As a modern developer, it is an essential skill to design and deploy applications to the cloud. Though, all developers don't need to have cloud experience.
The deployment process of a typical application is different in the cloud than it is on-premises. Due to the differences between on-premises IT resources and cloud-based services, the applications often need to be designed differently when running in the cloud.
If you haven't worked with AWS before, you'll need to learn about specific concepts and services before you move on to designing and deploying an application.
Heed this AWS developer tutorial for newcomers to acquire Amazon cloud basics and understand what a simplistic application deployment process typically looks like on AWS.
Key AWS concepts for developers
The AWS cloud is a complicated ecosystem of various tools and services. Developers who need to begin application development and deployment on AWS don't require to master each aspect of the platform. Still, they should be familiar with the below-mentioned core concepts.
AWS underpins virtually each programming language. No matter which language you code in, you will likely be able to deploy your application on its cloud -- if you host it in a virtual machine, at least.
Despite this, if you choose to deploy your application with specific services, such as AWS Lambda or AWS Elastic Beanstalk, some languages will not be supported. Still, even in these cases, AWS supports the most popular languages, including Python, Ruby, Java and PHP.
APIs are integral to cloud-based applications; they are the glue that binds together the multiple services and applications.
Most cloud services highlight a cloud API that allows your applications to communicate with that service. For example, if you want to move data into or out of an Amazon Simple Storage Service (S3) storage bucket, you'd typically do so with the S3 API. There are other ways to interact with S3, but the API is the go-to element for an application. You can use APIs for other AWS application development tasks, such as to assign an IP address or create a snapshot of an Amazon Elastic Compute Cloud (EC2) virtual machine.
Most cloud-based applications interface with the network using a cloud load balancer. Load balancers accept incoming traffic from the internet and forward it to internal applications or individual services running within your cloud environment. They also route outbound traffic to their destination.
Load balancers are not strictly required -- it's possible to deploy an application to the cloud without one -- but for security and performance reasons, a load balancer helps separate your application from the internet.
Additionally, you can optionally set a VPN, such as AWS VPN, which blends your cloud-based resources into a private network. In addition to a VPN, you can use Amazon VPC, a virtual network that you define, to make it easier to connect personal resources within a cloud environment.
In one respect, monitoring cloud-based applications is more accessible than watching on-premises ones. Most cloud services automatically generate events and metrics data to track application performance. On-premises, you either create performance metrics from within the application or measure performance based on infrastructure-level metrics like network traffic patterns, CPU and memory usage.
However, cloud application monitoring varies depending on the types of data each cloud service exposes and how data is made available. Monitoring a storage service requires a different approach than monitoring a VM or container service.
AWS offers essential tools, such as AWS CloudWatch, to help monitor applications, but they're typically not sufficient for heavy-duty monitoring needs. Most teams will rely on third-party monitoring tools to augment -- if not replace -- AWS native offerings. Third-party solutions like Splunk or New Relic provide deeper monitoring functionality.
Cloud security is a complex topic, but it can be summed up with a few broad fundamentals.
AWS offers different identity services to configure which users or applications can access specific resources in the cloud. However, AWS Identity and Access Management (IAM), a foundational element of AWS security, isn't always set to restrict access by default. Never make assumptions about your applications or cloud resources; you need to take active steps to lock them down.
Utmost data you collect in the cloud is not encrypted by default. It would be best if you secure cloud storage buckets, databases and networks on your own.
3. Key concept is security monitoring.
AWS presents some tools, like AWS CloudTrail, that can assist with basic cloud security monitoring requirements. But those tools on their own are not comprehensive cloud security platforms. You'll most likely need to take benefit of external tools.
Palo Alto Prisma Cloud and Dome9 Arc are examples of security and compliance monitoring platforms. They supply more extensive policy files for identifying security problems within AWS configurations, and they provide visualization and analytics characteristics that AWS tools do not.
4. Eventually, developers should familiarize themselves with the AWS shared responsibility model, which determines which security aspects AWS manages and its customers' responsibility.
Basic AWS services and tools developers need to know.
AWS offers more than 200 cloud services. Developers don't need to be an expert on every single one, but familiarity with the following Amazon cloud services is essential:
- Amazon Elastic Compute Cloud (EC2). As AWS' standard compute service, you can select from dozens of different virtual machine configurations -- including Linux and Windows -- each with various virtual hardware resources assigned to them. After choosing the instances, you can launch them and host applications in them.
- Amazon Simple Storage Service (S3). The AWS object storage service stores any type of data in an unstructured way, then access that data as needed.
- Amazon Relational Database Service (RDS). Amazon RDS can create and manage databases using a variety of database engines, including but not limited to MySQL, Microsoft SQL and PostgreSQL.
- Amazon Elastic Load Balancing (ELB). Amazon ELB provides access to several types of load balancers. Each load balancer type caters to a different set of use cases. If you're new to AWS and are deploying standard web applications, you'll most likely choose the Application Load Balancer (ALB) option on ELB.
- Amazon Elastic Kubernetes Service (EKS). This managed Kubernetes service is one way to set up a Kubernetes cluster and deploy container-based applications. AWS offers other container services, such as Amazon Elastic Container Service (ECS), AWS Fargate and self-managed Kubernetes clusters using EC2 instances. However, EKS is most uncomplicated for developers who are already familiar with Kubernetes, while ECS may be an overall easier option if you are new to containers in general.
- Amazon CloudWatch. CloudWatch is the primary monitoring tool for AWS services. It provides a quick look at the health and status of AWS services, but its insufficient on its own for advanced monitoring needs.
- AWS Lambda. Developers use this serverless computing platform to host applications as serverless functions rather than in containers or virtual machines.
- AWS Auto Scaling. With this service, you define rules about how your applications scale by increasing the number of application instances or resource allocations assigned to applications. AWS Auto Scaling manages applications automatically based on the parameters you set.
Additionally, AWS offers various tools that developers can use to interact with and build cloud applications on the platform. A few key tools to know for those getting started on AWS include the following:
- Web Console. The web-based interface for administering AWS resources.
- AWS Command Line Interface (AWS CLI). Also called AWS-CLI, this CLI enables you to manage resources from a command shell.
- AWS Cloud9. This integrated development environment (IDE) enables developers to build applications and, if they wish, integrate them with other AWS services for easy deployment.
- AWS CloudFormation. This native infrastructure as code (IaC) tool automates the setup of cloud environments using configuration files.
- Software Development Kit (SDK). AWS provides various SDKs to simplify the development and deployment of applications written in multiple languages and frameworks.
How to design an app for AWS
Given the array of services available on AWS, developers can design applications differently for the platform than they would on-premises.
For example, instead of running an application as a monolith, you could break it into microservices and host each microservice in a container. You can also run services inside serverless functions, offering better cost and performance outcomes than standard containers.
Deploying your application in the cloud also simplifies the process of designing your app to scale. You can use services like AWS Auto Scaling to automatically increase your applications' capacity in response to changes in demand.
Automatic scaling is more difficult to achieve on-premises. It requires additional design steps to accommodate the addition of more servers and load sharing. It also involves reserve capacity for resilience against spikes in demand.
How to deploy an app on AWS
There are a variety of ways to deploy an application on AWS. The right approach will depend on which type of application you deploy, which cloud services you use to deploy it and how much control you want to have over how it runs.
AWS deployment with Elastic Beanstalk
If you're a beginner developer getting started with AWS, one of the simplest ways to deploy an app is to use Elastic Beanstalk. This AWS PaaS tool automates most of the configuration and setup needed to use a basic web application in the AWS cloud.
Follow these steps to deploy an AWS application with Beanstalk:
- Create a new application in Beanstalk. This doesn't mean writing the actual application code -- you should do that separately, outside of Beanstalk -- but rather creating a new application instance for Beanstalk to manage.
- Select the configuration for your application. Beanstalk offers pre-configured environments for hosting applications written in most of the popular languages for web programming.
- Upload your application as a Zip file to Beanstalk.
- Configure the environment, networking and access options for your application. For simple apps, the defaults usually suffice, but you'll want to understand the security and performance implications of these settings when working with production apps.
- Click launch to deploy the application.
Once launched, the application is ready at the URL you set when configuring it in Elastic Beanstalk. The app is hosted in an EC2 instance, which Beanstalk sets up automatically based on the configuration options chosen during the application deployment process.
Other AWS deployment options
For other kinds of applications, there are numerous different AWS deployment methods to choose from. This is not a comprehensive list, but these are the most common approaches for developers getting started.
- Set up an EC2 instance manually, then load and configure the application in it.
- Deploy application code into serverless functions in AWS Lambda.
- Set up a Kubernetes cluster on EKS, then deploy containerized applications in it.