Wydawca: Packt Publishing
Marcel Neidinger, Prashant Lakhera
System administrators adopting AWS often struggle with automation, scalability, and multi-account management. Originally authored by Prashant Lakhera and now thoroughly updated by Senior Solutions Architect Marcel Neidinger, this second edition is your scenario-driven, hands-on guide to efficiently deploying and managing cloud infrastructure using Infrastructure as Code (IaC).This updated edition features new topics like chaos engineering with AWS Fault Injection Simulator, multi-account CI/CD deployments, reusable IaC patterns, and cloud compliance using AWS Config and service control policies—all to help you build modern cloud architectures.You’ll set up AWS CLI, Terraform, and CDK to automate deployments, as well as explore cloud networking with VPCs, EC2, and Transit Gateway, followed by auto-scaling and load balancing strategies. The chapters highlight AWS Secrets Manager for securely storing and accessing your secrets, along with CloudWatch for monitoring and observability in the cloud. You’ll implement centralized logging and develop backup and disaster recovery strategies. The book guides you through the processes and best practices for setting up a multi-account environment, with real-world scenarios for optimizing costs and ensuring high availability.By the end of this book, you’ll have the skills to efficiently deploy, manage, and optimize AWS infrastructure at scale.
AWS Lambda Quick Start Guide. Learn how to build and deploy serverless applications on AWS
Markus Klems
AWS Lambda is a part of AWS that lets you run your code without provisioning or managing servers. This enables you to deploy applications and backend services that operate with no upfront cost. This book gets you up to speed on how to build scalable systems and deploy serverless applications with AWS Lambda.The book starts with the fundamental concepts of AWS Lambda, and then teaches you how to combine your applications with other AWS services, such as AmazonAPI Gateway and DynamoDB. This book will also give a quick walk through on how to use the Serverless Framework to build larger applications that can structure code or autogenerate boilerplate code that can be used to get started quickly for increased productivity.Toward the end of the book, you will learn how to write, run, and test Lambda functions using Node.js, Java, Python, and C#.
Jhalak Modi, Satyajit Das
This book starts with practical recipes on the fundamentals of cloud networking and gradually moves on to configuring networks and implementing infrastructure automation. This book then supplies in-depth recipes on networking components like Network Interface, Internet Gateways, DNS, Elastic IP addresses, and VPN CloudHub. Later, this book also delves into designing, implementing, and optimizing static and dynamic routing architectures, multi-region solutions, and highly available connectivity for your enterprise. Finally, this book will teach you to troubleshoot your VPC's network, increasing your VPC's efficiency. By the end of this book, you will have advanced knowledge of AWS networking concepts and technologies and will have mastered implementing infrastructure automation and optimizing your VPC.
Phani Kumar Lingamallu, Fabio Oliveira
As modern application architecture grows increasingly complex, identifying potential points of failure and measuring end user satisfaction, in addition to monitoring application availability, is key. This book helps you explore AWS observability tools that provide end-to-end visibility, enabling quick identification of performance bottlenecks in distributed applications.You’ll gain a holistic view of monitoring and observability on AWS, starting from observability basics using Amazon CloudWatch and AWS X-Ray to advanced ML-powered tools such as AWS DevOps Guru. As you progress, you'll learn about AWS-managed open source services such as AWS Distro for OpenTelemetry (ADOT) and AWS managed Prometheus, Grafana, and the ELK Stack. You’ll implement observability in EC2 instances, containers, Kubernetes, and serverless apps and grasp UX monitoring. With a fair mix of concepts and examples, this book helps you gain hands-on experience in implementing end-to-end AWS observability in your applications and navigating and troubleshooting performance issues with the help of use cases. You'll also learn best practices and guidelines, such as how observability relates to the Well-Architected Framework.By the end of this AWS book, you’ll be able to implement observability and monitoring in your apps using AWS’ native and managed open source tools in real-world scenarios.
Jonathan Helmus
Cloud security has always been treated as the highest priority by AWS while designing a robust cloud infrastructure. AWS has now extended its support to allow users and security experts to perform penetration tests on its environment. This has not only revealed a number of loopholes and brought vulnerable points in their existing system to the fore, but has also opened up opportunities for organizations to build a secure cloud environment. This book teaches you how to perform penetration tests in a controlled AWS environment.You'll begin by performing security assessments of major AWS resources such as Amazon EC2 instances, Amazon S3, Amazon API Gateway, and AWS Lambda. Throughout the course of this book, you'll also learn about specific tests such as exploiting applications, testing permissions flaws, and discovering weak policies. Moving on, you'll discover how to establish private-cloud access through backdoor Lambda functions. As you advance, you'll explore the no-go areas where users can’t make changes due to vendor restrictions and find out how you can avoid being flagged to AWS in these cases. Finally, this book will take you through tips and tricks for securing your cloud environment in a professional way.By the end of this penetration testing book, you'll have become well-versed in a variety of ethical hacking techniques for securing your AWS environment against modern cyber threats.
AWS: Security Best Practices on AWS. Learn to secure your data, servers, and applications with AWS
Albert Anthony
With organizations moving their workloads, applications, and infrastructure to the cloud at an unprecedented pace, security of all these resources has been a paradigm shift for all those who are responsible for security; experts, novices, and apprentices alike.This book focuses on using native AWS security features and managed AWS services to help you achieve continuous security. Starting with an introduction to Virtual Private Cloud (VPC) to secure your AWS VPC, you will quickly explore various components that make up VPC such as subnets, security groups, various gateways, and many more.You will also learn to protect data in the AWS platform for various AWS services by encrypting and decrypting data in AWS. You will also learn to secure web and mobile applications in AWS cloud.This book is ideal for all IT professionals, system administrators, security analysts, solution architects, and chief information security officers who are responsible for securing workloads in AWS for their organizations.This book is embedded with useful assessments that will help you revise the concepts you have learned in this book. This book is repurposed for this specific learning experience from material from Packt's Mastering AWS Security, written by Albert Anthony.
Heartin Kanikathottu
As a security consultant, securing your infrastructure by implementing policies and following best practices is critical. This cookbook discusses practical solutions to the most common problems related to safeguarding infrastructure, covering services and features within AWS that can help you implement security models such as the CIA triad (confidentiality, integrity, and availability), and the AAA triad (authentication, authorization, and availability), along with non-repudiation.The book begins with IAM and S3 policies and later gets you up to speed with data security, application security, monitoring, and compliance. This includes everything from using firewalls and load balancers to secure endpoints, to leveraging Cognito for managing users and authentication. Over the course of this book, you'll learn to use AWS security services such as Config for monitoring, as well as maintain compliance with GuardDuty, Macie, and Inspector. Finally, the book covers cloud security best practices and demonstrates how you can integrate additional security services such as Glacier Vault Lock and Security Hub to further strengthen your infrastructure.By the end of this book, you'll be well versed in the techniques required for securing AWS deployments, along with having the knowledge to prepare for the AWS Certified Security – Specialty certification.
Heartin Kanikathottu
As a security consultant, implementing policies and best practices to secure your infrastructure is critical. This cookbook discusses practical solutions for safeguarding infrastructure, covering services and features within AWS that help implement security models, such as the CIA triad (confidentiality, integrity, and availability) and the AAA triad (authentication, authorization, and accounting), as well as non-repudiation.This updated second edition starts with the fundamentals of AWS accounts and organizations. The book then guides you through identity and access management, data protection, network security, and encryption. You’ll explore critical topics such as securing EC2 instances, managing keys with KMS and CloudHSM, and implementing endpoint security. Additionally, you’ll learn to monitor your environment using CloudWatch, CloudTrail, and AWS Config, while maintaining compliance with services such as GuardDuty, Macie, and Inspector. Each chapter presents practical recipes for real-world scenarios, allowing you to apply security concepts.By the end of this book, you’ll be well versed in techniques required for securing AWS deployments and be prepared to gain the AWS Certified Security – Specialty certification.