This practical guide provides over 100 self-contained recipes to help you creatively solve issues you may encounter in your AWS cloud endeavors. If you're comfortable with rudimentary scripting and general cloud concepts, this cookbook will give you what you need to both address foundational tasks and create high-level capabilities.

AWS Cookbook provides real-world examples that incorporate best practices. Each recipe includes code that you can safely execute in a sandbox AWS account to ensure that it works. From there, you can customize the code to help construct your application or fix your specific existing problem. Recipes also include a discussion that explains the approach and provides context. This cookbook takes you beyond theory, providing the nuts and bolts you need to successfully build on AWS.

You'll find recipes for:

  • Organizing multiple accounts for enterprise deployments
  • Locking down S3 buckets
  • Analyzing IAM roles
  • Autoscaling a containerized service
  • Summarizing news articles
  • Standing up a virtual call center
  • Creating a chatbot that can pull answers from a knowledge repository
  • Automating security group rule monitoring, looking for rogue traffic flows
  • And more

Table of Contents

  1. Preface
    1. What You Will Learn
    2. Who This Book is For
    3. The Recipes
    4. What You’ll Need
  2. 1. Networking
    1. 1.0. Introduction
    2. 1.1. Defining Your Private Virtual Network in the Cloud by Creating a VPC
    3. 1.2. Creating a Network Tier with Subnets and a Route Table in a VPC
    4. 1.3. Connecting your VPC to the Internet using an Internet Gateway
    5. 1.4. Using a NAT Gateway for Outbound Internet Access from Private Subnets
    6. 1.5. Granting Dynamic Access by Referencing Security Groups
    7. 1.6. Using VPC Reachability Analyzer to Verify and Troubleshoot Network Paths
    8. 1.7. Redirecting HTTP Traffic to HTTPS with an Application Load Balancer
    9. 1.8. Simplifying Management of CIDRs in Security Groups with Prefix Lists
    10. 1.9. Controlling Network Access to S3 from your VPC using VPC Endpoints
    11. 1.10. Enabling Transitive Cross-VPC Connections using Transit Gateway
    12. 1.11. Peering Two VPCs Together for Inter-VPC Network Communication
    13. 1.12. Optimizing End User Load Time for S3 Static Web Content using CloudFront
  3. 2. Databases
    1. 2.0. Introduction
    2. 2.1. Creating an Aurora Serverless PostgreSQL Database
    3. 2.2. Using IAM Authentication with a RDS Database
    4. 2.3. Leveraring RDS Proxy For Database Connections From Lambda
    5. 2.4. Encrypting the Storage of an Existing Amazon RDS for MySQL Database
    6. 2.5. Automating Password Rotation for RDS Databases
    7. 2.6. Auto Scaling DynamoDB Table Provisioned Capacity
    8. 2.7. Migrating Databases to Amazon RDS using Amazon DMS (Database Migration Service)
    9. 2.8. Enabling the Data API for a Web-Services to Aurora Serverless
  4. 3. Containers
    1. 3.0. Introduction
    2. 3.1. Building, Tagging, and Pushing a Container Image to Amazon ECR
    3. 3.2. Scanning Images for Security Vulnerabilities on Push to Amazon ECR
    4. 3.3. Deploying a container using Amazon Lightsail
    5. 3.4. Deploying containers using AWS Copilot
    6. 3.5. Updating containers with blue/green deployments
    7. 3.6. Auto Scaling container workloads on Amazon ECS
    8. 3.7. Launching a Fargate container task in response to an event
    9. 3.8. Capturing logs from containers running on Amazon ECS
  5. 4. AWS Organizations
    1. 4.0. Introduction
    2. 4.1. Setting up an Amazon Web Services Account
    3. 4.2. Organizing multiple accounts for enterprise deployments
    4. 4.3. Service Control Policies
    5. 4.4. Tagging Policies and Resources
    6. 4.5. Backup Policies
    7. 4.6. Leaving an Organization as a Member Account
    8. 4.7. Removing accounts from your organization
    9. 4.8. Deleting an account
  6. Fast Fixes