Streamline Development with Management and Governance Services
After completing this unit, you’ll be able to:
- Describe and explain the benefits of Management and Governance services.
- Describe the benefits of AWS CloudFormation.
- Describe the benefits of AWS Trusted Advisor.
Imagine you have a team of developers working on your AWS infrastructure. Even while following the principle of least privilege and fully documenting best practices for your teams, you are finding it difficult to ensure that development is performed in a consistent way and that best practices are being followed. Additionally, your costs keep rising, and you’re having a hard time figuring out where the money is going.
AWS Management and Governance services help you to streamline resource provisioning, make sure your infrastructure is running according to best practices, and identify opportunities for cost optimization.
AWS Management and Governance
AWS Management and Governance services give you control over your accounts and billing, automate resource provisioning, and help you operate efficiently.
In this unit, you learn about two of the services in the Management and Governance domain: AWS CloudFormation and AWS Trusted Advisor.
Code Your Infrastructure with AWS CloudFormation
With AWS CloudFormation, you can build an environment by writing lines of code instead of using the management console to individually provision resources.
AWS CloudFormation provisions your resources in a safe, repeatable manner, allowing you to build and rebuild your infrastructure and applications without having to perform manual actions or write custom scripts. It takes care of determining the right operations to perform when managing your stack, and rolls back changes automatically if errors are detected.
Get Started with AWS CloudFormation
To get started, follow these general steps.
- Code your infrastructure from scratch with the AWS CloudFormation template language, in either YAML or JSON format, or start from one of the sample templates.
- To create a stack based on your template code, use AWS CloudFormation through the console, AWS Command Line Interface (CLI), or AWS Application Programming Interfaces (APIs).
- AWS CloudFormation provisions and configures the stacks and resources that you have specified in your template.
Use the AWS CloudFormation Designer
If you prefer to design visually, you can use AWS CloudFormation Designer (Designer) to help you get started with the many available templates.
With Designer, you can:
- Diagram your template resources by using a drag-and-drop interface, and then edit their details by using the integrated JSON and YAML editor.
- Quickly see the interrelationship between a template's resources and easily modify templates.
- Export a template file that you can use to deploy your architecture in AWS.
Designer is part of the AWS CloudFormation console. To use it, open Designer at https://console.aws.amazon.com/cloudformation/designer, and sign in with your AWS credentials.
Get Actionable Insights from AWS Trusted Advisor
AWS Trusted Advisor runs checks against your environment to see if it meets predefined criteria. It provides feedback and best practices in five categories: cost optimization, security, fault tolerance, performance, and service limits.
For each check, you can review a detailed description of the recommended best practice, a set of alert criteria, guidelines for action, and a list of useful resources on the topic.
The status of the check is shown on the dashboard page using color coding and icons.
- Red circle exclamation point: action recommended
- Yellow triangle exclamation point: investigation recommended
- Green square check mark: no problem detected
The number of checks is based on your Support Plan.
See how you can save money on AWS by eliminating unused and idle resources or adjusting capacity.
Check your service limits and ensure you take advantage of provisioned throughput. Monitor for overutilized instances.
Improve the security of your application by closing gaps in unrestricted ports, enabling various AWS security features, and examining your permissions.
Increase the availability and redundancy of your AWS applications with recommendations for auto-scaling, health checks, multiple Availability Zones, and backup capabilities.
Check for service usage that is above 80% of the service limit. Values are based on a snapshot, so your current usage might differ. Limit and usage data can take up to 24 hours to reflect any changes.
In the next unit, you learn how to monitor your AWS resources.