Pick a lesson below to get started.
Deploy to secure, scalable AWS infrastructure by simply running
$ git push origin master
1. VPC, Subnets & Routing
Set up a virtual network in the AWS cloud, create public and private subnets, and configure routing so your AWS resources can communicate with each other.
2. Network ACLs and Security Groups
Network ACLs act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level. Security groups act as a virtual firewall at the instance level. We will use both in order to harden the security and prevent unwanted access to our AWS resources.
3. AWS PrivateLink
Create VPC endpoints, using AWS PrivateLink, so that our ECS resources, located in private subnets, can communicate with ECR and CloudWatch Logs, which are located in public subnets.
4. Application Load Balancer (ALB) & SSL Certificates
Create staging and production Application Load Balancers which will be responsible for distributing incoming traffic across our containers. Use AWS Certificate Manager to provision public SSL certificates for free.
5. Staging Database - Aurora Serverless
Use an Amazon Aurora Serverless for our staging environment as the database will automatically start up and shut down on demand. It's a simple, cost-effective option for infrequent and intermittent workloads.
6. Production Database - Aurora
Use Amazon Aurora for our production environment. Aurora is a MySQL and PostgreSQL-compatible relational database that is high performance, scalable and reliable.
7. Elastic Container Registry (ECR)
We will use AWS ECR to store our Docker images and use an AWS Lambda script to automatically cleanup old images.
8. Elastic Container Service (ECS) with Fargate
Amazon ECS is a fully managed container orchestration service. AWS Fargate is a serverless compute engine for containers. When combined we no longer need to provision and manage servers.