2. Software Development Journey

6. Cloud
On-Boarding
Software
Development
Cloud
Services
Infrastructure
Management

7. Cloud
On-Boarding
● IAM Users
● IAM Role
● IAM Single Sign-On
● Billing and Budget
● AWS Organization
● Account Service
Control Policies
Software
Development
● CodeCommit
● CodePipeline
● CodeBuild
● S3
Cloud
Services
● EC2
● Beanstalk
● AppRunner
● Lambda
● API Gateway
● Load Balancer
● Auto-scaling
● DynamoDB
Infrastructure
Management
● CloudFormation
● Terraform
● CloudTrail
● Config
● AWS Systems
Manager

9. AWS Cloud On-Boarding

10. Typical Practices
● Use AWS Console
● Use Root Account for EVERYTHING
● Create IAM Users
● Create and Use IAM Access Keys
● Create Roles with broad privileges
● Create Resources but Don’t Cleanup
● Root User is shared across multiple users
● No Billing Assessment
● No Monthly Budget Alerts

11. Demo

12. Software Development

13. ● Private Git Repositories
● Software Packaging
○ Front-End
○ Backend-End
○ Mobile App
● Artifact Repository for Dependencies
○ Startup Scripts
○ Mobile App APKs
○ Node NPM Modules
Typical Process

14. Demo

15. AWS Cloud Services

16. ● Use EC2 for (Almost) Everything
● Use Default VPC
● Avoid Price Comparison across different AWS Services
○ EC2 is cheaper than RDS
○ RDS is cheaper than Aurora
○ AppRunner is cheaper than EC2
○ Lambda is cheaper than AppRunner/EC2
○ DynamoDB is cheaper than MongoDB
○ S3 is cheaper than EC2 Volumes (EBS)
● Avoid Software Packaging
○ Using Source files vs Docker or Packages
Typical Practices

17. Compute
EC2
IaaS
Lambda
FaaS
CaaS
AppRunner
CaaS
Beanstalk
PaaS
Lightsail
IaaS
ECS
CaaS
EKS
CaaS

18. Databases
RDS
SQL-based
DynamoDB
Key Value
DocumentDB
Document
Aurora
SQL-based

19. EBS
Block Storage
Storage
EFS
File Storage
S3
Object Storage

20. Networking / Content Delivery
API Gateway Load Balancer
CloudFront
Route53

21. Integration
SQS
Queue Service
SNS
Pub/Sub
EventBridge
Broker

22. Cloud Management

23. ● Console or Click-based Infrastructure
● No Governance Practices
● No Monitoring in place
Typical Practices

25. Demo

26. Summary
● Keep Root Account isolated from application accounts
● Use Short-term Access vs Long-term - IAM SSO vs IAM User
● Use Roles vs Access Keys, If you have to use Keys, then use rotate those
keys regularly
● Always configure budget alerts
● CodeCommit, CodeBuild and CodePipeline makes the software packaging
very simple and private
● There are multiple AWS services for same use case, if possible, assess
alternate services as well
● All Production environments are managed by Infra Code, learn if you don’t
know already
● Keep an eye on your access activities with CloudTrail and Config
● Cloud is not CHEAP

27. Thank You!!
LinkedIn AWS Surat Group