Book Image

Implementing Cloud Design Patterns for AWS - Second Edition

By : Sean Keery, Clive Harber, Marcus Young
Book Image

Implementing Cloud Design Patterns for AWS - Second Edition

By: Sean Keery, Clive Harber, Marcus Young

Overview of this book

Whether you're just getting your feet wet in cloud infrastructure or already creating complex systems, this book will guide you through using the patterns to fit your system needs. Starting with patterns that cover basic processes such as source control and infrastructure-as-code, the book goes on to introduce cloud security practices. You'll then cover patterns of availability and scalability and get acquainted with the ephemeral nature of cloud environments. You'll also explore advanced DevOps patterns in operations and maintenance, before focusing on virtualization patterns such as containerization and serverless computing. In the final leg of your journey, this book will delve into data persistence and visualization patterns. You'll get to grips with architectures for processing static and dynamic data, as well as practices for managing streaming data. By the end of this book, you will be able to design applications that are tolerant of underlying hardware failures, resilient against an unexpected influx of data, and easy to manage and replicate.

Related Content you might be interested in

Current Title:

Small book image
Implementing Cloud Design Patterns for AWS - Second Edition
Sean Keery | Clive Harber | Marcus Young
Apr, 2019 | 274 pages
Small book image
Implementing DevOps on AWS
Vaselin Kantsev
Jan, 2017 | 258 pages
Small book image
AWS for System Administrators
Prashant Lakhera
Feb, 2021 | 388 pages
Small book image
Getting Started with Terraform
Kirill Shirinkin
Jan, 2017 | 206 pages
Table of Contents (20 chapters)
Title Page
Title Page
Dedication
Dedication
About Packt
About Packt
Contributors
Contributors
Preface
Preface
Free Chapter
1
Introduction to Amazon Web Services
Introduction to Amazon Web Services
Introduction to AWS
Summary
Further reading
2
Core Services - Building Blocks for Your Product
Core Services - Building Blocks for Your Product
Technical requirements
Code
Compute
Networking
Storage
IAM
Summary
Further reading
3
Availability Patterns - Understanding Your Needs
Availability Patterns - Understanding Your Needs
Technical requirements
High availability
Load balancing
Fault tolerance
Auto scaling
Hierarchical storage management
Summary
Exercises
Further reading
4
Security - Ensuring the Integrity of Your Systems
Security - Ensuring the Integrity of Your Systems
Technical requirements
Shared responsibilities
Credentials
RBAC
More IAM
Cognito
Logging
Vulnerability scanning
Summary
Further reading
5
Continuous Deployment - Introducing New Features with Minimal Risk
Continuous Deployment - Introducing New Features with Minimal Risk
Technical requirements
Source control
CodeBuild
Testing your code
Summary
Further reading
6
Ephemeral Environments - Sandboxes for Experiments
Ephemeral Environments - Sandboxes for Experiments
Developer productivity
Exploring deployment strategies
Facilitating self-service
Using multiple environments
Testing your environment
Managing cost
Summary
Exercises
7
Operation and Maintenance - Keeping Things Running at Peak Performance
Operation and Maintenance - Keeping Things Running at Peak Performance
Technical requirements
Desilofication
Measurement
Fault injection
Business continuity
Reduction
Summary
Further reading
8
Application Virtualization - Using Cloud Native Patterns for Your Workloads
Application Virtualization - Using Cloud Native Patterns for Your Workloads
Technical requirements
Containers
Serverless
Service discovery
Summary
Further reading
9
Antipatterns - Avoiding Counterproductive Solutions
Antipatterns - Avoiding Counterproductive Solutions
Exploring counterproductive processes
Practices to avoid in general
Anti-patterns that you might come across
Summary
Further reading
10
Databases - Identifying Which Type Fits Your Needs
Databases - Identifying Which Type Fits Your Needs
General considerations
Polyglot persistence
Summary
Further reading
11
Data Processing - Handling Your Data Transformation
Data Processing - Handling Your Data Transformation
Queuing
Batching
Caching
Event stream processing
Transforms
Machine learning
Summary
Exercises
Further reading
12
Observability - Understanding How Your Products Are Behaving
Observability - Understanding How Your Products Are Behaving
Technical requirements
Analyzing your products
Events
Summary
Exercises
Further reading
13
Anti-Patterns - Bypassing Inferior Options
Anti-Patterns - Bypassing Inferior Options
Building processes
Best practices
Different patterns
Summary
Further reading
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

Cognito

If you would like to define and manage credentials for your product users instead of your cloud, Amazon Cognito offers up the ability to define roles and map users to them. This means that your app can access only the resources that are authorized for each user. Cognito supports MFA and encryption of data at rest and in-transit. Integrations with OAuth 2.0, SAML 2.0, and OpenID Connect provide federation options with social media and enterprise SSO providers.

User pools

In order to implement role management with Cognito, we first need to create a pool for our users, as in the following example:

resource "aws_cognito_user_pool" "pool" {
  name = "pool"
}

resource "aws_cognito_user_pool_client" "client" {
  name = "client"
  user_pool_id = "${aws_cognito_user_pool.pool.id}"
}

Identity pools

Then, we need to map any external identity providers that we wish to use:

resource "aws_iam_saml_provider" "default" {
  name = "my-saml-provider"
  saml_metadata_document = "${file("saml-metadata.xml...
Previous Section
End of Section 7
Next Section