Attini init deploy

InitDeploy

Start a deployment

A deployment starts by uploading a distribution to the Attini deployment origin. Attini deployment origin is an s3 bucket that is created by the attini-setup CloudFormation stack, its acts as an entrance to your environment and is the starting point for your deployments.

When the distribution are put in the Attini deployment origin bucket it will trigger the init deploy lambda.

Note

Anyone that can put objects in this s3 bucket can initiate new deploys, which is a very privileged action. It is therefore VERY important that you are careful with and s3:PutObject permissions and we highly recommend you to apply a bucket policy that only allows the appropriate personnel to put objects in the bucket.

Naming convention

All distribution that are being uploaded to the Attini deployment origin bucket needs s3 key prefix: /${AttiniEnvironmentName}/${DistributionName}/ ex /dev/network/

All distribution that are being uploaded to the Attini deployment origin bucket needs s3 key suffix: .zip to trigger a deployment

So a valid deployment distribution will look something like /dev/network/optional-name.zip or /dev/network/my-version/optional-name.zip

Note

Creating a s3 bucket policy for this bucket is an essential part of your security model because it limits who can make deployments to you environment. See Securing deployment origin for more information.


Init deploy lambda

The init deploy lambda will download the distribution from the deployment origin bucket and:

  1. Extract the files in the distribution

  2. Read the attini-config

  3. Upload the distribution content to the attini-artifact-store

  4. Update the reference parameter

  5. Update the init deploy stack

When the init deploy stack is finished updating/creating, the Attini framework will find any deployment plans and trigger it.


Distribution content

All the content in your distribution will be extracted and put in Attini artifact store with the prefix: /${environment}/${distribution-name}/${distribution-id}/distribution-origin/.

The distribution zip file will also be copied “as is” to the artifact store so you can still work with the original zip file if needed.

You can integrate and work with these files however you see fit using the AWS CLI, AWS SDK or Attini deployment plans integrations.

The namespace “…/distribution-origin/” is only there to distinguish the content from the origin distribution, the Attini framework is designed for our customers to customize. A step in the deployment plan can therefore fetch or created new files and save them under any namespace.

For example you can have one step in the deployment plan that polls config files from an external source and you can put it under /${environment}/${distribution-name}/${distribution-id}/external-config/ or if you use the AWS CDK you can put the synthesized templates under /${environment}/${distribution-name}/${distribution-id}/synthesized-templates/.

All filed with the prefix /${environment}/${distribution-name}/${distribution-id}/ will be subject to the life cycle policy.


Find the distribution artifacts

You often end up with with a use case that requires your applications to find the latest version of your distribution files.

The Init deploy will therefore save the latest distribution id in parameter store with the artifact with the path: /attini/distributions/${environment}/${distribution-name}/latest. This means that any system in your environment can easily find the latest version of your files.

Example:

I have a distribution called “config” that contains a file called “vpc-config.yaml” deployed to my prod environment.

To download the file from the artifact store I can run the following commands:

ENVIRONMENT=prod
DISTRIBUTION_NAME=config
DISTRIBUTION_ID=`aws ssm get-parameter --name /attini/${ENVIRONMENT}/distributions/${DISTRIBUTION_NAME}/latest --query Parameter.Value --output text`
aws s3 cp s3://attini-artifact-store-${region}-${accountId}/${ENVIRONMENT}/${DISTRIBUTION_NAME}/${DISTRIBUTION_ID}/distribution-origin/vpc-config.yaml .

Init deploy stack

When a distribution is deployed to an environment, the deployment needs a flexible way to initiate. The Attini framework accomplishes this with the “init deploy stack”. The init deploy stack is a a CloudFormation stack that is automatically deployed from a template in your distribution. Its just a normal CloudFormation stack so you can provision any resources you need.

Find more information on how to configure the init deploy stack using the attini-config.

The init deploy stack is not required, sometimes you just want your distribution to become available to the rest of your environment.

Some distributions can be simple isolated units that only needs one CloudFormation stack, then all you need is the Init deploy stack.

For bigger deployments you need an Attini deployment plan. The Attini deployment plan can only be created by the Init deploy stack, read more about creating deployment plan here.