Learning AWS, Second Edition
Article Index
Learning AWS, Second Edition
Rest of book, Conclusion

Author: Aurobindo Sarkar & Amit Shah

Publisher: Packt Publishing
Print: 178728106X
Kindle: B0771MYVDH
Audience: Architects and DevOps
Rating: 4.0
Reviewer: Ian Stirk 


Chapter 6 Designing for and Implementing Security

Security is important because… your customers say it is! It is often the primary reason for the resistance in hosting applications in the cloud. This chapter outlines some of the best practices used to secure AWS applications, these include:   

  • Security inbuilt into various services (IAM roles, CloudTrail, CloudWatch)

  • Security considerations while using CloudFront (a content delivery network)

  • Logging for security analysis

  • Reviewing and auditing security configuration

There’s a helpful walkthrough on setting up security using IAM roles, the Key Management Service, and configuring SSL. Next, securing data at rest is examined in the context of Amazon Simple Storage Service (S3) and Relational Database Service (RDS).

The chapter then switches to applying various security aspects to the included sample application, with step-by-step instructions together with plenty of screenshots. Although the chapter is wide-ranging, it feels lightweight in terms of depth of explanation.

Chapter 7 Deploying to Production and Going Live

This chapter discusses various tools, approaches and best practices that ease the movement of your application to a production environment, together with subsequent monitoring.  

The primary tool discussed for creating and managing AWS environments is CloudFormation. You’re encourage to use the provided templates from the beginning, even if deployment via the console is easier initially, eventually your investment will pay off as the deployment process increases in complexity. An overview of building a DevOps pipeline is provided,

Once the application is in production, it will need monitoring. CloudWatch is the primary tool for this, it can monitor for various errors (e.g. S3 logs, HTTP exceptions). It can integrate with CloudTrail logs to monitor calls to AWS services.

Next, the chapter moves on to looking at the importance of backup and archiving. This is useful because it is a primary entry point for companies considering their first usage of the cloud. A good experience here can often lead to further, more comprehensive cloud usage. The importance of having a go-live set of instructions, and testing this plan is noted (this should occur on any platform, not just the cloud). The chapter ends with a step-by-step walkthrough of its content applied to the sample application.

This chapter provides useful guidance on what to consider when deploying your applications to the cloud. There’s a useful point about engaging with Amazon’s architects, since they’ve done this work before, so you can get it right first time. 



 (click cover to purchase from Packt)


The book ends with a further three chapters that relate to designing, implementing, and deploying a Big Data application with AWS.



Learning AWS, Second Edition aims to introduce Amazon Web Services to architects, and tentatively succeeds. On the upside, it has useful explanations, helpful diagrams, instructive step-by-step walkthroughs, and lots of real-world practical advice. The downside is the book is not for beginners, it assumes you’re an experienced software architect, familiar with the various patterns and approaches.

I wonder if it would have been better to expand the existing chapters for the beginner – perhaps this could have been done instead of including the final three chapters on designing, implementing, and deploying a Big Data application. Owing to the prevalence of acronyms, a glossary would be useful.

The book competes with various free offerings from Amazon itself. That said, it is useful to see the evolution of an AWS application from start to end.

I suspect in the near future, especially if privacy concerns abate, the cloud will become the default platform for software applications. As a personal insight into the advantages of using the cloud, I often work in financial environments, where the lead time for getting a new on-premise server can be 3 to 6 months - with a cloud-based offering the server can be available within minutes. Other advantages (e.g. cost-saving, on-demand scalability), are similarly convincing.

Overall, if you’re an existing architect wanting to learn about AWS, this is a very good book. Otherwise it is limited.

To keep up with our coverage of books for programmers, follow @bookwatchiprog on Twitter or subscribe to I Programmer's Books RSS feed for each day's new addition to Book Watch and for new reviews.


The Hardware Hacker

Author: Andrew Huang
Publisher: No Starch Press
Pages: 416
ISBN: 978-1593277581
Print: 159327758X
Kindle: B06XDHKV94
Audience: Hardware enthusiasts
Rating: 5 
Reviewer: Harry Fairhead 

This is a book like few others. You will either love it or wonder what it is all ab [ ... ]

Blockchain For Dummies

Author: Tiana Laurence
Publisher: Wiley
Date: May 2017
Pages: 240
ISBN: 978-1119365594
Print: 1119365597
Kindle: B06ZY3YDDK
Audience: Non-technical users
Rating: 3
Reviewer: Alex Armstrong

The blockchain's best days are far from over, so why not read a book suitable for dummies?

More Reviews

Last Updated ( Tuesday, 17 July 2018 )