AWS AppConfig is an AWS service that enables centralised management and deployment of application configurations, separate from application code. It allows for efficient, risk-reducing configuration changes and supports various AWS services.
In This blog, we are going to cover the following topics related to AWS AppConfig:
- What is AWS AppConfig
- Why use AWS Appconfig
- Simplify task with AWS Appconfig
- Use cases of AWS Appconfig
- Benefits of using AWS AppConfig
- Comparison between Parameter Store vs AppConfig
- Comparison between AWS Config vs AppConfig
- How to configure AWS AppConfig
- AWS App config pricing
What Is AWS AppConfig?
This service is offered by Amazon Web Service to centralize the management of configuration data. It provides you the ability to create, manage, and deploy configuration changes separate from code.
It supports controlled deployments to apps of any size and includes built-in validation checks and monitoring. You can use AWS AppConfig with apps hosted on Amazon EC2 instances, Lambda, containers, mobile applications, or IoT devices.
Why use AWS Appconfig
It simplifies application administration by deploying config changes from a central location. AppConfig supports configurations stored in the Systems Manager Parameter Store, Systems Manager (SSM) documents and Amazon S3.
Also to prevent mistakes whilst deploying software configurations, specifically for manufacturing structures wherein an easy typo should motivate a surprising outage, AppConfig consists of validators. To validate your utility configuration facts, you provide a schema or an Amazon net services Lambda function that runs against the configuration. The configuration deployment or replacement can only proceed whilst the configuration facts are legitimate.
For the duration of a configuration deployment, AppConfig monitors the software to ensure the deployment is successful. If the device encounters an error, AppConfig rolls lower back the alternate to reduce the effect on your application users. you may configure a deployment strategy for each utility or surroundings that consists of deployment standards, including speed, bake time, and alarms to screen. just like mistakes tracking, if a deployment triggers an alarm, AppConfig routinely rolls returned to the preceding version
AWS AppConfig simplifies the following tasks:
1. Configure: Configurations can be sourced from Bitbucket Pipelines, GitHub, and AWS CodeCommit. You can also use Amazon Simple Storage Service (Amazon S3), AWS AppConfig hosted configurations, Parameter Store, or Systems Manager Document Store to source configurations.
2. Validate: When deploying application configurations, a simple typo could lead to an unexpected outage. Use AWS AppConfig validators to prevent errors in production systems. Validators use a JSON schema or an AWS Lambda function to perform syntactic and semantic checks on AWS AppConfigs. It would help if you did this to ensure that your configurations are deployed correctly. Valid configuration data is required for configuration deployments.
3. Deploy and monitor: Define deployment standards and charge controls to decide how your objectives retrieve the brand-new configuration. Monitor every deployment to proactively trap any mistakes in the usage of AWS AppConfig integration with Amazon CloudWatch. If AWS AppConfig encounters an error, the machine rolls returned the deployment to decrease the effect on your utility users.
Use cases of AWS app config
1. Feature flags: AWS AppConfig is used by many customers to safely distribute new features. A feature can be delivered to production while remaining hidden behind a feature flag, making it unavailable to users. Features can be made available to a selected group of users or to all users at any time, either immediately or gradually.
2. Operations tuning: AWS AppConfig can alternate operational conduct in the center of a run. you can, for example, keep timeout settings in configuration statistics and want to alternate them on the fly to optimize the application’s overall performance all without re-deploying the whole program.
3. Allow-listing or block-listing: Control access to premium features or immediately prohibit particular users without deploying new code.
Advantages of using AWS AppConfig
1. Managing configuration using AWS AppConfig allows us to move swiftly and safely: Software behavior can modify quickly or gradually without the danger of redeploying a new version of code by delivering configuration changes during runtime. That is to say, your teams can be more responsive using it because they can turn features on or off, or throttle up or down other configurations in real-time without having to restart your app in production.
2. Validating configuration before you deploy to avoid costly errors: AWS AppConfig lets you prevent configuration mistakes that might cause customer-facing issues or even outages.
You can use an AWS Lambda function to validate application configuration data against a schema, or you can use an AWS Lambda function to validate data against configuration. This validation ensures that the deployed configuration produces the desired results. Only if the verification is successful will the deployment start.
3. Configuration monitoring and automatic rollback when necessary: AWS AppConfig supports best practices by allowing configuration changes to be applied immediately or incrementally. Customers can choose a time period when the configuration change is to be tracked. If you set up alerts in Amazon CloudWatch, AppConfig can automatically roll back configuration changes when alarms are triggered.
Comparison between Parameter Store vs AppConfig
Comparison between AWS Config vs AppConfig
How to configure AWS AppConfig
1. log in to the AWS Management Console & navigate to AppConfig Service.
2. Click on the “Create application” button. Enter the application details & click again on the “Create application” button.3. Navigate to the “Configuration Profile and Feature Flags” tab under the application created in the previous step & click on Create.4. Choose the appropriate configuration profile type. Here, we will choose “Freeform Configuration” & click on “Select”.
5. Enter “Build Freeform configuration profile” details & choose “AWS AppConfig hosted configuration”.
6. Next, choose “JSON” & enter configs in the given text area in JSON format.
7. Navigate to the “Environments” tab & click on “Create environment”8. Enter the appropriate name of the environment. For Ex: Dev, SIT, UAT/Test, Prod & likewise. Once the environment is created, then we are all set to start the deployment to make our configuration available For Configuration, choose a configuration from the list.9. Depending on the source of your configuration, use the Document version or Parameter version list to choose the version you want to deploy. For the Deployment strategy, choose a strategy from the list.
10. Choose Start deployment.
AWS AppConfig Pricing
You just pay for what you use.
You pay for AWS AppConfig each time you use API calls to request configuration data from it, as well as each time your requesting target receives configuration data in response.
A target is the host that receives the application configuration. (this could be an Amazon EC2 instance, on-premises server, container, AWS Lambda function, mobile app, IoT device, etc.).
AWS AppConfig pricing example
Assume you have a single application configuration that updates three times every day. Assume you have 2,000 targets in your fleet that check for updated configurations every two minutes via API. When an updated configuration becomes available, AWS AppConfig provides it in response to the request for configuration. Over a month, your targets will receive a total of 180,000 (updated) configurations, and your bill will be as follows:
Cost of configuration requests = 1 (configurations) * 2000 (servers) * 0.5 (calls per minute) * 60 (minutes) * 24 (Hours)* 30 (days) * $0.0000002 (price per request)
=$8.64
Cost of configurations received =1 (configurations) * 2000 (servers) * 3 (updates a day) * 30 (days) * $0.0008 (price per configuration received)
=$144
Total monthly will be cost = $152.64
Frequently Asked Questions
What is an AWS Config rule?
An AWS Config rule represents desired configurations for a resource and is evaluated against configuration changes on the relevant resources, as recorded by AWS Config. The results of evaluating a rule against the configuration of a resource are available on a dashboard. Using AWS Config rules, you can assess your overall compliance and risk status from a configuration perspective, view compliance trends over time, and pinpoint which configuration change caused a resource to drift out of compliance with a rule.
How can AWS Config help with audits?
AWS Config gives you access to resource configuration history. You can relate configuration changes with AWS CloudTrail events that possibly contributed to the change in configuration. This information provides you full visibility, right from details, such as, “Who made the change?” and “From what IP address?”, to the effect of this change on AWS resources and related resources. You can use this information to generate reports to aid in auditing and assessing compliance over a period.
How does AWS Config work with AWS CloudTrail?
AWS CloudTrail records user API activity on your account and helps you access information about this activity. You get full details about API actions, such as identity of the caller, the time of the API call, the request parameters, and the response elements returned by the AWS service. AWS Config records point-in-time configuration details for your AWS resources as Configuration Items (CIs). You can use a CI to answer, “What did my AWS resource look like?” at a point in time. You can use CloudTrail to answer “Who made an API call to modify this resource?” For example, you can use the AWS Management Console for AWS Config to detect security group “Production-DB” was incorrectly configured in the past. Using the integrated CloudTrail information, you can pinpoint which user misconfigured “Production-DB” security group.
Related Links/References
- AWS Certified Solutions Architect Associate SAA-C03
- Overview of Amazon Web Services & Concept
- Amazon Appconfig
- How to create a free tier account in AWS
- AWS Certified DevOps Engineer Professional DOP-C02
- AWS Management Console Walkthrough
Next Task For You
Begin your journey towards an AWS Cloud by joining our FREE Informative Class on Amazon Cloud Free Class by clicking on the below image.
Mahlatse Makalancheche says
There’s a mix up of AWS App Config vs AWS Config in the pricing section.
The pricing details shared are not for App Config, and will likely confuse some. App config is free to use
Ayush Jain says
Hi Mahlatse
Thanks for highlighting, we have updated the Pricing Section.
Thanks & Regards
Ayush
Team K21 Academy