Navigating AWS Deployment Targets with Armory

Jan 20, 2023 by Anna Daugherty

Many organizations look to Amazon Web Services (AWS) to host and deploy their applications in the cloud. However, they’re finding that their deployment tooling, often built as an extension of their legacy continuous integration (CI), is one of the main impediments to adopting cloud services. 

Custom-scripted production pipelines built with in-house tooling need to be rebuilt from scratch for new deployment targets. Furthermore, at the rate new AWS services are introduced and released, it’s challenging to keep custom-scripted tools updated and to take advantage of the latest innovations.

Defining deployment targets

From data center and cloud migration efforts to Kubernetes adoption and retooling, successful application deployments require consistent paths to production. The combination of homegrown, disparate tools and custom-scripted production paths requires extra time to learn and navigate, reducing developer efficiency and introducing avoidable, human-created errors. 

Armory leverages Spinnaker to create a single path from production to the deployment target, regardless of whether organizations are moving to Amazon EC2, Amazon Elastic Container Service (Amazon ECS), AWS Fargate, Amazon EKS, AWS Lambda or another AWS target. Previously, developers had to rebuild and custom-script the path to production for new deployment targets. But with Spinnaker, developers can deploy to a new target at the click of a button.

How it works

Spinnaker abstracts the concept of a “production” environment away from any specific deployment target. The cloud vendors themselves, with support from the rest of the community, build and maintain the connections, or Clouddrivers, between Spinnaker and the various production targets such as Amazon EC2 or Amazon EKS. 

This architecture allows for a consistent, repeatable path to production across entire organizations, incorporating industry and organizational best practices and end-to-end automated policy enforcement. Additional features such as blue-green deployments, canary deployments and 1-click rollbacks safeguard organizations in the event of bad deployments or failures. 

Utilize a single deployment pipeline for all software and applications, regardless of where the deployment target resides.

Architecture: infrastructure and security 

The supporting infrastructure

You use several AWS services when you deploy the Armory platform on AWS: Virtual Private Cloud, Amazon EKS, IAM, Amazon S3, AWS Secrets Manager, Redis and Amazon Aurora. 

“We had this disconnect between what was run in Terraform and our application deployments. Now teams are starting to see that they can combine those two things into a pipeline… It’s got people more creative in what they know they can do.” – Lead DevOps Engineer Fortune 500 Media & Education Company

Built-in security

Armory offers a breadth of solutions and integrations to deliver applications quickly and securely, such as: 

With security and compliance policies baked in, security and operations teams can share centralized, pre-approved lists of templates that you can leverage across application teams. Templates are updated with new security policies and learnings to enable effective knowledge transfer across the organization. 

When setting up deployment targets with the AWS Quick Start, Armory configures Spinnaker to access AWS resources (with both access and secret access keys) using IAM user roles. This ensures secure access is provided to the correct user roles. 

With Armory Secrets Manager, organizations can enable role-based access controls requiring different types of authentication, protecting sensitive data, such as passwords and tokens.

Share this post:

Recently Published Posts

Continuous Deployment KPIs

May 31, 2023

Key SDLC Performance Metrics for Engineering Leaders Engineering leaders must have an effective system in place to measure their team’s performance and ensure that they are meeting their goals. One way to do this is by monitoring Continuous Deployment Key Performance Indicators (KPIs).  CD and Automated Tests If you’re not aware, Continuous Deployment, or CD, […]

Read more

What Are the Pros and Cons of Rolling Deployments?

May 26, 2023

Rolling deployments use a software release strategy that delivers new versions of an application in phases to minimize downtime. Anyone who has lived through a failed update knows how painful it can be. If a comprehensive update fails, there are hours of downtime while it is rolled back. Even if the deployment happens after hours, […]

Read more

What is DevSecOps?

May 23, 2023

Before agile development became an accepted approach to delivering software, companies waited until software contained all desired features before releasing it. Imagine waiting a year before a needed feature became available. Yet, that was how most software releases occurred.  Once the software was released, companies prepared an annual or semi-annual update that incorporated new features […]

Read more