دانلود کتاب AWS DevOps Simplified: Build a solid foundation in AWS to deliver enterprise-grade software solutions at scale [Team-IRA]

فهرست مطالب :

Cover
Title page
Copyright and Credits
Foreword
Contributors
Table of Contents
Preface
Part 1: Driving Transformation through AWS and DevOps
Chapter 1: Accelerating Your DevOps Journey with AWS
AWS and DevOps – a perfect match
Production-like environments
Scaling with the cloud
DevOps methodologies to accelerate software delivery
Key AWS DevOps services
CI
CD and continuous deployment
IaC
Summary
Further reading
Chapter 2: Choosing the Right Cloud Service
The three tiers of cloud offerings
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
What to choose when
Simplicity versus control
Cloud skills and resources
Business requirements
Security considerations
Understanding your organization’s cloud operating model
Focusing on sustaining workloads with the traditional approach
Focusing on optimizing workloads
Focusing on growth in the cloud
Key AWS services
Abstracting the infrastructure
Accelerating software delivery with platform services
Fully managed software services
Summary
Further reading
Chapter 3: Leveraging Immutable Infrastructure in the Cloud
Technical requirements
Pets versus cattle
Mutable and immutable infrastructure
Mutable infrastructure
Immutable infrastructure
Getting started with AWS
Creating a new AWS account
Securing your root user credentials
Creating additional users
Setting up an AWS Cloud9 IDE in your AWS account
Navigating your Cloud9 environment
Working with the test application
Test application
Building an AMI with Packer
Deploying our test instance
Securing incoming traffic with security groups
Creating the test EC2 instance
Terminating the test EC2 instance
Summary
Further reading
Part 2: Faster Software Delivery with Consistent and Reproducible Environments
Chapter 4: Managing Infrastructure as Code with AWS CloudFormation
Technical requirements
What is AWS CloudFormation?
Key concepts in AWS CloudFormation
How CloudFormation works
Permissions delegation for resource management
API call logging with CloudTrail
How requests flow over the network
Best practices for using CloudFormation to define enterprise-grade architectures
Keep templates small and reusable
Leverage inputs and outputs for cross-stack dependencies
Leverage other service integrations
Leverage StackSets for organization-wide stack rollouts
Avoid hardcoding parameter values
Life cycle policies to protect critical resources
Reusable resource configurations
Deciding between Terraform and CloudFormation
Third-party provider ecosystem
Mapping a resource definition with a deployment
Support for programming constructs
State management for deployed resources
Better integrations offered by cloud-native services
Modules for code reusability
Hands-on deployment with CloudFormation
Network architecture design to support multi-AZ deployments
Hosting a sample web application with an application load balancer and Auto Scaling groups
Summary
Further reading
Chapter 5: Rolling Out a CI/CD Pipeline
What is CI/CD?
How does CI/CD enable faster software delivery?
Why is continuous deployment hard to implement?
An effective branching strategy is key
Working with feature toggles
Identifying what works best for you
How to choose the best CI/CD solution for your needs
Integration with existing tools
On-premises hosting considerations
Open source or commercial offerings?
Enabling continuous integration with CodeCommit and CodeBuild
Key features offered by CodeCommit
Automating builds and tests with CodeBuild
Using CodeDeploy to orchestrate deployment workflows in compute environments
Key components in CodeDeploy
Key features offered by CodeDeploy
Implementing end-to-end software delivery with CodePipeline
Key constructs used by CodePipeline
Triggering actions in other regions
Rolling out a fully automated CI/CD pipeline in your AWS account
Creating a base AMI for the application instances
Deploying infrastructure and application stacks
Summary
Further reading
Chapter 6: Programmatic Approach to IaC with AWS CDK
Different approaches to managing infrastructure in AWS
Manual infrastructure management
Automating infrastructure rollouts with scripts
Adopting a declarative approach
Using infrastructure definition generators
Using frameworks that offer high-level abstractions
What is AWS CDK?
Key concepts in CDK
Development workflow
Pros and cons of working with CDK
Deploying a test application with AWS CDK
Understanding the different components of the image recognition application
Bootstrapping a new CDK project
Bootstrapping the AWS account to enable CDK deployments
Defining CDK constructs for application components
Defining Lambda code for orchestrating the application workflow
Synthesizing the template
Deploying the CDK stack into an AWS account
Testing the image analysis workflow
Summary
Further reading
Part 3: Security and Observability of Containerized Workloads
Chapter 7: Running Containers in AWS
A quick introduction to the container ecosystem
What are containers and why do we need them?
Docker as a container platform
Scaling containerized deployments beyond simple use cases
Key responsibilities of container platforms
AWS services that support running containers in the cloud
AWS Elastic Compute Cloud (EC2)
AWS Elastic Kubernetes Service (EKS)
AWS Elastic Container Service (ECS)
ECS constructs and security features
Important constructs used by ECS
Ensuring a good security posture with ECS
Deploying a test application on ECS
Understanding the test application architecture
Defining the CDK stack constructs
Preparing the web application code
Preparing the static HTML template
Bundling all application dependencies together for deployment on ECS
Deploying our CDK stack in an AWS account
Summary
Further reading
Chapter 8: Enabling the Observability of Your Workloads
What is observability?
Benefits of observability
Key AWS offerings for monitoring and observability
Amazon CloudWatch
Best practices for a solid observability strategy
Build a hierarchy of dashboards
Use consistent time zones across all systems
Propagate trace identifiers
Ensure that all components of your system emit events
Defining your observability strategy for workloads hosted in AWS
Deploying an observability stack for a test application hosted in ECS
Extending the code base for better observability
Deploying the stack in an AWS account
Observing data to understand application behavior
Summary
Further reading
Chapter 9: Implementing DevSecOps with AWS
Trade-offs and challenges of security
Lack of ownership
Last step in software delivery
The rapid evolution of application architectures
Outdated security tools
What is DevSecOps?
How is it different from DevOps?
Key benefits of DevSecOps
What it means for security professionals
What it means for developers
What it means for the operations team
Securing your workloads in AWS
Security challenges for operating workloads in the cloud
Test strategies for your AWS workloads
Important tools for security assessments
Rolling out a test CI/CD workflow for DevSecOps
Understanding the target architecture of the DevSecOps pipeline
Understanding the code base
Deploying the CDK stack in an AWS account
Checking the result of security assessments
Summary
Further reading
Part 4: Taking the Next Steps
Chapter 10: Setting Up Teams for Success
Building a collaborative team setup and culture
Enable your teams to create more value
Establishing a culture of collaboration and learning
Measuring the DevOps maturity of your teams
De-silo Dev and Ops
Blameless post-mortems and RCAs
Technology best practices and considerations for success
Right-size the teams based on the technology cognitive load they can handle
Invest in building abstractions that promote best practices
Making injection of failure scenarios a routine practice
Aligning technology decisions with business expectations
Resources for continuous learning and enablement
Driving change from the bottom up
Structure your ideas well
Demonstrate commitment
Find collaborators and share good practices
Summary
Further reading
Chapter 11: Ensuring a Strong AWS Foundation for Multi-Account and Multi-Region Environments
What is a Landing Zone?
Key considerations in a Landing Zone
Defining a structure for organizational units and accounts
Focus on cross-account and hybrid networking needs
Securing the Landing Zone with IAM and security services
DevOps and config management
Operations
Best practices for managing multi-account architectures
Limiting access to the management account
Adopting solutions that offer the right balance of ease and control
Invest in building an Account Vending Machine
Maintain a separate AWS Organizations organization for platform development
Avoid provisioning any IAM users
Prefer no-code or low-code solutions
Building a Landing Zone with Control Tower and CfCT
Deploying resources with CfCT
Summary
Further reading
Chapter 12: Adhering to AWS Well-Architected Principles
Understanding different components of AWS Well-Architected
The AWS Well-Architected Framework
AWS Well-Architected lenses
The AWS Well-Architected Tool
Aligning your architecture with the six focus pillars of the framework
Operating your workloads with confidence
Enhancing the security posture of infrastructure and workloads
Building resilient and highly available systems
Improving the performance efficiency of your workloads
Minimizing cloud costs while maximizing business value creation
Building sustainable workloads in the cloud
Summary
Further reading
Index
Other Books You May Enjoy