Secure your Amazon Web Services (AWS) infrastructure with permission policies, key management, and network security, along with following cloud security best practices Key FeaturesExplore useful recipes for implementing robust cloud security solutions on AWSMonitor your AWS infrastructure and workloads using CloudWatch, CloudTrail, config, GuardDuty, and MaciePrepare for the AWS Certified Security-Specialty exam by exploring various security models and compliance offeringsBook Description As a security consultant, securing your infrastructure by implementing policies and following best practices is critical. This cookbook discusses practical solutions to the most common problems related to safeguarding infrastructure, covering services and features within AWS that can help you implement security models such as the CIA triad (confidentiality, integrity, and availability), and the AAA triad (authentication, authorization, and availability), along with non-repudiation. The book begins with IAM and S3 policies and later gets you up to speed with data security, application security, monitoring, and compliance. This includes everything from using firewalls and load balancers to secure endpoints, to leveraging Cognito for managing users and authentication. Over the course of this book, you'll learn to use AWS security services such as Config for monitoring, as well as maintain compliance with GuardDuty, Macie, and Inspector. Finally, the book covers cloud security best practices and demonstrates how you can integrate additional security services such as Glacier Vault Lock and Security Hub to further strengthen your infrastructure. By the end of this book, you'll be well versed in the techniques required for securing AWS deployments, along with having the knowledge to prepare for the AWS Certified Security – Specialty certification. What you will learnCreate and manage users, groups, roles, and policies across accountsUse AWS Managed Services for logging, monitoring, and auditingCheck compliance with AWS Managed Services that use machine learningProvide security and availability for EC2 instances and applicationsSecure data using symmetric and asymmetric encryptionManage user pools and identity pools with federated loginWho this book is for If you are an IT security professional, cloud security architect, or a cloud application developer working on security-related roles and are interested in using AWS infrastructure for secure application deployments, then this Amazon Web Services book is for you. You will also find this book useful if you’re looking to achieve AWS certification. Prior knowledge of AWS and cloud computing is required to get the most out of this book.

Secure your Amazon Web Services (AWS) infrastructure with permission policies, key management, and network security, while following cloud security best practices Key Features Explore useful recipes for implementing robust cloud security solutions on AWS Monitor your AWS infrastructure and workloads using CloudWatch, CloudTrail, Config, GuardDuty, and Macie Prepare for the AWS Certified Security - Specialty exam by exploring various security models and compliance offerings Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionAs a security consultant, implementing policies and best practices to secure your infrastructure is critical. This cookbook discusses practical solutions for safeguarding infrastructure, covering services and features within AWS that help implement security models, such as the CIA triad (confidentiality, integrity, and availability) and the AAA triad (authentication, authorization, and accounting), as well as non-repudiation. This updated second edition starts with the fundamentals of AWS accounts and organizations. The book then guides you through identity and access management, data protection, network security, and encryption. You’ll explore critical topics such as securing EC2 instances, managing keys with KMS and CloudHSM, and implementing endpoint security. Additionally, you’ll learn to monitor your environment using CloudWatch, CloudTrail, and AWS Config, while maintaining compliance with services such as GuardDuty, Macie, and Inspector. Each chapter presents practical recipes for real-world scenarios, allowing you to apply security concepts. By the end of this book, you’ll be well versed in techniques required for securing AWS deployments and be prepared to gain the AWS Certified Security – Specialty certification.What you will learn Manage AWS accounts and users with AWS Organizations and IAM Identity Center Secure data and infrastructure with IAM policies, RBAC, and encryption Enhance web security with TLS, load balancers, and firewalls Use AWS services for logging, monitoring, and auditing Ensure compliance with machine-learning-powered AWS services Explore identity management with Cognito, AWS directory services, and external providers such as Entra ID Follow best practices to securely share data across accounts Who this book is for If you’re an IT security professional, cloud security architect, or a cloud application developer working on security-related roles and are interested in using AWS infrastructure for secure application deployments, then this Amazon Web Services book is for you. You’ll also find this book useful if you’re looking to achieve AWS certification. Prior knowledge of AWS and cloud computing is required to get the most out of this book.

This practical guide provides over 70 self-contained recipes to help you creatively solve common AWS challenges you'll encounter on your cloud journey. If you're comfortable with rudimentary scripting and general cloud concepts, this cookbook provides what you need to address foundational tasks and create high-level capabilities. Authors John Culkin and Mike Zazon share real-world examples that incorporate best practices. Each recipe includes a diagram to visualize the components. Code is provided so that you can safely execute in an AWS account to ensure solutions work as described. From there, you can customize the code to help construct an application or fix an existing problem. Each recipe also includes a discussion to provide context, explain the approach, and challenge you to explore the possibilities further. Go beyond theory and learn the details you need to successfully build on AWS. The recipes help you: Redact personal identifiable information (PII) from text using Amazon Comprehend Automate password rotation for Amazon RDS databases Use VPC Reachability Analyzer to verify and troubleshoot network paths Lock down Amazon Simple Storage Service (S3) buckets Analyze AWS Identity and Access Management policies Autoscale a containerized service

Secure your Amazon Web Services (AWS) infrastructure with permission policies, key management, and network security, while following cloud security best practices Key Features Explore useful recipes for implementing robust cloud security solutions on AWS Monitor your AWS infrastructure and workloads using CloudWatch, CloudTrail, Config, GuardDuty, and Macie Prepare for the AWS Certified Security - Specialty exam by exploring various security models and compliance offerings Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionAs a security consultant, implementing policies and best practices to secure your infrastructure is critical. This cookbook discusses practical solutions for safeguarding infrastructure, covering services and features within AWS that help implement security models, such as the CIA triad (confidentiality, integrity, and availability) and the AAA triad (authentication, authorization, and accounting), as well as non-repudiation. This updated second edition starts with the fundamentals of AWS accounts and organizations. The book then guides you through identity and access management, data protection, network security, and encryption. You’ll explore critical topics such as securing EC2 instances, managing keys with KMS and CloudHSM, and implementing endpoint security. Additionally, you’ll learn to monitor your environment using CloudWatch, CloudTrail, and AWS Config, while maintaining compliance with services such as GuardDuty, Macie, and Inspector. Each chapter presents practical recipes for real-world scenarios, allowing you to apply security concepts. By the end of this book, you’ll be well versed in techniques required for securing AWS deployments and be prepared to gain the AWS Certified Security – Specialty certification.What you will learn Manage AWS accounts and users with AWS Organizations and IAM Identity Center Secure data and infrastructure with IAM policies, RBAC, and encryption Enhance web security with TLS, load balancers, and firewalls Use AWS services for logging, monitoring, and auditing Ensure compliance with machine-learning-powered AWS services Explore identity management with Cognito, AWS directory services, and external providers such as Entra ID Follow best practices to securely share data across accounts Who this book is for If you’re an IT security professional, cloud security architect, or a cloud application developer working on security-related roles and are interested in using AWS infrastructure for secure application deployments, then this Amazon Web Services book is for you. You’ll also find this book useful if you’re looking to achieve AWS certification. Prior knowledge of AWS and cloud computing is required to get the most out of this book.

With the rise of the cloud, every aspect of IT has been shaken to its core. The fundamentals for building systems are changing, and although many of the principles that underpin security still ring true, their implementation has become unrecognizable. This practical book provides recipes for AWS, Azure, and GCP to help you enhance the security of your own cloud native systems. Based on his hard-earned experience working with some of the world's biggest enterprises and rapidly iterating startups, consultant Josh Armitage covers the trade-offs that security professionals, developers, and infrastructure gurus need to make when working with different cloud providers. Each recipe discusses these inherent compromises, as well as where clouds have similarities and where they're fundamentally different. Learn how the cloud provides security superior to what was achievable in an on-premises world Understand the principles and mental models that enable you to make optimal trade-offs as part of your solution Learn how to implement existing solutions that are robust and secure, and devise design solutions to new and interesting problems Deal with security challenges and solutions both horizontally and vertically within your business

Become an AWS SysOps administrator and explore best practices to maintain a well-architected, resilient, and secure AWS environment Key FeaturesExplore AWS Cloud functionalities through a recipe-based approachGet to grips with a variety of techniques for automating your infrastructureDiscover industry-proven best practices for architecting reliable and efficient workloadsBook Description AWS is an on-demand remote computing service providing cloud infrastructure over the internet with storage, bandwidth, and customized support for APIs. This updated second edition will help you implement these services and efficiently administer your AWS environment. You will start with the AWS fundamentals and then understand how to manage multiple accounts before setting up consolidated billing. The book will assist you in setting up reliable and fast hosting for static websites, sharing data between running instances and backing up data for compliance. By understanding how to use compute service, you will also discover how to achieve quick and consistent instance provisioning. You’ll then learn to provision storage volumes and autoscale an app server. Next, you’ll explore serverless development with AWS Lambda, and gain insights into using networking and database services such as Amazon Neptune. The later chapters will focus on management tools like AWS CloudFormation, and how to secure your cloud resources and estimate costs for your infrastructure. Finally, you’ll use the AWS well-architected framework to conduct a technology baseline review self-assessment and identify critical areas for improvement in the management and operation of your cloud-based workloads. By the end of this book, you’ll have the skills to effectively administer your AWS environment. What you will learnSecure your account by creating IAM users and avoiding the use of the root loginSimplify the creation of a multi-account landing zone using AWS Control TowerMaster Amazon S3 for unlimited, cost-efficient storage of dataExplore a variety of compute resources on the AWS Cloud, such as EC2 and AWS LambdaConfigure secure networks using Amazon VPC, access control lists, and security groupsEstimate your monthly bill by using cost estimation toolsLearn to host a website with Amazon Route 53, Amazon CloudFront, and S3Who this book is for If you are an administrator, DevOps engineer, or an IT professional interested in exploring administrative tasks on the AWS Cloud, then this book is for you. Familiarity with cloud computing platforms and some understanding of virtualization, networking, and other administration-related tasks is assumed.

Unlock the secrets of cloud-native success with step-by-step recipes for conquering every stage of microservice deployment KEY FEATURES ● Develop, test, build, and deploy with cloud-native microservices. ● Orchestrate microservices with containerization in the cloud. ● Ensure cloud observability and security in implementation. DESCRIPTION The convergence of microservices and cloud technology represents a significant paradigm shift in software development. To fully leverage the potential of both, integration from the outset of application development is crucial. Cloud-native microservices cookbook serve as a conduit, harmonizing disparate elements of microservice construction by establishing a cohesive framework from inception to deployment. This book meticulously outlines the various stages involved in launching an application utilizing cloud-native microservices. It commences with the foundational aspects of application development, emphasizing microservice architecture principles such as configuration and service discovery, considering cloud infrastructure. Progressing through containerization, continuous integration (CI), and continuous deployment (CD) pipelines, the book explores the intricacies of orchestration, high availability (HA), auto scalability, and cloud security. Subsequently, it elucidates the significance of observability in monitoring microservices post-deployment, concluding with a comprehensive exploration of Infrastructure as Code (IaC) for cloud infrastructure provisioning. Explore cloud-native microservices basics using real-world examples from the finance sector. Follow curated recipes from concept to cloud deployment for a clear understanding and smooth application development. WHAT YOU WILL LEARN ● Learn the fundamental principles of data architecture. ● Practical methodology encompassing the development, testing, building, containerization, and orchestration of microservices. ● Software development, spanning from initial design to cloud hosting. ● Achieve microservice auto scalability and high availability. ● Utilizing cloud services and experimenting with newfound services confidently. ● Meticulously track cloud expenditures, alleviating any apprehension surrounding cost management. WHO THIS BOOK IS FOR The book is ideal for software developers, solution designers, and DevOps engineers with a foundational understanding of programming concepts and professionals seeking to deepen their expertise in system architecture and full-stack development within cloud environments. TABLE OF CONTENTS 1. Microservices and Cloud 2. Developing Microservices and Test Cases 3. Externalize Application Configurations 4. Implementing Dynamic Services 5. Containerization Using Docker 6. Pipeline Automation for CI/CD 7. Microservices Orchestration 8. Auto Scalability, High Availability, and Disaster Recovery 9. Cloud Security 10. Observability 11. Infrastructure Automation with IaC

Discover how to build a cloud-based data warehouse at petabyte-scale that is burstable and built to scale for end-to-end analytical solutions Key FeaturesDiscover how to translate familiar data warehousing concepts into Redshift implementationUse impressive Redshift features to optimize development, productionizing, and operations processesFind out how to use advanced features such as concurrency scaling, Redshift Spectrum, and federated queriesBook Description Amazon Redshift is a fully managed, petabyte-scale AWS cloud data warehousing service. It enables you to build new data warehouse workloads on AWS and migrate on-premises traditional data warehousing platforms to Redshift. This book on Amazon Redshift starts by focusing on Redshift architecture, showing you how to perform database administration tasks on Redshift. You'll then learn how to optimize your data warehouse to quickly execute complex analytic queries against very large datasets. Because of the massive amount of data involved in data warehousing, designing your database for analytical processing lets you take full advantage of Redshift's columnar architecture and managed services. As you advance, you'll discover how to deploy fully automated and highly scalable extract, transform, and load (ETL) processes, which help minimize the operational efforts that you have to invest in managing regular ETL pipelines and ensure the timely and accurate refreshing of your data warehouse. Finally, you'll gain a clear understanding of Redshift use cases, data ingestion, data management, security, and scaling so that you can build a scalable data warehouse platform. By the end of this Redshift book, you'll be able to implement a Redshift-based data analytics solution and have understood the best practice solutions to commonly faced problems. What you will learnUse Amazon Redshift to build petabyte-scale data warehouses that are agile at scaleIntegrate your data warehousing solution with a data lake using purpose-built features and services on AWSBuild end-to-end analytical solutions from data sourcing to consumption with the help of useful recipesLeverage Redshift's comprehensive security capabilities to meet the most demanding business requirementsFocus on architectural insights and rationale when using analytical recipesDiscover best practices for working with big data to operate a fully managed solutionWho this book is for This book is for anyone involved in architecting, implementing, and optimizing an Amazon Redshift data warehouse, such as data warehouse developers, data analysts, database administrators, data engineers, and data scientists. Basic knowledge of data warehousing, database systems, and cloud concepts and familiarity with Redshift will be beneficial.

Build scalable and production-ready infrastructure in Amazon Web Services with CloudFormation Key Features Leverage AWS CloudFormation templates to manage your entire infrastructure Get up and running with writing your infrastructure as code and automating your environment Simplify infrastructure management and increase productivity with AWS CloudFormation Book DescriptionDevOps and the cloud revolution have forced software engineers and operations teams to rethink how to manage infrastructures. With this AWS book, you'll understand how you can use Infrastructure as Code (IaC) to simplify IT operations and manage the modern cloud infrastructure effectively with AWS CloudFormation. This comprehensive guide will help you explore AWS CloudFormation from template structures through to developing complex and reusable infrastructure stacks. You'll then delve into validating templates, deploying stacks, and handling deployment failures. The book will also show you how to leverage AWS CodeBuild and CodePipeline to automate resource delivery and apply continuous integration and continuous delivery (CI/CD) practices to the stack. As you advance, you'll learn how to generate templates on the fly using macros and create resources outside AWS with custom resources. Finally, you'll improve the way you manage the modern cloud in AWS by extending CloudFormation using AWS serverless application model (SAM) and AWS cloud development kit (CDK). By the end of this book, you'll have mastered all the major AWS CloudFormation concepts and be able to simplify infrastructure management.What you will learn Understand modern approaches to IaC Develop universal and reusable CloudFormation templates Discover ways to apply continuous delivery with CloudFormation Implement IaC best practices for the AWS Cloud Provision massive applications across multiple regions and accounts Automate template generation and software provisioning for AWS Extend CloudFormation with custom resources and template macros Who this book is forIf you are a developer who wants to learn how to write templates, a DevOps engineer interested in deployment and orchestration, or a solutions architect looking to understand the benefits of managing infrastructure with ease, this book is for you. Prior understanding of the AWS Cloud is necessary.

Effectively secure their cloud and hybrid infrastructure, how to centrally manage security, and improve organizational security posture Key Features • Implement and optimize security posture in Azure, hybrid, and multi-cloud environments • Understand Microsoft Defender for Cloud and its features • Protect workloads using Microsoft Defender for Cloud's threat detection and prevention capabilities Book Description Microsoft Defender for Cloud is a multi-cloud and hybrid cloud security posture management solution that enables security administrators to build cyber defense for their Azure and non-Azure resources by providing both recommendations and security protection capabilities. This book will start with a foundational overview of Microsoft Defender for Cloud and its core capabilities. Then, the reader is taken on a journey from enabling the service, selecting the correct tier, and configuring the data collection, to working on remediation. Next, we will continue with hands-on guidance on how to implement several security features of Microsoft Defender for Cloud, finishing with monitoring and maintenance-related topics, gaining visibility in advanced threat protection in distributed infrastructure and preventing security failures through automation. By the end of this book, you will know how to get a view of your security posture and where to optimize security protection in your environment as well as the ins and outs of Microsoft Defender for Cloud. What you will learn • Understand Microsoft Defender for Cloud features and capabilities • Understand the fundamentals of building a cloud security posture and defending your cloud and on-premises resources • Implement and optimize security in Azure, multi-cloud and hybrid environments through the single pane of glass - Microsoft Defender for Cloud • Harden your security posture, identify, track and remediate vulnerabilities • Improve and harden your security and services security posture with Microsoft Defender for Cloud benchmarks and best practices • Detect and fix threats to services and resources Who this book is for This book is for Security engineers, systems administrators, security professionals, IT professionals, system architects, and developers. Anyone whose responsibilities include maintaining security posture, identifying, and remediating vulnerabilities, and securing cloud and hybrid infrastructure. Anyone who is willing to learn about security in Azure and to build secure Azure and hybrid infrastructure, to improve their security posture in Azure, hybrid and multi-cloud environments by leveraging all the features within Microsoft Defender for Cloud.