Automation & Tools

Automate Your AWS Deployments with GitHub Actions

2024-08-10

aws github-actions cicd automation

Manual deployments are a liability. Every time someone SSHs into a production server and runs commands by hand, you're one typo away from an outage.

Let's fix that with GitHub Actions.

What We're Building

A CI/CD pipeline that:

  1. Runs tests on every pull request
  2. Builds a Docker image on merge to main
  3. Pushes to Amazon ECR
  4. Deploys to ECS (or App Runner)

Step 1: Configure AWS Credentials

Use OIDC federation instead of long-lived access keys. It's more secure and doesn't require rotating secrets. You'll need an IAM role configured for GitHub Actions.

- name: Configure AWS credentials
  uses: aws-actions/configure-aws-credentials@v4
  with:
    role-to-assume: arn:aws:iam::123456789:role/GitHubActionsRole
    aws-region: us-east-1

Step 2: Build and Push

- name: Login to ECR
  uses: aws-actions/amazon-ecr-login@v2

- name: Build and push
  run: |
    docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$GITHUB_SHA .
    docker push $ECR_REGISTRY/$ECR_REPOSITORY:$GITHUB_SHA

Step 3: Deploy

For App Runner, the deploy happens automatically when a new image lands in ECR — you just need to configure the service to watch for new images.

For ECS, update the task definition with the new image tag and trigger a service update.

The Payoff

Once this is set up, every merge to main results in a production deployment — tested, built, and deployed without anyone touching a terminal.

Your future self will thank you.

Want to learn more about AWS fundamentals? Check out my AWS Essentials book.

// enjoyed this post?

Get the Book More Posts