Deployments & Managing Infrastructure at Scale

Question 1

AWS CDK (Cloud Development Kit)

Answer 1

• Define infrastructure with a familiar language
• Code compiled into a CloudFormation template
• Can deploy infrastructure and application runtime code together

Question 2

CloudFormation

Answer 2

• Declarative way of outlining Infrastructure for any resource
• Creates resources, in the right order with the exact configuration specified
• Infrastructure as code
• Repeat any architecture in different environments, regions, accounts
• Supports most AWS resources

Question 3

Elastic Beanstalk

Answer 3

• Dev centric view of deploying applications
• Managed PaaS
• Pay for underlying instances

Question 4

AWS CodeDeploy

Answer 4

• Deploy applications automatically
• Hybrid service
• Servers/instances provisioned ahead of time with CloudDeploy Agent

Question 5

CodeCommit

Answer 5

• Sunset
• Replacement for GitHub
• Code repository

Question 6

AWS CodeBuild

Answer 6

• Code building service in the cloud
• Compiles source code, run tests, and produce packages ready to deploy
• Fully manage, serverless
• Pay as you go pricing - only pay for build time

Question 7

AWS CodePipeline

Answer 7

Orchestrate steps to have code automatically pushed to prod

• CICD (Continuous Intergration & Continuous Delivery)
• Fully managed
• Fast delivery and rapid updates
• Orchestation of pipeline

Question 8

AWS CodeArtifact

Answer 8

• Secure, Scalable, and cost-effective artifact management for SW dev
• Works with common dependency management tools
• Devs and CodeBuild can retrieve dependencies straight from CodeArtifact

Question 9

SSM (Systems Manager)

Answer 9

• Manage EC2 and on-prem systems at scale
• Hybrid service
• Operation insights about infrastructure
• Patch automation for compliance
• Run commands across fleet of servers.
• Linux, Windows, Mac, and Raspberry Pi

Question 10

How SSM (Systems Manager) works

Answer 10

• Install SSM agent on client systems
• Installed by default on Amz Linux AMI and some Ubuntu AMI
• If an instance can’t be controlled with SSM it is likely an issue with the agent
• Can run commands, patch, & configure our servers

Question 11

SSM Session Manager

Answer 11

• Start secure shell on EC2 and on-prem servers
• No SSH access, bastion hosts, or SSH key needed
• No port 22 needed (better sec)
• Linux, Mac, and Windows
• Send session log data to S3 or CloudWatch Logs

Question 12

SSM Parameter Store

Answer 12

• Secure storage for config and secrets (pwd, API keys)
• Serverless, scalable, durable, easy SDK
• Control access permission using IAM
• Version tracking & encryption (optional)

Question 13

Elastic Beanstalk
Health Monitoring

Answer 13

• Health agnet pushes metrics to CloudWatch
• Checks for app health, publishes health events