I'm looking for the safest method to deploy my GitHub repository to an EC2 instance. I want to avoid leaving my Security Group open to everyone with SSH access (like 0.0.0.0). Should I consider using AWS S3 in combination with CodeDeploy for this?
3 Answers
Are you using EC2 for building your projects or just to host the GitHub repo? If it's the latter, you can set up AWS CodeBuild to trigger on a GitHub push. This allows the repo to be accessible on the CodeBuild instance, which makes deploying straightforward. Check out the AWS documentation on CodeBuild and GitHub for more info!
Absolutely, using CodeDeploy is probably your best bet here. It'll help you manage deployments while keeping your Security Group more secure.
I totally agree, CodeDeploy seems like the right choice for this scenario.
If you’re new to this, have you considered using a self-hosted GitHub runner? It pulls the latest code from your specified branch and you can use a tool like robocopy to transfer files where needed. Just note that this requires installing the runner on your EC2 instance, and it might not be the best solution if you're scaling across multiple servers.
That's helpful! I didn't know CodeBuild could interact directly with GitHub like that.