Book Image

AWS DevOps Simplified

By : Akshay Kapoor
Book Image

AWS DevOps Simplified

By: Akshay Kapoor

Overview of this book

DevOps and AWS are the two key enablers for the success of any modern software-run business. DevOps accelerates software delivery, while AWS offers a plethora of services, allowing developers to prioritize business outcomes without worrying about undifferentiated heavy lifting. This book focuses on the synergy between them, equipping you with strong foundations, hands-on examples, and a strategy to accelerate your DevOps journey on AWS. AWS DevOps Simplified is a practical guide that starts with an introduction to AWS DevOps offerings and aids you in choosing a cloud service that fits your company's operating model. Following this, it provides hands-on tutorials on the GitOps approach to software delivery, covering immutable infrastructure and pipelines, using tools such as Packer, CDK, and CodeBuild/CodeDeploy. Additionally, it provides you with a deep understanding of AWS container services and how to implement observability and DevSecOps best practices to build and operate your multi-account, multi-Region AWS environments. By the end of this book, you’ll be equipped with solutions and ready-to-deploy code samples that address common DevOps challenges faced by enterprises hosting workloads in the cloud.
Table of Contents (19 chapters)
Part 1 Driving Transformation through AWS and DevOps
Part 2 Faster Software Delivery with Consistent and Reproducible Environments
Part 3 Security and Observability of Containerized Workloads
Part 4 Taking the Next Steps

What this book covers

Chapter 1, Accelerating Your DevOps Journey with AWS, emphasizes the importance of digital transformation and how DevOps and AWS play a role in this transition. With two examples from the author’s own experience, the chapter covers key learnings from each instance and focuses on the need for customer-centricity and prioritizing business outcomes over technology.

Chapter 2, Choosing the Right Cloud Service, covers the three service tiers offered by AWS: IaaS, PaaS, and SaaS. Starting with a basic understanding of all three, it delves into the trade-offs between simplicity and control, and the application of these tiers in specific organizational situations. With two real-life examples, it covers the benefits that software teams reap by adopting one of the tiers.

Chapter 3, Leveraging Immutable Infrastructure in the Cloud, highlights the importance of infrastructure immutability in the AWS realm and demonstrates how to boost software reliability with a hands-on deployment covering HashiCorp’s Packer tool. Most importantly, this chapter unveils an AWS Cloud9 IDE-based toolbox to deploy the hands-on exercises covered throughout the book and serves as an introduction to AWS for new users while learning about security best practices.

Chapter 4, Managing Infrastructure as Code with AWS CloudFormation, delves into the benefits of infrastructure as code (IaC) automation using AWS CloudFormation. After explaining key service constructs, the chapter moves on to good enterprise design strategies for IaC and compares the service with Terraform, another famous infrastructure automation tool from HashiCorp.

Chapter 5, Rolling Out a CI/CD Pipeline, lays the foundations for a robust software delivery life cycle backed by Continuous Integration and Continuous Delivery (CI/CD) practices. It covers typical enterprise challenges in adopting continuous deployment methodologies and suggests some strategies to solve them. Before concluding with a fully automated application delivery pipeline deployment, the chapter covers the integrations offered by all AWS services in the CI/CD space and how to leverage them for maximized benefits.

Chapter 6, Programmatic Approach to IaC with AWS CDK, introduces different approaches and tools to manage infrastructure resources in AWS, and where AWS CDK fits in. It contrasts the service with other offerings, such as Pulumi and troposphere, and demonstrates the simplicity of spinning up an image recognition application, entirely using CDK.

Chapter 7, Running Containers in AWS, establishes the relevance of containers and how they make the adherence to microservices patterns and Twelve-Factor design principles an inherent part of your software artifacts. Going deeper into the service constructs of Amazon ECS, an opinionated service, the chapter covers security best practices to ensure least-privileged access in your applications. It builds on the foundations of the previous chapter and leverages AWS CDK to roll out a to-do list manager application, running on containers.

Chapter 8, Enabling the Observability of Your Workloads, covers the key observability pillars – logs, metrics, and traces – and an approach to measuring and alerting on key health indicators of your workloads hosted in AWS. Through a hands-on example, it demonstrates the integration between AWS services and famous open source platforms – Prometheus and Grafana – as well as the best practices for a solid observability strategy in the cloud.

Chapter 9, Implementing DevSecOps with AWS, introduces a three-step approach to ensuring a good security posture for workloads hosted on AWS. By enabling you to deploy a CI/CD workflow for DevSecOps, it goes into the practical details of wrapping every stage of the software delivery life cycle with security scans, or in other words, shifting left. There is a heavy focus on leveraging the maturity of open source tools to uncover security risks through static and dynamic testing for the application code, along with the corresponding Dockerfile.

Chapter 10, Setting Up Teams for Success, identifies the importance of the coordinated integration of both people and technology for continued success. It provides practical tips for organizing your teams, establishing a culture of collaboration, and measuring the DevOps maturity of your organization. On the technology front, it identifies the benefits of building the right abstractions and reducing the cognitive load of developers. Toward the end, it suggests strategies for individuals to drive change from the bottom up.

Chapter 11, Ensuring a Strong AWS Foundation for Multi-Account and Multi-Region Environments, delves into the intricacies and best practices for managing multiple AWS accounts, a common challenge faced by enterprises. It introduces the concept of a landing zone and the several solutions, services, and deployment frameworks that can be used to build one. An approach leveraging the AWS Control Tower service and the Customizations for Control Tower (CfCT) framework covers the continued compliance and security of AWS accounts, while managing everything as code.

Chapter 12, Adhering to AWS Well-Architected Principles, emphasizes the importance of the six pillars of the AWS Well-Architected Framework and how you can use it to evolve your cloud workloads over time. It extends these learnings with best practices under each pillar and sample implementation scenarios for common enterprise use cases.