AWS for System Administrators
Description
Key Features
Use a hands-on approach that mirrors real AWS operations with end-to-end examples
Use scripting and IaC to handle tasks like infrastructure deployment, credential rotation, backups, and resource cleanup
Manage complex environments with reusable code, policy enforcement, and multi-account best practices
Purchase of the print or Kindle book includes a free PDF eBook
Book DescriptionSystem administrators adopting AWS often struggle with automation, scalability, and multi-account management. Originally authored by Prashant Lakhera and now thoroughly updated by Senior Solutions Architect Marcel Neidinger, this second edition is your scenario-driven, hands-on guide to efficiently deploying and managing cloud infrastructure using Infrastructure as Code (IaC). This updated edition features new topics like chaos engineering with AWS Fault Injection Simulator, multi-account CI/CD deployments, reusable IaC patterns, and cloud compliance using AWS Config and service control policies-all to help you build modern cloud architectures. You'll set up AWS CLI, Terraform, and CDK to automate deployments, as well as explore cloud networking with VPCs, EC2, and Transit Gateway, followed by auto-scaling and load balancing strategies. The chapters highlight AWS Secrets Manager for securely storing and accessing your secrets, along with CloudWatch for monitoring and observability in the cloud. You'll implement centralized logging and develop backup and disaster recovery strategies. The book guides you through the processes and best practices for setting up a multi-account environment, with real-world scenarios for optimizing costs and ensuring high availability. By the end of this book, you'll have the skills to efficiently deploy, manage, and optimize AWS infrastructure at scale.What you will learn
Design and deploy networks in the cloud with VPCs and deploy instances with EC2
Implement auto-scaling and load balancing to optimize application performance
Deploy relational databases with Amazon RDS
Secure credentials using AWS Secrets Manager
Monitor AWS resources using CloudWatch and SNS
Test infrastructure resiliency using AWS Fault Injection Simulator
Automate backups and implement disaster recovery strategies
Set up and manage multiple AWS accounts using AWS Organizations
Who this book is forThis book is designed for system administrators, DevOps engineers, and IT professionals who want to effectively manage and automate AWS environments. A basic understanding of cloud computing, the Linux operating system, and networking concepts is recommended.
All prices
More details
Other editions
Additional editions
Previous edition
Persons
Having a positive impact on the world is important to him, which is why he shares his knowledge with others through his website, blog posts, and YouTube channel, which also helps him to dig deep into topics and build on his expertise.
Content
Setting Up the AWS Environment
Protecting Your AWS Account Using IAM
Creating a Data Center in the Cloud Using a VPC
Scalable Compute Capacity in the Cloud via EC2
Increasing Application Fault Tolerance and Efficiency with Elastic Load Balancing
Increasing Application Performance Using AWS Auto Scaling
Scaling a Relational Database in the Cloud Using Amazon Relational Database Service (RDS)
Managing Secrets and Encryption Keys with AWS Secrets Manager and KMS
Centralized Logging and Monitoring with Amazon CloudWatch
Centralizing Cloud Backup Solutions
Disaster Recovery Options with AWS
Testing the Resilience of Your Infrastructure and Architecture with AWS Fault Injection Service
Deploying Infrastructure Using CI/CD Pipelines
Building Reusable Infrastructure-as-Code Components
Ensuring Compliance Using AWS Config and SCPs
Operating in a Multi-Account Environment
End-to-End Deployment of an Application
Preface
Welcome to the fascinating world of systems operations - or SysOps - in AWS. AWS for System Administrators, Second Edition is your introduction to deploying, automating, and operating workloads in AWS. Over its 17 chapters, this book introduces you to the tools and techniques required to operate workloads in the cloud.
After finishing this book, you'll have explored the world of scalable compute, learned how to automate the deployment of relational databases, set up a multi-account organization, and much more.
Throughout the book, you'll see hands-on examples of automating the deployment of these infrastructure components through the use of Infrastructure-as-Code tools such as Terraform or CloudFormation. You'll get architectural guidance and explanations for the central concepts of operating workloads within AWS.
Who this book is for
This book is designed for technology professionals with some basic cloud experience who aim to understand how to automate and operate software systems and their underlying infrastructure on AWS.
Whether you are a systems administrator, DevOps engineer, or solutions architect looking into getting the most out of AWS, this book will enable you to better understand the challenges and the solutions involved when running applications on AWS.
A basic understanding of cloud concepts and services within AWS as well as some familiarity with IT tools such as Git and Terraform and a programming language such as Python is recommended. But if you don't have these prerequisites, the book offers explanations to bring you up to speed on these concepts.
Use this book to get started on your journey to becoming a systems operator on AWS!
What this book covers
Chapter 1, Setting Up the AWS Environment, introduces you to the basics of setting up an account on AWS as well as the Infrastructure-as-Code (IaC) tools we'll use throughout this book: Terraform, CloudFormation, and AWS Cloud Development Kit (CDK).
Chapter 2, Protecting Your AWS Account Using IAM, explains the concepts of the Identity and Access Management (IAM) service that is used throughout AWS for authentication and authorization.
Chapter 3, Creating a Data Center in the Cloud Using a VPC, covers the basic networking concepts of the virtual private cloud (VPC) - your data center in AWS.
Chapter 4, Scalable Compute Capacity in the Cloud via EC2, looks at concepts of Elastic Compute Cloud (EC2) - the AWS service to provision virtual machines within AWS.
Chapter 5, Increasing Application Fault-Tolerance and Efficiency with Elastic Load Balancing, explains how we can use Elastic Load Balancing (ELB) to route traffic between multiple instances to increase fault-tolerance and efficiency.
Chapter 6, Increasing Application Performance Using AWS Auto Scaling, covers how we can use Auto Scaling Groups in AWS to automatically scale our compute up or down.
Chapter 7, Scaling a Relational Database in the Cloud Using Amazon Relational Database Service (RDS), explains how to deploy an open source Postgres database using the Amazon Relational Database Service (RDS) and explores the concept of managed services.
Chapter 8, Managing Secrets and Encryption Keys with AWS Secrets Manager and KMS, teaches you how to handle secrets such as passwords or access tokens as well as the basic concepts of encryption in the cloud.
Chapter 9, Centralized Logging and Monitoring with Amazon CloudWatch, explains how you can use CloudWatch and SNS for centralized logging, metrics, and alerting on AWS.
Chapter 10, Centralizing Cloud Backup Solutions, explains AWS Backup and how you can use this service to implement backup plans.
Chapter 11, Disaster Recovery Options with AWS, explores the different options available to architect resilient applications on AWS. The chapter also explains the key concepts of Recovery Time Objective (RTO) and Recovery Point Objective (RPO).
Chapter 12, Testing the Resilience of Your Infrastructure and Architecture with AWS Fault Injection Service, introduces you to chaos engineering and AWS Fault Injection Service (FIS) - a service that lets you inject failures into your AWS-deployed applications to test their ability to withstand such failures when they happen in production.
Chapter 13, Deploying Infrastructure Using CI/CD Pipelines, covers the topic of automated infrastructure rollout based on IaC code that is stored in the version control system git.
Chapter 14, Building Reusable Infrastructure-as-Code Components, covers patterns and best practices when building reusable components for your teams to scale IaC usage.
Chapter 15, Ensuring Compliance Using AWS Config and SCPs, introduces two different methods, a proactive and reactive way, to block or detect the creation of infrastructure that is non-compliant with your set of rules and requirements.
Chapter 16, Operating in a Multi-Account Environment, introduces AWS Organizations as a way to set up the multiple AWS accounts usually required when operating a real-world application in the cloud.
Chapter 17, End-to-End Deployment of an Application, uses the tools, techniques, and concepts learned throughout the book to cover the end-to-end deployment of an application. From account setup to deployment pipeline and fault testing, this chapter shows how all the concepts introduced throughout this book fit together.
To get the most out of this book
To make full use of this book, you should have a working knowledge of cloud computing concepts, AWS services, and a basic understanding of computer networking concepts such as subnets, IP addresses, and CIDR ranges.
Throughout this book, we'll use IaC tools such as CloudFormation, Terraform, and CDK to automate the creation of our infrastructure and its maintenance. A working knowledge of at least one of these tools as well as a working knowledge of the Python programming language is beneficial.
You'll also need an AWS account to which you can test the hands-on learning parts of this book. Be advised that the examples in this book will incur a charge for the provisioned infrastructure.
An internet connection is required to interact with AWS and to download and install the required tools (see the following table).
Software/hardware covered in the book
OS requirement
AWS CLI
Windows, Linux, or macOS
Git
Windows, Linux, or macOS
Visual Studio Code (or similar code editor)
Windows, Linux, or macOS
Docker / Docker Desktop
Windows, Linux, or macOS
Python
Windows, Linux, or macOS
Node.js
Windows, Linux, or macOS (optional)
Web browser
Windows, Linux, or macOS
Terraform
Windows, Linux, or macOS
The required software is listed in the Technical requirements section of the applicable chapter.
Download the example code files
You can...
