructure pipeline, CloudFormation (CFN) for your Infrastructure as Code, and CodeCommit as the git repo for this code. Doing so within the same account (such as across VPC) is trivial, but doing so across accounts requires some un(der)documented maneuvers. An example of this, using YAML CFN, is available on my GitHub.

Posted in amazon, cloud, cloud computing, code, DevOps

You agree to my disclaimer, regardless of the decision in Nguyen v. B&N.




I Love Geni