Cloud Platform user guide
This user guide is for teams with applications or services deployed on, or intending to deploy to, the Ministry of Justice’s Cloud Platform.
Overview
Getting started
- Using the Cloud Platform CLI
- Creating a Cloud Platform environment
- Connecting to the Cloud Platform’s Kubernetes cluster
- Accessing the AWS console (read-only)
- Deploying an example application to the Cloud Platform
- Publish prototypes on the web
- Removing an unneeded namespace
Containers
- Requirements for deploying a container image to the Cloud Platform
- Creating a container repository for your Docker images
- Deprecating long-lived credentials for container repositories
Databases
Relational databases
- Creating a relational database using PostgreSQL, MariaDB, or MySQL
- Upgrading a database version or changing the instance type
Other topics
- How do I run Rails database migrations?
- Migrating an RDS instance
- SSL connections with RDS
- Creating alerts for RDS
- Accessing your RDS database
- Viewing RDS Database Metrics
- RDS Snapshots
- Setup Postgres container
- SQL Server Native Backups
Key-value databases
Redis
NoSQL
Storage
Other topics
- Migrating an S3 bucket
- StatefulSets (Pods with Persistent Volumes)
- Storage Classes
- Persistent-Volume encryption and snapshot
OpenSearch
Messaging
Publish/subscribe
Queue
Custom domains
- Using a custom domain
- Creating a Route 53 Hosted Zone for your DNS records
Security
- Security Controls on the Cloud Platform
- IP Filtering
- ModSecurity - Web Application Firewall
- Network Policies
- Adding a secret to an application
- Secrets overview
- Git-Crypt
- Security testing and ITHC
- Setup Ingress to redirect security.txt
- Trivy image scanning
Continuous deployment
Observability
Monitoring
- Using the Cloud Platform Prometheus, AlertManager and Grafana
- Getting application metrics into Prometheus
- Creating your own custom alerts
- Creating Pingdom checks
- Using the CloudWatch data source in Grafana
- Publish a Grafana Dashboard Snapshot
- Using PrometheusRule Linter in Github Action pipeline
Logging
Deprecations
- Migrating from live-1 to live domain name
- Removing Deprecated CronJob APIs for Cloud Platform
- Removing Deprecated PodDisruptionBudget APIs for Cloud Platform
- Deprecating long-lived credentials for container repositories
- Deprecating long-lived credentials for modules
Other topics
- Adding AWS resources to your environment
- Applying a Maintenance Page
- Long-running environments operations
- Access cross AWS resources IRSA EKS cluster
- DNS Domain Name Length considerations
- Accessing AWS APIs and resources from your namespace
- Using the Cloud Platform service pod to run maintenance tasks using the AWS CLI
- How do I get my data onto the Analytical Platform?
Tutorials
- Deploying an example application to the Cloud Platform
Reference
Cloud Platform
- Technical overview of the Cloud Platform
- Cloud Platform Operational Processes
- Deploying to the Cloud Platform
- Apply Pipeline
- Cloud Platform Disaster Recovery
Kubernetes
The Cloud Platform currently uses Kubernetes v1.24.
- Official Kubernetes v1.24 documentation
- Namespace/Container Resource Limits
- Kubectl quick reference
- Troubleshooting guide
- PodDisruptionBudgets and Cluster maintenance
- Kubernetes Cronjobs
- Kubernetes jobs
- Kubernetes: namespace definition files
Getting help
Adding to the guide
If there’s something missing, please either let us know and we’ll add a new article, or if you’re comfortable writing one yourself, PRs will be gratefully received. Details on how to get in touch are in the “Getting Help” section above, and the “GitHub” link at the top right of this page will take you to the repository for this guide.
This page was last reviewed on 17 August 2023.
It needs to be reviewed again on 17 November 2023
by the page owner #cloud-platform
.
This page was set to be reviewed before 17 November 2023
by the page owner #cloud-platform.
This might mean the content is out of date.