Angelo Mandato: Learn about the benefits with examples how to create and maintain DEV, QA, and UAT environments using unique domain names
awschicago
35 views
43 slides
Jun 24, 2024
Slide 1 of 43
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
About This Presentation
AWS Community Day Midwest 2024 |
Angelo Mandato |
AWS Columbus OH |
Learn about the benefits with examples how to create and maintain DEV, QA, and UAT environments using unique domain names
Slide Content
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Washington DC | June 27, 2024
Welcome slide
Washington DC | June 27, 2024
Welcome slide
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Create DEV, QA, and UAT
environments using unique
domain names
Angelo Mandato
DEV206
(he/him)
Founder / CTO
Painless Analytics
Create DEV, QA, and UAT
environments using unique
domain names
Angelo Mandato
DEV206
(he/him)
Founder / CTO
Painless Analytics
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Unique domain names for lower environments
01Problem05Example
02Unique Top level domains
to the rescue
06Wrap up what we learned
03Benefits07Bonus! –localdevelopment
04Costs
Unique domain names for lower environments
01Problem05Example
02Unique Top level domains
to the rescue
06Wrap up what we learned
03Benefits07Bonus! –localdevelopment
04Costs
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is a Domain Name?
example.com -Domain Name (root hostname)
com –Top-Level Domain (TLD)
example –Second-level Domain
https://en.wikipedia.org/wiki/Domain_name
What is a Domain Name?
example.com -Domain Name (root hostname)
com –Top-Level Domain (TLD)
example –Second-level Domain
https://en.wikipedia.org/wiki/Domain_name
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Problem
Problem
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Sub Domains for lower environments
•beta.example.com -BETA
•uat.example.com -UAT
•241-staging.example.com -STAGING
•pr-334-dev.example.com -DEV
•qa.example.com -QA
•www.example.com-PRODUCTION
This only works for a monolithic app!
Sub Domains for lower environments
•beta.example.com -BETA
•uat.example.com -UAT
•241-staging.example.com -STAGING
•pr-334-dev.example.com -DEV
•qa.example.com -QA
•www.example.com-PRODUCTION
This only works for a monolithic app!
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Production Sub Domains with environments
•dashboard.example.com -PRODUCTION
•uat-dashboard.example.com -UAT
•dev-dashboard.example.com -DEV
•pr-2324-dashboard.example.com -DEV PULL REQUEST
•qa-dashboard.example.com -QA
What's wrong with this?
Production Sub Domains with environments
•dashboard.example.com -PRODUCTION
•uat-dashboard.example.com -UAT
•dev-dashboard.example.com -DEV
•pr-2324-dashboard.example.com -DEV PULL REQUEST
•qa-dashboard.example.com -QA
What's wrong with this?
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Sub Domains introduce problems
THERE IS A BETTER WAY!
•Session cookies that use the root hostname
•Environmentssharing root hostname
•Hard to manageroot hostname in multiple Accounts*
•CORS rules are complicated
•Security concerns
•WHAT IF PROD FORMS SUBMITTO THE QA ENVIRONMENT???
Sub Domains introduce problems
THERE IS A BETTER WAY!
•Session cookies that use the root hostname
•Environmentssharing root hostname
•Hard to manageroot hostname in multiple Accounts*
•CORS rules are complicated
•Security concerns
•WHAT IF PROD FORMS SUBMITTO THE QA ENVIRONMENT???
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Unique Top Level Domains (TLD)
to the rescue
Unique Top Level Domains (TLD)
to the rescue
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Unique top-level domain for PRODUCTION
•www.example.com
•account.example.com
•api.example.com
•mail.example.com
anything.example.comis PRODUCTION
Unique top-level domain for PRODUCTION
•www.example.com
•account.example.com
•api.example.com
•mail.example.com
anything.example.comis PRODUCTION
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Unique top-level domain name for DEV
•www.example.dev
•account.example.dev
•api.example.dev
•mail.example.dev
anything.example.devis DEV
Unique top-level domain name for DEV
•www.example.dev
•account.example.dev
•api.example.dev
•mail.example.dev
anything.example.devis DEV
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Select TLD's for each environment
Root hostname for each environment:
•example.com-PRODUCTION
•example.dev-DEV
•example.biz-UAT
•example.net-QA
•example.be-BETA
If internal VPN, you can make up your own TLD .extension!
Select TLD's for each environment
Root hostname for each environment:
•example.com-PRODUCTION
•example.dev-DEV
•example.biz-UAT
•example.net-QA
•example.be-BETA
If internal VPN, you can make up your own TLD .extension!
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Benefits
Benefits
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Benefits of using domain names
with unique TLD's
IaC Privacy RightsSecurityDevelopment
CloudFormation /
CDK environments
configured by root
hostname
DEV and QA
environments less
strict than
UAT/PROD
Easy to maintain
lower environment
data separate from
production
Development never
found on
production
hostnames
Benefits of using domain names
with unique TLD's
IaC Privacy RightsSecurityDevelopment
CloudFormation /
CDK environments
configured by root
hostname
DEV and QA
environments less
strict than
UAT/PROD
Easy to maintain
lower environment
data separate from
production
Development never
found on
production
hostnames
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
You are a Super Hero!
You are a Super Hero!
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Costs
Costs
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Costs for TLD's
.us -$15/year
.cc -$12/year
.net -$15/year
.org -$14/year
.biz-$19/year
.ca -$13/year
.bet -$24/year
.io -$71/year
.link -$5/year
.be -$9/year
.de -$9/year
Route 53 TLD Registration Pricing
Costs for TLD's
.us -$15/year
.cc -$12/year
.net -$15/year
.org -$14/year
.biz-$19/year
.ca -$13/year
.bet -$24/year
.io -$71/year
.link -$5/year
.be -$9/year
.de -$9/year
Route 53 TLD Registration Pricing
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
InternalVPC's?
.whatever FREE!!!
InternalVPC's?
.whatever FREE!!!
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
You are a Super Hero!
You are a Super Hero!
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Example
Example
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Example: Laravel / WordPress Site
www.painlessanalytics.com-PROD
www.painlessanalytics.dev-DEV
www.painlessanalytics.be-BETA
Example: Laravel / WordPress Site
www.painlessanalytics.com-PROD
www.painlessanalytics.dev-DEV
www.painlessanalytics.be-BETA
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Example: ReactJS Dashboard
dashboard.painlessanalytics.com-PROD
dashboard.painlessanalytics.dev-DEV
dashboard.painlessanalytics.be-BETA
Example: ReactJS Dashboard
dashboard.painlessanalytics.com-PROD
dashboard.painlessanalytics.dev-DEV
dashboard.painlessanalytics.be-BETA
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Example: Root Hostname SSL Cert
Create SSL Certificate
(environment specific)
Go toCertificate Manager (ACM)
Create CNAME name records tovalidate certificate
Example: Root Hostname SSL Cert
Create SSL Certificate
(environment specific)
Go toCertificate Manager (ACM)
Create CNAME name records tovalidate certificate
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Example: Setup Parameter Store
Set SSL Cert arn
Parameter in
Systems Manager
Parameter Store
Example: Setup Parameter Store
Set SSL Cert arn
Parameter in
Systems Manager
Parameter Store
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Example: Setup Parameter Store
Set root Hostname
Parameter in
Systems Manager
Parameter Store
Example: Setup Parameter Store
Set root Hostname
Parameter in
Systems Manager
Parameter Store
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Example: CloudFormation using root hostname
Get Parameter from
Parameter Store
Use parameter to
Get the SSL cert
arnand set the
alias hostname
Example: CloudFormation using root hostname
Get Parameter from
Parameter Store
Use parameter to
Get the SSL cert
arnand set the
alias hostname
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Root hostname CloudFormation Advantages
Account / Lower
Environment uses a
unique root hostname
Hostname prefixes
remain consistent
Parameter Store
utilization minimized
Wildcard SSLcerts
Account specific
prefix.example.com
Root hostname CloudFormation Advantages
Account / Lower
Environment uses a
unique root hostname
Hostname prefixes
remain consistent
Parameter Store
utilization minimized
Wildcard SSLcerts
Account specific
prefix.example.com
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Benefits
Simple to understand,
document, and
standardize
Reproducible
AWSCloudFormation
templates
Accessible Publicly
(if not in a
private VPN)
Private Network –make
up your own TLD's!
SES can remain in
"sandbox"for
lowerenvironments
Benefits
Simple to understand,
document, and
standardize
Reproducible
AWSCloudFormation
templates
Accessible Publicly
(if not in a
private VPN)
Private Network –make
up your own TLD's!
SES can remain in
"sandbox"for
lowerenvironments
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Configuration Settings
Systems Manager
Parameter Store
CI/CD pipelines
.env & config files
Configuration Settings
Systems Manager
Parameter Store
CI/CD pipelines
.env & config files
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Hide lower environments from public?
CloudFront FunctionVPN
private network is
ideal but in some
cases not possible
Block access,
allow if a cookie or
header matches a
condition
Hide lower environments from public?
CloudFront FunctionVPN
private network is
ideal but in some
cases not possible
Block access,
allow if a cookie or
header matches a
condition
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
CloudFront Function:Open Sesame
https://myapp.example.dev/api/version
https://myapp.example.dev/webhook/stripe
CloudFront Function:Open Sesame
https://myapp.example.dev/api/version
https://myapp.example.dev/webhook/stripe
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
CloudFront Function:Open Sesame
https://myapp.example.dev/?open=sesame
CloudFront Function:Open Sesame
https://myapp.example.dev/?open=sesame
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
CloudFront Function:Open Sesame
https://myapp.example.dev/?close=sesame
CloudFront Function:Open Sesame
https://myapp.example.dev/?close=sesame
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
CloudFront Function: Open Sesame
CloudFront Function: Open Sesame
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Wrap up what we learned
Wrap up what we learned
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Unique Domains for lower environments
Unique Domains for lower environments
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Unique Domainsfor lower environments
•No more confusing sub domains
e.g. psycho-db-devbeta.example.com
•No more session / cookie collisions with prod and lower environments
•Secure lower environments with private networks
•Prevent access to lower environments with CloudFront functions
•SES Sandbox mode is a featurefor non-prod environments
•IaC / CloudFormation attributes use consistent prefixes
•Switching from one environment to the other is as easy as
replacing".com" with ".dev" and hitting ENTER.
Unique Domainsfor lower environments
•No more confusing sub domains
e.g. psycho-db-devbeta.example.com
•No more session / cookie collisions with prod and lower environments
•Secure lower environments with private networks
•Prevent access to lower environments with CloudFront functions
•SES Sandbox mode is a featurefor non-prod environments
•IaC / CloudFormation attributes use consistent prefixes
•Switching from one environment to the other is as easy as
replacing".com" with ".dev" and hitting ENTER.
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Bonus! –local development
Bonus! –local development
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Use a TLD for local development!
With your favorite editor open your local hosts file
MacOS: /private/etc/hosts
Linux: /etc/hosts
Windows: C:\Windows\System32\drivers\etc\hosts
(run editoras administrator)
Tip: Check out Windows PowerToys' Hosts File Editor
Use a TLD for local development!
With your favorite editor open your local hosts file
MacOS: /private/etc/hosts
Linux: /etc/hosts
Windows: C:\Windows\System32\drivers\etc\hosts
(run editoras administrator)
Tip: Check out Windows PowerToys' Hosts File Editor
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
411 on hosts file
Find your inner self, 127.0.0.1of course!
411 on hosts file
Find your inner self, 127.0.0.1of course!
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Use a real TLD for local development
Use case:
•Oauth2 (services like Google will not use .local hostnames)
Use a real TLD for local development
Use case:
•Oauth2 (services like Google will not use .local hostnames)
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Build beyond
skillbuilder.aws
Redeem your free 7-day
trial of AWS Skill Builder
Build beyond
skillbuilder.aws
Redeem your free 7-day
trial of AWS Skill Builder
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you!
Please complete the session
survey in the mobile app
Thank you
Angelo Mandato
[email protected]
linkedin.com/in/angelomandato
Founder / CTO
Painless Analytics
Link to slides, code, and
video of this session
Thank you!
Please complete the session
survey in the mobile app
Thank you
Angelo Mandato
[email protected]
linkedin.com/in/angelomandato
Founder / CTO
Painless Analytics
Link to slides, code, and
video of this session
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 35
- Slides 43
- Age 526 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
48 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
22 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views