Deployments & Managing Infrastructure at Scale

Question 1

AWS CDK (Cloud Development Kit)

Answer 1

• Define cloud infrastructure using a familiar language
• Code compiled into a CloudFormation template
• Can deploy infrastructure and application runtime code together

Question 2

CloudFormation

Answer 2

• A declarative way of outlining AWS Infrastructure for any resources
• Creates resources, in the right order with the exact configuration specified
• Infrastructure as code
• Repeat any architecture in different environments, regions, accounts
• Supports most AWS resources

Question 3

Elastic Beanstalk

Answer 3

• Platform as a Service
• Managed service
• Dev centric view of deploying applications
• Free but pay for underlying instances

Question 4

Elastic Beanstalk Arhitecure models

Answer 4

• Single instance deployment: good for dev
• LB + ASG: great for prod or pre-prod web apps
• ASG only: great for non-web apps in prod

Question 5

AWS CodeDeploy

Answer 5

• Deploy applications automatically
• EC2 and On-Prem Servers
• Hybrid service
• Servers/instances provisioned ahead of time with CloudDeploy Agent

Question 6

CodeCommit

Answer 6

• Sunset
• Replacement for GitHub
• Code repository

Question 7

AWS CodeBuild

Answer 7

• Code building service in the cloud
• Compiles source code, run tests, and produce packages ready to deploy
• Fully manage, serverless
• Continuously scalable & highly available
• Secure
• Pay as you go pricing - only pay for build time

Question 8

AWS CodePipeline

Answer 8

Orchestrate the different steps to have the code automatically pushed to prod
* CICD (Continuous Intergration & Continuous Delivery)
* Fully managed
* Fast delivery and rapid updates
* Orchestation of pipeline

Question 9

AWS CodeArtifact

Answer 9

• SW packages depend on each other to built (Code dependencies)
• Storing and retrieving dependencies is artifact management
• Secure, Scalable, and cost-effective artifact management for SW dev
• Works with common dependency management tools
• Devs and CodeBuild can retrieve dependencies straight from CodeArtifact

Question 10

SSM (Systems Manager)

Answer 10

• Manage EC2 and on-prem systems at scale
• Hybrid service
• Operation insights about infrastructure
• Patch automation for compliance
• Run commands across fleet of servers.
• Linux, Windows, Mac, and Raspberry Pi

Question 11

How SSM (Systems Manager) works

Answer 11

• Install SSM agent on client systems
• Installed by default on Amz Linux AMI and some Ubuntu AMI
• If an instance can’t be controlled with SSM it is likely an issue with the agent
• Can run commands, patch, & configure our servers

Question 12

SSM Session Manager

Answer 12

• Start secure shell on EC2 and on-prem servers
• No SSH access, bastion hosts, or SSH key needed
• No port 22 needed (better sec)
• Linux, Mac, and Windows
• Send session log data to S3 or CloudWatch Logs

Question 13

SSM Parameter Store

Answer 13

• Secure storage for config and secrets (pwd, API keys)
• Serverless, scalable, durable, easy SDK
• Control access permission using IAM
• Version tracking & encryption (optional)

Question 14

Elastic Beanstalk
Health Monitoring

Answer 14

• Health agnet pushes metrics to CloudWatch
• Checks for app health, publishes health events