In the previous articles, we looked at an ideal infrastructure set up to host our application. Then we went on to create the VPC and the subnets that were discussed, using CloudFormation. Just having the subnets won't do, we had to create the security groups and the IAM roles that would provide the required permissions and open the ports for the communication. All the above steps were discussed in the previous two articles and the links are given below,
Get rid of old habits- Use CloudFormation for infrastructure set up -01
Configuring Security Groups/IAM roles - CloudFormation for infrastructure set up -02
Now that we have most of the network set up it is time to add some compute resources and have them configured. The whole idea of this exercise is to provide a set of temples that you can easily modify and use to set up your own infrastructure and compute resources and not to detail CloudFormation basics.
What do we have here? You may want to decide whether you are adding resources for the Production environment or something else like QA or Dev. Depending on the environment the size of your resources may vary and I have showcased how that can be handled by providing the option to select the environment (dev, qa, prod) before the execution of the template.
Also, I hope you can remember me suggesting that it is better to use the SSM agent to connect to the servers as opposed to the bastion host. I have taken the necessary steps to install the SSM agent and to enable it as you can see in the code. Assuming that we'll be using a PHP application, the necessary steps are taken to install the prerequisites.
Having the compute resources in an autoscaling group is key to handling the scaling requirements of the systems. In this sample setup, I have taken the necessary steps to place the resources in autoscaling groups. It's time to share the code that does all this and it is as follows.
Now you are good to go ahead and run the CloudFormation (yaml) files in the three articles to set up the infrastructure suggested by me. It would be easier to get these into three files before execution. You can easily modify this to include additional resources, change the configuration of the resources, or both.
Also, there is a VSCode plug-in that you can use while doing templates named CloudFomration Snippets. This can come in handy with auto-completion.
All the other resources such as API Gateway, VpcLink, API endpoints and etc can be configured with CloudFormation Templates. This would be the next step for you to try. Hope these three articles were helpful and thanks a lot for reading.
Top comments (0)