Navigating AWS Deployment Targets with Armory

Jan 20, 2023 by Anna Daugherty

Many organizations look to Amazon Web Services (AWS) to host and deploy their applications in the cloud. However, they’re finding that their deployment tooling, often built as an extension of their legacy continuous integration (CI), is one of the main impediments to adopting cloud services. 

Custom-scripted production pipelines built with in-house tooling need to be rebuilt from scratch for new deployment targets. Furthermore, at the rate new AWS services are introduced and released, it’s challenging to keep custom-scripted tools updated and to take advantage of the latest innovations.

Defining deployment targets

From data center and cloud migration efforts to Kubernetes adoption and retooling, successful application deployments require consistent paths to production. The combination of homegrown, disparate tools and custom-scripted production paths requires extra time to learn and navigate, reducing developer efficiency and introducing avoidable, human-created errors. 

Armory leverages Spinnaker to create a single path from production to the deployment target, regardless of whether organizations are moving to Amazon EC2, Amazon Elastic Container Service (Amazon ECS), AWS Fargate, Amazon EKS, AWS Lambda or another AWS target. Previously, developers had to rebuild and custom-script the path to production for new deployment targets. But with Spinnaker, developers can deploy to a new target at the click of a button.

How it works

Spinnaker abstracts the concept of a “production” environment away from any specific deployment target. The cloud vendors themselves, with support from the rest of the community, build and maintain the connections, or Clouddrivers, between Spinnaker and the various production targets such as Amazon EC2 or Amazon EKS. 

This architecture allows for a consistent, repeatable path to production across entire organizations, incorporating industry and organizational best practices and end-to-end automated policy enforcement. Additional features such as blue-green deployments, canary deployments and 1-click rollbacks safeguard organizations in the event of bad deployments or failures. 

Utilize a single deployment pipeline for all software and applications, regardless of where the deployment target resides.

Architecture: infrastructure and security 

The supporting infrastructure

You use several AWS services when you deploy the Armory platform on AWS: Virtual Private Cloud, Amazon EKS, IAM, Amazon S3, AWS Secrets Manager, Redis and Amazon Aurora. 

“We had this disconnect between what was run in Terraform and our application deployments. Now teams are starting to see that they can combine those two things into a pipeline… It’s got people more creative in what they know they can do.” – Lead DevOps Engineer Fortune 500 Media & Education Company

Built-in security

Armory offers a breadth of solutions and integrations to deliver applications quickly and securely, such as: 

  • Automated policy enforcement across deployments 
  • Role-based access controls 
  • Secrets management

With security and compliance policies baked in, security and operations teams can share centralized, pre-approved lists of templates that you can leverage across application teams. Templates are updated with new security policies and learnings to enable effective knowledge transfer across the organization. 

When setting up deployment targets with the AWS Quick Start, Armory configures Spinnaker to access AWS resources (with both access and secret access keys) using IAM user roles. This ensures secure access is provided to the correct user roles. 

With Armory Secrets Manager, organizations can enable role-based access controls requiring different types of authentication, protecting sensitive data, such as passwords and tokens.

Share this post:

Recently Published Posts

Argo + Armory: Cross-environment orchestration made easy

Feb 1, 2023

Cross-environment orchestration that you don’t have to spend time building At Armory, our goal is software innovation, whether that’s our own Continuous Deployment solutions, or being able to help our customers reach higher innovation peaks within their software development. We’ve taken deliberate steps to make sure our products play well with others, with a focus […]

Read more

Release Roundup – January 2023

Jan 11, 2023

Get the latest product news on Continuous Deployment-as-a-Service and the most recent release for Continuous Deployment Self Hosted, 2.28.2. Welcome to 2023!  Just like every organization, Armory is looking for ways to improve our practices and deliver more value (and faster!) to you, our customers. That’s why our engineering team is working to deliver features, […]

Read more

Learn Continuous Deployment with Armory and Wilco

Jan 6, 2023

Armory is excited to announce we have launched an interactive, narrative-driven developer experience that teaches continuous deployment concepts. And now you can try it out for yourself! Wilco, also known as the “flight simulator” for software developers, allows companies to create engaging interactive developer challenges (called quests) that enable developers to acquire and practice skills […]

Read more