Cloud Platform user guide
This user guide is for teams with applications or services deployed on, or intending to deploy to, the Ministry of Justice’s Cloud Platform.
Overview
Getting started
- Using the Cloud Platform CLI
- Creating a Cloud Platform environment
- Connecting to the Cloud Platform’s Kubernetes cluster
- Accessing the AWS console (read-only)
- Deploy your first Hello World application
- Publish prototypes on the web
- Removing an unneeded namespace
Containers
- Requirements for deploying a container to the Cloud Platform
- Creating an ECR repository for your Docker images
- Deploying a multi-container application to the Cloud Platform
- Deprecating long-lived credentials for container repositories
Databases
Relational databases
- Creating a relational database using PostgreSQL, MariaDB, or MySQL
- Upgrading a database version or changing the instance type
Other topics
- How do I run Rails database migrations?
- Migrating an RDS instance
- SSL connections with RDS
- Creating alerts for RDS
- Accessing your RDS database
- Viewing RDS Database Metrics
- RDS Snapshots
- Setup Postgres container
- SQL Server Native Backups
Key-value databases
Redis
NoSQL
Storage
Other topics
- Migrating an S3 bucket
- StatefulSets (Pods with Persistent Volumes)
- Storage Classes
- Persistent-Volume encryption and snapshot
OpenSearch
Messaging
Publish/subscribe
Queue
Custom domains
- Using a custom domain
- Creating a Route 53 Hosted Zone for your DNS records
Security
- Security Controls on the Cloud Platform
- IP Filtering
- ModSecurity - Web Application Firewall
- Network Policies
- Adding a secret to an application
- Secrets overview
- Git-Crypt
- Security testing and ITHC
- Setup Ingress to redirect security.txt
- Trivy image scanning
Continuous deployment
- Setting up GitHub Actions CD with Helm
- Set up continuous deployment using GitHub Actions
- Continuous Deployment of an application using CircleCI and Helm
- Zero Downtime Deployments
Observability
Monitoring
- Using the Cloud Platform Prometheus, AlertManager and Grafana
- Getting application metrics into Prometheus
- Creating your own custom alerts
- Creating Pingdom checks
- Using the CloudWatch data source in Grafana
- Publish a Grafana Dashboard Snapshot
- Using PrometheusRule Linter in Github Action pipeline
Logging
Deprecations
- Migrating from live-1 to live domain name
- Removing Deprecated CronJob APIs for Cloud Platform
- Removing Deprecated PodDisruptionBudget APIs for Cloud Platform
- Deprecating long-lived credentials for container repositories
Other topics
- Adding AWS resources to your environment
- Deploying an application to the Cloud Platform with Helm manually
- Applying a Maintenance Page
- Long-running environments operations
- Access cross AWS resources IRSA EKS cluster
- DNS Domain Name Length considerations
- CircleCI Security Incident - Secrets Rotation Guidance
Reference
Cloud Platform
- Technical overview of the Cloud Platform
- Cloud Platform Operational Processes
- Deploying to the Cloud Platform
- Apply Pipeline
- Cloud Platform Disaster Recovery
Kubernetes
The Cloud Platform currently uses Kubernetes v1.23.
- Official Kubernetes v1.23 documentation
- Namespace/Container Resource Limits
- Kubectl quick reference
- Troubleshooting guide
- PodDisruptionBudgets and Cluster maintenance
- Kubernetes Cronjobs
- Kubernetes jobs
- Kubernetes: namespace definition files
Getting help
Adding to the guide
If there’s something missing, please either let us know and we’ll add a new article, or if you’re comfortable writing one yourself, PRs will be gratefully received. Details on how to get in touch are in the “Getting Help” section above, and the “GitHub” link at the top right of this page will take you to the repository for this guide.
This page was last reviewed on 9 May 2023.
It needs to be reviewed again on 9 August 2023
by the page owner #cloud-platform
.
This page was set to be reviewed before 9 August 2023
by the page owner #cloud-platform.
This might mean the content is out of date.