Deploying and Managing Infrastructure at Scale Section

Question 1

CloudFormation

Answer 1

• declarative way of outlining your AWS Infrastructure, for any resources (most of them are supported).
• CloudFormation creates resources those for you, in the right order, with the
exact configuration that you specify

Question 2

Benefits of CloudFormation

Answer 2

Infrastructure as code
• No resources are manually created, which is excellent for control
• Changes to the infrastructure are reviewed through code

Cost
• Each resources within the stack is tagged with an identifier so you can easily see how much a stack costs you
• You can estimate the costs of your resources using the CloudFormation template
• Savings strategy: In Dev, you could automation deletion of templates at 5 PM and
recreated at 8 AM, safely

Productivity
• Ability to destroy and re-create an infrastructure on the cloud on the fly
• Automated generation of Diagram for your templates!
• Declarative programming (no need to figure out ordering and orchestration)

Don’t re-invent the wheel
• Leverage existing templates on the web!
• Leverage the documentation

Supports (almost) all AWS resources:
• Everything we’ll see in this course is supported
• You can use “custom resources” for resources that are not supported

Question 3

AWS Cloud Development Kit (CDK)

Answer 3

• Define your cloud infrastructure using a familiar language
• The code is “compiled” into a CloudFormation template (JSON/YAML)
• You can therefore deploy infrastructure and application runtime code together

Question 4

AWS Elastic Beanstalk

Answer 4

• developer centric view of deploying an application on AWS
• allcomponents in one view that’s easy to make sense of with full control over the configuration
• PaaS
• free, but pay for underlying instances

Managed service
• Instance configuration / OS is handled by Beanstalk
• Deployment strategy is configurable but performed by Elastic Beanstalk
• Capacity provisioning
• Load balancing & auto-scaling
• Application health-monitoring & responsiveness

• Just the application code is the responsibility of the developer

Three architecture models:
• Single Instance deployment: good for dev
• LB + ASG: great for production or pre-production web applications
• ASG only: great for non-web apps in production (workers, etc..)

Question 5

Elastic Beanstalk – Health Monitoring

Answer 5

• Health agent pushes metrics to CloudWatch

* Checks for app health, publishes health events

Question 6

AWS CodeDeploy

Answer 6

• deploy our application automatically
• Hybrid service
• Servers / Instances must be provisioned and configured ahead of time with the
CodeDeploy Agent

Question 7

AWS CodeCommit

Answer 7

• Source-control service that hosts Git-based repositories
• Makes it easy to collaborate with others on code
• The code changes are automatically versioned

Question 8

AWS CodeBuild

Answer 8

• Code building service in the cloud
• Compiles source code, run tests, and produces packages that are ready to be
deployed (by CodeDeploy for example)
• serverless/pay as you go

Question 9

AWS CodePipeline

Answer 9

Orchestrate the different steps to have the code automatically pushed to production
• Code => Build => Test => Provision => Deploy
• Basis for CICD (Continuous Integration & Continuous Delivery)

Question 10

AWS CodeArtifact

Answer 10

• CodeArtifact is a secure, scalable, and cost-effective artifact
management for software development
• Works with common dependency management tools such as Maven,
Gradle, npm, yarn, twine, pip, and NuGet
• Developers and CodeBuild can then retrieve dependencies straight from CodeArtifact

Question 11

AWS CodeStar

Answer 11

• Unified UI to easily manage software development activities in one place
• Can edit the code ”in-the-cloud” using AWS Cloud9

Question 12

AWS Cloud9

Answer 12

• cloud IDE (Integrated Development Environment) for writing, running and debugging code
• can be run from browser and also allows for code collaboration in real-time (pair programming)

Question 13

Systems Manager – SSM Session Manager

Answer 13

• Allows you to start a secure shell on your EC2 and on-premises servers
• No SSH access, bastion hosts, or SSH keys needed
• No port 22 needed (better security)
• Supports Linux, macOS, and Windows
• Send session log data to S3 or CloudWatch Logs

Question 14

AWS Systems Manager (SSM)

Answer 14

• Helps you manage your EC2 and On-Premises systems at scale
• Another Hybrid AWS service
• Get operational insights about the state of your infrastructure
• Suite of 10+ products

Most important features are:
• Patching automation for enhanced compliance
• Run commands across an entire fleet of servers
• Store parameter configuration with the SSM Parameter Store

• Works for both Windows and Linux OS

Question 15

AWS OpsWorks

Answer 15

• AWS OpsWorks = Managed Chef & Puppet (EC2 and On Prem)
• It’s an alternative to AWS SSM
• Only provision standard AWS resources