OPA on AWS. Part 2 – Platform Engineering | Amazon Web Services
- December 24, 2023
- Posted by: MainInstructor
- Category: Amazon Web Services Go
Video Title: OPA on AWS. Part 2 – Platform Engineering | Amazon Web Services
Hello and welcome to Opa on AWS my name is zah Ben Shabbat I’m a prototype architect at AWS today we will talk about platform engineering and opa on AWS this is the second chapter platform engineering when we start to think about designing and develop a platform we need
To aggregate the requirements of all of the development teams in our organization then we need to make sure those requirements are compatible with the security tooling and standards that are available we also want to come up with a design that will support future requirements and Technologies so it that
We can easily extend the platform it is important to delegate ownership to the teams so that they can own and operate their infrastructure and applications we also want to ensure observability across the entire organization and be able to enforce Security operation when needed an example of the previous concept for a particular
Team this process is iterative across multiple teams and the job of the platform Engineers is to create the Lego blocks that will allow to build a customized experience for each team in the organization Opa and AWS provide a few outof thee box entities that can be used as a starting
Point building your developer platform environment provider is where we can deploy applications under the same cluster and network a provider exists in a particular account and region which you can also still have multiple provider in the same accountant region by definition providers separate the access between all resources from one provider to
Another if we look at our platform when we go to Providers we can see we have quite a few but let’s try to create one and see what’s the process the first thing you may notice that creating a provider we have actually different types of Provider so
We can choose a server lless or EC yes they may be the same but there is some differences between them if you pick up one of them the first thing we have been asked is the name of this provider this is usually could fit an organization unit or some kind of segmentation
Between the org if we take for example payments development provider we usually want to give that provider an association to what is going to be used in in the environment eventually so this could be a Dev provider this this will also goes along with a particular set of accounts or
Region you want to utilize for Dev testing or production then we have the prefix the prefix can go under the same um name space of where this provider May belong to so this could belong to payments then we can create a description payment provider or development next comes where we want to
Assign a group group these groups are coming from the identity provider in this case it’s OCTA but if you were to change the identity provider to active directory or any other backstage supported identity providers the groups that are exist will propagate all the way here so we choose a developer group then
We need to provide the AWS account number of which this provider will get deployed we can put an account number here then we’ll have to select the region we we want this provider to be created we can choose any of the regions available in the US the environment role iron relates to
The role that has sufficient access in order to provision this environment this role would try to be assumed by the pipeline and execute this template you have to make sure that that pipeline W have access to assume that role and that role that you provide actually have for sufficient permission
To create the infrastructure of that particular provider lastly we’ll provide the repo of this provider again these are all preserved in a separate group in gitlab so you can separate the access but nonetheless you want to keep a good naming convention for the provider so you can call it payment development
And once we trigger this we’ll essentially end up with an entity that look like this and if we scroll right here you can see all the information about this provider including the resources that are created for it you may notice that these are SSM parameter where the actual
Information exist of this uh provider but if you want to you can actually look at the entity and see additional information you can also jump into the provider information to the catalog itself go into gitlab and see the IAC that actually created this provider and
If you look at the pipeline you will see the pipeline that actually ran and created this provider once the provider is associated with an environment we will see this relationship but but initially the provider will only be owned by the team but that we will discuss on the next
Part an environment is an abstracted entity in the platform but not in AWS environment allowed to define the type of the environment classification hierarchy and category regardless to which provider is used behind the scene the Rel relationship between a provider to environment is one too many thus allowing automatic deployment of an
Application to two providers at the same time an example of that is deploying an app to two regions the environment information is propagating to the application and the resource pipelines the pipeline can use that information for a customize automation we used required approval option in the environment to decide if
The pipeline should run automatically or should it require an approval with an authorized entity this will be demonstrated later in the pipeline and automation chapter so this time we’ll go to environments and we can see these environments that exist in this case and we can see it development testing
Private public internal all these definitions but let’s create one and see what’s the process to create an environment so when we create an environment we first have to provide a name so we can call this payment production the short name could be prod payment prod and production envirment
Payment in this case we know this particular environment is going to be ECS uh but we can choose another one if you create a provider of kubernetes or servus this is important because this is a production environment we would want to select yes which will halt the automatic pipeline until an approval is
Granted this is effective because we wouldn’t want automatic changes developer are pushed to be propagating all the way to production you can also enforce this in lower environments such as testing of staging not only production the owner of this again is a developer team or any any team that you
Would like um you can choose here a single account a multi account that helps with observability when you look at a complete view of all of the environment same goes for region whether it’s a single region or multi- region and of course the category here in this case will be production this category
List could be changed if you have different types of environments since this is a private one we’ll keep it as private but you can select internal or public and for the system we’re going to keep it under payment system as could be used for further um integration with backstage
Now the iry help us with the deployment to other environments which will again we’ll cover in the next uh episodes but Hier key essentially allows to go from lower to higher environment when we deploy an app to another environment since this is prod we want to put a high
Number something like 10 but the actual number could be any any number that you wish now it ask us which provider would you like to create so we can choose one of the providers that we would like to use and of course the payment provider lastly we provide a environment
Repo name again all environments SE separate group in gitlab so you still want to keep a good naming convention so payment fra pnb and if we go ahead and create this one now we can immediately go to the catalog and see the environment that we have created you can see the association with
The provider we have selected is also created first scroll a little bit to the bottom we can see all the configuration we have selected and this allows us to add more providers uh to that environment if we wish to do it bear in mind this additional provider is not retroactive so if you
Have deployed in applications or resources to this environment adding provider in a later time will not automatically create the apps and resources in that additional provider while we create AWS resources in different shapes and forms we distinguish the resources for an application to Shared resources application resources are resources that are required for
Application to run for example ECS task or ECR rep repository this may also include secrets and SSM parameters we provide several example or templates for application resources in cdk and telone shared resources are individual resources that are created in the environment with the intention to be shared across multiple applications implementing a shared
Resource also required to implement a policy update Automation in order to apply future applications roles to be granted to use this resource we provide an awsrds resource template with the policy update automation example now in the application we can go and create an app we can choose any of the app
So this is an example an application that has baked in code to interact with RDS database same ways before we can give an app name a description an owner group and the particular environment you want to use it we can also use the environment we have created before
This run pretty quick but remember that behind this there is a pipeline that need to run to actually create those resources so it may take a while until you actually see the resources available if you go to the application you will see a temporary screen until the rest of
The tabs will populated once the pipeline is complete the process to create a resource is similar we go ahead and create AWS component but this time we’re going to select the resources awsrds database in this case we’ll provide the database name we call it payments DB a database payments
Locations and we can choose a owner group and again selecting the environment and lastly we can choose a name for the actual database not for the entity so we can choose payment and we can choose the type of the database uh and the size of it as
Well and again this is another uh group in uh gitlab so they all separate between apps resources uh providers and environment so we can call this one payment and again same as before we’ll create it quickly and then the infrastructure Cod will wi in the pipeline and actually provision our
Database thank you for watching and we’ll see you on the next episode
Video Keywords: Amazon Web Services
-
Sale!
Wireless WIFI Repeater Extender Amplifier Booster 300Mbps
$29.99$14.99 Add to cartWireless WIFI Repeater Extender Amplifier Booster 300Mbps
Categories: Electronics, Wi-Fi Router, Wireless Wi-Fi Extender Tags: 300Mbps, 802.11N, Amplifier, Booster, Extender, mobile wi-fi booster, Remote, WIFI, Wireless, Wireless WIFI, Wireless WIFI Repeater, Wireless WIFI Repeater Extender, Wireless WIFI Repeater Extender Amplifier, Wireless WIFI Repeater Extender Amplifier Booster, Wireless WIFI Repeater Extender Amplifier Booster 300Mbps$29.99$14.99 -
Sale!
Full RGB Light Design Gaming Headset Headphones with Mic
$24.99$14.99 Add to cartFull RGB Light Design Gaming Headset Headphones with Mic
Categories: Electronics, Gaming, Gaming Headsets Tags: Design, Full, Full RGB Light Design Gaming Headset, Full RGB Light Design Gaming Headset Headphones, Full RGB Light Design Gaming Headset Headphones with Mic, Gamer, Gaming, Gaming Headset Headphones, gaming headset wireless, Headphone, Headphones, Headset, Light, Mic, Package, RGB$24.99$14.99 -
Sale!
Wireless BlueTooth Multi-Device Keyboard Mouse Combo
$39.99$19.99 Add to cartWireless BlueTooth Multi-Device Keyboard Mouse Combo
Categories: Electronics, Gaming, Gaming Keyboards, Keyboard Mouse Combos Tags: Combo, Keyboard, keyboard mouse combos, Mouse, MultiDevice, Set, WireKeyboard Mouse Combo, Wireless, Wireless BlueTooth Keyboard Mouse Combo, Wireless BlueTooth Keyboard Mouse Combos, Wireless BlueTooth Multi-Device Keyboard Mouse Combo, Wireless BlueTooth Multi-Device Keyboard Mouse Combos$39.99$19.99 -
Sale!
High Back Leather Executive Adjustable Swivel Gaming Chair with Headrest and Lumbar
$199.99$139.99 Add to cartHigh Back Leather Executive Adjustable Swivel Gaming Chair with Headrest and Lumbar
Categories: Gaming, Gaming Chairs Tags: Adjustable, Chair, computer chairs, Desk, Executive, Gaming, Girl, Headrest, High, High Back Leather Executive Adjustable Swivel Gaming Chair, High Back Leather Executive Adjustable Swivel Gaming Chair with Headrest, High Back Leather Executive Adjustable Swivel Gaming Chair with Headrest and Lumbar, High Back Leather Executive Adjustable Swivel Gaming Chairs, Leather, Lumbar, Office, Racing, Swivel$199.99$139.99 -
Sale!
Professional LED Light Wired Gaming Headphones with Noise Cancelling Microphone
$29.99$19.99 Select optionsProfessional LED Light Wired Gaming Headphones with Noise Cancelling Microphone
SKU: N/A Categories: Electronics, Gaming, Gaming Headsets Tags: Cancelling, Gaming, Gaming Headphones with Noise Cancelling Microphone, gaming headset, Headphones, Headset, LED, Light, Mic, Microphone, Noise, Professional, Professional LED Light Wired Gaming Headphones, Professional LED Light Wired Gaming Headphones with Noise Cancelling Microphone, Wired, Wired Gaming Headphones, Wired Gaming Headphones with Noise Cancelling Microphone$29.99$19.99 -
Sale!
Gaming Desk with LED Lights USB Power Outlets and Charging Ports
$349.99$249.99 Select optionsGaming Desk with LED Lights USB Power Outlets and Charging Ports
SKU: N/A Categories: Computer Desk, Gaming, Gaming Desk Tags: and Charging Ports, Charging, Desk, Desks, Gaming, gaming desk with led lights, Gaming Desks with LED Lights, Home, LED, Lights, Monitor, Office, Outlets, Port, Power, Room, Stand, USB, USB Power Outlets, White, Workstation$349.99$249.99 -
Sale!
Wired Mixed Backlit Anti-Ghosting Gaming Keyboard
$99.99$79.99 Add to cartWired Mixed Backlit Anti-Ghosting Gaming Keyboard
Categories: Electronics, Gaming, Gaming Keyboards Tags: Antighosting, Backlit, Blue, brown, Gaming, Gaming Keyboard, gaming keyboards, gaming keyboards and mouse, Keyboard, Laptop, Switch, Wired, Wired Mixed Backlit Anti-Ghosting Gaming Keyboard, Wired Mixed Backlit Anti-Ghosting Gaming Keyboards, Wired Mixed Backlit Gaming Keyboard$99.99$79.99 -
Sale!
Wireless Bluetooth 5.3 ANC Noise Cancellation Hi-Res Over the Ear Headphones Headset
$119.99$59.99 Add to cartWireless Bluetooth 5.3 ANC Noise Cancellation Hi-Res Over the Ear Headphones Headset
Categories: Electronics, Gaming, Gaming Headsets Tags: 5.3 ANC Noise Cancellation Hi-Res Over the Ear Headphones Headset, ANC, Audio, Bluetooth, Cancellation, Ear, Earphone, gaming headset, Headphones, Headset, Hi-Res Over the Ear Headphones Headset, HiRes, Noise, Wireless, Wireless Bluetooth 5.3 ANC Noise Cancellation Hi-Res Headphones, Wireless Bluetooth 5.3 ANC Noise Cancellation Hi-Res Over the Ear Headphones Headset, Wireless Bluetooth 5.3 ANC Noise Cancellation Hi-Res Over the Ear Headphones Headsets$119.99$59.99 -
Sale!
Wired Sports Gaming Headset Earbuds with Microphone
$19.99$9.99 Select optionsWired Sports Gaming Headset Earbuds with Microphone
SKU: N/A Categories: Gaming, Gaming Headsets Tags: Accessories, Earbud, Earphone, Earphones, Gaming, gaming headset with microphone, Headphones, Headset, IOS, Microphone, Sports, Wired, Wired Sports Gaming Headset Earbuds, Wired Sports Gaming Headset Earbuds with Microphone, Wired Sports Headset Earbuds$19.99$9.99 -
Sale!
150W Universal Multi USB Fast Charger 16 Port MAX Charging Station
$49.99$29.99 Add to cart150W Universal Multi USB Fast Charger 16 Port MAX Charging Station
Categories: Charging Stations, Electronics Tags: 150W, 150W Charging Station, 150W Universal Multi USB Charging Station, 150W Universal Multi USB Fast Charger 16 Port MAX Charging Station, 150W Universal Multi USB Fast Charger 16 Port MAX Charging Stations, 150W Universal Multi USB MAX Charging Station, 16 Port MAX Charging Station, 3.5A, Charger, Charging, Fast, laptop charging stations, Max, Multi, Port, Stand, Station, Universal, USB$49.99$29.99