Five Different Ways to Build AWS Infrastructure
Before deciding on how to create your production platform, learn about the benefits and drawbacks of different ways to build your AWS infrastructure.
Join the DZone community and get the full member experience.
Join For FreeAWS cloud architecture solutions require infrastructure to run your platform solutions. Infrastructure includes compute technologies, databases, queues, and more. Each needs to be specified and built before turning on your platform solution.
There are many different ways you can choose to build your AWS infrastructure. Each method has its benefits and drawbacks that should be known before choosing how to create your production platform.
This article will step through how to build an S3 bucket in AWS using different methods. S3 buckets are used for hosting webpages and for storing data. You need to have an AWS account before creating any infrastructure on AWS.
Using the AWS Management Console
The AWS Management Console is often the easiest way to start building cloud infrastructure in AWS. The management console uses wizards to create infrastructure in the AWS cloud. These interfaces layout the required settings to create your AWS infrastructure and include defaults where available.
There are times when the Management Console does not include possible settings for your infrastructure. In this case, you must go to one of the other listed tools if that setting is needed on your platform.
Creating an S3 Bucket in the Management Console
- Login and Navigate to the Management Console for S3. You can use the homepage navigation on AWS or use this AWS link.
- From the S3 page, you can see your current S3 usage. This is similar for all AWS infrastructure pages. While the other creation methods may result in errors if you exceed available capacity, the management console is unique in showing your current use.
- The Create Bucket page contains all the settings available for the S3 bucket. This page has a series of boxes containing the detailed settings for the S3 bucket.
Set the general configuration, which includes the bucket’s name and the AWS region that will house it.
Choose how open or secure to make the bucket. Here we will use the default setting to block all public access to the bucket.
Determine if bucket versioning should be enabled or disabled. Here we will use the default disabled setting for versioning.
Optionally add tags to the bucket.
Determine if the data you store in your bucket will be encrypted or not.
Determine if you require object lock (write once, read many) turned on.
Click to create the bucket.
Once you create the bucket, you can use the management console to view your settings. If needed, you can also change editable settings after bucket creation. Some items like the bucket’s name or region are not editable.
AWS Command Line Interface
The AWS command-line interface (CLI) is a tool built to manage your AWS services and infrastructure. Before use, you need to download the tool, which you can find here.
The command line allows you to type commands into your terminal or load them into the terminal using a JSON file. In either case, the format is the same. If you want to save and organize your infrastructure documentation, JSON files are an excellent way to do that. The CLI will give the format of the JSON file by using the --generate-cli-skeleton
command.
Using the AWS CLI is relatively simple for solo pieces of your infrastructure. If you only need a few different systems or are testing out a new design, the CLI is a good option. You can have your settings documented and create your system relatively quickly. However, suppose you have a complex infrastructure with many different systems and need to recreate your design in multiple environments. In that case, the CLI may not be the most efficient choice for creating your platform.
Creating an S3 Bucket Using the AWS CLI
- Find the S3 documentation for the correct version of the CLI.
- Optimally find the JSON format for this CLI command so the settings can be documented. The command to print the JSON format is below.
aws s3api create-bucket --generate-cli-skeleton
This command will print an output that shows what settings may be used in creating your new bucket. The printout includes defaulted values that may be changed.
{
"ACL": "public-read",
"Bucket": "",
"CreateBucketConfiguration": {
"LocationConstraint": "me-south-1"
},
"GrantFullControl": "",
"GrantRead": "",
"GrantReadACP": "",
"GrantWrite": "",
"GrantWriteACP": "",
"ObjectLockEnabledForBucket": true
}
Fill in the data in the JSON with the settings wanted in the bucket. Here, we will make them match as closely as we can to the AWS Console example. For this object, there are permissions not present in the console. All the Grant ACL attributes present here give the ability to grant access control lists for your bucket. This is common for the console versus the CLI — the CLI tends to have more granular options available.
{
"ACL": "private",
"Bucket": "my-test-bucket",
"CreateBucketConfiguration": {
"LocationConstraint": "us-east-1"
},
"GrantFullControl": "emailaddress='user1@example.com'",
"GrantRead": "",
"GrantReadACP": "",
"GrantWrite": "",
"GrantWriteACP": "",
"ObjectLockEnabledForBucket": true
}
This CLI command does not include all the features available in the AWS Console. If anything other than default values are needed, you must add settings with separate CLI commands. To add in the extra data, use the following commands:
- To add tags, use
aws s3api put-object-tagging
- To enable bucket versioning, use
aws s3api put-bucket-versioning
- To enable encryption, use
aws s3api put-bucket-encryption
There are other commands available from the CLI that are not available in the console. Most notably, putting permissions onto the bucket to restrict or allow access to people or environments is best done using the AWS CLI.
AWS SDK
The AWS SDK is available in Python, Java, C++, .NET, and JavaScript. In this example, we show the Javascript documentation. Each of the SDKs allows you to download the library and create infrastructure in code. The examples in this article use the Javascript version of the SDK.
The SDK uses JSON parameters as inputs to the commands. These are identical attributes to the CLI commands with the same name. For any unnecessary attributes, simply eliminate them from the parameters object. Note as well that commands use JavaScript promises. These can also be written using async
/await
notation which makes SDK commands easier to read.
Developers can use the AWS SDK or the infrastructure they want to create in code. If you want to write a script that will build your cloud platform for you, the SDK is an excellent option to do this. Deployments can use this script in different environments to create and recreate the same system. Be aware that some cloud infrastructure may need specific settings if you create, destroy, and recreate systems.
Creating an S3 Bucket Using the AWS SDK
To create a bucket using the SDK commands, use the following code:
var params = {
Bucket: 'my-test-bucket'
ACL: 'private',
CreateBucketConfiguration: {
LocationConstraint: 'us-east-1'
},
GrantFullControl: 'user1@example.com',
//GrantRead: '',
//GrantReadACP: '',
//GrantWrite: '',
//GrantWriteACP: '',
ObjectLockEnabledForBucket: true
};
s3.createBucket(params, function(error, data) {
if (error)
console.log(error, error.stack); // an error occurred
else console.log(data); // successful response
});
This command does not include all the features available in the AWS Console. If anything other than default values are needed, you must add settings with separate SDK commands. To add in the extra data, use the following commands:
- To add tags, use
s3.putObjectTagging
- To enable bucket versioning, use
s3.putBucketVersioning
- To enable encryption, use
s3.putBucketEncryption
Infrastructure as Code
Terraform is an infrastructure as code (IaC) tool that can configure your infrastructure through coded files rather than a direct AWS interface. Using this system, users create configuration files that allow them to build, manage, and rebuild infrastructure consistently across different environments.
IaC is a good option for building your staging and production environments after the design has been done. The configuration files can act as documentation for your infrastructure as well. The syntax used is similar to JSON, but with keywords provided by the makers of Terraform that allow you to set your provider, profile, and resource data as needed.
Infrastructure as Low Code
Third-party systems enable users to create microservice systems in AWS and other cloud providers graphically. Using systems like this, developers can create a design and build a platform similar to building a flowchart. Small amounts of code can be used to provide settings, but otherwise, the system is built graphically.
This system uses plugins built on the AWS SDK to build infrastructure such as S3 buckets. The added benefit is having the entire platform design available without needing to generate much documentation. The design is inherent in the graphical building of the platform.
Summary
Infrastructure is a critical design piece in your cloud platform. Typically the same infrastructure is required to run in different environments for developing, testing, and providing a cloud infrastructure for client use. Creating, modifying, destroying, and recreating your platform is a typical need for cloud development.
Having a method to quickly build your platform and document the required settings is critical. Depending on your current phase of development, any of the above options may work.
The AWS console and the AWS CLI are best used when you are designing and testing systems. Using these options generally, you are building a single piece of your infrastructure at a time. The CLI can be self-documenting.
The AWS SDK and third-party tools such as Terraform and Kaholo can be used to build production-level AWS infrastructure since they are scriptable. Scripts can be run and rerun in different environments, so your entire platform could be created with simple button clicks once the script is created. The AWS SDK and Terraform are code-required options, while others provide a low-code, graphical option for your AWS infrastructure.
Opinions expressed by DZone contributors are their own.
Comments