diff --git a/knowledge base/cloud computing/aws/codedeploy.md b/knowledge base/cloud computing/aws/codedeploy.md
new file mode 100644
index 0000000..6b59a54
--- /dev/null
+++ b/knowledge base/cloud computing/aws/codedeploy.md
@@ -0,0 +1,154 @@
+# AWS CodeDeploy
+
+Deployment service offered by [AWS][amazon web services].
+
+1. [TL;DR](#tldr)
+1. [Service role](#service-role)
+1. [Flow](#flow)
+1. [Deployment](#deployment)
+ 1. [Deploy to instances](#deploy-to-instances)
+1. [Further readings](#further-readings)
+ 1. [Sources](#sources)
+
+## TL;DR
+
+Automates application deployments to EC2 and on-premises instances, Lambda functions, or ECS.
+
+Application content can be stored in S3 buckets, or GitHub or Bitbucket repositories.
+No changes are needed to the application itself.
+
+| Component | Summary |
+| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------- |
+| Application | Name that uniquely identifies the application resources to deploy, and to deploy to. |
+| Compute platform | The platform on which applications are deployed an application. |
+| Deployment configuration | Set of rules and success/failure conditions used during deployments. |
+| Deployment group | Set of individual EC2/on-premise instances to deploy to, if using them. |
+| Deployment type | Method used for deployments to instances in a deployment group.
Available deployment types are _in-place_ and _blue/green_. |
+| IAM instance profile | IAM role for EC2 instances.
It must have the permissions required to access the application code. |
+| Revision | Application versions. |
+| Service role | IAM role granting permissions to CodeDeploy to access AWS resources. |
+| Target revision | The application revision currently targeted for deployment. |
+
+
+
+
+
+
+
+## Service role
+
+CodeDeploy uses an IAM role when acting.
+This _service_ role requires access to the following:
+
+- Read either the tags applied to instances, or their associated EC2 Auto Scaling group names.
+ Needed to identify instances to which it can deploy applications.
+- Perform operations on instances, EC2 Auto Scaling groups, and Elastic Load Balancers.
+- Publish information to SNS topics.
+ Needed to send notifications when specified deployment or instance events occur.
+- Retrieve information about CloudWatch alarms.
+ Needed to set up alarm monitoring for deployments.
+
+## Flow
+
+```mermaid
+flowchart LR
+ TODO
+```
+
+## Deployment
+
+### Deploy to instances
+
+One must set up the instances before CodeDeploy can deploy application revisions to them for the first time.
+
+Manually provisioned instances must abide the following:
+
+- The CodeDeploy agent must be present on the instances.
+- They must be tagged, if one is using tags to identify instances in a deployment group.
+ CodeDeploy relies on tags to identify and group instances into deployment groups.
+- They must be launched with an IAM instance profile attached.
+ The instance profile enables the CodeDeploy agent to verify the identity of the instance.
+- They must be modifiable by the [service role] used by CodeDeploy.
+
+Instances are taken offline during deployments so that the latest application revision can be installed.
+
+Instances are assigned two health status values each: _revision health_ and _instance health_.
+Revision health is based on the application revision currently installed on the instance.
+Instance health is based on whether deployments to the instance have been successful.
+
+CodeDeploy uses the two health status values to schedule deployments to deployment groups' instances in the following
+order:
+
+1. Unhealthy instance health.
+1. Unknown revision health.
+1. Old revision health.
+1. Current revision health.
+
+Deployments fail if the number of healthy instances falls below the minimum number specified for the deployment
+group.
+For overall deployments to succeed, the following must be true:
+
+- CodeDeploy is able to deploy to each instance in the deployment group.
+- Deployment to at least **one** instance must succeed, even if the minimum healthy hosts value is `0`.
+
+When overall deployments succeed, the revision in question is updated and the deployment group's health status values
+are updated to reflect the latest deployment.
+
+When overall deployments fail or are stopped:
+
+- Each instance to which CodeDeploy attempted to deploy the application revision has its instance health set to either
+ `healthy` or `unhealthy`, depending on whether the deployment attempt for that instance succeeded or failed.
+- Each instance to which CodeDeploy did **not** attempt to deploy the application revision retains its current instance
+ health value.
+- The deployment group's revision remains the same.
+
+## Further readings
+
+- [Documentation]
+- [Amazon Web Services]
+
+### Sources
+
+- [Instance health]
+
+
+
+
+[service role]: #service-role
+
+
+[amazon web services]: README.md
+
+
+
+[documentation]: https://docs.aws.amazon.com/codedeploy/latest/userguide/welcome.html
+[instance health]: https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html
+
+
diff --git a/snippets/aws/commands.fish b/snippets/aws/commands.fish
index 57f4ad4..aa55ca3 100644
--- a/snippets/aws/commands.fish
+++ b/snippets/aws/commands.fish
@@ -41,6 +41,21 @@ aws autoscaling cancel-instance-refresh --auto-scaling-group-name 'ProductionSer
aws autoscaling rollback-instance-refresh --auto-scaling-group-name 'ProductionServers'
+###
+# CodeDeploy
+# ------------------
+###
+
+aws deploy list-applications
+aws deploy list-deployment-groups --application-name 'Evidently'
+aws deploy get-deployment-group --application-name 'Evidently' --deployment-group-name 'production' --output 'json' | pbcopy
+
+diff -y -W 200 \
+(aws deploy get-deployment-group --application-name 'Evidently' --deployment-group-name 'staging' --output json | psub) \
+(aws deploy get-deployment-group --application-name 'Evidently' --deployment-group-name 'production' --output 'json' | psub)
+
+
+
###
# EC2
# ------------------