Book Image

Implementing Cloud Design Patterns for AWS

Book Image

Implementing Cloud Design Patterns for AWS

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Implementing Cloud Design Patterns for AWS
Apr, 2015 | 228 pages
No titles found
Table of Contents (18 chapters)
Implementing Cloud Design Patterns for AWS
Implementing Cloud Design Patterns for AWS
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introduction
Introduction
Introduction to AWS
Cloud computing service models
Benefits of moving to the Cloud
Common problems encountered at AWS
Summary
2
Basic Patterns
Basic Patterns
Introducing Vagrant
Snapshot pattern
Stamp pattern
Scale up pattern
Scale out pattern
On-demand disk pattern
Summary
3
Patterns for High Availability
Patterns for High Availability
Multi-server pattern
Multi-data center pattern
Floating IP pattern
Deep health check pattern
Summary
4
Patterns for Processing Static Data
Patterns for Processing Static Data
High availability storage
Direct storage hosting
Private data delivery
Content delivery networks
Rename distribution pattern
Summary
5
Patterns for Processing Dynamic Data
Patterns for Processing Dynamic Data
Clone server pattern
NFS sharing pattern
State sharing pattern
URL rewriting pattern
Cache proxy pattern
Summary
6
Patterns for Uploading Data
Patterns for Uploading Data
Write proxy pattern
Storage index pattern
Direct object upload pattern
Summary
7
Patterns for Databases
Patterns for Databases
Database replication pattern
Read replica pattern
In-memory cache pattern
Sharding write pattern
Summary
8
Patterns for Data Processing
Patterns for Data Processing
Queuing chain pattern
Priority queue pattern
Job observer pattern
Summary
9
Patterns for Operation and Maintenance
Patterns for Operation and Maintenance
Bootstrap pattern
Cloud dependency injection pattern
Stack deployment pattern
Monitoring integration pattern
Web storage archive pattern
Weighted transition pattern
Hybrid backup pattern
Summary
10
Patterns for Networking
Patterns for Networking
OnDemand NAT pattern
Management network pattern
Functional firewall pattern
Operational firewall pattern
Web application firewall pattern
Multiple load balancer pattern
Summary
11
Throw-away Environments
Throw-away Environments
Infrastructure as code
Temporary development environments
Continuous integration
Summary
Index
Index

Functional firewall pattern

A lot of security concerns are not from the software themselves, but from the configuration surrounding the infrastructure. For example, consider a setup that has dozens or hundreds of instances, each with their own internal firewall configurations. Without the use of the configuration management software such as Puppet or Chef or a very fine process regarding this configuration, each instance may end up with a slightly different set of rules from the next.

Add to this example that the infrastructure itself may have similar configuration such as the AWS-provided Security Groups. With these many instances, it could get out of control very quickly if care is not taken from the beginning or is iterated over repeatedly. Some groups may conflict with others, cause gaps in protection, or just not work as expected. What started as a good process might evolve into a spider web of headaches.

One benefit of Security Groups is their flexibility: they can be stacked on top...

Previous Section
End of Section 4
Next Section