This chapter covers AWS CodeDeploy's deployment strategies—Blue/Green, Canary, and Linear—which are critical for minimizing downtime and risk when updating applications on EC2, Lambda, or ECS. For the DVA-C02 exam, these strategies appear in roughly 10-15% of questions, often testing your understanding of traffic shifting patterns, rollback behavior, and lifecycle hooks. Mastering these concepts ensures you can design safe, automated deployments that meet availability and compliance requirements.
Jump to a section
Imagine a highway with two lanes: the old lane (current version) and a new lane (new version). You want to move all cars from the old lane to the new lane, but you must avoid causing a traffic jam or accidents. Blue/Green deployment is like instantly closing the old lane and opening the new lane at a specific exit—all cars switch at once. Canary deployment is like opening a small section of the new lane for a few cars first, monitoring their speed, then gradually opening more sections until all cars use the new lane. Linear deployment is like slowly, at a constant rate, shifting the barrier between lanes—each minute, a fixed percentage of cars are forced into the new lane. The key is the traffic controller (CodeDeploy) that monitors the new lane for issues (like potholes) and can instantly revert to the old lane if problems arise. The controller uses a timer (wait time) to decide how long to observe before shifting more traffic. If the new lane fails (e.g., crashes), the controller flips back to the old lane instantly, ensuring no cars are stranded.
What is AWS CodeDeploy and Why These Strategies Matter
AWS CodeDeploy is a fully managed deployment service that automates software deployments to various compute services like Amazon EC2, AWS Lambda, and Amazon ECS. It supports multiple deployment strategies to control how traffic is shifted from an original (current) version to a new (revision) version. The three primary strategies are Blue/Green, Canary, and Linear. Each strategy defines the pace and pattern of traffic shifting, which directly impacts risk, rollback speed, and user experience. The DVA-C02 exam expects you to know the differences, configuration parameters, and appropriate use cases for each.
Blue/Green Deployments
Blue/Green deployment involves provisioning a new set of resources (green environment) alongside the existing ones (blue environment). Once the green environment is ready and passes health checks, traffic is shifted from blue to green in a single step. This strategy is ideal for applications that can tolerate the cost of running duplicate environments temporarily and require instant cutover.
How it works: - CodeDeploy creates a replacement environment (e.g., new Auto Scaling group, new Lambda function alias, or new ECS task set). - Traffic is routed to the new environment using a load balancer or Lambda alias routing configuration. - The original environment remains intact for a configurable 'termination wait time' (default 5 minutes) to allow rollback if issues are detected. - After the wait time, the original environment is terminated.
Key parameters:
- DeploymentOption: WITH_TRAFFIC_CONTROL (default) or WITHOUT_TRAFFIC_CONTROL.
- TerminationWaitTimeInMinutes: 0 to 2880 (48 hours). Default is 5.
- LifecycleEventHooks: BeforeAllowTraffic and AfterAllowTraffic can be used to run validation tests.
Exam tip: Blue/Green is the fastest rollback because you can instantly switch back to the original environment if the green fails. However, it requires double the resources during deployment.
Canary Deployments
Canary deployment shifts traffic in two increments: first a small percentage (the canary), then the remainder after a specified interval. This is used to validate the new version with a subset of users before full rollout.
How it works: - Initially, a small portion of traffic (e.g., 10%) is sent to the new version. - After a 'canary interval' (e.g., 5 minutes), the remaining 90% of traffic is shifted to the new version. - The canary percentage and interval are defined in the deployment configuration.
Key parameters (for Lambda and ECS):
- CanaryPercentage: 5, 10, 15, or 20% (predefined configurations).
- CanaryInterval: 5, 10, or 15 minutes.
- For EC2/On-Premises, CodeDeploy uses a different mechanism: it deploys to a batch of instances first (canary), then to the rest.
Predefined configurations:
- CodeDeployDefault.ECSCanary10Percent5Minutes
- CodeDeployDefault.LambdaCanary10Percent5Minutes
- CodeDeployDefault.ECSCanary10Percent15Minutes
- CodeDeployDefault.LambdaCanary10Percent15Minutes
- CodeDeployDefault.ECSCanary10Percent10Minutes (not for Lambda)
Linear Deployments
Linear deployment shifts traffic in equal increments at fixed intervals until 100% of traffic is on the new version. This provides a gradual, predictable rollout.
How it works:
- At each interval, a fixed percentage of traffic is shifted to the new version.
- The process continues until all traffic is shifted.
- For example, Linear10PercentEvery1Minute shifts 10% every minute, completing in 10 minutes.
Key parameters:
- LinearPercentage: 5, 10, or 15% per interval.
- LinearInterval: 1, 2, 3, 5, or 10 minutes.
Predefined configurations:
- CodeDeployDefault.LambdaLinear10PercentEvery1Minute
- CodeDeployDefault.ECSCanary10Percent5Minutes (actually linear? No, ECS has both canary and linear)
- CodeDeployDefault.ECSLinear10PercentEvery1Minute
- CodeDeployDefault.ECSLinear10PercentEvery3Minutes
- CodeDeployDefault.LambdaLinear10PercentEvery10Minutes
- CodeDeployDefault.EC2Linear10PercentEvery1Minute (for EC2/On-Premises)
Exam tip: The exam often tests the difference between canary and linear: canary has two phases (small then full), linear has multiple equal steps. Also note that for EC2/On-Premises, CodeDeploy uses a different model: it deploys to a percentage of instances at a time, not traffic weighting.
Traffic Shifting Mechanisms by Compute Platform
EC2/On-Premises: - Blue/Green: Requires an Auto Scaling group and a load balancer. CodeDeploy creates a new ASG and attaches it to the ELB. - Canary/Linear: CodeDeploy deploys to a batch of instances (canary) or a percentage of instances per interval (linear). Traffic shifting is achieved by deregistering old instances and registering new ones with the load balancer. - Note: For EC2, canary and linear are not as granular as for Lambda/ECS—they deploy to a percentage of instances, not traffic weight.
AWS Lambda:
- Blue/Green: Uses Lambda alias traffic shifting. The alias points to two versions with a routing config.
- Canary/Linear: Lambda alias routing config automatically shifts traffic weight over time.
- Lifecycle hooks: BeforeAllowTraffic and AfterAllowTraffic run validation.
Amazon ECS:
- Blue/Green: Uses ECS task sets and a load balancer target group. CodeDeploy creates a new task set and shifts traffic.
- Canary/Linear: CodeDeploy uses the ECS deployment controller type CODE_DEPLOY and adjusts the task set's traffic weight.
- Lifecycle hooks: BeforeInstall, AfterInstall, BeforeAllowTraffic, AfterAllowTraffic.
Rollback Behavior
CodeDeploy can automatically roll back a deployment if a CloudWatch alarm is triggered or if the deployment fails. Rollback redeploys the last known good revision. For Blue/Green, rollback is instantaneous by switching traffic back to the original environment. For Canary/Linear, rollback may take time because it redeploys the previous version.
Key exam points:
- Rollback triggers: deployment failure, manual stop, CloudWatch alarm.
- Rollback configuration: AutoRollbackConfiguration with events like DEPLOYMENT_FAILURE, DEPLOYMENT_STOP_ON_ALARM, DEPLOYMENT_STOP_ON_REQUEST.
- Rollback redeploys the previous revision, not the original environment (except Blue/Green where original may still exist).
Lifecycle Event Hooks
Lifecycle hooks allow you to run custom scripts or Lambda functions at various stages of the deployment. Common hooks:
- BeforeInstall: Run tasks before the new application revision is installed.
- AfterInstall: Run tasks after installation.
- BeforeAllowTraffic: Run validation before traffic is shifted to the new version.
- AfterAllowTraffic: Run validation after traffic is shifted.
- ValidateService: Run health checks after deployment.
For Lambda and ECS, the hooks are BeforeAllowTraffic and AfterAllowTraffic. For EC2, you have additional hooks like ApplicationStop, DownloadBundle, Install, ApplicationStart.
Deployment Configuration Examples
Creating a deployment with canary (CLI):
aws deploy create-deployment \
--application-name MyApp \
--deployment-group-name MyDG \
--deployment-config-name CodeDeployDefault.LambdaCanary10Percent5Minutes \
--revision revisionType=AppSpecContent,appSpecContent=...Creating an ECS deployment with linear:
aws deploy create-deployment \
--application-name MyECSApp \
--deployment-group-name MyECSGroup \
--deployment-config-name CodeDeployDefault.ECSLinear10PercentEvery1Minute \
--revision revisionType=AppSpecContent,appSpecContent='{"version":1,"Resources":[{"TargetService":{"Type":"AWS::ECS::Service","Properties":{"TaskDefinition":"arn:aws:ecs:...","LoadBalancerInfo":{"ContainerName":"web","ContainerPort":80}}}}]}'Monitoring Deployments
CloudWatch alarms can trigger automatic rollback.
CodeDeploy publishes deployment events to CloudWatch Events (now Amazon EventBridge).
Use aws deploy list-deployments and aws deploy get-deployment to check status.
Summary of Differences
| Strategy | Traffic Shift Pattern | Rollback Speed | Resource Cost | Use Case | |----------|----------------------|----------------|---------------|----------| | Blue/Green | Instant (100% at once) | Fast (switch back) | Double during deploy | Critical apps needing instant cutover | | Canary | Two steps: small then full | Moderate (redeploy) | Canary resources | Validate with a subset of users | | Linear | Multiple equal steps | Moderate (redeploy) | Gradual resource use | Controlled rollout with constant monitoring |
Exam trap: Candidates often confuse canary and linear. Remember: canary has exactly two phases (e.g., 10% then 90%), linear has many equal phases (e.g., 10% every minute for 10 minutes). Also, Blue/Green is the only strategy that allows instant rollback without redeploying.
Create Application and Deployment Group
First, you create a CodeDeploy application (name, compute platform) and a deployment group. The deployment group specifies the target environment (e.g., EC2 Auto Scaling group, Lambda alias, ECS service), deployment type (in-place or blue/green), and load balancer details. For Blue/Green, you must specify the original and replacement environments. For Canary/Linear, you choose the deployment configuration (e.g., 10% every 1 minute). The deployment group also defines alarms, rollback settings, and lifecycle hooks.
Specify Deployment Configuration
Choose a predefined deployment configuration or create a custom one. For Lambda and ECS, predefined configs like `CodeDeployDefault.LambdaCanary10Percent5Minutes` or `CodeDeployDefault.ECSLinear10PercentEvery1Minute` are used. For EC2, you can use `CodeDeployDefault.EC2Linear10PercentEvery1Minute`. The configuration defines the traffic shifting pattern (canary or linear) and the timing intervals. Note that custom configurations are possible but limited to specific ranges (e.g., canary percentage 5-20%, interval 1-15 minutes).
Push Application Revision
Upload the application revision (code, AppSpec file) to Amazon S3 or GitHub. The AppSpec file defines the lifecycle hooks, Lambda functions, or ECS task definition. For Lambda, the AppSpec includes the new Lambda version and routing config. For ECS, it includes the task definition ARN and container info. For EC2, it includes scripts to run. The revision must be referenced in the `create-deployment` command.
Initiate Deployment
Run `aws deploy create-deployment` with the application name, deployment group name, revision, and deployment configuration. CodeDeploy then begins the deployment process. For Blue/Green, it provisions the new environment (e.g., creates a new Auto Scaling group). For Canary/Linear, it starts shifting traffic according to the configuration. Lifecycle hooks are triggered at appropriate stages. You can monitor progress via the CodeDeploy console or CLI.
Monitor and Validate
During the deployment, CodeDeploy runs health checks and lifecycle hooks. For Canary/Linear, traffic is shifted gradually. You can validate by checking CloudWatch metrics, logs, or running tests in `BeforeAllowTraffic` and `AfterAllowTraffic` hooks. If a CloudWatch alarm triggers, CodeDeploy can automatically roll back. For Blue/Green, after the termination wait time, the original environment is terminated. You can also manually stop or roll back the deployment.
Enterprise Scenario 1: E-Commerce Platform with Blue/Green Deployments
A large e-commerce company uses Blue/Green deployments for their critical checkout service running on ECS. They have two production clusters (blue and green) in different Availability Zones. During a deployment, CodeDeploy creates a new task set (green) with the updated container image, attaches it to the load balancer, and shifts 100% traffic instantly. The original task set (blue) remains for a termination wait time of 30 minutes. If any errors are detected (e.g., increased 5xx errors), the team manually rolls back by shifting traffic back to blue. This strategy ensures zero downtime and instant rollback. The cost of running duplicate clusters is acceptable given the revenue impact of downtime. One common mistake is forgetting to set the termination wait time long enough—if set too short (e.g., 1 minute), the original environment might be terminated before rollback is possible.
Scenario 2: Microservices with Canary Deployments
A SaaS company uses canary deployments for their user-facing API running on AWS Lambda. They want to test a new feature with 10% of users for 5 minutes before full rollout. They use CodeDeployDefault.LambdaCanary10Percent5Minutes. The Lambda alias 'prod' initially routes 100% to version 1. During deployment, CodeDeploy creates version 2 and updates the alias routing to 10% version 2, 90% version 1. After 5 minutes, it shifts to 100% version 2. They monitor error rates and latency via CloudWatch alarms. If the canary phase shows increased errors, they trigger a rollback. A common issue is that the canary interval is too short to gather meaningful data—they learned to use at least 10 minutes for statistically significant results.
Scenario 3: Financial Services with Linear Deployments
A bank uses linear deployments for their backend batch processing system on EC2. They need a controlled rollout to avoid overwhelming the system. They use CodeDeployDefault.EC2Linear10PercentEvery1Minute, which deploys to 10% of instances every minute. Each batch of instances is taken out of service, updated, and re-registered with the load balancer. They use lifecycle hooks to run database migration scripts before traffic is shifted. A common problem is that if the migration script fails, the entire batch fails, causing a partial deployment. They mitigate by running the migration as a separate step before the deployment. Misconfiguration of the load balancer deregistration delay can cause connection draining issues, so they set the deregistration delay to match the deployment interval.
DVA-C02 Objective 3.4: Deploy Code with AWS CodeDeploy
The exam tests your ability to choose the correct deployment strategy based on requirements. Key objective codes: Domain 3 (Deployment), Objective 3.4. Questions often present a scenario with constraints like 'minimize downtime', 'gradual rollout', 'instant rollback', or 'test with a subset of users'.
Common Wrong Answers and Why
Choosing Blue/Green when the scenario requires gradual rollout. Candidates see 'zero downtime' and pick Blue/Green, but if the scenario says 'gradually shift traffic over 10 minutes', the correct answer is Linear or Canary. Blue/Green is instant, not gradual.
Confusing Canary and Linear. Many candidates think canary is any gradual rollout. The exam tests specific terms: canary has two steps (small then full), linear has multiple equal steps. Look for phrases like 'first 10%, then the rest after 5 minutes' (canary) vs '10% every minute' (linear).
Assuming automatic rollback is instant for all strategies. Only Blue/Green allows instant rollback by switching traffic back. For Canary/Linear, rollback requires redeploying the previous version, which can take time. The exam may ask which strategy supports instant rollback.
Forgetting termination wait time for Blue/Green. The exam may ask what happens after traffic is shifted: the original environment is terminated after a configurable wait time (default 5 minutes). A wrong answer might say 'immediately terminated' or 'kept indefinitely'.
Specific Numbers and Terms to Memorize
Predefined configurations: CodeDeployDefault.LambdaCanary10Percent5Minutes, CodeDeployDefault.ECSLinear10PercentEvery1Minute, CodeDeployDefault.EC2Linear10PercentEvery1Minute.
Default termination wait time: 5 minutes.
Canary percentages: 5, 10, 15, 20.
Linear percentages per interval: 5, 10, 15.
Intervals: 1, 2, 3, 5, 10, 15 minutes.
Lifecycle hooks: BeforeAllowTraffic, AfterAllowTraffic (for Lambda/ECS); ApplicationStop, DownloadBundle, BeforeInstall, Install, AfterInstall, ApplicationStart, ValidateService (for EC2).
Edge Cases and Exceptions
EC2/On-Premises Blue/Green requires a load balancer. If the scenario says 'no load balancer', Blue/Green is not possible.
Lambda Blue/Green uses alias routing. The exam may ask about shifting traffic weights on a Lambda alias.
ECS Blue/Green uses task sets. The original task set is not deleted until the termination wait time expires.
Rollback redeploys the last known good revision. It does not restore the original environment unless it still exists (Blue/Green).
How to Eliminate Wrong Answers
If the question mentions 'instant rollback', Blue/Green is likely correct.
If it mentions 'gradual' or 'progressive', eliminate Blue/Green.
If it mentions 'two phases' or 'canary', choose Canary.
If it mentions 'equal increments' or 'linear', choose Linear.
If it mentions 'test with a small percentage of users', Canary is appropriate.
Always check the compute platform: Lambda and ECS support traffic shifting; EC2 supports instance-based canary/linear.
Blue/Green deployment shifts 100% traffic instantly and allows instant rollback by switching back to the original environment.
Canary deployment shifts traffic in two phases: a small percentage (e.g., 10%) then the remainder after a fixed interval (e.g., 5 minutes).
Linear deployment shifts traffic in equal increments (e.g., 10%) at regular intervals (e.g., every 1 minute) until 100%.
For Lambda and ECS, canary and linear use traffic weight shifting; for EC2, they deploy to a percentage of instances.
Default termination wait time for Blue/Green is 5 minutes, configurable from 0 to 2880 minutes.
Predefined deployment configurations include: CodeDeployDefault.LambdaCanary10Percent5Minutes, CodeDeployDefault.ECSLinear10PercentEvery1Minute, CodeDeployDefault.EC2Linear10PercentEvery1Minute.
Lifecycle hooks for Lambda/ECS: BeforeAllowTraffic and AfterAllowTraffic; for EC2: multiple hooks including ApplicationStop, Install, etc.
Automatic rollback can be triggered by deployment failure, CloudWatch alarm, or manual stop.
Blue/Green requires a load balancer for EC2 and ECS; Lambda uses alias routing.
Canary and linear strategies do not support instant rollback; they require redeploying the previous version.
These come up on the exam all the time. Here's how to tell them apart.
Blue/Green Deployment
Provisions a new environment alongside existing one.
Traffic is shifted all at once (instant cutover).
Fast rollback by switching traffic back to original.
Requires double resources during deployment.
Ideal for critical applications needing zero downtime and instant rollback.
In-Place Deployment
Updates existing resources in place (e.g., EC2 instances).
Traffic is shifted gradually or all at once depending on strategy.
Rollback requires redeploying the previous version.
No additional resources needed.
Suitable for non-critical applications or when resource cost is a concern.
Canary Deployment
Two-phase traffic shift: small percentage then full.
Predefined configurations: 10% with 5, 10, or 15 min intervals.
Best for validating with a small subset of users before full rollout.
Faster than linear because only two steps.
Rollback is moderate (redeploy previous version).
Linear Deployment
Multiple equal increments (e.g., 10% every minute).
Predefined configurations: 10% every 1, 3, or 10 minutes.
Best for controlled, predictable rollouts with constant monitoring.
Takes longer to complete (e.g., 10 steps for 10% increments).
Rollback is moderate (redeploy previous version).
Mistake
Blue/Green deployments always use the same set of resources, just switching traffic.
Correct
Blue/Green provisions a completely new environment (e.g., new Auto Scaling group, new ECS task set) alongside the existing one. This doubles resource usage during deployment.
Mistake
Canary and Linear are the same thing.
Correct
Canary shifts traffic in two phases: a small percentage then the remainder after a fixed interval. Linear shifts traffic in multiple equal increments at regular intervals. They are distinct patterns.
Mistake
Rollback is always instant for any deployment strategy.
Correct
Only Blue/Green allows instant rollback by switching traffic back to the original environment (if still running). For Canary/Linear, rollback requires redeploying the previous version, which takes time.
Mistake
CodeDeploy canary and linear strategies work the same way for EC2 as for Lambda.
Correct
For EC2/On-Premises, canary/linear deploy to a percentage of instances, not traffic weight. For Lambda/ECS, they shift traffic weight. The mechanism differs significantly.
Mistake
The termination wait time for Blue/Green is always 5 minutes and cannot be changed.
Correct
The default is 5 minutes, but you can set it from 0 to 2880 minutes (48 hours). You can also set it to 0 to terminate immediately.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
Canary deployment shifts traffic in two phases: first a small percentage (e.g., 10%) to the new version, then after a specified interval (e.g., 5 minutes), the remaining 90% is shifted. Linear deployment shifts traffic in multiple equal increments (e.g., 10% every minute) until 100% of traffic is on the new version. Canary is faster (only two steps) and is used to validate with a subset of users. Linear provides a more gradual, predictable rollout. For the exam, remember the key phrases: 'two phases' for canary, 'equal increments' for linear.
For EC2/On-Premises, Blue/Green requires a load balancer to shift traffic between the original and replacement environments. Without a load balancer, you cannot use Blue/Green. For Lambda, Blue/Green uses alias routing and does not require a load balancer. For ECS, Blue/Green requires a load balancer target group. So the answer depends on the compute platform. The exam may test this by asking which compute platforms support Blue/Green without a load balancer—only Lambda.
For canary and linear deployments, rollback is not instantaneous. When a rollback is triggered (e.g., by a CloudWatch alarm or deployment failure), CodeDeploy redeploys the last known good revision. This means it goes through the same deployment process again, which can take time. In contrast, Blue/Green allows instant rollback by simply shifting traffic back to the original environment (if it hasn't been terminated yet). So if the scenario requires instant rollback, Blue/Green is the correct choice.
For Lambda, the predefined deployment configurations are: CodeDeployDefault.LambdaCanary10Percent5Minutes, CodeDeployDefault.LambdaCanary10Percent10Minutes, CodeDeployDefault.LambdaCanary10Percent15Minutes, CodeDeployDefault.LambdaLinear10PercentEvery1Minute, CodeDeployDefault.LambdaLinear10PercentEvery3Minutes, CodeDeployDefault.LambdaLinear10PercentEvery10Minutes. Note that canary configurations have a fixed 10% canary size with varying intervals (5, 10, 15 minutes). Linear configurations shift 10% every interval (1, 3, 10 minutes). There is also CodeDeployDefault.LambdaAllAtOnce for instant shift.
For ECS deployments using CodeDeploy, the lifecycle hooks are: BeforeInstall, AfterInstall, BeforeAllowTraffic, and AfterAllowTraffic. These hooks allow you to run custom tasks (e.g., Lambda functions or scripts) at specific points during the deployment. For example, you can use BeforeAllowTraffic to run integration tests before traffic is shifted to the new task set. The hooks are defined in the AppSpec file under the 'Hooks' section.
The termination wait time is the period after traffic is shifted to the new environment during which the original environment remains active. You can configure this from 0 to 2880 minutes (48 hours). The default is 5 minutes. This wait time allows you to roll back by switching traffic back to the original environment if issues are detected. After the wait time expires, CodeDeploy terminates the original resources. Setting it to 0 means immediate termination, which eliminates the ability to roll back instantly.
Yes, but the mechanism differs from Lambda/ECS. For EC2/On-Premises, canary and linear deployments deploy to a percentage of instances at a time, not traffic weight. For example, a canary deployment might first deploy to 10% of instances, then after a wait time, deploy to the remaining 90%. Linear deploys to a fixed percentage of instances at regular intervals. The deployment configuration names for EC2 are like CodeDeployDefault.EC2Linear10PercentEvery1Minute or CodeDeployDefault.EC2Canary10Percent5Minutes.
You've just covered CodeDeploy: Blue/Green, Canary, Linear — now see how well it sticks with free DVA-C02 practice questions. Full explanations included, no account needed.
Done with this chapter?