AWS Cloud Operations & Migrations Blog

Custom Post-launch actions and Deployment scripting using AWS Systems Manager and Amazon CodeWhisperer

In Part 1 of this series, you learned about Blue/Green testing and deployment on AWS, a key strategy that increases application availability and reduces deployment risk by simplifying the rollback process if a deployment fails. We explored live replication using AWS Application Migration Service (AWS MGN) and introduced prebuilt post-launch actions with AWS Systems Manager (SSM Agent) to simplify your deployment processes.

In Part 2, you’ll delve even deeper, offering you an opportunity to maximize your control and efficiency. We introduce custom-built Post-Launch actions and testing and migration scripting powered by Amazon CodeWhisperer. CodeWhisperer serves as your AI coding companion, offering real-time, context-aware code suggestions within your Integrated Development Environment (IDE). These suggestions are based on natural language comments that describe specific programming tasks. This not only streamlines your software development process but also empowers you with ready-made code snippets. These snippets align with plain English comments and can be easily accepted, explored further, or modified as needed for precise implementation.

What makes this capability significant? It empowers you to take greater control over managing AWS resources while maintaining flexibility. It allows you to exchange the convenience of the AWS Management Console for the fine-tuning capabilities of a programmatic approach, ensuring that your deployments are more efficient, reliable, and adaptable to your unique needs. In a world of fast-paced software development, this capability is your secret weapon for staying ahead.

Continuing in the same environment as Part 1, if your AWS MGN test instances are already launched, consider spinning down those resources to create a clean slate before performing a new launch for further custom post-launch actions.

Solution Overview

Using AWS Services, including AWS Application Migration Service (AWS MGN), Amazon CodeWhisperer, Amazon EC2, and the AWS Command Line Interface (AWS CLI), you will:

  1. Create a new custom AWS Systems Manager Post-launch action.
  2. Once this Post-Launch Action is created, you will initiate a new connection to AWS MGN with our old Blue Version instance. This step is necessary because changes to our actions only apply to new source servers and get our test instance launched.
  3. With a test instance created, you can experiment by adding various services and features to the Green Version Amazon EC2 instance.
  4. You will accomplish this by using scripts built with the help of CodeWhisperer. These scripts will be written in AWS SDK for Python (Boto3). These scripts will allow us to leverage the AWS CLI for a straightforward, repeatable recipe for attaching AWS services to our AWS MGN test instances.
  5. Finally, you will close out with some next steps, which may include spinning down the resources or completing the cutover process to the Green Version instance, as you saw in Part 1.

Target Architecture

The following diagram illustrates our solution architecture:

Figure 1: Proposed AWS MGN Blue/Green Testing Solution Architecture using Amazon CodeWhisperer and Custom Post-Launch Actions

  1. Setting Up Custom Post Launch Actions in AWS MGN
  2. Installing the AWS MGN replication agent to the Blue Version
  3. Scripting AWS Service attachments to Green Version using AWS SDK for Python (Boto3) powered by Amazon CodeWhisperer
  4. Executing the script via CLI
  5. Complete the cutover process in AWS MGN
  6. Next Steps – Update DNS Routing with Amazon Route 53


With the introduction covered and the architecture displaying the targeted solution, you can begin the Walkthrough portion.

1. Setting Up Custom Post Launch Actions in AWS MGN

This first part will involve the initial setup process to create a new custom Post-launch action in AWS MGN.

Figure 2: AWS Console, AWS Application Migration Service Console, Post-Launch Template Section

You will create new custom Post-launch actions via the Post-launch template tab within the AWS MGN service page. As noted in the screenshot, all changes made to the templates are only applied to newly added source servers.

Figure 3: AWS MGN Post-launch Template, Add Action feature

You will select the Create Action button and complete the prompt. There are many SSM documents to choose from that cover various use cases that the pre-defined Post-launch templates do not offer.

Note: You can create your own SSM document content if your desired document is not listed.

Figure 4: AWS SSM documents feature displaying a document to create a Load Balancer and Auto Scaling Group

You will stick with our theme from the architecture and select the AWS Migration – CreateLoadBalanceAutoScaleGroup document. To get more information on the document, select the View in Systems Manager icon next to the document you have chosen.

Note: Systems Manager allows you to search through the services documents and favorite your frequently used documents to make them easier to access.

Figure 5: AWS MGN Custom Post-launch Action, the SSM document will require varying dependencies according to the document selected

Once you have selected your preferred SSM document, you will need to complete the required inputs to complete the Action setup process. These steps will vary according to the chosen SSM document. AWS MGN includes standard features like the Order feature to direct when each Action takes place and precedence.

Figure 6: Successfully completed Creating Action

With the custom action successfully created, you can now install the AWS MGN Replication Action to our Blue Version Amazon EC2 instance, launch a test instance, and verify that our custom action is working on the Green Version.

2. Installing the AWS MGN replication agent to the Blue Version

You will install the AWS MGN agent as described in section 5 of Part 1 and begin the migration.

Figure 7: AWS MGN Lifecycle page featured in the AWS Console

After the initial data replication, AWS MGN’s Lifecycle will move us to the Ready for Testing Stage. You will select the Test and Cutover drop-down menu and launch Test Instances. AWS MGN will provision an Amazon EC2 instance conversion server to generate our Green Version Test Instance. This is a critical stage. In the Post-launch actions status, you will get our first look to determine if you successfully configured the custom post-launch actions you chose a few moments ago. If you encounter errors with the AWS MGN Agent or the Systems Manager Post-Launch Actions, see troubleshooting launch errors to find help.

With the Test instance launched you may continue your testing as needed, reviewing the resources and features leveraged in the custom Post-launch Actions, or move to the cutover process detailed at the end of this blog.

In your case, you will continue with Part 2, covering a different method of attaching services and features to your Green Version Test Instance via scripting.

3. Scripting AWS Service attachments to Green Version using AWS SDK for Python (Boto3) powered by Amazon CodeWhisperer

In this section, you will focus on building a simple, repeatable process for attaching services to our Green Version leveraging Amazon’s AI Coding Companion, CodeWhisperer, for real-time, complete function code suggestions integrated right into our IDE, allowing users to get started scripting with minimal delay.

For Step 1 of this part, let’s open our IDE, VS Code in this case, and follow the CodeWhisperer User Guide: Setting up to complete the setup.

Figure 8: VSCode IDE with a new Python file

You can start writing our Python boto3 script, which, when paired with the AWS CLI, will allow us to enable scripts to interact with our resources in AWS. You can confirm on the left Developer Tools panel that CodeWhisperer Auto-Suggestions are on. CodeWhisperer suggests some code for us, as seen in the light gray font.

Figure 9: Amazon CodeWhisperer suggests code output in our IDE via the light gray color text

Amazon CodeWhisperer will suggest auto-complete portions of your code as users write their script. You may choose between these options using your arrow keys and pressing the Tab key to select an option and paste the code.

For this script, you will create an Amazon Elastic Load Balancer and target group to connect to your Amazon EC2 instance, update the security group to allow access on Port 80 for HTTP traffic, and add an elastic IP address and AWS Auto scaling group. These resources will allow you to test sending network traffic to your instance, testing AWS’s auto-scaling and load-balancing features. Still, you may add whichever services and features you like.

Figure 10: Amazon CodeWhisperer assisted script to create a Target Group

With the help of CodeWhisperer, you generated this script for creating the Target Group for our load balancer. Note you can add resources with these scripts and detach resources, too!

4. Executing the script via CLI

Once your script is complete, you may execute it via the AWS CLI. You can configure the CLI with steps found in AWS documentation.

Figure 11: Executing the Python script via the AWS CLI

Please see the script built with the help of Amazon CodeWhisperer. Note that this may not be a complete script for your use case, but this demonstrates how Amazon CodeWhisperer can accelerate your development process through autocomplete suggestions. As an example, if you have requirements for HTTPS traffic, you can configure this in the script or via Post-launch actions using an SSM Document such as the “AWSDocs-Configure-SSL-TLS-AL2” offering.

import boto3

# Enter your AWS credentials here.
# You can find these credentials in the AWS Management Console.

aws_access_key_id = input("Enter the aws access key id: ")
aws_secret_access_key = input("Enter the aws secret access key: ")
region_name = input("Enter the region name: ")
# Start the session with your AWS credentials
# and the region you want to work with.

session = boto3.Session(aws_access_key_id=aws_access_key_id, aws_secret_access_key=aws_secret_access_key, region_name=region_name)

#Enter your Amazon EC2 instance id and subnet id here.
#You can find the instance id and subnet id in the AWS Management Console.

instance_id = input("Enter the instance id: ")
subnet_id1 = 'subnet-000000000000000'

subnet_id2 = 'subnet-000000000000000'
ec2 = boto3.client("ec2")
sg_id = 'sg-04cadfeb375c5a30e'

# Allocate a public IP address for the instance.

eip = ec2.allocate_address(Domain="vpc")

ec2.associate_address(InstanceId=instance_id, PublicIp=eip["PublicIp"])

vpc_id = ec2.describe_instances (InstanceIds=[instance_id])["Reservations"][0]["Instances"][0]["VpcId"]

#Here, you create a target group for the instance and a load balancer.
#The target group is used to route traffic to the instance.

elbv2 = boto3.client("elbv2")

target_group = elbv2.create_target_group(
"HttpCode": "200"
response = elbv2.register_targets(
"Id": instance_id
response = elbv2.create_load_balancer(
"Key": "Name",
"Value": "load-balancer"
#Lastly, you create a listener for the load balancer.
#The listener is used to route traffic to the target group.

"Type": "forward",
"TargetGroupArn": target_group["TargetGroups"][0]["TargetGroupArn"]
#You can view the output of your instance using the public IP address provided.
print(f'The public IP address of the instance is {eip["PublicIp"]}. You may now test the instance.')

5. Complete the cutover process in AWS MGN.

Once your testing is complete, you may revert to the Ready for Testing stage of the AWS MGN lifecycle or mark it as Ready for Cutover.

Figure 12: Cutover Traffic or Revert to Ready for Testing in the AWS MGN Service AWS Console

6. Next Steps – Update DNS Routing with Amazon Route 53

In Part 1 of this series, you learned the approach of using DNS routing with Amazon Route 53 for blue/green deployments, allowing traffic switching between blue and green environments as necessary. It involves updating the alias record in Route 53 to direct network traffic from the blue environment to the green environment.

Clean Up

To avoid accruing any additional charges related to this post, be sure to clean up your resources, including:


Part 2 of this series covered Blue/Green Testing with the help of automation using Amazon CodeWhisperer and AWS Systems Manager. You looked at utilizing prebuilt Post-launch Actions and leveraging SSM documents to create your own custom post-launch actions.

You also explored Amazon’s Generative AI code companion tool in CodeWhisperer. You saw how it assists you with building scripts in various languages to attach and detach services and features from your resources in AWS to create a repeatable testing method.

About the authors

Dylan Martin

Dylan is a Solutions Architect on the AWS Industries team helping customers build and maintain optimal workloads on AWS. He has expertise in the Threat Detection and Incident Response domain. Outside of work he enjoys motorcycling, the French Riviera and studying emergency medicine.

Mohan CV

Mohan is a Principal Solutions Architect at AWS based in Northern Virginia. With a robust background in large-scale enterprise migrations and modernization, he specializes in Data & Analytics. Mohan is passionate about leveraging new technologies and finds joy in assisting customers in tailoring these innovations to meet their unique business needs.