AWS CodeBuild – Controlling folder ownership and permissions using the Appspec file

CodeDeploy is an amazing service, but sometimes you come across a few scenarios where the solution is not very intuitive.

For example, my goal was to copy a folder to a linux EC2, set the ownership of that folder to the “ec2-user” user and set the permissions of all the files in the folder.

Granting permissions to all files in a folder is straight forward (see “folder1” on the example below – BTW, for the sake of simplicity I’ve divided this scenario in 2: folder1 and folder2) but I was having trouble trying to give permissions to a folder as I was trying to use the same pattern: folder name in the “directory” property.

So, I did some research and found that in order to apply the permission to directory, the directory name should be mentioned in pattern attribute.

version: 0.0
os: linux
files:    
  - source: /folder1/
    destination: /home/ec2-user/folder1

  - source: /folder2/
    destination: /home/ec2-user/folder2
    
permissions:

  #set permission to all files inside the "folder1" folder
  - object: /home/ec2-user/folder1/
    pattern: "*"
    owner: ec2-user
    mode: 755
    type:
      - file

  #set the permission and the owner of the "folder2" directory  
  #the name of the folder has to be in the "pattern"
  - object: /home/ec2-user/
    pattern: "folder2"
    owner: ec2-user
    mode: 755
    type:
      - directory      
      
#alternatively can run a script to set the permissions:
hooks:
  AfterInstall:
    - location: deploymentScripts/change_permissions.sh
      timeout: 300
      runas: root