infrastructure as code - aws
TRANSCRIPT
![Page 1: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/1.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Richard Boyd, Sr. Developer Advocate, AWS Code ServicesLuis Colon, Sr. Developer Advocate, AWS CloudFormation
April 20, 2020
Infrastructure as CodeAWS Solutions Best Practices
![Page 2: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/2.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
Infrastructure as Code (IaC): The Basics
IaC with AWS CloudFormation
Best Practices
AWS Cloud Development Kit (CDK)
Other IaC Tools
![Page 3: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/3.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as Code: The Basics
![Page 4: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/4.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Basics
Managing cloud applications involves managing the lifecycle of its resources:
![Page 5: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/5.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Basics
Managing cloud applications involves managing the lifecycle of its resources:
![Page 6: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/6.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Basics
Managing cloud applications involves managing the lifecycle of its resources:
AWS Cloud
VPC
10.0.0.0/16
Availability Zone 2
Availability Zone 1
Auto Scaling group
Auto Scaling group
Amazon EC2 Auto Scaling
NAT Gateway
NAT Gateway
EC2Instance
EC2Instance
EC2Instance
EC2Instance
![Page 7: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/7.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
![Page 8: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/8.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
![Page 9: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/9.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
AWS Management Console
![Page 10: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/10.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
AWS Management Console
AWS Command Line Interface
![Page 11: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/11.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
AWS Management Console
AWS Command Line Interface
AWS Tools & Software Development Kits
![Page 12: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/12.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
AWS Management Console
AWS Command Line Interface
AWS Tools & Software Development Kits
AWS CloudFormation
![Page 13: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/13.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as CodeWith AWS CloudFormation
![Page 14: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/14.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as Code
AWSTemplateFormatVersion: "2010-09-09"Description: A CodeCommit Repo and Cloud9 EnvironmentResources:MyRepo:Type: "AWS::CodeCommit::Repository"Properties:
RepositoryName: MyRepoRepositoryDescription: Sample Repository for Demo
MyC9Environment:Type: "AWS::Cloud9::EnvironmentEC2"Properties:
Repositories:- PathComponent: /cfnRepositoryUrl: !GetAtt MyRepo.CloneUrlHttp
InstanceType: t2.micro
![Page 15: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/15.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
![Page 16: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/16.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
Code your template1
![Page 17: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/17.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
Code your template1 Upload, test,
review changes2
![Page 18: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/18.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
Code your template1 Upload, test,
review changes2 A stack is created by executing the changes
3
![Page 19: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/19.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
Code your template1 Upload, test,
review changes2 A stack is created by executing the changes
3 Manage many stacks and stack sets over time
4
![Page 20: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/20.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormationBest Practices
![Page 21: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/21.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
![Page 22: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/22.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
TemplateDescribes resources, attributes, dependencies and their intended state
![Page 23: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/23.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
Template Change SetDescribes resources, attributes, dependencies and their intended state
Describes an execution plan to implement the intended state of a stack’s resources
![Page 24: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/24.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
Template Change Set StackDescribes resources, attributes, dependencies and their intended state
Describes an execution plan to implement the intended state of a stack’s resources
A group of resources and their intended states
![Page 25: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/25.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
Template Change Set Stack StackSetDescribes resources, attributes, dependencies and their intended state
Describes an execution plan to implement the intended state of a stack’s resources
A group of resources and their intended states
A group of stack instances across accounts and regions
![Page 26: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/26.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Templates
AWSTemplateFormatVersion: "2010-09-09"Description: A CodeCommit Repo and Cloud9 EnvironmentResources:
MyRepo:Type: "AWS::CodeCommit::Repository"Properties:
RepositoryName: MyRepoRepositoryDescription: Sample Repository for Demo
## Once a repo is created, tie the Cloud9 EC2 Instance to ## the repository automatically
MyC9Environment:Type: "AWS::Cloud9::EnvironmentEC2"Properties:
Repositories:- PathComponent: /cfn
RepositoryUrl: !GetAtt MyRepo.CloneUrlHttpInstanceType: t2.micro
![Page 27: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/27.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Templates
AWSTemplateFormatVersion: "2010-09-09"Description: A CodeCommit Repo and Cloud9 EnvironmentResources:
MyRepo:Type: "AWS::CodeCommit::Repository"Properties:
RepositoryName: MyRepoRepositoryDescription: Sample Repository for Demo
## Once a repo is created, tie the Cloud9 EC2 Instance to ## the repository automatically
MyC9Environment:Type: "AWS::Cloud9::EnvironmentEC2"Properties:
Repositories:- PathComponent: /cfn
RepositoryUrl: !GetAtt MyRepo.CloneUrlHttpInstanceType: t2.micro
• Over 500 types of resources, or create your own
• SAM, Macros, Includes• YAML/JSON• YAML comments• cfn-flip• Smaller templates
![Page 28: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/28.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Templates
![Page 29: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/29.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Templates
![Page 30: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/30.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Change Sets
Original Stack/Template
Change Set AWS CloudFormationupdates your stack
Change Set
1. Create change set
2. View/accept change set
4. Execute change set
3. (optional) Create additionalchange sets
![Page 31: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/31.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Stacks
Layer your applicationExtract configuration
Resources:MyRDSDB:
Type: "AWS::RDS::DBInstance"Properties:
DBInstanceClass: db.t2.mediumAllocatedStorage: ’20’Engine: mariadbEngineVersion: ’10.2’MasterUsername: appadminMasterUserPassword:
‘{{resolve:ssm-secure:ssbRDSmEcntl:1}}'
![Page 32: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/32.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
StackSets
![Page 33: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/33.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as CodeWith AWS Cloud Development Kit
(CDK)
![Page 34: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/34.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK
Model infrastructure as reusable components
![Page 35: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/35.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK
Multi-languageFramework
![Page 36: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/36.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK
![Page 37: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/37.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Main Components
![Page 38: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/38.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Main Components
AutoScaling
![Page 39: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/39.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Main Components
AutoScaling
![Page 40: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/40.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Main Components
AutoScaling
![Page 41: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/41.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Sample Code
![Page 42: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/42.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Sample Code
AWSTemplateFormatVersion: "2010-09-09"Description: A CodeCommit Repo and Cloud9 EnvironmentResources:
MyRepo:Type: "AWS::CodeCommit::Repository"Properties:
RepositoryName: MyRepoRepositoryDescription: Sample Repository for Demo
MyC9Environment:Type: "AWS::Cloud9::EnvironmentEC2"Properties:
Repositories:- PathComponent: /cfn
RepositoryUrl: !GetAtt MyRepo.CloneUrlHttpInstanceType: t2.micro
![Page 43: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/43.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
L1 constructs – all resources in CloudFormation specification
![Page 44: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/44.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
L1 constructs – all resources in CloudFormation specification
L2 constructs – higher-level abstractions with sensible defaults
![Page 45: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/45.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
L1 constructs – all resources in CloudFormation specification
L2 constructs – higher-level abstractions with sensible defaults
L3 constructs – opinionated reference architectures and design
patterns using multiple AWS services
![Page 46: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/46.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
![Page 47: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/47.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
![Page 48: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/48.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as Code: Additional Tooling Options
![Page 49: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/49.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Native Options
AWS CloudFormation
AWS Cloud Development Kit (CDK)
![Page 50: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/50.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Additional AWS Options
AWS OpsWorks
AWS Service Catalog
![Page 51: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/51.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Third Party Options
TerraformChefPuppetAnsibleSaltStackPulumi…many more
![Page 52: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/52.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Infrastructure as Code (IaC) makes managing cloud applications and their resources more repeatable, safer
AWS provides multiple options for IaC, including CloudFormation and CDK
IaC best practices apply across AWS and non-AWS tools
![Page 53: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/53.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
More Information
AWS Site and Documentation https://aws.amazon.com/cloudformation/https://docs.aws.amazon.com/cloudformation/index.htmlhttps://aws.amazon.com/cdk/
AWS Open Source Resources
https://github.com/awshttps://github.com/aws/aws-cdkhttps://github.com/awslabs/aws-cloudformation-templateshttps://github.com/aws-cloudformation/cfn-python-linthttps://github.com/aws-cloudformation/cloudformation-cli
![Page 54: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/54.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Q&A
![Page 55: Infrastructure as Code - AWS](https://reader030.vdocuments.net/reader030/viewer/2022020622/61eb56544a48cb39c6795755/html5/thumbnails/55.jpg)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Richard Boyd, Sr. Developer Advocate, AWS Code ServicesLuis Colon, Sr. Developer Advocate, AWS CloudFormation
April 20, 2020
Thank You!