In Chapter 2, Deploying Your First Web Application, we familiarized ourselves with AWS. We also created an EC2 instance and deployed a Hello World web application onto it but to get there, we had to go through a number of steps to configure the instance and its security groups. Because we did that in a very manual fashion using the command-line interface, those steps we went through will not be reusable or auditable, as you may recall from the first chapter when implementing DevOps best practices. Two key concepts are that you should source control everything and should rely on automation as often as possible. In this chapter, we will see how to apply those principles to our infrastructure.

In a cloud environment where almost everything is abstracted and served through the intermediary of virtual resources, it is easy to imagine that code can describe the topology of a network and the configuration of a system. To go through that transformation, we will learn about two key concepts in an effective DevOps organization. The first one is commonly called infrastructure as code (IAC) and it is the process of describing all your virtual resources such as virtual servers or load balancers and the network layer after that. The second concept while very close to IAC focuses further on systems configuration and is called configuration management. Through configuration management systems, developers and system administrators have the ability to automate operating system configuration, package installation, and even application deployment.

Going through that transformation is a crucial step for any DevOps-focused organization. By having code to describe the different resources and their configurations, we will be able to use the same tools and processes as we do when doing application development. We will be able to use source control and make smaller changes in individual branches, submit pull requests and go through standard review processes, and finally, test changes before they are applied to our production environment. This will give us better clarity, accountability, and auditability for infrastructure changes. Because of that, we will also be able to manage a much bigger fleet of resources without necessarily needing more engineers or without spending a lot more time operating all the resources. This will also open up the door to more automation, as we will see with continuous deployment in Chapter 4, Adding Continuous Integration and Continuous Deployment.

In this chapter, we will look at two different applications. The first one is called CloudFormation and it is an AWS service that will let us create and configure any AWS resources through JSON configuration files. After that, we will look at Ansible, a configuration management tool. This will allow us to make more granular changes at the operating system level:

• Managing your infrastructure with CloudFormation
• Adding a configuration management system