Tutorial: Deploy a serverless application (original) (raw)

In this tutorial, you learn how to build, test, and deploy a serverless application as a CloudFormation stack using a workflow.

The application in this tutorial is a simple web application that outputs a 'Hello World' message. It consists of an AWS Lambda function and an Amazon API Gateway, and you build it using theAWS Serverless Application Model (AWS SAM), which is an extension of AWS CloudFormation.

Prerequisites

Before you begin:

You need a CodeCatalyst space with a connected AWS account. For more information, see Creating a space.
In your space, you need an empty project called:

codecatalyst-cfn-project

Use the Start from scratch option to create this project.
For more information, see Creating an empty project in Amazon CodeCatalyst.

In your project, you need a CodeCatalyst environment called:

codecatalyst-cfn-environment

Configure this environment as follows:

Choose any type, such as Non-production.
Connect your AWS account to it.
For the Default IAM role, choose any role. You'll specify a different role later.
For more information, see Deploying into AWS accounts and VPCs.

Step 1: Create a source repository

In this step, you create a source repository in CodeCatalyst. This repository is used to store the tutorial's source files, such as the Lambda function file.

For more information about source repositories, see Creating a source repository.

To create a source repository

In CodeCatalyst, in the navigation pane, choose Code, and then chooseSource repositories.
Choose Add repository, and then choose Create repository.
In Repository name, enter:

codecatalyst-cfn-source-repository

Choose Create.

You have now created a repository calledcodecatalyst-cfn-source-repository.

Step 2: Create AWS roles

In this step, you create the following AWS IAM roles:

Deploy role – Grants the CodeCatalyst Deploy AWS CloudFormation stack action permission to access your AWS account and CloudFormation service where you’ll deploy your serverless application. The Deploy AWS CloudFormation stack action is part of your workflow.
Build role – Grants the CodeCatalyst build action permission to access your AWS account and write to Amazon S3 where your serverless application package will be stored. The build action is part of your workflow.
Stack role – Grants CloudFormation permission to read and modify the resources specified in the AWS SAM template that you will provide later. Also grants permission to CloudWatch.

For more information about IAM roles, see IAM roles in the AWS Identity and Access Management User Guide.

Note

To save time, you can create a single role, called the CodeCatalystWorkflowDevelopmentRole-`spaceName` role, instead of the three roles listed previously. For more information, see Creating the CodeCatalystWorkflowDevelopmentRole-spaceName role for your account and space. Understand that the CodeCatalystWorkflowDevelopmentRole-`spaceName` role has very broad permissions that may pose a security risk. We recommend that you only use this role in tutorials and scenarios where security is less of a concern. This tutorial assumes you are creating the three roles listed previously.

Note

A Lambda execution role is also required, but you don't need to create it now because the sam-template.yml file creates it for you when you run the workflow in step 5.

To create a deploy role

Create a policy for the role, as follows:

Sign in to AWS.
Open the IAM console athttps://console.aws.amazon.com/iam/.
In the navigation pane, choose Policies.
Choose Create policy.
Choose the JSON tab.
Delete the existing code.
Paste the following code:

{  
    "Version": "2012-10-17",  
    "Statement": [{  
    "Action": [  
        "cloudformation:CreateStack",  
        "cloudformation:DeleteStack",  
        "cloudformation:Describe*",  
        "cloudformation:UpdateStack",  
        "cloudformation:CreateChangeSet",  
        "cloudformation:DeleteChangeSet",  
        "cloudformation:ExecuteChangeSet",  
        "cloudformation:SetStackPolicy",  
        "cloudformation:ValidateTemplate",  
        "cloudformation:List*",  
        "iam:PassRole"  
    ],  
    "Resource": "*",  
    "Effect": "Allow"  
}]  
}

Note

The first time the role is used to run workflow actions, use the wildcard in the resource policy statement and then scope down the policy with the resource name after it is available.

"Resource": "*"

Choose Next: Tags.
Choose Next: Review.
In Name, enter:

codecatalyst-deploy-policy

Choose Create policy.
You have now created a permissions policy.

Create the deploy role, as follows:

In the navigation pane, choose Roles, and then chooseCreate role.
Choose Custom trust policy.
Delete the existing custom trust policy.
Add the following custom trust policy:

{  
    "Version": "2012-10-17",  
    "Statement": [  
        {  
            "Sid": "",  
            "Effect": "Allow",  
            "Principal": {  
                "Service":  [  
                   "codecatalyst-runner.amazonaws.com",  
                   "codecatalyst.amazonaws.com"  
                 ]  
            },  
            "Action": "sts:AssumeRole"  
        }  
    ]  
}

Choose Next.
In Permissions policies, search for codecatalyst-deploy-policy and select its check box.
Choose Next.
For Role name, enter:

codecatalyst-deploy-role

For Role description, enter:

CodeCatalyst deploy role

Choose Create role.
You have now created a deploy role with a trust policy and permissions policy.

Obtain the deploy role ARN, as follows:
1. In the navigation pane, choose Roles.
2. In the search box, enter the name of the role you just created (codecatalyst-deploy-role).
3. Choose the role from the list.
  The role's Summary page appears.
4. At the top, copy the ARN value.
  You have now created the deploy role with the appropriate permissions, and obtained its ARN.

To create a build role

Create a policy for the role, as follows:
1. Sign in to AWS.
2. Open the IAM console athttps://console.aws.amazon.com/iam/.
3. In the navigation pane, choose Policies.
4. Choose Create policy.
5. Choose the JSON tab.
6. Delete the existing code.
7. Paste the following code:
```
{  
    "Version": "2012-10-17",  
    "Statement": [{  
    "Action": [  
        "s3:PutObject",  
        "iam:PassRole"  
    ],  
    "Resource": "*",  
    "Effect": "Allow"  
}]  
}  
```
Note
The first time the role is used to run workflow actions, use the wildcard in the resource policy statement and then scope down the policy with the resource name after it is available.
```
"Resource": "*"  
```
1. Choose Next: Tags.
2. Choose Next: Review.
3. In Name, enter:
```
codecatalyst-build-policy  
```
1. Choose Create policy.
  You have now created a permissions policy.

Create the build role, as follows:

In the navigation pane, choose Roles, and then chooseCreate role.
Choose Custom trust policy.
Delete the existing custom trust policy.
Add the following custom trust policy:

{  
    "Version": "2012-10-17",  
    "Statement": [  
        {  
            "Sid": "",  
            "Effect": "Allow",  
            "Principal": {  
                "Service":  [  
                   "codecatalyst-runner.amazonaws.com",  
                   "codecatalyst.amazonaws.com"  
                 ]  
            },  
            "Action": "sts:AssumeRole"  
        }  
    ]  
}

Choose Next.
In Permissions policies, search forcodecatalyst-build-policy and select its check box.
Choose Next.
For Role name, enter:

codecatalyst-build-role

For Role description, enter:

CodeCatalyst build role

Choose Create role.
You have now created a build role with a trust policy and permissions policy.

Obtain the build role ARN, as follows:
1. In the navigation pane, choose Roles.
2. In the search box, enter the name of the role you just created (codecatalyst-build-role).
3. Choose the role from the list.
  The role's Summary page appears.
4. At the top, copy the ARN value.
  You have now created the build role with the appropriate permissions, and obtained its ARN.

To create a stack role

Sign in to AWS using the account where you want to deploy your stack.
Open the IAM console athttps://console.aws.amazon.com/iam/.
Create the stack role as follows:
1. In the navigation pane, choose Roles.
2. Choose Create role.
3. Choose AWS service.
4. In the Use case section, chooseCloudFormation from the drop-down list.
5. Select the CloudFormation radio button.
6. At the bottom, choose Next.
7. Using the search box, find the following permissions policies, and then select their respective check boxes.
Note
If you search for a policy and it doesn't appear, make sure to chooseClear filters and try again.
* CloudWatchFullAccess
* AWSCloudFormationFullAccess
* IAMFullAccess
* AWSLambda_FullAccess
* AmazonAPIGatewayAdministrator
* AmazonS3FullAccess
* AmazonEC2ContainerRegistryFullAccess
The first policy allows access to CloudWatch to enable stack rollbacks when an alarm occurs.
The remaining policies allow AWS SAM to access the services and resources in the stack that will be deployed in this tutorial. For more information, see Permissions in the AWS Serverless Application Model Developer Guide.
8. Choose Next.
9. For Role name, enter:
```
codecatalyst-stack-role  
```
1. Choose Create role.
Obtain the stack role's ARN, as follows:
1. In the navigation pane, choose Roles.
2. In the search box, enter the name of the role you just created (codecatalyst-stack-role).
3. Choose the role from the list.
4. In the Summary section, copy the ARN value. You need it later.
  You have now created the stack role with the appropriate permissions, and you have obtained its ARN.

Step 3: Add AWS roles to CodeCatalyst

In this step, you add the build role (codecatalyst-build-role) and deploy role (codecatalyst-deploy-role) to the CodeCatalyst account connection in your space.

Note

You don't need to add the stack role (codecatalyst-stack-role) to the connection. This is because the stack role is used by CloudFormation (not CodeCatalyst), after a connection is already established between CodeCatalyst and AWS using the deploy role. Since the stack role is not used by CodeCatalyst to gain access to AWS, it does not need to be associated with an account connection.

To add build and deploy roles to your account connection

In CodeCatalyst, navigate to your space.
Choose AWS accounts. A list of account connections appears.
Choose the account connection that represents the AWS account where you created your build and deploy roles.
Choose Manage roles from AWS management console.
The Add IAM role to Amazon CodeCatalyst space page appears. You might need to sign in to access the page.
Select Add an existing role you have created in IAM.
A drop-down list appears. The list displays all IAM roles with a trust policy that includes the codecatalyst-runner.amazonaws.com andcodecatalyst.amazonaws.com service principals.
In the drop-down list, choose codecatalyst-build-role, and chooseAdd role.
Choose Add IAM role, choose Add an existing role you have created in IAM, and in the drop-down list, choosecodecatalyst-deploy-role. Choose Add role.
You have now added the build and deploy roles to your space.
Copy the value of the Amazon CodeCatalyst display name. You'll need this value later, when creating your workflow.

Step 4: Create an Amazon S3 bucket

In this step, you create an Amazon S3 bucket where you store your serverless application's deployment package .zip file.

To create an Amazon S3 bucket

Open the Amazon S3 console athttps://console.aws.amazon.com/s3/.
In the main pane, choose Create bucket.
For Bucket name, enter:

codecatalyst-cfn-s3-bucket

For AWS Region, choose a Region. This tutorial assumes you chose US West (Oregon) us-west-2. For information about Regions supported by Amazon S3, see Amazon Simple Storage Service endpoints and quotas in the AWS General Reference.
At the bottom of the page, choose Create bucket.

You have now created a bucket called codecatalyst-cfn-s3-bucket in the US West (Oregon) us-west-2 Region.

Step 5: Add source files

In this step, you add several application source files to your CodeCatalyst source repository. The hello-world folder contains the application files that you'll deploy. The tests folder contains unit tests. The folder structure is as follows:

.
|— hello-world
|  |— tests
|     |— unit
|        |— test-handler.js
|  |— app.js
|— .npmignore
|— package.json
|— sam-template.yml
|— setup-sam.sh

.npmignore file

The .npmignore file indicates which files and folders npm should exclude from the application package. In this tutorial, npm excludes thetests folder because it is not part of the application.

To add the .npmignore file

Open the CodeCatalyst console at https://codecatalyst.aws/.
Choose your project, codecatalyst-cfn-project
In the navigation pane, choose Code, and then chooseSource repositories.
From the list of source repositories, choose your repository,codecatalyst-cfn-source-repository.
In Files, choose Create file.
For File name, enter:

.npmignore

In the text box, enter the following code:

tests/*

Choose Commit, and then choose Commit again.
You have now created a file called .npmignore in the root of your repository.

package.json file

The package.json file contains important metadata about your Node project such as the project name, version number, description, dependencies, and other details that describe how to interact with and run your application.

The package.json in this tutorial includes a list of dependencies and a test script. The test script does the following:

Using mocha, the test script runs the unit tests specified in hello-world/tests/unit/ and writes the results to a junit.xml file using the xunit reporter.
Using Istanbul (nyc), the test script generates a code coverage report (clover.xml) using the clover reporter. For more information, see Using alternative reporters in the Istanbul documentation.

To add the package.json file

In your repository, in Files, choose Create file.
For File name, enter:

package.json

In the text box, enter the following code:

{  
  "name": "hello_world",  
  "version": "1.0.0",  
  "description": "hello world sample for NodeJS",  
  "main": "app.js",  
  "repository": "https://github.com/awslabs/aws-sam-cli/tree/develop/samcli/local/init/templates/cookiecutter-aws-sam-hello-nodejs",  
  "author": "SAM CLI",  
  "license": "MIT",  
  "dependencies": {  
    "axios": "^0.21.1",  
    "nyc": "^15.1.0"  
  },  
  "scripts": {  
    "test": "nyc --reporter=clover mocha hello-world/tests/unit/ --reporter xunit --reporter-option output=junit.xml"  
  },  
  "devDependencies": {  
    "aws-sdk": "^2.815.0",  
    "chai": "^4.2.0",  
    "mocha": "^8.2.1"  
  }  
}

Choose Commit, and then choose Commit again.
You have now added a file called package.json to the root of the repository.

sam-template.yml file

The sam-template.yml file contains the instructions for deploying the Lambda function and API Gateway and configuring them together. It follows the AWS Serverless Application Model template specification, which extends the AWS CloudFormation template specification.

You use an AWS SAM template in this tutorial instead of a regular AWS CloudFormation template because AWS SAM offers a helpful AWS::Serverless::Function resource type. This type performs much behind-the-scenes configuration that you normally have to write out to use the basic CloudFormation syntax. For example, the AWS::Serverless::Function creates a Lambda function, Lambda execution role, and event source mappings that start the function. You have to code all of this if you want to write it using basic CloudFormation.

Although this tutorial uses a pre-written template, you can generate one as part of your workflow using a build action. For more information, see Deploying an AWS CloudFormation stack.

To add the sam-template.yml file

In your repository, in Files, choose Create file.
For File name, enter:

sam-template.yml

In the text box, enter the following code:

AWSTemplateFormatVersion: '2010-09-09'  
Transform: AWS::Serverless-2016-10-31  
Description: >  
  serverless-api  
  Sample SAM Template for serverless-api  
    
# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst  
Globals:  
  Function:  
    Timeout: 3  
Resources:  
  HelloWorldFunction:  
    Type: AWS::Serverless::Function # For details on this resource type, see https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction  
    Properties:  
      CodeUri: hello-world/  
      Handler: app.lambdaHandler  
      Runtime: nodejs12.x  
      Events:  
        HelloWorld:  
          Type: Api # For details on this event source type, see https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api  
          Properties:  
            Path: /hello  
            Method: get  
Outputs:  
  # ServerlessRestApi is an implicit API created out of the events key under Serverless::Function  
  # Find out about other implicit resources you can reference within AWS SAM at  
  # https://github.com/awslabs/serverless-application-model/blob/master/docs/internals/generated_resources.rst#api  
  HelloWorldApi:  
    Description: "API Gateway endpoint URL for the Hello World function"  
    Value: !Sub "https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/hello/"  
  HelloWorldFunction:  
    Description: "Hello World Lambda function ARN"  
    Value: !GetAtt HelloWorldFunction.Arn  
  HelloWorldFunctionIamRole:  
    Description: "Implicit Lambda execution role created for the Hello World function"  
    Value: !GetAtt HelloWorldFunctionRole.Arn

Choose Commit, and then choose Commit again.
You have now added a file called sam-template.yml under the root folder of your repository.

setup-sam.sh file

The setup-sam.sh file contains the instructions for downloading and installing the AWS SAM CLI utility. The workflow uses this utility to package thehello-world source.

To add the setup-sam.sh file

In your repository, in Files, choose Create file.
For File name, enter:

setup-sam.sh

In the text box, enter the following code:

#!/usr/bin/env bash  
echo "Setting up sam"  
yum install unzip -y  
curl -LO https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip  
unzip -qq aws-sam-cli-linux-x86_64.zip -d sam-installation-directory  
./sam-installation-directory/install; export AWS_DEFAULT_REGION=us-west-2

In the preceding code, replace us-west-2 with your AWS Region. 4. Choose Commit, and then choose Commit again.
You have now added a file called setup-sam.sh to the root of the repository.

app.js file

The app.js contains the Lambda function code. In this tutorial, the code returns the text hello world.

To add the app.js file

In your repository, in Files, choose Create file.
For File name, enter:

hello-world/app.js

In the text box, enter the following code:

// const axios = require('axios')  
// const url = 'http://checkip.amazonaws.com/';  
let response;  
/**  
 *  
 * Event doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html#api-gateway-simple-proxy-for-lambda-input-format  
 * @param {Object} event - API Gateway Lambda Proxy Input Format  
 *  
 * Context doc: https://docs.aws.amazon.com/lambda/latest/dg/nodejs-prog-model-context.html  
 * @param {Object} context  
 *  
 * Return doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html  
 * @returns {Object} object - API Gateway Lambda Proxy Output Format  
 *  
 */  
exports.lambdaHandler = async (event, context) => {  
    try {  
        // const ret = await axios(url);  
        response = {  
            'statusCode': 200,  
            'body': JSON.stringify({  
                message: 'hello world',  
                // location: ret.data.trim()  
            })  
        }  
    } catch (err) {  
        console.log(err);  
        return err;  
    }  
    return response  
};

Choose Commit, and then choose Commit again.
You have now created a folder called hello-world and a file called app.js.

test-handler.js file

The test-handler.js file contains unit tests for the Lambda function.

To add the test-handler.js file

In your repository, in Files, choose Create file.
For File name, enter:

hello-world/tests/unit/test-handler.js

In the text box, enter the following code:

'use strict';  
const app = require('../../app.js');  
const chai = require('chai');  
const expect = chai.expect;  
var event, context;  
describe('Tests index', function () {  
    it('verifies successful response', async () => {  
        const result = await app.lambdaHandler(event, context)  
        expect(result).to.be.an('object');  
        expect(result.statusCode).to.equal(200);  
        expect(result.body).to.be.an('string');  
        let response = JSON.parse(result.body);  
        expect(response).to.be.an('object');  
        expect(response.message).to.be.equal("hello world");  
        // expect(response.location).to.be.an("string");  
    });  
});

Choose Commit, and then choose Commit again.
You have now added a file called test-handler.js under thehello-world/tests/unit folder.

You have now added all your source files.

Take a moment to double-check your work and make sure you placed all the files in the correct folders. The folder structure is as follows:

.
|— hello-world
|  |— tests
|     |— unit
|        |— test-handler.js
|  |— app.js
|— .npmignore
|— README.md
|— package.json
|— sam-template.yml
|— setup-sam.sh

Step 6: Create and run a workflow

In this step, you create a workflow that packages your Lambda source code and deploys it. The workflow consists of the following building blocks that run sequentially:

A trigger – This trigger starts the workflow run automatically when you push a change to your source repository. For more information about triggers, see Starting a workflow run automatically using triggers.
A test action (Test) – On trigger, this action installs Node package manager (npm), and then runs thenpm run test command. This command tells npm to run the test script defined in the package.json file. The test script, in turn, runs the unit tests and generates two reports: a test report (junit.xml) and a code coverage report (clover.xml). For more information, see package.json file.
Next, the test action transforms the XML reports into CodeCatalyst reports and displays them in the CodeCatalyst console, under the Reports tab of the test action.
For more information about the test action, see Testing with workflows.
A build action (BuildBackend) – On completion of the test action, the build action downloads and installs the AWS SAM CLI, packages thehello-world source, and copies the package to your Amazon S3 bucket, where the Lambda service expects it to be. The action also outputs a new AWS SAM template file called sam-template-packaged.yml and places it in an output artifact called buildArtifact.
For more information about the build action, see Building with workflows.
A deploy action (DeployCloudFormationStack) – On completion of the build action, the deploy action looks for the output artifact generated by the build action (buildArtifact), finds the AWS SAM template inside of it, and then runs the template. The AWS SAM template creates a stack that deploys the serverless application.

To create a workflow

In the navigation pane, choose CI/CD, and then chooseWorkflows.
Choose Create workflow.
For Source repository, choosecodecatalyst-cfn-source-repository.
For Branch, choose main.
Choose Create.
Delete the YAML sample code.
Add the following YAML code:

Note

In the YAML code that follows, you can omit the Connections: sections if you want. If you omit these sections, you must ensure that the role specified in theDefault IAM role field in your environment includes the permissions and trust policies of both roles described in Step 2: Create AWS roles. For more information about setting up an environment with a default IAM role, seeCreating an environment.

Name: codecatalyst-cfn-workflow  
SchemaVersion: 1.0  
Triggers:  
  - Type: PUSH  
    Branches:  
      - main  
Actions:  
  Test:  
    Identifier: aws/managed-test@v1  
    Inputs:  
      Sources:  
        - WorkflowSource  
    Outputs:  
      Reports:  
        CoverageReport:  
          Format: CLOVERXML  
          IncludePaths:  
            - "coverage/*"  
        TestReport:  
          Format: JUNITXML  
          IncludePaths:  
            - junit.xml  
    Configuration:  
      Steps:  
        - Run: npm install  
        - Run: npm run test  
  BuildBackend:  
    Identifier: aws/build@v1  
    DependsOn:  
      - Test  
    Environment:  
      Name: codecatalyst-cfn-environment  
      Connections:  
        - Name: codecatalyst-account-connection  
          Role: codecatalyst-build-role  
    Inputs:  
      Sources:  
        - WorkflowSource  
    Configuration:  
      Steps:  
        - Run: . ./setup-sam.sh  
        - Run: sam package --template-file sam-template.yml --s3-bucket codecatalyst-cfn-s3-bucket --output-template-file sam-template-packaged.yml --region us-west-2  
    Outputs:  
      Artifacts:  
        - Name: buildArtifact  
          Files:  
            - "**/*"  
  DeployCloudFormationStack:  
    Identifier: aws/cfn-deploy@v1  
    DependsOn:  
      - BuildBackend  
    Environment:  
      Name: codecatalyst-cfn-environment  
      Connections:  
        - Name: codecatalyst-account-connection  
          Role: codecatalyst-deploy-role  
    Inputs:  
      Artifacts:  
        - buildArtifact  
      Sources: []  
    Configuration:  
      name: codecatalyst-cfn-stack  
      region: us-west-2  
      role-arn: arn:aws:iam::111122223333:role/StackRole  
      template: ./sam-template-packaged.yml  
      capabilities: CAPABILITY_IAM,CAPABILITY_AUTO_EXPAND

In the preceding code, replace:

Both instances of codecatalyst-cfn-environment with the name of your environment.
Both instances of codecatalyst-account-connection with the display name of your account connection. The display name might be a number. For more information, see Step 3: Add AWS roles to CodeCatalyst.
codecatalyst-build-role with the name of the build role that you created in Step 2: Create AWS roles.
codecatalyst-cfn-s3-bucket with the name of the Amazon S3 bucket you created in Step 4: Create an Amazon S3 bucket.
Both instances of us-west-2 with the Region where your Amazon S3 bucket resides (first instance) and where your stack will be deployed (second instance). These Regions can be different. This tutorial assumes that both Regions are set to us-west-2. For details about Regions supported by Amazon S3 and AWS CloudFormation, see Service endpoints and quotas in the_AWS General Reference_.
codecatalyst-deploy-role with the name of the deploy role that you created in Step 2: Create AWS roles.
codecatalyst-cfn-environment with the name of the environment that you created in Prerequisites.
arn:aws:iam::111122223333:role/StackRole with the Amazon Resource Name (ARN) of the stack role that you created in Step 2: Create AWS roles.

Note

If you decided not to create build, deploy, and stack roles, replacecodecatalyst-build-role,codecatalyst-deploy-role, andarn:aws:iam::111122223333:role/StackRole with the name or ARN of the CodeCatalystWorkflowDevelopmentRole-`spaceName` role. For more information about this role, see Step 2: Create AWS roles.
For information about the properties in the code shown previously, see the 'Deploy AWS CloudFormation stack' action YAML. 8. (Optional) Choose Validate to make sure the YAML code is valid before committing. 9. Choose Commit. 10. On the Commit workflow dialog box, enter the following:

For Workflow file name, keep the default,codecatalyst-cfn-workflow.
For Commit message, enter:

add initial workflow file

For Repository, choosecodecatalyst-cfn-source-repository.
For Branch name, choose main.
Choose Commit.
You have now created a workflow. A workflow run starts automatically because of the trigger defined at the top of the workflow. Specifically, when you committed (and pushed) the codecatalyst-cfn-workflow.yaml file to your source repository, the trigger started the workflow run.

To view the workflow run in progress

In the navigation pane, choose CI/CD, and then chooseWorkflows.
Choose the workflow you just created:codecatalyst-cfn-workflow.
Choose the Runs tab.
In the Run ID column, choose the run ID.
Choose Test to see the tests progress.
Choose BuildBackend to see the build progress.
Choose DeployCloudFormationStack to see the deployment progress.
For more information about viewing run details, see Viewing workflow run status and details.
When the DeployCloudFormationStack action finishes, do the following:
- If the workflow run succeeded, go to the next procedure.
- If the workflow run failed on the Test orBuildBackend action, choose Logs to troubleshoot the issue.
- If the workflow run failed on the DeployCloudFormationStack action, choose the deploy action, and then choose the Summary tab. Scroll to the CloudFormation events section to view the detailed error message. If a rollback occurred, delete thecodecatalyst-cfn-stack stack through the AWS CloudFormation console in AWS before re-running the workflow.

To verify the deployment

After a successful deployment, choose Variables (7) from the horizontal menu bar near the top. (Do not choose Variables in the pane on the right.)
Next to HelloWorldApi, paste the https:// URL into a browser.
A hello world JSON message from the Lambda function is displayed, indicating that the workflow deployed and configured the Lambda function and API Gateway successfully.

To verify unit test results and code coverage

In the workflow diagram, choose Test, and then chooseReports.
Choose TestReport to view the unit test results, or chooseCoverageReport to view the code coverage details of the files being tested, in this case, app.js andtest-handler.js.

To verify deployed resources

Sign in to the AWS Management Console and open the API Gateway console athttps://console.aws.amazon.com/apigateway/.
Observe the codecatalyst-cfn-stack API that the AWS SAM template created. The API name comes from the Configuration/name value in the workflow definition file (codecatalyst-cfn-workflow.yaml).
Open the AWS Lambda console athttps://console.aws.amazon.com/lambda/.
In the navigation pane, choose Functions.
Choose your Lambda function,codecatalyst-cfn-stack-HelloWorldFunction-`string`.
You can see how the API Gateway is a trigger for the function. This integration was automatically configured by the AWS SAM AWS::Serverless::Function resource type.

Step 7: Make a change

In this step, you make a change to your Lambda source code and commit it. This commit starts a new workflow run. This run deploys the new Lambda function in a blue-green scheme that uses the default traffic shifting configuration specified in the Lambda console.

To make a change to your Lambda source

In CodeCatalyst, navigate to your project.
In the navigation pane, choose Code, and then chooseSource repositories.
Choose your source repositorycodecatalyst-cfn-source-repository.
Change the application file:
1. Choose the hello-world folder.
2. Choose the app.js file.
3. Choose Edit.
4. On line 23, change hello world to Tutorial complete!.
5. Choose Commit, and then choose Commit again.
  The commit causes a workflow run to start. This run will fail because you haven't updated the unit tests to reflect the name change.
Update the unit tests:
1. Choose hello-world\tests\unit\test-handler.js.
2. Choose Edit.
3. On line 19, change hello world to Tutorial complete!.
4. Choose Commit, and then choose Commit again.
  The commit causes another workflow run to start. This run will succeed.
In the navigation pane, choose CI/CD, and then chooseWorkflows.
Choose codecatalyst-cfn-workflow, and then chooseRuns.
Choose the run ID of the latest run. It should still be in progress.
Choose Test, BuildBackend, andDeployCloudFormationStack to see the workflow run progress.
When the workflow finishes, choose Variables (7) near the top.
Next to HelloWorldApi, paste the https:// URL into a browser.
A Tutorial complete! message appears in the browser, indicating that your new application was deployed successfully.

Clean up

Clean up the files and services used in this tutorial to avoid being charged for them.

To clean up in the CodeCatalyst console

Open the CodeCatalyst console at https://codecatalyst.aws/.
Delete codecatalyst-cfn-workflow.
Delete codecatalyst-cfn-environment.
Delete codecatalyst-cfn-source-repository.
Delete codecatalyst-cfn-project.

To clean up in the AWS Management Console

Clean up in CloudFormation, as follows:
1. Open the AWS CloudFormation console athttps://console.aws.amazon.com/cloudformation.
2. Delete the codecatalyst-cfn-stack.
  Deleting the stack removes all tutorial resources from the API Gateway and Lambda services.
Clean up in Amazon S3, as follows:
1. Open the Amazon S3 console athttps://console.aws.amazon.com/s3/.
2. Choose the codecatalyst-cfn-s3-bucket.
3. Delete the bucket contents.
4. Delete the bucket.
Clean up in IAM, as follows:
1. Open the IAM console athttps://console.aws.amazon.com/iam/.
2. Delete the codecatalyst-deploy-policy.
3. Delete the codecatalyst-build-policy.
4. Delete the codecatalyst-stack-policy.
5. Delete the codecatalyst-deploy-role.
6. Delete the codecatalyst-build-role.
7. Delete the codecatalyst-stack-role.

In this tutorial, you learned how to deploy a serverless application as a CloudFormation stack using a CodeCatalyst workflow and a Deploy AWS CloudFormation stack action.