Webux Lab - Blog
Webux Lab Logo

Webux Lab

By Studio Webux

Search

By Tommy Gingras

Last update 2023-02-10

ArchitectureAWS

Architecture

What is important while designing the techincal part of a service or an application or whatever how you call it.

The goal of a DevOps isn't to manage or put in place all of it. But assist and help teams cover all of these concepts.

What as a DevOps I think about when assisting development teams (Not limited to, you project might requires more things):

Network

  • DNS
  • VPC
    • Endpoints
    • Subnets
  • Security Groups
  • Databases
  • Lambda
  • S3
  • API Gateway
    • Custom Domain Names
    • ACM

Access and Identity (IAM)

  • Users
  • Roles
  • SCP
  • Organization
  • Cognito, Auth0, Okta, etc.

Provisioning

  • Ansible
  • Cloudformation and/or CDK
  • Serverless Framework
  • Docker
  • Makefile
  • Terraform

Delivery & Deployment (CD)

  • CodeBuild
  • CodePipeline
  • Pipelines
  • Jenkins

Integration (CI)

  • Github Actions
  • Pipelines

Repository (Github)

  • Code owners
  • Access
  • Monorepo vs. Multi repo

Code Quality

  • SonarCloud
  • E2E
  • Unit and etc.

Lambda

  • Serverless
  • Alarms and Monitoring

Documentation

  • In-code
  • Diagram as Code
  • markdown and README

Database

  • Postgres
  • MongoDB
  • Redis*
  • ORM

Frontend

  • CloudFront
  • S3
  • OAI
  • and others

Configurations

  • SSM
  • Secrets Manager
  • Ansible Vaults
  • Sops

Management and Gouvernance

  • RACI
  • Ownership
  • Clear responsabilities
  • process for new features / technologies / methodologies / etc.
  • Clear workflow
  • Weekly post-mortem / Review and Optimization
  • Rapid Feedback (internal and external)
  • Strategy to resolve issues
  • Keep track of incidents

Metrics and Observalibility

  • Performance
  • Blockers
  • Clear goals
  • Fail Fast
  • Code maintenance
  • Code Performance
  • Productivity
  • Client satisfaction
  • Stability
  • Lead Time
  • Change fail
  • Availability
  • Deployment Frequency
  • Time To Restore

Security

  • Audit
  • Secrets management
  • GDPR
  • Compliance in general
  • Access Control
  • Assign appropriate permissions/roles

I've put few exemples for each categories, but in reality depending of your expertise, your internal tools and decisions, you will definetely have different items and that's ok ! You should always work with your experts, their experiences will lead you making the proper decisions.

Like Kubernetes isn't covered in these and this is mostly focused on AWS Services.
I'll try to document my Kubernetes Learning path and my list of tools to replace AWS Completely ( it isn't that simple :| )