AWS Certified Developer Associate Hints - AWS CI/CD, CLI, SDK, CDK, Other AWS Services (Part VII)

AWS CI/CD

AWS CodeCommit

  • Fully managed version control service.
  • Supports Git for repository synchronization.
  • Private repositories, highly available.
  • Only accessible within AWS cloud account.
  • Security Features:
    • SSH keys, HTTPS authentication.
    • IAM policies for fine-grained control.
    • Encryption at rest and in transit.
    • Cross-account access.

AWS CodePipeline

  • Visual workflow for orchestrating CI/CD.
  • Stages include Source, Build, Test, Deploy, and Approvals.
  • Supports multiple integrations:
    • Source: CodeCommit, GitHub, S3, ECR, Bitbucket.
    • Build: CodeBuild, Jenkins, CloudBees, TeamCity.
    • Test: CodeBuild, AWS Device Farm.
    • Deploy: CodeDeploy, Elastic Beanstalk, CloudFormation.

AWS CodeBuild

  • Fully managed build service.
  • Uses buildspec.yml to define build instructions.
  • Supports logs in S3 and CloudWatch Logs.
  • Monitors build status with CloudWatch Metrics and Alarms.
  • Triggers using CloudWatch Events.
  • Can run inside a VPC.

buildspec.yOAOAml Structure:

  • Must be in the root directory.
  • Supports environment variables from SSM & Secrets Manager.
  • Phases: install, pre_build, build, post_build.
  • Supports artifacts and caching.

AWS CodeDeploy

  • Automates deployments to EC2, Lambda, and ECS.
  • Supports rolling, blue/green, and in-place deployments.
  • Requires CodeDeploy Agent for EC2 deployments.

CodeDeploy Components:

  • Application: Defines deployment container.
  • Compute Platform: EC2, Lambda, or ECS.
  • Deployment Group: Group of target instances.
  • Deployment Type:
    • In-Place: Updates existing instances.
    • Blue/Green: Spins up new instances, requires ELB.
  • IAM Roles for deployment.
  • Application Revision: Code + appspec.yml.

appspec.yml Structure:

  • Defines how files are copied from S3/GitHub.
  • Hooks (ApplicationStop, BeforeInstall, Install, AfterInstall, ApplicationStart, ValidateService).

AWS CodeStar

  • Rapidly sets up CI/CD-ready projects.
  • Supports multiple programming languages: C#, Go, Java, Node.js, Python, Ruby.

AWS CodeArtifact

  • Fully managed artifact repository.
  • Supports Maven, Gradle, NPM, Yarn, Twine, NuGet.
  • Integrated with EventBridge for tracking package changes.

AWS CodeGuru

  • AI-powered code review and application performance recommendations.
  • Components:
    • CodeGuru Reviewer - Static code analysis.
    • CodeGuru Profiler - Application runtime profiling.

AWS CLI, SDK, and CDK

AWS CLI

  • Supports --dry-run for checking permissions before execution.
  • Instance Metadata Service:
    • Allows EC2 instances to retrieve their own metadata.
    • URL: http://169.254.169.254/latest/meta-data.

AWS CLI Profiles

  • Supports multiple AWS accounts via profiles.
  • Config files stored in ~/.aws/credentials and ~/.aws/config.
  • aws configure --profile profilename to set up.
  • Use aws s3 ls --profile profilename for profile-specific commands.

MFA with AWS CLI

  • Requires temporary session tokens using STS.
  • aws sts get-session-token --duration-seconds 360.
  • aws sts get-session-token --serial-number arn:aws:iam::xxxx:mfa/name --token-code code.

AWS CDK (Cloud Development Kit)

  • Infrastructure as Code using programming languages.
  • Compiles to CloudFormation templates.

CDK Constructs:

  • Level 1: Direct mapping of CloudFormation resources.
  • Level 2: Higher-level, opinionated APIs.
  • Level 3: Patterns combining multiple resources.

CDK Commands:

npm install -g aws-cdk-lib
cdk init app
cdk synth
cdk bootstrap
cdk deploy
cdk diff
cdk destroy

Other AWS Services

AWS Step Functions

  • Models workflows as state machines.
  • Executes Lambda, ECS, Batch, SNS, SQS, and more.
  • Supports Standard and Express workflows.

AWS AppSync

  • Managed GraphQL API service.
  • Real-time data retrieval over WebSockets.
  • Supports DynamoDB, Aurora, OpenSearch, Lambda, HTTP endpoints.

AWS Amplify

  • Frontend and backend framework for web & mobile apps.
  • Provides CI/CD, authentication, storage, API integration.
  • Supports React, Vue, Angular, iOS, Android, Flutter.

AWS SES (Simple Email Service)

  • SMTP interface for email sending.
  • Integrates with S3, SNS, Lambda.
  • IAM-controlled email permissions.

Amazon OpenSearch Service

  • Successor to Amazon Elasticsearch.
  • Supports text search and real-time analytics.
  • Data ingestion from Kinesis, IoT, CloudWatch Logs.

Amazon Athena

  • Serverless query service for analyzing S3 data using SQL.
  • Supports CSV, JSON, Parquet, ORC.
  • Commonly used with QuickSight for reporting.

Amazon MSK (Managed Streaming for Apache Kafka)

  • Fully managed Kafka service.
  • Supports multi-AZ deployments, automatic failover, EBS storage.
  • Integrated with Lambda, Glue, Flink, Kinesis Data Analytics.

AWS Certificate Manager (ACM)

  • Automated provisioning & renewal of SSL/TLS certificates.
  • Supports public and private certificates.
  • Free of charge for public TLS certificates.

AWS Private CA

  • Manages private certificate authorities (CAs).
  • Issues X.509 certificates for internal AWS services.
  • Does not support public certificate issuance.

AWS AppConfig

  • Feature flagging and dynamic configuration deployment.
  • Supports EC2, Lambda, ECS, EKS.
  • Validates config changes before deployment.

Conclusion

This post covers AWS CI/CD tools, CLI, SDK, CDK, and other AWS services, essential for AWS Certified Developer Associate exam preparation. Mastering these concepts ensures efficient cloud development and deployment.