index
configuration access 280 – 281
account creation, in AWS 24 – 31
account security, in AWS 141 – 150
authenticating AWS resources with roles 148 – 150
defining permissions with IAM identity policies 145 – 147
ACID (atomicity, consistency, isolation, and durability) 265, 326, 346
AdministratorAccess AWS managed policy 147
AI as a Service (Elger and Shanaghy) 20
ALARM state 261, 364, 483, 487
ALB (Application Load Balancer) 39
ALBRequestCountPerTarget scale 481
allkeys-lru eviction strategy 320
allkeys-random eviction strategy 320
AllocatedStorage attribute 268
Amazon Virtual Private Cloud. See VPC
AMIs (Amazon Machine Images) 45, 60, 491
bundling runtime and application into 455 – 456
deploying customized AMIs created by Packer 422 – 429
API (application programming interface) 98
application component of CodeDeploy 413
Application Load Balancer (ALB) 394, 455, 459, 498
ARN (Amazon Resource Name) 146, 278
ASGAverageCPUUtilization scale 481
ASGAverageNetworkOut scale 481
ASGs (Auto Scaling groups) 371, 467
recovering from data center outages with 368 – 387
availability zones 369 – 375, 385 – 387
network interface recovery 380 – 385
recovering network-attached storage 375 – 380
asynchronous decoupling 399 – 408
architecture of URL2PNG application 401 – 402
consuming messages programmatically 404 – 407
limitations of messaging with SQS 407 – 408
producing messages programmatically 402 – 404
turning synchronous process into asynchronous one 400 – 401
atomicity, consistency, isolation, and durability (ACID) 265, 326
AttachVolume parameter 230, 232
attribute-definitions option 331
authenticating AWS resources with roles 148 – 150
deploying customized AMIs created by Packer 422 – 429
in-place deployment with CodeDeploy 412 – 418
rolling updates with CloudFormation and user data 418 – 422
based on CloudWatch metrics 474 – 476
decoupling dynamic EC2 instance pools 477 – 487
managing dynamic EC2 instance pools 468 – 472
AWS_ACCESS_KEY_ID environment variable 196
reduction of time to market 12
services that solve common problems 11
deploying customized AMIs created by Packer 422 – 429
in-place deployment with CodeDeploy 412 – 418
rolling updates with CloudFormation and user data 418 – 422
based on CloudWatch metrics 474 – 476
decoupling dynamic EC2 instance pools 477 – 487
managing dynamic EC2 instance pools 468 – 472
cache deployment options 302 – 308
creating cache clusters 298 – 302
installing sample application with CloudFormation 311 – 319
tweaking performance 321 – 323
cost of 13 – 16
asynchronous decoupling with message queues 399 – 408
synchronous decoupling with load balancers 393 – 399
creating filesystems 246 – 248
creating mount targets 248 – 250
mounting EFS filesystems on EC2 instances 250 – 254
sharing files between EC2 instances 254 – 255
tweaking performance 255 – 261
example applications of 5 – 10
batch processing infrastructure 9 – 10
highly-available system implementation 9
running Java EE applications in private networks 7 – 8
redundant EC2 instances for increased availability 434 – 438
recovering from data center outages 368 – 387
recovering from EC2 instance failure 361 – 368
Infrastructure as Code 118 – 121
adding tags containing owner of EC2 instances 190 – 198
impacts of serverless pricing model 199 – 201
website health check example 176 – 189
modern architectures 490 – 504
NoSQL database service programming
SQL-like queries with PartiQL 349
to-do application example overview 328 – 329
backing up and restoring databases 274 – 279
highly available databases 283 – 285
importing data into databases 271 – 274
monitoring databases 290 – 291
starting MySQL databases 267 – 271
tweaking database performance 285 – 290
Amazon Virtual Private Cloud 158 – 171
keeping operating system up-to-date 137 – 141
network traffic control 150 – 158
adding additional network interfaces to 85 – 89
allocating public IP addresses 83 – 85
installing and running software manually 72 – 73
monitoring and debugging 73 – 76
size of 77 – 80
starting in another data center 80 – 83
creating cloud infrastructure for 39 – 44
deleting infrastructure for 53 – 54
exploring cloud infrastructure for 45 – 50
AWSAuthenticationPlugin plugin 282
AWS CDK (Cloud Development Kit) 132
aws dynamodb create-table command 330
AWS::EC2::SecurityGroup type 152
AWS Lambda in Action (Poccia) 202 – 203
AWS-RunPatchBaseline document 138
AWS_SECRET_ACCESS_KEY environment variable 196
AWS_SESSION_TOKEN environment variable 196
aws sts get-caller-identity command 148
AZs (availability zones) 432, 436
recovering failed virtual machines to 369 – 375
BackendPublicIpAddress output 157
backups 298, 302 – 303
persistent, attached over networks 229 – 237
Bursting Throughput mode 257 – 258
C6g, C6gd, C6gn, and C7g Graviton instance types 64
CacheSubnetGroupName property 299
cache deployment options 302 – 308
creating cache clusters 298 – 302
minimal CloudFormation template 298 – 300
testing Redis cluster 300 – 302
installing sample application with CloudFormation 311 – 319
updating Redis replication 320 – 321
tweaking performance 321 – 323
selecting cache node type 321 – 322
selecting deployment option 322 – 323
CDK (Cloud Development Kit) 132
CDN (content delivery network) 6, 119, 221
CI (continuous integration) server 361
CLI (command-line interface) 22, 98 – 99, 101 – 111
backing up data on S3 with 210 – 213
Cloud Development Kit (CDK) 132
anatomy of templates 122 – 126
format version and description 123
installing sample application 311 – 319
rolling updates with 418 – 422
updating infrastructure using 131 – 132
using to describe filesystems 246 – 247
autoscaling based on metrics 474 – 476
monitoring Lambda functions with metrics and alarms 184 – 189
recovering from EC2 instance failure with 361 – 368
searching through Lambda function logs with 181 – 184
CMS (content management system) 49, 306
CodeDeploy 20, 412 – 418
command-line interface. See CLI
ConstraintDescription property 125
options to run containers on AWS 491 – 494
running without managing clusters of virtual machines 496 – 498
virtual machines vs. 490 – 491
content delivery network (CDN) 221
content management system (CMS) 306
continuous integration (CI) server 361
archiving objects to optimize 213 – 216
for AWS 13 – 16
committing to usage for discount 91 – 92
spare compute capacity 92 – 97
impacts of serverless pricing model 199 – 201
CPUUtilization ElastiCache metric 319
CREATE_COMPLETE state 254, 269, 301, 307
CRUD (Creating, removing, updating, and deleting) 216
Database Migration Service (DMS) 273
data center outages, recovering from with Auto Scaling group 368 – 387
recovering failed virtual machines to 369 – 375
network interface recovery 380 – 385
recovering network-attached storage 375 – 380
data security standard (DSS) 13
DDoS (denial of service) attacks 136
debugging virtual machines 73 – 76
asynchronous decoupling with message queues 399 – 408
architecture of URL2PNG application 401 – 402
consuming messages programmatically 404 – 407
limitations of messaging with SQS 407 – 408
producing messages programmatically 402 – 404
turning synchronous process into asynchronous one 400 – 401
dynamic EC2 instance pools 477 – 487
autoscaling by load balancer 478 – 483
autoscaling by queues 483 – 487
redundant EC2 instances for increased availability 436 – 438
synchronous decoupling with load balancers 393 – 399
DeleteOnTermination attribute 229
denial of service (DDoS) attacks 136
describe command 366, 374, 379
describe-db-instances command 271, 276 – 277
describe-instances command 374 – 375, 379 – 380
describe-stack-resource command 278
DesiredCount configuration details 502
Discourse application, installing with CloudFormation 311 – 319
DMS (Database Migration Service) 273
DNS (Domain Name System) service 82
Docker in Action, second edition (Nickoloff & Kuenzl) 490
DSS (data security standard) 13
identifying tasks by partition key and sort key 332 – 333
identifying users by partition key 330 – 331
deploying for Imagery applications 457 – 458
partition key and sort key 348 – 349
eventually consistent data retrieval 345 – 346
getting items by key 337 – 338
global secondary indexes 341 – 344
querying items by key and filter 338 – 341
scanning and filtering all table data 344 – 345
SQL-like queries with PartiQL 349
to-do application example overview 328 – 329
EBS (Elastic Block Store) 20, 229 – 237, 244, 433
backing up data with EBS snapshots 235 – 237
creating EBS volumes and attaching to EC2 instances 230
tweaking performance 232 – 235
EC2 (Elastic Compute Cloud) 5, 20, 39, 57
adding additional network interfaces to virtual machines 85 – 89
adding tags containing owner of EC2 instances 190 – 198
authorizing Lambda functions to use other AWS services with IAM roles 196 – 197
deploying Lambda functions with SAM 197 – 198
implementing Lambda functions in Python 193 – 195
setting up Lambda functions with SAM 195 – 196
subscribing to EventBridge events 191 – 193
allocating public IP addresses 83 – 85
configuring key pair for login 64 – 65
connecting to virtual machines 70 – 72
creating EBS volumes and attaching to EC2 instances 230
decoupling dynamic instance pools 477 – 487
autoscaling by load balancer 478 – 483
autoscaling by queues 483 – 487
defining network and firewall settings 65
IAM roles for server and worker EC2 instances 458 – 459
installing and running software manually 72 – 73
launching EC2 instances 69 – 70
launching virtual machines 59 – 70
managing dynamic instance pools 468 – 472
monitoring and debugging virtual machines 73 – 76
mounting EFS filesystems on EC2 instances 250 – 254
optimizing costs for virtual machines 90 – 97
committing to usage for discount 91 – 92
spare compute capacity 92 – 97
recovering from instance failure with CloudWatch 361 – 368
redundant instances for increased availability 434 – 438
removing a single point of failure 435
RTO and RPO comparison for single instance 388
selecting operating system 60 – 62
sharing files between instances 254 – 255
shutting down virtual machines 76 – 77
starting virtual machines in another data center 80 – 83
EC2InstanceA virtual machine 254
ec2-owner-tag CloudFormation stack 198
ECS (Elastic Container Service) 396, 489, 494 – 496, 498 – 504
efs CloudFormation stack 259, 264
EFS (Elastic File System) 20, 40, 50, 243 – 244, 377
creating filesystems 246 – 248
using CloudFormation to describe filesystems 246 – 247
creating mount targets 248 – 250
mounting EFS filesystems on EC2 instances 250 – 254
sharing files between EC2 instances 254 – 255
tweaking performance 255 – 261
storage class and performance 261
EIP (Elastic IP addresses service) 83, 433
EKS (Elastic Kubernetes Service) 396, 489, 494
cache deployment options 302 – 308
creating cache clusters 298 – 302
minimal CloudFormation template 298 – 300
testing Redis cluster 300 – 302
installing sample application with CloudFormation 311 – 319
updating Redis replication 320 – 321
tweaking performance 321 – 323
selecting cache node type 321 – 322
selecting deployment option 322 – 323
Elastic Compute Cloud. See EC2
Elastic Container Service. See ECS
Elastic IP addresses service (EIP) 83, 433
Elastic Kubernetes Service (EKS) 396, 489, 494
Elastic Load Balancing (ELB) 39
ELB (Elastic Load Balancing) 20, 39, 382, 393 – 394, 432 – 433, 436
EndpointURL stack output 455, 462
EngineCPUUtilization metric 319 – 320
ENI (Elastic Network Interface) 373, 433, 460 – 461, 501
ERP (enterprise resource planning) 58
Evans, PJ 112, 217, 334, 403
EventBridge 176 – 177, 191 – 193
eventually consistent data retrieval 345 – 346
expected environment variable 180, 188
deploying application 454 – 463
idempotent state machine 443 – 445
implementing fault-tolerant web services 445 – 451
implementing fault-tolerant workers to consume SQS messages 451 – 454
redundant EC2 instances for increased availability 434 – 438
removing a single point of failure 435
FIFO (first in, first out) queues 408
firewalls, defining settings for virtual machines 65
FPGAs (field-programmable gate arrays) 63
GCP (Google Cloud Platform) 16
general Purpose mode performance mode 255
getItem operations 337 – 338, 346, 353
creating and querying 342 – 344
using for more flexible queries 341 – 342
Google Cloud Platform (GCP) 16
GPUs (graphics processing units) 63
GUID (globally unique identifier) 208
GUI (graphical user interface) 21
different high availability guarantees 388 – 389
RTO and RPO comparison for single EC2 instance 388
enabling high-availability deployment 284 – 285
recovering from data center outages with Auto Scaling group 368 – 387
availability zones 369 – 375, 385 – 387
network interface recovery 380 – 385
recovering network-attached storage 375 – 380
recovering from EC2 instance failure with CloudWatch 361 – 368
redundant EC2 instances for 434 – 438
removing a single point of failure 435
backing up data with EBS snapshots 235 – 237
creating EBS volumes and attaching to EC2 instances 230
tweaking performance 232 – 235
HealthCheckGracePeriod parameter 470
hook_after_install.sh script 416
allowing from source security groups 156 – 158
allowing from specific source IP addresses 155 – 156
HVM (hardware virtual machine) 62
IaaS (Infrastructure as a Service) 4, 61, 118
IAM (Identity and Access Management) 20, 309, 433
authorizing Lambda functions to use other AWS services with IAM roles 196 – 197
defining permissions with IAM identity policies 145 – 147
roles for server and worker EC2 instances 458 – 459
IamInstanceProfile parameter 469
ICMP (Internet Control Message Protocol) traffic, allowing 153 – 154
creating blog post entries in database 439
posting to blog Twitter feed 440 – 441
idempotent state machine 443 – 445
finite state machine 443 – 444
idempotent state transitions 444 – 445
Identity and Access Management. See IAM
Im4gn and Is4gen Graviton instance types 64
deploying application 454 – 463
bundling runtime and application into images 455 – 456
deploying S3, DynamoDB, and SQS 457 – 458
deploying server with load balancers and Auto Scaling group 459 – 461
deploying worker with Auto Scaling group 461 – 463
IAM roles for server and worker EC2 instances 458 – 459
idempotent state machine 443 – 445
finite state machine 443 – 444