Infrastructure as code (IaC)
You can simplify the deployment of your AWS resources using an infrastructure as code approach. With and IaC solution, you create a template that describes all the resources that you want (like Amazon EC2 instances or Amazon RDS DB instances), and IaC solution takes care of provisioning and configuring those resources for you.
The benefits of infrastructure as code
Gain the benefits of repeatability and reusability while building your environments. Build the same complex environments with one template, or a combination of templates.
For instance, a template can be designed so that different AMIs are used in the development or the production environments.
In this scenario, the template has been updated to add new security groups to the instance stacks. With one change to the templates, both environments can have the new security group resource added.
The template describes the resources to be created
Essentially, CloudFormation is an API wrapper. When you create an EC2 instance in the AWS Management Console wizard, you initiate an API call to the Amazon EC2 service. The information you enter through the wizard is passed on as parameters.
CloudFormation manages the dependencies and relationships.
Author your CloudFormation template with any code editor, check it into a version-control system such as GitHub or CodeCommit, and review files before deploying.
All resources in a stack are defined by the stack’s CloudFormation template. Stacks are a collection of AWS resources managed as a single unit. Stacks allow the creation and deletion of resources as a unit.
Change management in stacks
Change sets allow you to preview how proposed changes to a stack might impact your running resources. For example, whether your changes will delete or replace any critical resources. AWS CloudFormation makes the changes to your stack only when you decide to execute the change set. You can create and manage change sets using the CloudFormation console, AWS CLI, or CloudFormation API.
When building on AWS you can use different tools to help automate the deployment of infrastructure and manage those resources once deployed.
Tools for deployment
When choosing infrastructure deployment tools, you need to find a balance between convenience and control. Some tools give you complete control and have you choose every component and configuration. Though you can customize your deployment to fit your business needs, this requires greater expertise and more resources to manage and maintain. Other tools are designed for convenience and include preconfigured infrastructure templates for common solutions. Though these tools are easier to use and require less maintenance, you do not always have the ability to customize your infrastructure components.
AWS Elastic Beanstalk
The goal of Elastic Beanstalk is to help developers deploy and maintain scalable web applications and services in the cloud without having to worry about the underlying infrastructure. Elastic Beanstalk configures each EC2 instance in your environment with the components necessary to run applications for the selected platform. With Elastic Beanstalk you can provision infrastructure to support common application designs, such as web applications and worker services.
AWS Solutions Library
AWS Solutions Library helps you solve common problems and build faster using the AWS platform. Solutions are vetted by AWS architects and are designed to be operationally effective, reliable, secure, and cost efficient.
AWS Cloud Development Kit (AWS CDK)
AWS CDK is a software development framework that defines your cloud application resources using a declarative model and familiar programming languages. AWS CDK includes a library of customizable constructs, which are building blocks consisting of one or more resources and include common configurations. You can use AWS CDK to generate CloudFormation templates and deploy your infrastructure along with your application runtime assets.
Automating infrastructure management with AWS Systems Manager
AWS Systems Manager makes it easier to bridge your existing infrastructure with AWS. Systems Manager helps you automatically collect software inventory, apply operating system (OS) patches, create system images, and configure Windows and Linux OSs. These capabilities help you:
- Define and track system configurations
- Prevent drift
- Maintain software compliance of your Amazon EC2 and on-premises configurations
With AWS Systems Manager, you can:
- Centralize operational data from multiple AWS services and automate tasks across your AWS resources.
- Create logical groups of resources such as applications, different layers of an application stack, or development and production environments.
- Select a resource group and view its recent API activity, resource configuration changes, related notifications, operational alerts, software inventory, and patch compliance status.
- Take action on each resource group depending on your operational needs.
You can open AWS Systems Manager from the Amazon EC2 console. Select the instances you want to manage, and define the management tasks you want to perform. Systems Manager is available at no cost to manage your Amazon EC2 and on-premises resources.
Benefits of Systems Manager
Shortens the time to detect problems
View operational data for groups of resources, so you can quickly identify any issues that might impact applications that use those resources.
Automates tasks to increase efficiency
Automate operational tasks to help make your teams more efficient.
Improves visibility and control
Understand and control the state of your resource groups.
Manages hybrid environments
Manage servers running on AWS and in your on-premises data center through a single interface.
Maintains security and compliance
Maintain security and compliance by scanning your instances against your patch, configuration, and custom policies.