Modern Application Development On AWS
Modern ApplicationDevelopment on AWSCloud-Native Modern Application Development andDesign Patterns on AWSOctober 2019
NoticesCustomers are responsible for making their own independent assessment of theinformation in this document. This document: (a) is for informational purposes only, (b)represents current AWS product offerings and practices, which are subject to changewithout notice, and (c) does not create any commitments or assurances from AWS andits affiliates, suppliers or licensors. AWS products or services are provided “as is”without warranties, representations, or conditions of any kind, whether express orimplied. The responsibilities and liabilities of AWS to its customers are controlled byAWS agreements, and this document is not part of, nor does it modify, any agreementbetween AWS and its customers. 2019 Amazon Web Services, Inc. or its affiliates. All rights reserved.
ContentsIntroduction .6Accelerating the Innovation Flywheel .6Modern Application Development .7Capabilities of Modern Applications .7Best Practices of Modern Application Development .9Modern Application Design Patterns .14Implementing Microservice Architectures using AWS Services .14Continuous Integration and Continuous Delivery on AWS .30CI/CD Services on AWS .30CI/CD Patterns for Different Application Types .33Conclusion .38Contributors .38Further Reading .39AWS Services .39Whitepapers .40Video.40Document Revisions.40
AbstractModern application development using containers and serverless technologies can helpyour organization accelerate innovation. This paper includes information aboutimportant best practices and design patterns that you can use to build your modernapplication in the AWS Cloud.
Amazon Web ServicesModern Application Development on AWSIntroductionModern companies are increasingly global, and their products are increasingly digital.These digital products—such as cloud infrastructure, mobile apps, big data pipelines,and social media—are influencing application development, which requires anunprecedented pace of change for companies. To achieve this speed, business leadersmust adapt their culture, processes, and technologies to the new reality of this digitalage.Rapid innovation is vital for modern companies, which must drive growth by making themost of their human resources, seeking out new opportunities, and nurturing new ideas.Digital technology is at the core of this rapid innovation.Accelerating the Innovation FlywheelBusinesses in almost all industries are experiencing an unprecedented pace of change,and rapid innovation is crucial to improving their pace. Small, unknown competitors canget ahead in a matter of months by focusing on innovation, so it is essential to not onlyinnovate, but to do so quickly.Amazon has learned that experiments let you innovate faster. To accelerate innovation,we perform an experiment, listen to user feedback, and experiment again. We do notfear failure, but apply the learnings from each experiment in future efforts. We call thisthe innovation flywheel. To spin this flywheel rapidly, we need a system to releaseproducts, collect feedback, add new features, and release again. The features ofmodern applications make this process possible, and enable you to spin the flywheeland get ahead of the competition through rapid innovation.6
Amazon Web ServicesModern Application Development on AWSModern Application DevelopmentThe most successful companies recognize that it is their technology that sets themapart from the competition. To keep growing and winning business, companies need toinvent new products rapidly. To promote a culture of innovation that makes thispossible, successful companies continually update their methods of designing, building,and administering applications. We call this modern application development.Modern application development gives companies a competitive edge by enabling themto innovate more rapidly. Companies that embrace innovation can complete moreexperiments and bring ideas to market more quickly by shifting resources fromundifferentiated heavy lifting—such as administering and provisioning infrastructure—tomore valuable activities.Modern application development practices can help companies to realize the speed andagility that go with innovation. Some customers take their on-premises virtual machines(VMs) and move them (also known as lift-and-shift) to host them on Amazon ElasticCompute Cloud (Amazon EC21). Other customers change the platform of theirapplications to a container-based model that is more optimized for the cloud. Still othercompanies refactor their monolithic applications and transition to a microservice-basedarchitecture. Most companies find that when they build more cloud-native applications,they spend less time on administrative overhead and can focus more on their corebusiness.Capabilities of Modern ApplicationsModern applications should be: Secure – It is crucial for any application to be secure. Security measures mustbe implemented not only in a certain piece of the application, but in all layers andat each stage of the lifecycle. Resilient – A modern application is resilient. For example, if an applicationencounters a failure when it calls an external data source, it should retry orotherwise handle the exception—not become unresponsive—while continuing tooperate with a graceful degradation of functionality. This pattern also applies to amicroservice architecture2 and interactions with other services.7
Amazon Web ServicesModern Application Development on AWS Elastic – By flexibly scaling out and scaling in depending on the rate of requestsor other metrics, modern applications can optimize cost without missing businessopportunities. Automating the process of scaling out and scaling in, or usingmanaged services that include auto scaling functionality, reduces routineadministrative burden and prevents the extreme disruption of outages. Modular – Modern applications are modular, with high cohesion and loosecoupling. Larger systems should not be single monoliths, but should beseparated along domain boundaries into different components, each with adistinct responsibility. Not only does this separation allow for greater availabilityand scalability, but frequent releases are easier, because different componentscan be deployed independently. Automated – Integration and deployment of modern applications must beautomated to enable frequent, high-quality releases. In addition to being errorprone, manual processes can introduce dependence on individual people, suchas requiring a single administrator to make deployments. To support agiledevelopment and frequent releases, modern applications should be deployedthrough continuous integration and continuous delivery (CI/CD) pipelines. In aCI/CD model, code is pushed to version control, tests are run in a clean CIenvironment, and deployments are performed automatically if all tests pass. Interoperable – In modern applications, each service must interact with otherservices, provide the resources requested of it, and perform the tasks expectedof it. It must be possible to add functionality to different services independentlyand continue to release frequently, without impacting other services. This meansthat services must keep their implementation details private, exposing allrequired functionality through robust, public APIs. These public APIs must alsobe stable and backward compatible to allow for independent releases.There are various methods you can use to implement modern applications. This paperincludes information about methods to deploy applications in the cloud with containersand serverless technology.8
Amazon Web ServicesModern Application Development on AWSBest Practices of Modern Application DevelopmentThrough conversations with customers and our own development teams, we found thatthere are several modern application development best practices shared byorganizations that bring innovative ideas to the market rapidly.Security and ComplianceWhen you build your system in the AWS Cloud, we recommend that you always startwith security and compliance. Securing the whole application lifecycle enablesorganizations to address security threats without sacrificing speed of innovation.For example: Authentication – Control access to your system with permission settings thatprevent malicious access. AWS administrators can sign in to the AWS Consolewith AWS Identity and Access Management (IAM) credentials, or throughintegrations with Microsoft Active Directory or a SAML Identity Provider.Applications built on AWS can leverage Amazon Cognito to allow end users toauthenticate and access resources. Authorization – Implement role-based access control with flexible policies thatrestrict the use of resources without overly complicated administration. IAMprovides granular authorization policies for any AWS resources. Auditing and Governance – Evaluate the behavior of workloads and make surethat they conform to compliance requirements and your organization’s standards.AWS CloudTrail can audit interactions with AWS APIs and log aggregation withAmazon CloudWatch enables you to audit your applications. AWS Config canmake sure that AWS resources are configured to align with your organization’sstandards. Validation – Test all aspects of application functionality, and make sure that itworks as intended. Automate validation as much as possible with continuousintegration and continuous delivery (CI/CD).Modern applications should be thoroughly and frequently tested, however, this must notreduce development velocity. Similarly, you should limit developer permissions, but youshould not revoke the access that they require. Build your security into the entireapplication lifecycle, and automate and continuously reevaluate your security processesand standards.9
Amazon Web ServicesModern Application Development on AWSMicroservice ArchitectureAs monolithic applications grow, it becomes difficult to modify or add functionality tothem, and to track what parts of the codebase are involved in a specific change. As aresult, small changes can require lengthy regression testing, and development of newfeatures can slow. In an application built with a microservice architecture and looselycoupled components, many new features and bug fixes can be implemented at the levelof a single service and released much more rapidly.Organizations with monolithic legacy applications can become more agile and flexibleby redesigning their applications into microservices. Each service is deployedseparately, and all the services work together to offer the same functionality as themonolithic system. Microservices can be built, modified, and released quickly, whichprovides faster experimentation and innovation. Each team that builds microservicescan also take clear ownership of their own design, development, deployment, andoperations.To achieve this loose coupling, the microservices in a system must communicate witheach other. A datastore that is shared between services creates tight coupling, hiddendependencies, timing issues, and challenges with scaling and availability. It is better touse published APIs or asynchronous message queues to communicate betweenseparate services. Separating processes into different pieces that are connected bymessages in queues creates clear transaction boundaries and enables services tooperate more independently.Messaging systems can provide scalability, resilience, availability, consistency, anddistributed transactions because of the following characteristics: Trusted and resilient message delivery system Non-blocking and one-way operation Loosely coupled services Bringing focus to different logical components in the system, and allowing eachto work independentlyArchitectures that take advantage of these elements can easily expose robust APIs andasynchronous communication channels, which enables each service to be operated andautomated independently, and which also improves reliability.When many different microservices are connected to perform a process, you must havea method to monitor the state of a single end-to-end task. You must also make sure that10
Amazon Web ServicesModern Application Development on AWSall the necessary steps happen in the correct order and at the correct time. You can usestate machines to both monitor the state of tasks and make sure they occur in thecorrect order.You also need a method to manage the overall workflow between services, to configurevarious timeouts, cancellations, heartbeats for long-running tasks, and granularmonitoring and auditing. Managing services with this type of tooling improves speed,productivity, and flexibility. To make sure that microservices execute in the correctsequence with appropriate timing, modern applications take advantage of orchestrationand messaging tools. Using orchestration tools makes it easy to build robust services ina repeatable way. AWS Step Functions is a fully managed tool that can coordinatearbitrary workflows across services. When you use messaging tools, you remove directdependencies between services, which improves reliability and scalability. You can usedifferent tools—such as Amazon Simple Queue Service (Amazon SQS), AmazonCloudWatch Events, and Amazon Kinesis—depending on the specific workload. Byusing orchestration and messaging tools together, your developers do not have tospend time on workflow execution, state management, and inter-servicecommunication, which gives them valuable time to focus on core business logic.Using Serverless TechnologyWhen you operate and maintain the servers and operating systems (OS) that run yourorganization’s applications, your system administrators must spend time completingsimple and repetitive tasks, such as applying OS security patches. Instead of scaling upby request volume, they must provision servers for peak volume ahead of time, whilecarefully considering availability and durability requirements. You might also have to payfor all of this overprovisioned infrastructure in advance, instead of paying for what youuse as you go.Though services such as AWS Auto Scaling and AWS Systems Manager can reducethese burdens on conventional, VM-based infrastructure, when you build your systemon serverless technology, you don’t have to provision and manage servers. Youradministrators don’t have to spend time on OS patches, or maintain unused resourcesto be prepared for occasional peak usage. Serverless applications scale to meet theprecise demand on each component. Reliability and fault-tolerance are also largelybuilt-in by default, which eliminates much of the design and operations time required forthese aspects of the system. By building modern applications with serverlesstechnologies from the beginning, the whole lifecycle of building, deploying, and runningapplications can also be kept secure. When you remove operational complexity, your11
Amazon Web ServicesModern Application Development on AWSdevelopers can focus their time and energy on building products that delight yourcustomers.AWS provides serverless computing services such as AWS Lambda3 and AWSFargate4. There is Amazon Simple Storage Service (Amazon S3)5 for object storage,and there are now two serverless database options: Amazon DynamoDB6, a fast andflexible NoSQL database, and Amazon Aurora Serverless7, an on-demand and autoscaling configuration for Amazon Aurora. If you want to build an end-to-end serverlessapplication, compute, database, and storage services might not be enough. You canuse other serverless AWS offerings8 throughout your workload, from API management,messaging, and orchestration, to troubleshooting and monitoring.Automating Deployment with CI/CDCompanies strive to innovate quickly to deliver the most value they can to customers asquickly as possible. To achieve this, modern applications use continuous integrationand continuous delivery (CI/CD) to automate the entire release process: building andrunning tests, promoting artifacts to staging, and the final deployment to production.CI/CD can also automate certain security controls, such as scanning for knownvulnerabilities and performing static analysis. The full CI/CD pipeline can consist of anarbitrary number of quality gates and controls, all of which must be passed successfullybefore any new code makes it to production.By automating the full build/test/deploy process, it becomes not only more reproducible,but faster as well. It can also be performed much more frequently—perhaps many timesa day—meaning that each individual deployment consists of fewer changes and lessrisk. Instead of being a high-risk, all-hands-on-deck event, CI/CD allows deployments toproduction to be mundane affairs. Finally, because the time from when code iscommitted to when it is deployed is so much shorter than with manual processes, highpriority security fixes or config changes no longer require special hot patches, but canflow through the standard pipeline.AWS customers can take advantage of fully-managed CI/CD services such as AWSCodeBuild, AWS CodePipeline, and AWS CodeDeploy, in addition to open-sourceoptions and third-party marketplace offerings.12
Amazon Web ServicesModern Application Development on AWSManaging Infrastructure as CodeTo get the full benefits of CI/CD, you should create a model for your entire applicationand infrastructure as code (IaC). By modeling infrastructure as code, you canincorporate it into your standard application development lifecycle, executeinfrastructure changes in your CI/CD pipeline, and get additional benefits, such asreducing configuration errors and provisioning faster. AWS provides a number of IaCtools. One tool is AWS CloudFormation9, which is a service that lets you specify anycloud infrastructure you need in a simple template file, and then provisions theinfrastructure for you. Another tool is AWS Serverless Application Model (SAM)10, whichbuilds on AWS CloudFormation with additional tooling and convenience functions forbuilding serverless applications. AWS Cloud Development Kit (CDK)11 is a tool thatprovides a framework to design cloud infrastructure in code using a language of yourchoice and then provisions it with CloudFormation.Monitoring and LoggingDevelopers of modern applications should monitor the behavior of their application atruntime using monitoring and logging tools, and use that data to maintain or improvetheir cust
Amazon Web Services Modern Application Development on AWS 11 all the necessary steps happen in the correct order and at the correct time. You can use state machines to both monitor the state of tasks and make sure they occur in the correct order. You also need a method to manage the overall workflow between services, to configure
4 AWS Training & Services AWS Essentials Training AWS Cloud Practitioner Essentials (CP-ESS) AWS Technical Essentials (AWSE) AWS Business Essentials (AWSBE) AWS Security Essentials (SEC-ESS) AWS System Architecture Training Architecting on AWS (AWSA) Advanced Architecting on AWS (AWSAA) Architecting on AWS - Accelerator (ARCH-AX) AWS Development Training
AWS SDK for JavaScript AWS SDK for JavaScript code examples AWS SDK for .NET AWS SDK for .NET code examples AWS SDK for PHP AWS SDK for PHP code examples AWS SDK for Python (Boto3) AWS SDK for Python (Boto3) code examples AWS SDK for Ruby AWS SDK for Ruby co
AWS instances with Nessus while in development and operations, before publishing to AWS users. Tenable Network Security offers two products on the AWS environment: Nessus for AWS is a Nessus Enterprise instance already available in the AWS Marketplace. Tenable Nessus for AWS provides pre-authorized scanning in the AWS cloud via AWS instance ID.
AWS Serverless Application Model Developer Guide Benefits of using AWS SAM What is the AWS Serverless Application Model (AWS SAM)? The AWS Serverless Application Model (AWS SAM) is an open-source framework that you can use to build serverless applications on AWS.
AWS Directory Amazon Aurora R5 instance Service AWS Server Migration Service AWS Snowball AWS Deep Amazon GameLift Learning AMIs AWS CodeBuild AWS CodeDeploy AWS Database Migration Service Amazon Polly 26 26 20 40 12 0 5 10 15 20 25 30 35 40 45 2018 Q1 2018 Q2 2018 Q3 2018 Q4 2019 Q1 New Services& Features on AWS
BSR/AWS B5.16-200x, Specification for the Qualification of Welding Engineers (revision of ANSI/AWS B5.16-2001) Obtain an electronic copy from: roneill@aws.org Order from: R. O’Neill, AWS; roneill@aws.org Send comments (with copy to BSR) to: Andrew Davis, AWS; adavis@aws.org; roneill@aws.org Single copy price: 25.00
pa/1g pa/1f pb/2f pc/2g pd/4f 156 pf/3g pf/3f pg/3g pg/3f en: pcfileur welding positions aws: 1g en: pa aws: 1f aws: 2g en: pc aws: 2f en: pb aws: 3g en: pg down en: pf up aws: 3f down en: pf aws: 4g en: pe aws: 4f en: pd 156
Amazon Web Services Cloud Platform The Cloud Computing Difference AWS Cloud Economics AWS Virtuous Cycle AWS Cloud Architecture Design Principles Why AWS for Big Data - Reasons Why AWS for Big Data - Challenges Databases in AWS Relational vs Non-Relational Databases Data Warehousing in AWS Services for Collecting, Processing, Storing, and .
