Book Image

AWS DevOps Simplified

By : Akshay Kapoor
Book Image

AWS DevOps Simplified

By: Akshay Kapoor

Overview of this book

DevOps and AWS are the two key enablers for the success of any modern software-run business. DevOps accelerates software delivery, while AWS offers a plethora of services, allowing developers to prioritize business outcomes without worrying about undifferentiated heavy lifting. This book focuses on the synergy between them, equipping you with strong foundations, hands-on examples, and a strategy to accelerate your DevOps journey on AWS. AWS DevOps Simplified is a practical guide that starts with an introduction to AWS DevOps offerings and aids you in choosing a cloud service that fits your company's operating model. Following this, it provides hands-on tutorials on the GitOps approach to software delivery, covering immutable infrastructure and pipelines, using tools such as Packer, CDK, and CodeBuild/CodeDeploy. Additionally, it provides you with a deep understanding of AWS container services and how to implement observability and DevSecOps best practices to build and operate your multi-account, multi-Region AWS environments. By the end of this book, you’ll be equipped with solutions and ready-to-deploy code samples that address common DevOps challenges faced by enterprises hosting workloads in the cloud.
Table of Contents (19 chapters)
Part 1 Driving Transformation through AWS and DevOps
Part 2 Faster Software Delivery with Consistent and Reproducible Environments
Part 3 Security and Observability of Containerized Workloads
Part 4 Taking the Next Steps

Deploying our test instance

To deploy our first EC2 instance using the AMI, we need some prerequisites to be in place. They can be created using the AWS CLI inside the Cloud9 IDE.

Securing incoming traffic with security groups

AWS security best practices recommend a security-in-depth approach, where multiple levels of traffic controls allow, or reject, incoming packets. For the sake of simplicity and the scope of this chapter, we will use an instance-level security group that only allows incoming traffic originating from your local machine. Security groups are stateful, which means you don’t have to define a corresponding egress rule for packets that are allowed by certain ingress rules:

  1. First, let’s see what the public IP address that is used for outgoing internet-bound traffic from your local machine is. A quick way to test this is by running a curl command on your local Terminal (not the Cloud9 IDE):
    ➜ curl ipv4.icanhazip.com95.157.36.247
  2. On...