Streamline Development with Management and Governance Services

Learning Objectives

After completing this unit, you’ll be able to:

Describe and explain the benefits of Management and Governance services.
Describe the benefits of AWS CloudFormation.
Describe the benefits of AWS Trusted Advisor.

Imagine you have a team of developers working on your AWS infrastructure. Even while following the principle of least privilege and fully documenting best practices for your teams, you are finding it difficult to ensure that development is performed in a consistent way and that best practices are being followed. Additionally, your costs keep rising, and you’re having a hard time figuring out where the money is going.

AWS Management and Governance services help you to streamline resource provisioning, make sure your infrastructure is running according to best practices, and identify opportunities for cost optimization.

AWS Management and Governance

Management and Governance icon depicting a clipboard and slide switches against a pink background

AWS Management and Governance services give you control over your accounts and billing, automate resource provisioning, and help you operate efficiently.

In this unit, you learn about two of the services in the Management and Governance domain: AWS CloudFormation and AWS Trusted Advisor.

Code Your Infrastructure with AWS CloudFormation

AWS CloudFormation depicting code merging into a cloud against a pink background

With AWS CloudFormation, you can build an environment by writing lines of code instead of using the management console to individually provision resources.

AWS CloudFormation supports either JavaScript Object Notation (JSON) or YAML Ain’t Markup Language (YAML) to describe the AWS resources that you want to create and configure in a single text file. This file becomes the template that describes how your infrastructure is deployed by CloudFormation. You can use this template to standardize infrastructure components that are used across your organization, enabling configuration compliance and faster troubleshooting.

AWS CloudFormation provisions your resources in a safe, repeatable manner, allowing you to build and rebuild your infrastructure and applications without having to perform manual actions or write custom scripts. It takes care of determining the right operations to perform when managing your stack, and rolls back changes automatically if errors are detected.

Get Started with AWS CloudFormation

To get started, follow these general steps.

Code your infrastructure from scratch with the AWS CloudFormation template language, in either YAML or JSON format, or start from one of the sample templates.
To create a stack based on your template code, use AWS CloudFormation through the console, AWS Command Line Interface (CLI), or AWS Application Programming Interfaces (APIs).
AWS CloudFormation provisions and configures the stacks and resources that you have specified in your template.

Use the AWS Application Composer in AWS CloudFormation

AWS Application Composer icon showing a matrix of 9 circles, with five circles connected with a line, blue background

If you prefer to design visually, you can use AWS Application Composer. Application Composer is integrated directly in the AWS CloudFormation console. Application Composer provides a visual canvas where you can drag, drop, configure, and connect resources without having to work with templates directly.

With Application Composer, you can:

Import existing CloudFormation templates to visualize them
Drag and drop services onto a canvas
Configure connections between services
Export the template that you create
Edit application code directly within the tool

For more information about Application Composer, see What is AWS Application Composer?

An imported application template displayed on the Application Composer canvas, showing various card types

Get Actionable Insights from AWS Trusted Advisor

AWS Trusted Advisor icon depicting a shield with three connected circles against a pink background

AWS Trusted Advisor runs checks against your environment to see if it meets predefined criteria. It provides feedback and best practices in five categories: cost optimization, security, fault tolerance, performance, and service limits.

For each check, you can review a detailed description of the recommended best practice, a set of alert criteria, guidelines for action, and a list of useful resources on the topic.

The status of the check is shown on the dashboard page using color coding and icons.

Red circle exclamation point: action recommended
Yellow triangle exclamation point: investigation recommended
Green square check mark: no problem detected

The number of checks is based on your Support Plan.

Cost Optimization

See how you can save money on AWS by eliminating unused and idle resources or adjusting capacity.

Performance

Check your service limits and ensure you take advantage of provisioned throughput. Monitor for overutilized instances.

Security

Improve the security of your application by closing gaps in unrestricted ports, enabling various AWS security features, and examining your permissions.

Fault Tolerance

Increase the availability and redundancy of your AWS applications with recommendations for auto-scaling, health checks, multiple Availability Zones, and backup capabilities.

Service Limits

Check for service usage that is above 80% of the service limit. Values are based on a snapshot, so your current usage might differ. Limit and usage data can take up to 24 hours to reflect any changes.

Operational Excellence

Optimize your AWS services and resources by identifying opportunities to streamline operations, improving resource utilization, and enhancing overall system performance.

In the next unit, you learn how to monitor your AWS resources.

¿Necesita ayuda?