AWS SysOps Cookbook - Second Edition

Book description

Become an AWS SysOps administrator and explore best practices to maintain a well-architected, resilient, and secure AWS environment

Key Features

  • Explore AWS Cloud functionalities through a recipe-based approach
  • Get to grips with a variety of techniques for automating your infrastructure
  • Discover industry-proven best practices for architecting reliable and efficient workloads

Book Description

AWS is an on-demand remote computing service providing cloud infrastructure over the internet with storage, bandwidth, and customized support for APIs. This updated second edition will help you implement these services and efficiently administer your AWS environment.

You will start with the AWS fundamentals and then understand how to manage multiple accounts before setting up consolidated billing. The book will assist you in setting up reliable and fast hosting for static websites, sharing data between running instances and backing up data for compliance. By understanding how to use compute service, you will also discover how to achieve quick and consistent instance provisioning. You'll then learn to provision storage volumes and autoscale an app server. Next, you'll explore serverless development with AWS Lambda, and gain insights into using networking and database services such as Amazon Neptune. The later chapters will focus on management tools like AWS CloudFormation, and how to secure your cloud resources and estimate costs for your infrastructure. Finally, you'll use the AWS well-architected framework to conduct a technology baseline review self-assessment and identify critical areas for improvement in the management and operation of your cloud-based workloads.

By the end of this book, you'll have the skills to effectively administer your AWS environment.

What you will learn

  • Secure your account by creating IAM users and avoiding the use of the root login
  • Simplify the creation of a multi-account landing zone using AWS Control Tower
  • Master Amazon S3 for unlimited, cost-efficient storage of data
  • Explore a variety of compute resources on the AWS Cloud, such as EC2 and AWS Lambda
  • Configure secure networks using Amazon VPC, access control lists, and security groups
  • Estimate your monthly bill by using cost estimation tools
  • Learn to host a website with Amazon Route 53, Amazon CloudFront, and S3

Who this book is for

If you are an administrator, DevOps engineer, or an IT professional interested in exploring administrative tasks on the AWS Cloud, then this book is for you. Familiarity with cloud computing platforms and some understanding of virtualization, networking, and other administration-related tasks is assumed.

Downloading the example code for this ebook: You can download the example code files for this ebook on GitHub at the following link: https://github.com/PacktPublishing/AWS-SysOps-Cookbook-Second-Edition. If you require support please email: customercare@packt.com

Table of contents

  1. Title Page
  2. Copyright and Credits
    1. AWS SysOps Cookbook Second Edition
  3. Dedication
  4. About Packt
    1. Why subscribe?
  5. Contributors
    1. About the authors
    2. About the reviewers
    3. Packt is searching for authors like you
  6. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Download the color images
      3. Conventions used
    4. Sections
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    5. Get in touch
      1. Reviews
  7. AWS Fundamentals
    1. Signing up for an AWS account
      1. How to do it...
      2. How it works...
      3. There's more...
      4. See also
    2. Understanding AWS's global infrastructure
      1. Regions and availability zones
        1. Global resources
    3. Using the web console
      1. The menu bar
        1. AWS logo
        2. Services
        3. Resource Groups
        4. Pins
        5. Alerts
        6. Account
        7. Region and support
    4. Learning the basics of AWS CloudFormation
      1. What is CloudFormation?
      2. Why is CloudFormation important?
        1. Infrastructure as Code (IaC)
      3. The layer cake
      4. CloudFormation templates
        1. YAML versus JSON
        2. A closer look at CloudFormation templates
        3. Parameters
        4. Resources
        5. Dependencies and ordering
        6. Functions
          1. Fn::Join
          2. Fn::Sub
        7. Conditionals
      5. Permissions and service roles
      6. Cross-stack references
      7. Updating resources
        1. Changesets
      8. Other things to know
        1. Name collisions
        2. Rollback
        3. Limits
        4. Circular dependencies
        5. Credentials
        6. Stack policies
    5. Using the command-line interface (CLI)
      1. Installation
      2. Upgrade
      3. Configuration
        1. Default profile
        2. Named profiles
        3. Environment variables
        4. Instance roles
      4. Usage
        1. Commands
        2. Subcommands
        3. Options
        4. Output
        5. JSON
        6. Table
        7. Text
        8. Querying
      5. Generating a CLI skeleton
        1. Input
        2. Output
      6. Pagination
      7. Autocomplete
      8. There's more...
      9. See also
  8. Account Setup and Management
    1. Setting up an automated landing zone with AWS Control Tower
      1. How to do it...
      2. How it works...
        1. Accounts
      3. There's more...
      4. See also
    2. Setting up a master account with AWS Organizations
      1. How to do it...
      2. How it works...
      3. There's more...
        1. Using the CLI
      4. See also
    3. Creating a member account
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Accessing the member account
        2. Service Control Policies
        3. Root credentials
        4. Deleting accounts
      5. See also
    4. Inviting an account
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Removing accounts
        2. Consolidated billing
      5. See also
    5. Managing your accounts
      1. Getting ready
      2. How to do it...
        1. Getting the root ID for your organization
        2. Creating an OU
        3. Getting the ID of an OU
        4. Adding an account to an OU
        5. Removing an account from an OU
        6. Deleting an OU
      3. How it works...
      4. There's more...
      5. See also
    6. Adding a Service Control Policy (SCP)
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    7. Setting up consolidated billing
      1. How to do it...
      2. How it works...
      3. There's more...
        1. Credits
        2. Support charges
      4. See also
  9. AWS Storage and Content Delivery
    1. Setting up a secure Amazon S3 bucket
      1. How to do it...
        1. Using the web console to create a bucket with versioning enabled
        2. Using the CLI to create a bucket with cross-region replication enabled
        3. Using CloudFormation to create a bucket
      2. How it works...
      3. There's more...
        1. Athena
        2. S3 Select
      4. See alo
    2. Hosting a static website
      1. How to do it...
        1. Creating S3 buckets and hosting content
        2. Creating a hosted zone
        3. Creating DNS records
        4. Uploading website content
      2. How it works...
      3. There's more...
        1. Delegating your domain to AWS
        2. Cross-origin resource sharing (CORS)
      4. See also
    3. Caching a website with CloudFront
      1. Getting ready
        1. About dynamic content
        2. Configuring CloudFront distributions
      2. How to do it...
      3. How it works...
    4. Working with network storage provided by EFS
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    5. Amazon FSx for Windows File Server
      1. Getting ready
      2. How to do it...
      3. How it works...
    6. Backing up data for compliance
      1. How to do it...
      2. How it works...
      3. There's more...
  10. AWS Compute
    1. Creating a key pair
      1. Getting ready
      2. How to do it...
      3. How it works...
    2. Launching an instance
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    3. Attaching storage
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    4. Autoscaling an application server
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Scaling policies
        2. Alarms
    5. Creating security groups
      1. Getting ready
      2. How to do it...
      3. There's more...
        1. Differences from traditional firewalls
    6. Creating a load balancer
      1. How to do it...
      2. How it works...
      3. There's more...
        1. HTTPS/SSL
        2. Path-based routing
    7. Using AWS Systems Manager to log in to instances from the console
      1. Getting ready...
      2. How to do it...
      3. How it works...
      4. There's more...
    8. Creating serverless functions with AWS Lambda
      1. How to do it...
      2. How it works...
      3. There's more...
      4. See also
  11. Monitoring the Infrastructure
    1. AWS Trusted Advisor
      1. How to do it...
      2. How it works...
      3. There's more...
    2. Resource tags
      1. How to do it...
      2. How it works...
    3. AWS CloudWatch
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Widget types
    4. Billing alerts
      1. Getting ready
      2. How to do it...
      3. How it works...
    5. The ELK stack
      1. How to do it...
      2. How it works...
      3. There's more...
    6. AWS CloudTrail
      1. How to do it...
      2. How it works...
      3. There's more...
    7. Network logging and troubleshooting
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Log format
        2. Updates
        3. Omissions
      5. See also
  12. Managing AWS Databases
    1. Creating an RDS database with automatic failover
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    2. Creating an RDS database read replica
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    3. Promoting an RDS read replica to master
      1. Getting ready
      2. How to do it...
      3. How it works...
    4. Creating a one-time RDS database backup
      1. Getting ready
      2. How to do it...
      3. How it works...
    5. Restoring an RDS database from a snapshot
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    6. Managing Amazon Aurora databases
      1. How to do it...
      2. How it works...
      3. There's more...
    7. Managing Amazon Neptune graph databases
      1. How to do it...
      2. How it works...
    8. Create a DynamoDB table with a global secondary index
      1. How to do it...
      2. How it works...
    9. Calculating Amazon DynamoDB capacity
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. Burst capacity
        2. Metrics
        3. Eventually consistent reads
      5. See also
  13. AWS Networking Essentials
    1. Creating a VPC and subnets
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    2. Managing a transit gateway
      1. Getting ready
      2. How to do it...
      3. How it works...
    3. Creating a Virtual Private Network (VPN)
      1. How to do it...
      2. How it works...
      3. There's more...
        1. BGP
        2. ASN
    4. Setting up NAT gateways
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    5. Managing domains with Route 53
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
  14. AWS Account Security and Identity
    1. Administering users with IAM
      1. Getting ready
      2. How to do it...
      3. There's more...
      4. See also
    2. Deploying Simple Active Directory service
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    3. Creating instance roles
      1. How to do it...
      2. How it works...
      3. There's more...
    4. Using cross-account roles
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
        1. AWS CLI profiles
    5. Storing secrets
      1. How to do it...
      2. How it works...
      3. There's more...
    6. Protecting applications from DDoS
      1. How to do it...
      2. How it works...
      3. There's more...
    7. Configuring AWS WAF
      1. How to do it...
      2. How it works...
      3. There's more...
    8. Setting up intrusion detection
      1. How to do it...
      2. How it works...
      3. There's more...
  15. Managing Costs
    1. Estimating costs with the Simple Monthly Calculator
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    2. Estimating costs with the Total Cost of Ownership Calculator
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    3. Estimating CloudFormation template costs
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    4. Reducing costs by purchasing reserved instances
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
  16. Advanced AWS CloudFormation
    1. Creating and populating an S3 bucket with custom resources
      1. How to do it...
      2. How it works...
      3. There's more...
    2. Using a macro to create an S3 bucket for CloudTrail logs
      1. How to do it...
      2. How it works...
      3. There's more...
      4. See also
    3. Using mappings to specify regional AMI IDs
      1. How to do it...
      2. How it works...
      3. There's more...
      4. See also
    4. Using StackSets to deploy resources to multiple regions
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    5. Detecting resource drift from templates with drift detection
      1. How to do it...
      2. How it works...
      3. There's more...
        1. Unsupported resources and properties
        2. Using the CLI
      4. See also
  17. AWS Well-Architected Framework
    1. Understanding the five pillars of the Well-Architected Framework
      1. Security
      2. Operational excellence
      3. Performance efficiency
      4. Reliability
      5. Cost optimization
    2. Conducting a technology baseline review self-assessment
      1. How to do it...
      2. How it works...
      3. There's more...
    3. Using the Well-Architected Tool to evaluate a production workload
      1. How to do it...
      2. How it works...
      3. There's more...
  18. Working with Business Applications
    1. Creating a place for employees to share files with WorkDocs
      1. How to do it...
      2. How it works...
      3. There's more...
    2. Hosting desktops in the cloud and allowing users to connect remotely using WorkSpaces
      1. How to do it...
      2. How it works...
      3. There's more...
    3. Giving your users a place to chat and conduct video calls with Chime
      1. How to do it...
      2. How it works...
      3. There's more...
    4. Exploring the use of Alexa for Business
      1. How to do it...
      2. How it works...
      3. There's more...
    5. Hosting your company's email with WorkMail
      1. How to do it...
      2. How it works...
      3. There's more...
  19. AWS Partner Solutions
    1. Creating machine images with Hashicorp's Packer
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Template
        2. Validating the template
        3. Building the AMI
      4. There's more...
        1. Debugging
        2. Orphaned resources
        3. Deregistering AMIs
        4. Other platforms
    2. Monitoring and optimizing your AWS account with nOps
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
    3. Using IOPipe to instrument your lambda functions
      1. How to do it...
      2. How it works...
        1. Metrics dashboards
        2. Alerting
        3. Profiling
        4. Labels and search
      3. There's more...
  20. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: AWS SysOps Cookbook - Second Edition
  • Author(s): Eric Z. Beard, Rowan Udell, Lucas Chan
  • Release date: September 2019
  • Publisher(s): Packt Publishing
  • ISBN: 9781838550189