AWS deployment: Jenkins + AWS CodeDeploy vs Jenkins + commands over SSH

The first approach which uses code deploy means that you have many deployment configurations available to you.

This can either be for application related changes or infrastructure ones.

As you mentioned, artefacts of the applications to be deployed are uploaded to S3 and CodeDeploy does the rest depending on the deployment configuration. This gives you flexibility to roll back changes etc automatically.

In addition, i believe ssh access is not required when working with infrastructures that are linked to CodeDeploy, so this reduces some maintenance and security issues related to the keys etc.

From the infrastructure side. It is relatively easy to construct some load balanced infrastructure (ELB + ASG) in AWS and link it to CodeDeploy. The agent is all that is required. However, if you need to adjust the infrastructure, that is, scale out or up. Those changes can be introduced relatively easily via CodeDeploy and its deployment configurations.

In addition, from the S3 bucket, rather than going directly to CodeDeploy you could incorporate a CodePipeline made up of deploy stages which deploy to different environments connected to CodeDeploy. Meaning that perhaps some testing tasks ran by Jenkins could be delegated to CodeDeploy or a stage in a CodePipeline which leads to the final CodeDeploy stage.

These are just the reasons why in my opinion the first option is better. So to summarise, I think the first option is strategically more useful in the long run assuming your requirements might change. By leveraging CodeDeploy you can adapt and expand your approach later on.

Hope this helps!Patrick