AWS Cookbook: Recipes for Success on AWS

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

This practical guide provides over 70 self-contained recipes to help you creatively solve common AWS challenges you'll encounter on your cloud journey. If you're comfortable with rudimentary scripting and general cloud concepts, this cookbook provides what you need to address foundational tasks and create high-level capabilities. Authors John Culkin and Mike Zazon share real-world examples that incorporate best practices. Each recipe includes a diagram to visualize the components. Code is provided so that you can safely execute in an AWS account to ensure solutions work as described. From there, you can customize the code to help construct an application or fix an existing problem. Each recipe also includes a discussion to provide context, explain the approach, and challenge you to explore the possibilities further. Go beyond theory and learn the details you need to successfully build on AWS. The recipes help you: • Redact personal identifiable information (PII) from text using Amazon Comprehend • Automate password rotation for Amazon RDS databases • Use VPC Reachability Analyzer to verify and troubleshoot network paths • Lock down Amazon Simple Storage Service (S3) buckets • Analyze AWS Identity and Access Management policies • Autoscale a containerized service

Author(s): John Culkin, Mike Zazon
Edition: 1
Publisher: O'Reilly Media
Year: 2021

Language: English
Commentary: Vector PDF
Pages: 358
City: Sebastopol, CA
Tags: Amazon Web Services; Artificial Intelligence; Machine Learning; Databases; Security; Cookbook; Best Practices; Networking; Containerization; Storage Management; AWS Lambda; Serverless Architecture

Copyright
Table of Contents
Foreword
Preface
Who This Book Is For
What You Will Learn
The Recipes
What You Will Need
Getting Started
Setups
Techniques and Approaches Used in This Book
Conventions Used in This Book
Using Code Examples
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Chapter 1. Security
1.0 Introduction
Workstation Configuration
1.1 Creating and Assuming an IAM Role for Developer Access
Problem
Solution
Discussion
1.2 Generating a Least Privilege IAM Policy Based on Access Patterns
Problem
Solution
Discussion
1.3 Enforcing IAM User Password Policies in Your AWS Account
Problem
Solution
Discussion
1.4 Testing IAM Policies with the IAM Policy Simulator
Problem
Solution
Discussion
1.5 Delegating IAM Administrative Capabilities Using Permissions Boundaries
Problem
Solution
Discussion
1.6 Connecting to EC2 Instances Using AWS SSM Session Manager
Problem
Solution
Discussion
1.7 Encrypting EBS Volumes Using KMS Keys
Problem
Solution
Discussion
1.8 Storing, Encrypting, and Accessing Passwords Using Secrets Manager
Problem
Solution
Discussion
1.9 Blocking Public Access for an S3 Bucket
Problem
Solution
Discussion
1.10 Serving Web Content Securely from S3 with CloudFront
Problem
Solution
Discussion
Chapter 2. Networking
2.0 Introduction
Workstation Configuration
2.1 Defining Your Private Virtual Network in the Cloud by Creating an Amazon VPC
Problem
Solution
Discussion
2.2 Creating a Network Tier with Subnets and a Route Table in a VPC
Problem
Solution
Discussion
2.3 Connecting Your VPC to the Internet Using an Internet Gateway
Problem
Solution
Discussion
2.4 Using a NAT Gateway for Outbound Internet Access from Private Subnets
Problem
Solution
Discussion
2.5 Granting Dynamic Access by Referencing Security Groups
Problem
Solution
Discussion
2.6 Using VPC Reachability Analyzer to Verify and Troubleshoot Network Paths
Problem
Solution
Discussion
2.7 Redirecting HTTP Traffic to HTTPS with an Application Load Balancer
Problem
Solution
Discussion
2.8 Simplifying Management of CIDRs in Security Groups with Prefix Lists
Problem
Solution
Discussion
2.9 Controlling Network Access to S3 from Your VPC Using VPC Endpoints
Problem
Solution
Discussion
2.10 Enabling Transitive Cross-VPC Connections Using Transit Gateway
Problem
Solution
Discussion
2.11 Peering Two VPCs Together for Inter-VPC Network Communication
Problem
Solution
Discussion
Chapter 3. Storage
3.0 Introduction
Workstation Configuration
3.1 Using S3 Lifecycle Policies to Reduce Storage Costs
Problem
Solution
Discussion
3.2 Using S3 Intelligent-Tiering Archive Policies to Automatically Archive S3 Objects
Problem
Solution
Discussion
3.3 Replicating S3 Buckets to Meet Recovery Point Objectives
Problem
Solution
Discussion
3.4 Observing S3 Storage and Access Metrics Using Storage Lens
Problem
Solution
Discussion
3.5 Configuring Application-Specific Access to S3 Buckets with S3 Access Points
Problem
Solution
Discussion
3.6 Using Amazon S3 Bucket Keys with KMS to Encrypt Objects
Problem
Solution
Discussion
3.7 Creating and Restoring EC2 Backups to Another Region Using AWS Backup
Problem
Solution
Discussion
3.8 Restoring a File from an EBS Snapshot
Problem
Solution
Discussion
3.9 Replicating Data Between EFS and S3 with DataSync
Problem
Solution
Discussion
Chapter 4. Databases
4.0 Introduction
Workstation Configuration
4.1 Creating an Amazon Aurora Serverless PostgreSQL Database
Problem
Solution
Discussion
See Also
4.2 Using IAM Authentication with an RDS Database
Problem
Solution
Discussion
4.3 Leveraging RDS Proxy for Database Connections from Lambda
Problem
Solution
Discussion
4.4 Encrypting the Storage of an Existing Amazon RDS for MySQL Database
Problem
Solution
Discussion
4.5 Automating Password Rotation for RDS Databases
Problem
Solution
Discussion
See Also
4.6 Autoscaling DynamoDB Table Provisioned Capacity
Problem
Solution
Discussion
4.7 Migrating Databases to Amazon RDS Using AWS DMS
Problem
Solution
Discussion
4.8 Enabling REST Access to Aurora Serverless Using RDS Data API
Problem
Solution
Discussion
Chapter 5. Serverless
5.0 Introduction
Workstation Configuration
Chapter Prerequisites
5.1 Configuring an ALB to Invoke a Lambda Function
Problem
Solution
Discussion
5.2 Packaging Libraries with Lambda Layers
Problem
Solution
Discussion
5.3 Invoking Lambda Functions on a Schedule
Problem
Solution
Discussion
5.4 Configuring a Lambda Function to Access an EFS File System
Problem
Solution
Discussion
See Also
5.5 Running Trusted Code in Lambda Using AWS Signer
Problem
Solution
Discussion
5.6 Packaging Lambda Code in a Container Image
Problem
Solution
Discussion
5.7 Automating CSV Import into DynamoDB from S3 with Lambda
Problem
Solution
Discussion
5.8 Reducing Lambda Startup Times with Provisioned Concurrency
Problem
Solution
Discussion
5.9 Accessing VPC Resources with Lambda
Problem
Solution
Discussion
Chapter 6. Containers
6.0 Introduction
Workstation Configuration
Chapter Prerequisites
6.1 Building, Tagging, and Pushing a Container Image to Amazon ECR
Problem
Solution
Discussion
6.2 Scanning Images for Security Vulnerabilities on Push to Amazon ECR
Problem
Solution
Discussion
6.3 Deploying a Container Using Amazon Lightsail
Problem
Solution
Discussion
6.4 Deploying Containers Using AWS Copilot
Problem
Solution
Discussion
6.5 Updating Containers with Blue/Green Deployments
Problem
Solution
Discussion
6.6 Autoscaling Container Workloads on Amazon ECS
Problem
Solution
Discussion
6.7 Launching a Fargate Container Task in Response to an Event
Problem
Solution
Discussion
6.8 Capturing Logs from Containers Running on Amazon ECS
Problem
Solution
Discussion
Chapter 7. Big Data
7.0 Introduction
Workstation Configuration
7.1 Using a Kinesis Stream for Ingestion of Streaming Data
Problem
Solution
Discussion
7.2 Streaming Data to Amazon S3 Using Amazon Kinesis Data Firehose
Problem
Solution
Discussion
7.3 Automatically Discovering Metadata with AWS Glue Crawlers
Problem
Solution
Discussion
7.4 Querying Files on S3 Using Amazon Athena
Problem
Solution
Discussion
7.5 Transforming Data with AWS Glue DataBrew
Problem
Solution
Discussion
Chapter 8. AI/ML
8.0 Introduction
Workstation Configuration
8.1 Transcribing a Podcast
Problem
Solution
Discussion
8.2 Converting Text to Speech
Problem
Solution
Discussion
8.3 Computer Vision Analysis of Form Data
Problem
Solution
Discussion
8.4 Redacting PII from Text Using Comprehend
Problem
Solution
Discussion
8.5 Detecting Text in a Video
Problem
Solution
Discussion
8.6 Physician Dictation Analysis Using Amazon Transcribe Medical and Comprehend Medical
Problem
Solution
Discussion
8.7 Determining Location of Text in an Image
Problem
Solution
Discussion
Chapter 9. Account Management
9.0 Introduction
Workstation Configuration
9.1 Using EC2 Global View for Account Resource Analysis
Problem
Solution
Discussion
9.2 Modifying Tags for Many Resources at One Time with Tag Editor
Problem
Solution
Discussion
9.3 Enabling CloudTrail Logging for Your AWS Account
Problem
Solution
Discussion
9.4 Setting Up Email Alerts for Root Login
Problem
Solution
Discussion
9.5 Setting Up Multi-Factor Authentication for a Root User
Problem
Solution
Discussion
9.6 Setting Up AWS Organizations and AWS Single Sign-On
Problem
Solution
Discussion
Appendix. Fast Fixes
Index
About the Authors