O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

AWS Administration Cookbook

Book Description

Build, automate, and manage your AWS-based cloud environments

About This Book

  • Install, configure, and administer computing, storage, and networking in the AWS cloud
  • Automate your infrastructure and control every aspect of it through infrastructure as code
  • Work through exciting recipes to administer your AWS cloud

Who This Book Is For

If you are an administrator, DevOps engineer, or an IT professional who is moving to an AWS-based cloud environment, then this book is for you. It assumes familiarity with cloud computing platforms, and that you have some understanding of virtualization, networking, and other administration-related tasks.

What You Will Learn

  • Discover the best practices to achieve an automated repeatable infrastructure in AWS
  • Bring down your IT costs by managing AWS successfully and deliver high availability, fault tolerance, and scalability
  • Make any website faster with static and dynamic caching
  • Create monitoring and alerting dashboards using CloudWatch
  • Migrate a database to AWS
  • Set up consolidated billing to achieve simple and effective cost management with accounts
  • Host a domain and find out how you can automate health checks

In Detail

Amazon Web Services (AWS) is a bundled remote computing service that provides cloud computing infrastructure over the Internet with storage, bandwidth, and customized support for application programming interfaces (API). Implementing these services to efficiently administer your cloud environments is a core task.

This book will help you build and administer your cloud environment with AWS. We’ll begin with the AWS fundamentals, and you’ll build the foundation for the recipes you’ll work on throughout the book. Next, you will find out how to manage multiple accounts and set up consolidated billing. You will then learn to set up reliable and fast hosting for static websites, share data between running instances, and back up your data for compliance.

Moving on, you will find out how to use the compute service to enable consistent and fast instance provisioning, and will see how to provision storage volumes and autoscale an application server. Next, you’ll discover how to effectively use the networking and database service of AWS. You will also learn about the different management tools of AWS along with securing your AWS cloud. Finally, you will learn to estimate the costs for your cloud.

By the end of the book, you will be able to easily administer your AWS cloud.

Style and approach

This practical guide is packed with clear, practical, instruction-based recipes that will enable you to use and implement the latest features of AWS.

Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.

Table of Contents

  1. Preface
    1. What this book covers
    2. What you need for this book
    3. Who this book is for
    4. Sections
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    5. Conventions
    6. Reader feedback
    7. Customer support
    8. Downloading the example code
    9. Errata
    10. Piracy
    11. Questions
  2. AWS Fundamentals
    1. Introduction
      1. Creating an account
      2. Regions and Availability Zones
      3. The AWS web console
      4. CloudFormation templates
    2. Infrastructure as Code
      1. Visibility
      2. Consistency
      3. Troubleshooting
      4. Scale
      5. Costs
      6. DevOps
      7. Server configuration
      8. IaC on AWS
    3. CloudFormation
      1. What is CloudFormation?
      2. Why is CloudFormation important?
      3. The layer cake
      4. CloudFormation templates
        1. YAML versus JSON
        2. A closer look at CloudFormation templates
          1. Parameters
          2. Resources
          3. Outputs
          4. Mappings
        3. Dependencies and ordering
        4. Functions
          1. Fn::Join
          2. Fn::Sub
        5. Conditionals
        6. Permissions and service roles
        7. Custom resources
        8. Cross-stack references
        9. Updating resources
        10. Change sets
        11. Other things to know
          1. Name collisions
          2. Rollback
          3. Limits
          4. Circular dependencies
          5. DSLs and generators
          6. Credentials
          7. Stack policies
    4. The command-line interface tool
      1. Installation
      2. Upgrade
      3. Configuration
        1. Default profile
        2. Named profiles
        3. Environment variables
        4. Instance roles
      4. Usage
        1. Commands
        2. Subcommands
        3. Options
        4. Output
        5. JSON
        6. Table
        7. Text
        8. Querying
      5. Generate CLI skeleton
        1. Input
        2. Output
      6. Pagination
      7. Autocomplete
      8. Related tools
        1. jq
  3. Managing AWS Accounts
    1. Introduction
    2. Setting up a master account
      1. How to do it...
      2. How it works...
      3. There's more...
        1. Multi-factor authentication
        2. Using the CLI
      4. See also
    3. Creating a member account
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Accessing the member account
        2. Service control policies
        3. Root credentials
        4. Deleting accounts
      5. See also
    4. Inviting an account
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Removing accounts
        2. Consolidated billing
      5. See also
    5. Managing your accounts
      1. Getting ready
      2. How to do it...
        1. Getting the root ID for your organization
        2. Creating an OU
        3. Getting the ID of an OU
        4. Adding an account to an OU
        5. Removing an account from an OU
        6. Deleting an OU
      3. How it works...
      4. There's more...
      5. See also
    6. Adding a service control policy
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
  4. Storage and Content Delivery
    1. Introduction
    2. Storage
      1. Elastic Block Store
      2. Elastic File System
      3. Simple Storage Service
      4. Glacier
      5. Content delivery
    3. Hosting a static website
      1. How to do it...
        1. Creating S3 buckets and hosting content
        2. Creating a hosted zone
        3. Creating DNS records
        4. Uploading website content
      2. How it works...
      3. There's more...
        1. Delegating your domain to AWS
        2. Cross-origin resource sharing 
    4. Caching a website
      1. Getting ready
        1. About dynamic content
        2. Configuring CloudFront distributions
      2. How to do it...
    5. Working with network storage
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    6. Backing up data for compliance
      1. How to do it...
      2. How it works...
  5. Using AWS Compute
    1. Introduction
    2. Creating a key pair
      1. Getting ready
      2. How to do it...
      3. How it works...
    3. Launching an instance
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    4. Attaching storage
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    5. Securely accessing private instances
      1. Getting ready
      2. How to do it...
        1. Configuration
      3. How it works...
      4. There's more...
    6. Auto scaling an application server
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Scaling policies
        2. Alarms
    7. Creating machine images
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Template
        2. Validate the template
        3. Build the AMI
      4. There's more...
        1. Debugging
        2. Orphaned resources
        3. Deregistering AMIs
        4. Other platforms
    8. Creating security groups
      1. Getting ready
      2. How to do it...
      3. There's more...
        1. Differences from traditional firewalls
    9. Creating a load balancer
      1. How to do it...
      2. How it works...
      3. There's more...
        1. HTTPS/SSL
        2. Path-based routing
  6. Management Tools
    1. Introduction
    2. Auditing your AWS account
      1. How to do it...
      2. How it works...
      3. There's more...
    3. Recommendations with Trusted Advisor
      1. How to do it...
      2. How it works...
      3. There's more...
    4. Creating e-mail alarms
      1. How to do it...
      2. How it works...
      3. There's more...
        1. Existing topics
        2. Other subscriptions
      4. See also
    5. Publishing custom metrics in CloudWatch
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Cron
        2. Auto scaling
        3. Backfilling
      5. See also
    6. Creating monitoring dashboards
      1. Getting ready
      2. How to do it...
      3. There's more...
        1. Widget types
      4. See also
    7. Creating a budget
      1. Getting ready
      2. How to do it...
      3. How it works...
    8. Feeding log files into CloudWatch logs
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
  7. Database Services
    1. Introduction
    2. Creating a database with automatic failover
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    3. Creating a NAT gateway
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    4. Creating a database read-replica
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    5. Promoting a read-replica to master
      1. Getting ready
      2. How to do it...
    6. Creating a one-time database backup
      1. Getting ready
      2. How to do it...
    7. Restoring a database from a snapshot
      1. Getting ready
      2. How to do it...
      3. There's more...
    8. Migrating a database
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Database engines
        2. Ongoing replication
        3. Multi-AZ
    9. Calculating DyanmoDB performance
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Burst capacity
        2. Metrics
        3. Eventually consistent reads
  8. Networking
    1. Introduction
    2. Building a secure network
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also...
    3. Creating a NAT gateway
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    4. Canary deployment via DNS
      1. Getting ready
      2. How to do it...
      3. How it works...
    5. Hosting a domain
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also...
    6. Routing based on location with failover
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Normal operation (geolocation routing)
        2. Region A failure
        3. Region B failure
      4. There's more...
      5. See also...
    7. Network logging and troubleshooting
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Log format
        2. Updates
        3. Omissions
      5. See also
  9. Security and Identity
    1. Introduction
    2. Federating with your AWS account
      1. Getting ready
      2. How to do it...
        1. Active Directory configuration
        2. Auth Account policy configuration
        3. Auth Account role configuration
        4. Simple AD configuration
        5. App Account role configuration
      3. How it works...
      4. There's more...
      5. See also
    3. Creating SSL certificates
      1. How to do it...
      2. How it works...
      3. There's more...
        1. EC2 instances
        2. Importing certificates
        3. CloudFormation
    4. Active Directory as a service
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    5. Creating users
      1. Getting ready
      2. How to do it...
      3. There's more...
      4. See also
    6. Creating instance roles
      1. How to do it...
      2. How it works...
      3. There's more...
      4. See also
    7. Cross-account user roles
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. AWS CLI profiles
      5. See also
    8. Storing secrets
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Key aliases
        2. Secret reader role
        3. Secret writer role
        4. The put-file command
        5. Versioning
      5. See also
  10. Estimating Costs
    1. Introduction
    2. Calculating costs
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    3. Estimating CloudFormation template costs
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    4. Purchasing reserved instances
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    5. Estimating total cost of ownership
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also