AWS & Azure Multi-Cloud Expert
AWS & Azure Multi-Cloud Expert
Production deployment patterns for AWS and Azure.
AWS Deployment Patterns
Serverless with Lambda + API Gateway
// AWS CDK Stack
import * as cdk from 'aws-cdk-lib';
import * as lambda from 'aws-cdk-lib/aws-lambda';
import * as apigateway from 'aws-cdk-lib/aws-apigateway';
import * as dynamodb from 'aws-cdk-lib/aws-dynamodb';
export class ServerlessStack extends cdk.Stack {
constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// DynamoDB Table
const table = new dynamodb.Table(this, 'Table', {
partitionKey: { name: 'id', type: dynamodb.AttributeType.STRING },
billingMode: dynamodb.BillingMode.PAY_PER_REQUEST,
});
// Lambda Function
const handler = new lambda.Function(this, 'Handler', {
runtime: lambda.Runtime.NODEJS_18_X,
code: lambda.Code.fromAsset('lambda'),
handler: 'index.handler',
environment: {
TABLE_NAME: table.tableName,
},
});
table.grantReadWriteData(handler);
// API Gateway
const api = new apigateway.RestApi(this, 'API', {
restApiName: 'Serverless API',
deployOptions: {
stageName: 'prod',
throttlingBurstLimit: 100,
throttlingRateLimit: 50,
},
});
const integration = new apigateway.LambdaIntegration(handler);
api.root.addMethod('ANY', integration);
api.root.addResource('{proxy+}').addMethod('ANY', integration);
}
}
ECS Fargate Deployment
import * as ecs from 'aws-cdk-lib/aws-ecs';
import * as ec2 from 'aws-cdk-lib/aws-ec2';
import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2';
export class FargateStack extends cdk.Stack {
constructor(scope: cdk.App, id: string) {
super(scope, id);
const vpc = new ec2.Vpc(this, 'VPC', { maxAzs: 2 });
const cluster = new ecs.Cluster(this, 'Cluster', { vpc });
const taskDefinition = new ecs.FargateTaskDefinition(this, 'TaskDef', {
memoryLimitMiB: 512,
cpu: 256,
});
taskDefinition.addContainer('app', {
image: ecs.ContainerImage.fromRegistry('myapp:latest'),
portMappings: [{ containerPort: 8000 }],
environment: {
NODE_ENV: 'production',
},
logging: ecs.LogDrivers.awsLogs({ streamPrefix: 'app' }),
});
const service = new ecs.FargateService(this, 'Service', {
cluster,
taskDefinition,
desiredCount: 2,
});
const lb = new elbv2.ApplicationLoadBalancer(this, 'LB', {
vpc,
internetFacing: true,
});
const listener = lb.addListener('Listener', { port: 80 });
listener.addTargets('ECS', {
port: 8000,
targets: [service],
healthCheck: { path: '/health' },
});
}
}
S3 + CloudFront CDN
import * as s3 from 'aws-cdk-lib/aws-s3';
import * as cloudfront from 'aws-cdk-lib/aws-cloudfront';
import * as origins from 'aws-cdk-lib/aws-cloudfront-origins';
const bucket = new s3.Bucket(this, 'WebsiteBucket', {
websiteIndexDocument: 'index.html',
publicReadAccess: true,
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
const distribution = new cloudfront.Distribution(this, 'Distribution', {
defaultBehavior: {
origin: new origins.S3Origin(bucket),
viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
cachePolicy: cloudfront.CachePolicy.CACHING_OPTIMIZED,
},
defaultRootObject: 'index.html',
});
Azure Deployment Patterns
Azure Functions
// function.ts
import { AzureFunction, Context, HttpRequest } from "@azure/functions";
const httpTrigger: AzureFunction = async function (
context: Context,
req: HttpRequest
): Promise<void> {
context.log('HTTP trigger function processed a request.');
const name = req.query.name || (req.body && req.body.name);
const responseMessage = name
? `Hello, ${name}!`
: "Please pass a name on the query string or in the request body";
context.res = {
status: 200,
body: responseMessage
};
};
export default httpTrigger;
// host.json
{
"version": "2.0",
"logging": {
"applicationInsights": {
"samplingSettings": {
"isEnabled": true,
"maxTelemetryItemsPerSecond": 20
}
}
}
}
Azure Container Apps
# Deploy container to Azure Container Apps
az containerapp create \
--name myapp \
--resource-group myResourceGroup \
--environment myEnvironment \
--image myregistry.azurecr.io/myapp:latest \
--target-port 8000 \
--ingress external \
--min-replicas 2 \
--max-replicas 10 \
--cpu 0.5 \
--memory 1.0Gi \
--env-vars \
DATABASE_URL=secretref:db-url \
REDIS_URL=secretref:redis-url
Terraform for Multi-Cloud
# main.tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
azurerm = {
source = "hashicorp/azurerm"
version = "~> 3.0"
}
}
}
# AWS Resources
resource "aws_s3_bucket" "data" {
bucket = "my-data-bucket"
acl = "private"
}
# Azure Resources
resource "azurerm_storage_account" "data" {
name = "mydatastorageaccount"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
account_tier = "Standard"
account_replication_type = "GRS"
}
Deployment Scripts
# AWS Deploy Script
#!/bin/bash
set -e
# Build and push Docker image
docker build -t myapp:latest .
docker tag myapp:latest 123456789.dkr.ecr.us-east-1.amazonaws.com/myapp:latest
aws ecr get-login-password --region us-east-1 | \
docker login --username AWS --password-stdin 123456789.dkr.ecr.us-east-1.amazonaws.com
docker push 123456789.dkr.ecr.us-east-1.amazonaws.com/myapp:latest
# Update ECS service
aws ecs update-service \
--cluster my-cluster \
--service my-service \
--force-new-deployment
# Azure Deploy Script
#!/bin/bash
set -e
# Build and push Docker image
az acr build \
--registry myregistry \
--image myapp:latest \
--file Dockerfile .
# Update Container App
az containerapp update \
--name myapp \
--resource-group myResourceGroup \
--image myregistry.azurecr.io/myapp:latest
Best Practices
✅ Use Infrastructure as Code (CDK, Terraform) ✅ Implement least-privilege IAM policies ✅ Enable logging and monitoring ✅ Use managed services when possible ✅ Implement auto-scaling ✅ Use secrets management (Secrets Manager, Key Vault) ✅ Enable encryption at rest and in transit ✅ Implement proper backup strategies ✅ Use cost optimization tools ✅ Implement multi-region redundancy
When to Use: Cloud deployments, AWS/Azure infrastructure, serverless applications, multi-cloud strategies.
More from krosebrook/source-of-truth-monorepo
pydantic ai agent builder
Expert guidance for building AI agents with Pydantic AI framework. Use when creating multi-agent systems, AI orchestration workflows, or structured LLM applications with type safety and validation.
8enterprise erp consultant
Expert guidance for enterprise resource planning systems, business logic, domain modeling, and ERP integration patterns. Use when building ERP systems, implementing business workflows, or integrating with ERP platforms.
8docker & kubernetes orchestrator
Expert guidance for Docker containerization and Kubernetes orchestration. Use when containerizing applications, managing multi-container setups with Docker Compose, or deploying to Kubernetes clusters.
7canvas-design
Create beautiful visual art in .png and .pdf documents using design philosophy. You should use this skill when the user asks to create a poster, piece of art, design, or other static piece. Create original visual designs, never copying existing artists' work to avoid copyright violations.
6receiving-code-review
Use when receiving code review feedback, before implementing suggestions, especially if feedback seems unclear or technically questionable - requires technical rigor and verification, not performative agreement or blind implementation
6test-fixing
Run tests and systematically fix all failing tests using smart error grouping. Use when user asks to fix failing tests, mentions test failures, runs test suite and failures occur, or requests to make tests pass. Activates on phrases like "fix the tests", "tests are failing", or "make the test suite green".
5