Skip to main content
In this lesson, we begin the deployment phase of our CI/CD pipeline using AWS services—EC2, S3, and Lambda. You’ll see how to prepare your AWS environment, install necessary Jenkins plugins, and configure both AWS and SSH credentials to automate deployments.

Reviewing the EC2 Instance

Navigate to the EC2 Instances dashboard in the AWS Console. You should see a single instance named dev-deploy in the running state.
The image shows an AWS EC2 console with details of a running instance named "dev-deploy," including its instance ID, public and private IP addresses, and instance type (t2.micro).
This VM already has Docker installed. To verify, SSH into the instance and run: 
sudo docker ps

CONTAINER ID   IMAGE                                                   NAMES
f0f9299ee8fe   siddharth67/solar-system:7d1e24920bd455706b179c6724d5566d797634   solar-system
0.0.0.0:3000->3000/tcp
We’ll use this EC2 host to deploy our feature-branch Docker images.

Setting Up AWS IAM Credentials

Create an IAM user (jenkins-user) with full access to EC2, S3, and Lambda. Attach these managed policies:
Policy NameServiceAccess Level
AmazonEC2FullAccessEC2Full
AmazonS3FullAccessS3Full
AWSLambda_FullAccessLambdaFull
The image shows an AWS Identity and Access Management (IAM) console screen, displaying user details and permissions policies for a user named "jenkins-user," with policies like AmazonEC2FullAccess, AmazonS3FullAccess, and AWSLambda_FullAccess attached.
Once created, AWS will display the Access Key ID and Secret Access Key.
The image shows an AWS Identity and Access Management (IAM) console, specifically the security credentials section for a user, displaying details like console sign-in, multi-factor authentication, and access keys.
Keep your Access Key ID and Secret Access Key safe—do not commit them to source control.
Finally, review your user details to confirm MFA and key status:
The image shows an AWS Identity and Access Management (IAM) console page, displaying details for a user, including multi-factor authentication settings and an active access key.

Installing the AWS Steps Plugin in Jenkins

To enable AWS API calls in your pipelines, install the Pipeline: AWS Steps plugin:
  1. In Jenkins, go to Manage JenkinsManage PluginsAvailable.
  2. Search for Pipeline: AWS Steps, select it, and click Install without restart.
  3. Restart Jenkins when prompted.
The image shows a webpage from Jenkins, detailing features of a plugin that adds pipeline steps to interact with AWS's API. It includes a list of features and links to related resources.
Here are a few example steps you can use in your Jenkinsfile:
StepDescriptionExample
s3DoesObjectExistCheck if an object exists in a bucketexists = s3DoesObjectExist(bucket: 'my-bucket', path: 'file.txt')
s3FindFilesList files in an S3 bucketfiles = s3FindFiles(bucket: 'my-bucket', glob: 'path/to/*.ext')
After plugin installation, always restart Jenkins to load new pipeline steps.

Configuring AWS Credentials in Jenkins

Next, store your IAM keys in Jenkins:
  1. Go to Manage JenkinsManage Credentials(global)Add Credentials.
  2. Select Kind: AWS Credentials.
  3. Enter an ID (e.g., aws-s3-ec2-lambda), paste your Access Key ID and Secret Access Key, then save.
The image shows a Jenkins interface where AWS credentials are being configured, including fields for an Access Key ID and a Secret Access Key.
Jenkins will validate these credentials automatically:
The image shows a Jenkins interface displaying AWS credentials, including an Access Key ID and a concealed Secret Access Key, with a note about access to six availability zones.

Adding SSH Credentials for EC2

To deploy Docker images over SSH, install the SSH Agent plugin:
  1. Go to Manage JenkinsManage PluginsAvailable.
  2. Search for SSH Agent and install.
Then add your EC2 key:
  1. Navigate to Manage JenkinsManage Credentials(global)Add Credentials.
  2. Choose SSH Username with private key.
  3. Specify an ID (e.g., aws-devops-deploy-ec2), Username (ubuntu), and paste your private key.
  4. Save.
The image shows a Jenkins interface for adding new credentials, with a dropdown menu displaying options like "Username with password" and "SSH Username with private key."
The image shows a Jenkins interface for managing global credentials, specifically for adding an SSH username with a private key. The fields include ID, description, username, and options for entering a private key and passphrase.
With AWS Steps and SSH Agent plugins installed, AWS IAM and SSH credentials configured, you’re ready to add a pipeline stage that connects to your EC2 instance and deploys Docker images.

Watch Video