Skip to content
Latchkey

What Is AWS? The Cloud Most Pipelines Deploy To

AWS is Amazon Web Services: a pay-as-you-go cloud where you rent compute, storage, databases, and hundreds of managed services instead of running your own data center.

Amazon Web Services is the largest public cloud provider, offering more than two hundred services that range from raw virtual machines to fully managed databases, queues, and machine-learning APIs. Teams use AWS so they can scale on demand and pay only for what they consume. For most software teams, AWS is also the place their CI/CD pipeline ultimately delivers code.

What AWS actually provides

AWS groups its offerings into broad categories: compute (EC2, Lambda, ECS, EKS), storage (S3, EBS), networking (VPC, CloudFront, Route 53), databases (RDS, DynamoDB), and a long tail of higher-level managed services. You provision resources through the console, the AWS CLI, or infrastructure-as-code tools like Terraform and CloudFormation.

Regions and availability zones

AWS runs in dozens of geographic regions, each split into isolated availability zones. Choosing a region affects latency, data residency, and price. Resources generally live in one region, so deployments target a specific region by configuration.

How you pay

  • On-demand pricing billed per second or per hour of use.
  • Reserved and savings plans for steady, predictable workloads.
  • Spot capacity at a discount for interruptible work.
  • Free-tier allowances for many services to start cheaply.

Identity and access

Access to every AWS resource is gated by IAM, the identity and access management service. IAM users, roles, and policies decide who or what can call which API. A CI pipeline authenticates as an IAM principal before it can deploy anything.

Role in CI/CD

In a typical pipeline, CI builds and tests your code, then a deploy job pushes artifacts to AWS: uploading a static site to S3 and CloudFront, pushing a container image to ECR and updating an ECS service, or deploying a function to Lambda. The cleanest way to authenticate from GitHub Actions is an OIDC role, which lets the workflow assume an IAM role without storing long-lived AWS keys as secrets.

Where Latchkey fits

Latchkey runs managed GitHub Actions runners on AWS, so your CI compute and your deployment target share the same network neighborhood. That keeps registry pulls, S3 uploads, and ECS rollouts fast and low-latency from the runner.

Key takeaways

  • AWS is a pay-as-you-go cloud with 200-plus services across compute, storage, and networking.
  • Every resource lives in a region and is gated by IAM permissions.
  • Pipelines deploy to AWS by authenticating as an IAM principal, ideally via OIDC.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →