Suivez votre progression
Accueil Trailhead
Accueil Trailhead

Streamline Development with Management and Governance Services

Learning Objectives

After completing this unit, you’ll be able to:

  • Describe and explain the benefits of Management and Governance services.
  • Describe the benefits of AWS CloudFormation.
  • Describe the benefits of AWS Trusted Advisor.

Imagine you have a team of developers working on your AWS infrastructure. Even while following the principle of least privilege and fully documenting best practices for your teams, you are finding it difficult to ensure that development is performed in a consistent way and that best practices are being followed. Additionally, your costs keep rising, and you’re having a hard time figuring out where the money is going.

AWS Management and Governance services help you to streamline resource provisioning, make sure your infrastructure is running according to best practices, and identify opportunities for cost optimization.

AWS Management and Governance

Management and Governance icon depicting a clipboard and slide switches against a pink background

AWS Management and Governance services give you control over your accounts and billing, automate resource provisioning, and help you operate efficiently.

In this unit, you learn about two of the services in the Management and Governance domain: AWS CloudFormation and AWS Trusted Advisor.

Code Your Infrastructure with AWS CloudFormation

AWS CloudFormation depicting code merging into a cloud against a pink background

With AWS CloudFormation, you can build an environment by writing lines of code instead of using the management console to individually provision resources.

AWS CloudFormation supports either JavaScript Object Notation (JSON) or YAML Ain’t Markup Language (YAML) to describe the AWS resources that you want to create and configure in a single text file. This file becomes the template that describes how your infrastructure is deployed by CloudFormation. You can use this template to standardize infrastructure components that are used across your organization, enabling configuration compliance and faster troubleshooting.

AWS CloudFormation provisions your resources in a safe, repeatable manner, allowing you to build and rebuild your infrastructure and applications without having to perform manual actions or write custom scripts. It takes care of determining the right operations to perform when managing your stack, and rolls back changes automatically if errors are detected.

Get Started with AWS CloudFormation

To get started, follow these general steps.

  1. Code your infrastructure from scratch with the AWS CloudFormation template language, in either YAML or JSON format, or start from one of the sample templates.
  2. To create a stack based on your template code, use AWS CloudFormation through the console, AWS Command Line Interface (CLI), or AWS Application Programming Interfaces (APIs).
  3. AWS CloudFormation provisions and configures the stacks and resources that you have specified in your template.

Use the AWS CloudFormation Designer

If you prefer to design visually, you can use AWS CloudFormation Designer (Designer) to help you get started with the many available templates.

With Designer, you can:

  • Diagram your template resources by using a drag-and-drop interface, and then edit their details by using the integrated JSON and YAML editor.
  • Quickly see the interrelationship between a template's resources and easily modify templates.
  • Export a template file that you can use to deploy your architecture in AWS.

Designer is part of the AWS CloudFormation console. To use it, open Designer at https://console.aws.amazon.com/cloudformation/designer, and sign in with your AWS credentials.

CloudFormation Designer workflow showing the visual designer in the console pointing to a YAML/JASON template file pointing to an architecture diagram with an Amazon EC2 instance inside a security group in a public subnet in a VPC with an internet gateway

Get Actionable Insights from AWS Trusted Advisor

AWS Trusted Advisor icon depicting a shield with three connected circles against a pink background

AWS Trusted Advisor runs checks against your environment to see if it meets predefined criteria. It provides feedback and best practices in five categories: cost optimization, security, fault tolerance, performance, and service limits.

For each check, you can review a detailed description of the recommended best practice, a set of alert criteria, guidelines for action, and a list of useful resources on the topic.

The status of the check is shown on the dashboard page using color coding and icons.

  • Red circle exclamation point: action recommended
  • Yellow triangle exclamation point: investigation recommended
  • Green square check mark: no problem detected

The number of checks is based on your Support Plan.

Trusted Advisor Dashboard screenshot showing Cost Optimization with potential monthly savings of $7,516.87, plus Performance, Security, Fault Tolerance, and Service Limits, each with numbers indicating how many green, yellow, and red statuses are detected for each category

Cost Optimization

See how you can save money on AWS by eliminating unused and idle resources or adjusting capacity.

Performance

Check your service limits and ensure you take advantage of provisioned throughput. Monitor for overutilized instances.

Security

Improve the security of your application by closing gaps in unrestricted ports, enabling various AWS security features, and examining your permissions.

Fault Tolerance

Increase the availability and redundancy of your AWS applications with recommendations for auto-scaling, health checks, multiple Availability Zones, and backup capabilities.

Service Limits

Check for service usage that is above 80% of the service limit. Values are based on a snapshot, so your current usage might differ. Limit and usage data can take up to 24 hours to reflect any changes.

In the next unit, you learn how to monitor your AWS resources.

Resources