You're reading from AWS for System Administrators Build, automate, and manage your infrastructure on the most popular cloud platform – AWS

Product type Paperback

Published in Feb 2021

Publisher Packt

ISBN-13 9781800201538

Length 388 pages

Edition 1st Edition

Tools

AWS

Concepts

System Administration

Author (1):

Prashant Lakhera

View More author details

Table of Contents (18) Chapters

Preface

1. Section 1: AWS Services and Tools

2. Chapter 1: Setting Up the AWS Environment FREE CHAPTER

3. Chapter 2: Protecting Your AWS Account Using IAM

4. Section 2: Building the Infrastructure

5. Chapter 3: Creating a Data Center in the Cloud Using VPC

6. Chapter 4: Scalable Compute Capacity in the Cloud via EC2

7. Section 3: Adding Scalability and Elasticity to the Infrastructure

8. Chapter 5: Increasing an Application's Fault Tolerance with Elastic Load Balancing

9. Chapter 6: Increasing Application Performance Using AWS Auto Scaling

10. Chapter 7: Creating a Relational Database in the Cloud using AWS Relational Database Service (RDS)

11. Section 4: The Monitoring, Metrics, and Backup Layers

12. Chapter 8: Monitoring AWS Services Using CloudWatch and SNS

13. Chapter 9: Centralizing Logs for Analysis

14. Chapter 10: Centralizing Cloud Backup Solution

15. Chapter 11: AWS Disaster Recovery Solutions

16. Chapter 12: AWS Tips and Tricks

17. Other Books You May Enjoy

Leave a review - let other readers know what you think

Summary

In this chapter, we learned how to create IAM users and groups and the significance of using them. We explored different IAM policies, how to create them, and how to always use the fundamental of least privilege so that we only assign the minimum access rights to the user so that they can do their job. We also looked at the importance of IAM roles, how AWS STS works, and how temporary credentials reduce the chance of IAM keys being leaked to the internet.

Finally, we wrapped things up with two real-world examples. First, we restricted the user to a specific instance using CloudFormation. By doing this, we can save costs so that users can only launch specific instance types. Then, we looked at how to deactivate the user's access/secret key once a specific day's threshold has been met. We used Boto3 to reduce the security blast radius.

In the next chapter, we will focus on networking components, VPC, and how to create it. We will also learn what a transit gateway...