Management Options
There is an incredibly impressive range of options for managing AWS. These tools fall into the following subcategories:
Provisioning: CloudFormation is the primary management service in the provisioning category. It provides a common language for describing and provisioning all the infrastructure resources in a cloud environment. CloudFormation allows you to use a simple text file to model and provision all the resources needed for your applications across all regions and accounts—and it can accomplish this in an automated and secure manner. Once everything is modeled in CloudFormation, your text file serves as the single “source of truth” regarding the resources of your cloud environment. It is recommended that you also create a collection of approved CloudFormation files in an AWS Service Catalog to allow your organization to deploy only approved and compliant resources.
Operations management: AWS provides a set of services for systems and operations management that allows you to control your infrastructure resources with proper governance and compliance. You can use AWS Systems Manager to quickly view and monitor all your resources and automate common operational tasks, such as patching and state management. Systems Manager provides a unified user interface that enables you to easily manage your cloud operations activities in one place. You can also use CloudTrail for logging user activities in your organization and AWS Config for inventorying all configurations across your resources.
Monitoring and logging: CloudWatch is the primary monitoring service for AWS Cloud resources and the applications you run on AWS. You can use CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. CloudWatch can monitor AWS resources such as EC2 instances, DynamoDB tables, and RDS database instances, as well as any custom metrics or log files generated by your applications. CloudWatch also provides a stream of events that describe changes to your AWS resources that you can use to react to changes in your applications.
Managed services for configuration: The main tool in this area is AWS OpsWorks. OpsWorks is a fully managed configuration management service that hosts and scales Chef Automate and Puppet Enterprise servers. OpsWorks eliminates the need to install and operate your own configuration management systems or worry about scaling its infrastructure. It also works seamlessly with your existing Chef and Puppet tools. OpsWorks can automatically patch, update, and back up your Chef and Puppet servers as well as maintain their availability. OpsWorks is an excellent choice if you are an existing user of Chef or Puppet. Figure 11-2 shows OpsWorks in AWS.
Figure 11-2 OpsWorks in AWS
Remember that to access your AWS resources from a management perspective, you also have many options. Here are the main options you should be aware of:
The AWS Management Console: This is a simple, easy-to-use web-based interface that allows you to easily manage and control your AWS resources. It is the tool you see screen captured throughout this text. The Management Console gives you a centralized platform for tasks such as provisioning and monitoring services, configuring security settings, and accessing various management tools.
The AWS command-line interface (CLI): This is a powerful and flexible tool that enables you to interact with and manage AWS resources directly from the command line. The CLI can help you streamline tasks such as resource provisioning, configuration, and automation tasks. Figure 11-3 shows the AWS CLI installed on my local Windows machine and being accessed from my local command prompt.
Figure 11-3 The AWS CLI
Programmatic access using software development kits (SDKs) and application programming interfaces (APIs): You can use APIs and SDKs to automate the management of AWS services, which means your developers and administrators can script and code interactions with cloud resources for efficient operations and maintenance.