Developer Tools

Platform Engineering - Standardizing Infrastructure Templates with AWS Proton

Build an internal platform with Proton and Service Catalog to provide developers with self-service infrastructure provisioning. Learn about template management and governance design patterns.

約 4 分で読めます

The Challenge of Platform Engineering

With the spread of microservices architecture, the DevOps model where development teams autonomously provision infrastructure has become widespread. However, when each team builds infrastructure independently, issues arise such as inconsistent security configurations, deviation from best practices, and operational knowledge silos. Platform engineering is an approach where a platform team provides standardized infrastructure templates, and development teams provision infrastructure through self-service. AWS Proton is the service that enables this platform engineering approach, centrally managing the creation, versioning, distribution, and updating of infrastructure templates.

Template Design and Management

Proton uses a two-layer structure of environment templates and service templates. Environment templates define shared infrastructure such as VPCs, ECS clusters, and RDS instances. Service templates define application-specific infrastructure such as ECS services, Lambda functions, and API Gateway, deployed on top of environment templates. Templates are written in CloudFormation or Terraform and parameterized using the Jinja template engine. Parameters specified by developers (instance size, environment name, port number, etc.) are defined in a schema, and input validation can also be configured. Templates are version-controlled, and when a new version is published, updates can be recommended or automatically applied to existing services. This makes it easy to apply security patches and best practice changes across all services, maintaining governance.

Developer Workflow

Developers create services from the Proton console or CLI. They select an appropriate service template from the available catalog and enter parameters to provision infrastructure. Infrastructure details (security groups, IAM roles, logging configuration, etc.) are built into the template, so developers can focus on application code. Git repository integration triggers build, test, and deploy pipelines automatically when code changes. Proton displays a dashboard showing all services, each service's status (deploying, healthy, update available), and template version adoption. The platform team can identify which services are using outdated templates and encourage updates. Proton itself is free; charges apply only for the provisioned AWS resources (ECS, Lambda, RDS, etc.). For more on AWS infrastructure automation, see related books on Amazon.

Platform Operations and Maturity

Internal platform maturity should be improved incrementally. In the initial stage, start by sharing CloudFormation templates and organizing Service Catalog portfolios, aiming for a state where developers can build environments through self-service. In the next stage, standardize environments and services with Proton's template management, introducing template versioning and automatic updates. At the mature stage, continuously improve the platform by establishing template usage metrics, developer satisfaction measurement, and feedback loops. The platform team should treat developers as "customers" and pursue the right balance between usability and flexibility.

Summary - Proton Usage Guidelines

AWS Proton is a platform engineering service that enables infrastructure template standardization and developer self-service. Its key strengths are the two-layer structure of environment and service templates, version management with automatic updates, and integration with CloudFormation/Terraform. It is well-suited for organizations where multiple development teams build infrastructure independently and face governance challenges. Proton itself is free to use, and you can adopt it incrementally by leveraging existing IaC templates.

Related Services

AWS ProtonA service where platform teams provide infrastructure templates and developers deploy via self-serviceAWS CloudFormationAn IaC service that defines and provisions AWS resources as code using templatesAWS CodePipelineA service for building and automating CI/CD pipelines from source to deployment

Related Articles

Platform Engineering with AWS Proton - Self-Service Infrastructure Template DeliveryLearn about Proton's infrastructure template management, separation of environments and services, and developer self-service design.Automated Deployment Strategies - Continuous Delivery with AWS CodeDeploy and CodePipelineLearn how to build automated deployments using AWS CodeDeploy and CodePipeline. This guide covers diverse deployment strategies for EC2, Lambda, and ECS, along with practical continuous delivery techniques using pipelines.IaC with Programming Languages Using AWS CDK - Designing Constructs and StacksLearn about defining infrastructure with TypeScript/Python using CDK, choosing between L1/L2/L3 constructs, and testing techniques.

More on This Topic

How AI-DLC Transforms Software Development - A Practical Guide to the Inception, Construction, and Operation PhasesAn overview of the AI-DLC methodology that places AI at the center of the development process. Learn about the three phases of Inception, Construction, and Operation, and how to put them into practice with Kiro and Amazon Q Developer.Hands-On with the AI-DLC Unicorn Gym Workshop - Learning AI-DLC Through Team DevelopmentA complete look at the hands-on workshop where you experience AI-DLC through three days of team development. Learn how to run Mob Elaboration and Mob Construction, and how to leverage open-source workflows.Visually Design Serverless Applications with AWS Application Composer - Automatic IaC Template GenerationLearn about visual design of serverless architectures with Application Composer, automatic SAM template generation, and VS Code integration.Artifact Repository Management - Building a Secure Package Management Platform with AWS CodeArtifactLearn how to build and operate an artifact repository using AWS CodeArtifact. This guide covers centralizing package management for npm, Maven, PyPI, and more, along with building secure build pipelines through CodeBuild integration.How AWS API Throttling Works - The Token Bucket Algorithm and the Truth Behind 429 ErrorsLearn how AWS API rate limiting is implemented using the token bucket algorithm, understand the concept of burst capacity, explore differences in throttling limits across services, and discover practical strategies to avoid throttling.Why AWS APIs Return XML - The Evolution from Query APIs to REST JSONExplore the historical reasons why S3 and EC2 APIs return XML responses, the differences between Query APIs and REST APIs, the evolution of authentication from Signature V2 to V4, and the complexity that SDKs abstract away.Why AWS API Endpoints Differ by Region - The Design of Global and Regional ServicesWe explain the design reasons behind the separation of regional endpoints like ec2.us-east-1.amazonaws.com and global endpoints like iam.amazonaws.com, as well as the existence of dual-stack and FIPS endpoints.Browser-Based Shell Environment - Instant CLI Access with AWS CloudShellExplains the browser-based shell environment powered by AWS CloudShell. Covers the CLI environment available instantly from the AWS Management Console, pre-installed development tools, automatic IAM authentication integration, secure file management, and practical tips for improving operational efficiency.

Similar Articles and Services

Platform Engineering with AWS Proton - Self-Service Infrastructure Template DeliveryLearn about Proton's infrastructure template management, separation of environments and services, and developer self-service design.IT Service Provisioning - Self-Service Infrastructure Delivery with AWS Service CatalogLearn how to catalog approved IT services with AWS Service Catalog and enable self-service infrastructure provisioning through CloudFormation integration. This article covers operational patterns that maintain governance while empowering development teams.IT Governance with AWS Service Catalog - Standardizing Approved Products and Enabling Self-ServiceLearn how to catalog IT-approved CloudFormation templates and safely provide end-user self-service through launch constraints and template constraints.