CloudWatch is a centralized platform that allows customers to collect, monitor, and visualize their application logs, metrics, and X-Ray traces, all in a single dashboard. It is invaluable in providing a unified view of operational health for all the workloads the customer is managing. There are three main areas of features that CloudWatch offers. Infrastructure […]

Considering the scope of our test application, we will keep the EFS configurations simple and just declare fileSystemId, which is mandatory. Since EFS is accessed over the network, we also need to ensure that appropriate security group configurations are in place before this filesystem can be mounted inside the database container: We allow incoming traffic […]

For some metrics, it is more relevant to observe the time series pattern instead of scalar values. This can boost proactive analysis when your operation team notices that the API error count spikes up every 10 minutes, but never crosses the threshold your alarms are set at. You can also plot related time series data […]

We can use existing Python modules to interact with Flask and MongoDB. These dependencies have been defined in the requirements.txt file inside the application directory: After importing the necessary modules, we initialize a DB client, database, and corresponding collection that will host our JSON documents in MongoDB. Now, we can move on to defining the […]

We will define the previously discussed infrastructure components inside a CDK stack. The complete CDK project is available in your Cloud9 IDE, in the chapter-7/chapter-7-cdk/ directory. We will not go through the CDK project initiation steps in detail as these were already covered in the previous chapter, A Programmatic Approach to IaC with AWS CDK. […]

Finally, let’s trigger a deployment of the CDK stack in one of our AWS accounts to see the application in action. We will start by securing a new session for our Cloud9 IDE. Once we are inside the CDK project folder, chapter-7/chapter-7-cdk/, we can trigger an installation of NPM modules, followed by the cdk synth […]

Be it logs, metrics, or traces, in the ideal case, there should be no component in your system that acts like a black box. Every service, be it managed or unmanaged, should log events in your central observability platform. This is also an important criterion when selecting a particular service from cloud providers. It always […]

As you can imagine, in addition to adding CDK constructs to our stack, we also need to make a few changes to our Flask-based web application so that it starts offering metrics and insights to tools such as Prometheus. Let’s start with the application-level changes first. Modifying the Flask application code There are two main […]

Simply put, DevSecOps is the practice of integrating security tests into every stage of the software delivery life cycle. It is an extension of the DevOps approach that we have discussed so far in this book. Using tools and processes, it promotes collaboration between development, operations, and security teams. This results in software artifacts that […]

A simple way to load test your To-Do List Manager application could be to run a curl query that targets the application load balancer URL, from within your Cloud9 IDE’s terminal. For hash generation, we can leverage the RANDOM variable and derive a md5 checksum value from it, using the following command: echo $RANDOM | […]