Serverless Beyond the Buzzword: A Strategic Approach to Modern Cloud Management, 2nd Edition
- Length: 743 pages
- Edition: 2
- Language: English
- Publisher: Apress
- Publication Date: 2023-01-06
- ISBN-10: 1484287606
- ISBN-13: 9781484287606
- Sales Rank: #0 (See Top 100 Books)
Know how Serverless and cloud-native systems work, their benefits and roles in automating and optimizing organizations, and the challenges to be considered. Anyone interested in Serverless architecture will benefit from this book, regardless of their level of technical understanding.
This revised and expanded new edition explains many related terms, such as microservices, cloud-native, architecture, several relevant AWS services, and how it all works together to produce cost-effective, scalable solutions in the cloud. The book starts at a high level and gradually gets more in-depth and technical.
The less technical decision maker will learn how Serverless can affect finance, security, people, and compliance. The book touches on important decisions, such as selecting and working with external or internal specialists and teams; finding, evaluating, and training them; and the flexibility and dynamics available within digital projects.
Deployment automation and DevOps also feature heavily in this book, and you will find real-world use cases and examples of Serverless architecture to get you started. It’s worth noting that this book is not a development guide; it gives you a comprehensive understanding of what Serverless is so you can make informed decisions for your organization and projects.
What You’ll Learn
- Understand Serverless architecture and strategy
- Understand modern cloud management strategy, governance, and organizational team structure
- Handle budget planning and management
- Get started with Serverless architecture design
- Gain knowledge of best practices and security, as well as data management and DevOps
- Study proactive logging, operations, architecture examples, case studies, and more
Who This Book Is For
Anyone interested in a deep understanding of Serverless and how it can impact organizations and projects, regardless of their technical level. Strategic insights are provided for entrepreneurs and executives, planning and team insights for project managers, and technical insights for architects and team leads. Cloud consultants working with enterprises can read everything for a full, in-depth understanding of the topic. Other readers, such as less technical CTOs/CIOs, VPs, entrepreneurs, product owners, project managers, etc., can get what they need from the first 5-7 chapters. More technical readers and those experienced with Serverless can skim through the first 3 chapters and start with the security deep dive in Chapter 4.
Table of Contents About the Author Acknowledgments Prologue Chapter 1: Serverless Basics What Is Serverless Architecture? Pay for What You Use Server vs. Fully Managed vs. Serverless What Serverless Is Not Microservices Independence Reusability Security Separation of Front End (User Interface) and Back End (Processing) Serverless Example History of Serverless Virtual Servers The Cloud Software Modern Containers Serverless Types of Projects Key Challenges Vendor Lock-In Finding Talent Less Control Service-Level Agreements (SLAs) Latency (Almost) Unlimited Scaling Calculating Cloud Operational Costs Cloud Management Service Limits Key Benefits Near-Zero Wastage Reduced Scope of Responsibility and Effort Accurate Operational Cost Estimation and Tracking Highly Reusable Microservices Better Access Security Agility and DevOps Are Easier to Implement Easier to Manage Time, Budgets, and Teams Highly Scalable, Fast Scaling Significantly Lower Maintenance Cost Common Objections Less Stable Less Observable A Lot to Configure Architectural Complexity Public Case Studies NorthOne Bank Liberty Mutual Coca-Cola Chapter 2: Strategy Introduction Traditional Organization Structure vs. Serverless Cloud Center of Excellence (CCoE) Platform Architecture and Operations Roles From a Traditional Org Structure to a CCoE Cloud Controls as Compliance Guardrails Directive Controls Preventive Controls Detective Controls Corrective Controls Which Controls to Prioritize? Supporting Tools Self-Service Portal Shared Central Library Developer Tools Serverless Adoption: Current State Serverless Adoption: Desired State Serverless Adoption Framework: Business Perspective Serverless Adoption Framework: People Perspective Serverless Adoption Framework: Governance Perspective Serverless Adoption Framework: Platform Perspective Serverless Adoption Framework: Security Perspective Serverless Adoption Framework: Operations Perspective Serverless Adoption: Gap Analysis Application Suitability for Serverless Serverless Application Risk Assessment Assessment Domains Assessment Guide Event Storming Common Challenges Event Storming Basics Event Storming Steps Architecture Design Final Notes Public Case Studies Toyota Netflix T-Mobile Chapter 3: Finances Total Cost of Ownership (TCO) The Value of Paying for Utilization Scaling User Numbers Per-User Cost The Cost to Develop Serverless The Research The Project Comparing the Estimates Development Time The Cost of Migrating Applications The Cost of Maintenance and Operations Estimating the Cloud Operational Costs Collecting the Input Data for an Estimate Business Parameters Technical Parameters Pricing Parameters Service Pricing Request Fees Data Transfer Other Costs Architecture Examples Calculating the Estimate Calculator Tab Processing Tab AWS Service Pricing Tab Pricing API Cost Management AWS Cost Management Services Custom Tracking Resource Tags Regional Differences Cost Optimization S3 Cost Optimization S3 Lifecycle Policies Lambda Cost Optimization AWS Cost Reductions AWS Credits Consolidated Billing for AWS Organizations Chapter 4: Security Shared Responsibility Examples of Shared Responsibility Serverless Security Principle of Least Privilege PoLP Applied to Teams Static vs. Dynamic Privileges PoLP Applied to Servers PoLP for Serverless Identity and Access Management (IAM) Wildcards IAM Tips AWS Security Services AWS Organizations Single Sign-On (SSO) AWS Config (Detective Controls) Amazon GuardDuty AWS X-Ray AWS Shield AWS Resource Access Manager or RAM Firewall Manager Amazon Cognito AWS Directory Service Amazon Detective CloudHSM AWS Certificate Manager ECR Image Scan CodeGuru API Gateway API Authentication and Authorization Security Best Practices for API Gateway Serverless S3 Antivirus Scanning S3 Policies and ACLs Securing Containers by Decoupling Security Is Hard! User Input Validation API Gateway Model Schemas Storing Credentials $45,000 Bill for Losing Credentials AWS Public Scanning Systems Manager Parameter Store Secrets Manager Encryption Encryption of Data at Rest Encryption of Data in Transit Public/Private Key Encryption Envelope Encryption Encryption Exceptions in AWS Cloud Protecting Data CloudFront Other S3 Features S3 Monitoring On-Demand Data Redaction Securing Databases Tokenization Database Monitoring Privacy and GDPR What Is Privacy in a Technology Context, and Why Is It Important? Complying with GDPR Cloud and GDPR Why Serverless for GDPR Compliance Implementing for Compliance Security Monitoring with ElectricEye Key Points Deployment and Setup Chapter 5: People Evolving Teams Build, Buy, or Borrow Building a Team Buying a Team Interviews Serverless Roles: Solution Architect Serverless Roles: Cloud Security Engineer Serverless Roles: Deployment Automation Engineer Serverless Roles: Full-Stack Developer Serverless Roles: Database Engineer Serverless Roles: Project Manager Serverless Training Foundational Certification Associate Certification Professional Certification Specialty Certification Online Resources to Learn About Serverless Serverless Team Structure Serverless Careers Key Performance Indicators (KPIs) Borrowing a Team: Working with Serverless Vendors Experienced Serverless Vendors Capable Vendor The Three Pillars General Best Practices Vetting Serverless Capabilities Chapter 6: DevOps and Tooling What Is DevOps? Principles and Practices of DevOps Problems Solved by DevOps Evolution of DevOps Infrastructure-as-Code Key Values of IaC IaC Tools and Frameworks AWS CloudFormation Declarative vs. Imperative CloudFormation Example CloudFormation Challenges AWS CloudFormation Planning Nested Stacks Modules Macros Terraform Challenges AWS Serverless Application Model (SAM) Serverless Application Repository Challenges AWS Amplify AWS Cloud Development Kit (CDK) Differences Between Amplify and CDK CDK Technical Considerations Local Dev and Testing Existing CloudFormation Projects Extending CDK CDK DevOps CDK Tips Serverless Framework Challenges Code Repositories Mono-repo Multi-repo GIT Submodules Common Challenges Lambda Layers Developer Tooling AWS Command-Line Interface (CLI) LocalStack Integrated Development Environment (IDE) Other Tools Code Quality Assurance AWS Well-Architected Framework AWS Trusted Advisor AWS CodeGuru Amazon CodeWhisperer Preview Chapter 7: Data Data Is a Valuable Asset Database Selection Event Sourcing Data Tenancy Relational Database Service (RDS) RDS Proxy Amazon Aurora Aurora Serverless Aurora Serverless Data API Redshift Serverless DynamoDB Billing Models Transactional Operations Comparison of DynamoDB Billing Models Keys and Queries Adaptive Capacity DynamoDB Indexes Query Examples Other DynamoDB Features AWS DynamoDB Checklist NoSQL Serverless NoSQL Databases Amazon Keyspaces Amazon Timestream Amazon Quantum Ledger Database Managed NoSQL Databases DocumentDB Amazon Neptune NoSQL Databases Comparison In-Memory Databases ElastiCache MemoryDB AppSync Under- and Over-fetching Simple Storage Solution (S3) S3 Events Signed URLs Multipart Upload S3 Object Lambda Avoiding Size Limit Issues in Lambda Elastic File System (EFS) Chapter 8 Logging and Testing Logging Reactive Logging Proactive Logging General Considerations Logging Format and Content Service Logs in the Cloud Cloud Logging Services CloudWatch CloudWatch Metrics CloudWatch Logs CloudWatch Alarms CloudWatch Metric Filter Exporting Logs to S3 CloudWatch Subscriptions Managed Services for Proactive Logging Error Monitoring CloudWatch Events Performance Optimization Lambda Rightsizing Lambda Insights X-Ray Cost Tracking Lambda Cost Tracking S3 Cost Tracking Tracking the Cost of Other Services Security Monitoring Macie GuardDuty CloudWatch Subscription Logging Best Practices Centralized Logging Error Messages Sensitive Data in Logs Testing Testing Challenges in Serverless Testing Environments Creating and Maintaining Tests Local Testing Integrated Managed Services Debugging Failed Tests What to Test Types of Tests Unit Tests Integration Tests End-to-End Tests User Simulation Contract Testing Pact Comparing the Types of Testing Contract Testing with Pact for Serverless Asynchronous Testing Risk Assessment for Testing Test Pyramid vs. Test Honeycomb Deployment Pipeline AWS Testing Services Serverless Application Model (SAM) LocalStack CodeBuild CloudWatch Synthetics CloudWatch Real User Monitoring (RUM) CloudWatch Evidently Fault Injection Simulator (FIS) Device Farm Chapter 9: Architecture Challenges and Mitigations Vendor Lock-In Service-Level Agreements (SLAs) Stateless Microservices Latency Fully Managed Scaling Maturity of the Technology Service Limits Learning Curve Database Strategy Other Challenges AWS: Microservices and APIs Lambda Scalability and Cold Start Reserved Concurrency Layers To VPC or Not to VPC? Lambda DevOps Lambda Environment Variables Lambda and CloudWatch What Metrics to Monitor for CloudWatch and Why? Lambda and API Gateway WebSockets Proxy vs. Non-proxy Integration Request Transformation Dynamic HTML Error Reporting Other Integrations Lambda and Application Load Balancer Design Patterns When Not to Use Strict Microservice Architecture Microservice Example Architectures Basic CRUD API Triggered or Decoupled Gatekeeper CRON or Scheduled Edge Compute Stateless Architecture Decoupling Microservices Decoupling Started with Servers Benefits of Decoupling Challenges of Decoupling Decoupling Example AWS: Decoupling Simple Queue Service (SQS) SQS Message Delay and Visibility Timeout SQS and Lambda Integration Dead Letter Queue (DLQ) SQS Buffer Example Simple Notification Service (SNS) EventBridge EventBridge has been implemented much like SNS was in Figure 9-39. However, there is one key difference. The submitted order message sent to EventBridge contains a lot of information. In EventBridge, we can transform this to retain only the rele Workflow Studio Event-Driven Architecture Asynchronous Design Pattern Parallel Processing Containers Lambda vs. Containers Serverless Containers Lambda Custom Containers AWS: Edge Lambda@Edge FreeRTOS IoT Greengrass Snowball Outposts AWS: Internet of Things (IoT) AWS Robotics Industrial Internet of Things (IIoT) Predictive Quality Predictive Maintenance Asset Management AWS: Managed Machine Learning (ML) Rekognition DeepLens Textract Polly Besides the text-to-speech capability, the service supports advanced customization features with which we can configure talking style, breathing, pausing, intonation, pronunciation, and more – all geared toward making the result more natural and human Lex QnA Bot Comprehend AWS: Ledger Technology Managed Blockchain Quantum Ledger Database (QLDB) AWS: Call Center Well-Architected Framework The Five Pillars of the Well-Architected Framework The Design Principles Why Use the AWS Well-Architected Framework? AWS Well-Architected Tool Serverless Lens and Its Layers Serverless Tips Uploading Files Layers of Caching Multilingual TypeScript Pick the Right Tool for the Job Cognito as a User Database Chapter 10: Case Studies Introduction Proactive Logging Cost Tracking Parsing S3 Logs Parsing API Gateway Logs Serverless Data Lake Serverless Video Elemental Media Services Making the Media Services More Serverless Video Processing and Analysis Serverless Minecraft Minecraft Server Setup Notes SEO-Friendly Website and CMS Serverless Websites Another Approach Serverless Website Tips Virtual Host True Serverless Containers1 1. Create, Configure, and Build Our Docker Container 2. Put the Container in a Registry 3. Enable Long ARN Names in ECS 4. Create Any Support Services 5. Create the Policies and Roles 6. Create a Task Definition 7. Add the Container to the Task Definition 8. Create the Cluster (and VPC) That the Task Will Run In 9. Launch the Container The Lambda Microservice Launching a VPC and Cluster (If We Went with Option 3) Launching a Fargate Service Retrieve the Container IP Finished Epilogue References Back Cover Index
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/Apress
2. In the Find a repository… box, search the book title: Serverless Beyond the Buzzword: A Strategic Approach to Modern Cloud Management, 2nd Edition
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.