Building Resilient Architectures on AWS: A practical guide to architecting cost-efficient, resilient solutions in AWS

Cover
Title page
Copyright and credits
Dedication
Contributors
Table of Contents
Preface
Part 1:Setting the Stage – Learning the Basics of Designing Resilient Architectures
Chapter 1: Understanding Resilience Concepts
	Demystifying resilience
		Cloud resilience
		Shared Responsibility Model
		Why resiliency?
		Resilient foundations
	Facing the cloud’s storms
		Software bugs and security threats
		Using Software Bill of Materials (SBOM) best practices
		Empowering yourself with AWS services
	The continuous resilience journey
		Resilience Lifecycle Framework
		Resilience is a continuous journey
	Summary
Chapter 2: Implementing Resilient Compute and Auto Scaling
	Redundancy and fault tolerance in compute
		Key principles for addressing factors influencing system stability
	Embracing auto scaling for dynamic resource management
		What is Auto Scaling in AWS?
		Some pitfalls and assumptions in the e-commerce architecture
		The key components of Auto Scaling in AWS
		Some use cases and benefits of Auto Scaling in AWS
	Optimizing cost-efficiency with Spot and Reserved Instances
		Using Spot Instances
		Using AWS Reserved Instances
	Monitoring and maintaining a healthy infrastructure
		AWS observability services
		AWS-managed open source observability services
	Extending resilience to containers and serverless
	Summary
Chapter 3: Securing and Backing Up Critical Data
	Data security as resilience foundation
		Controlling access to data
		Encryption, intrusion detection, and prevention
		Resilience advantages of a secure data strategy
	Layering backup strategies for reliable resilience
		Implementing layered backups in AWS
		Designing your AWS backup strategy
		Backup validation and disaster recovery testing
	Embracing multi-region and geo-replication
		The case for geographic redundancy
		Understanding replication techniques
		Active-active versus active-passive architectures
		Dealing with data consistency
		AWS services for multi-region and geo-replication
		Design considerations and challenges
		A simple, resilient, global web application architecture
	Continuous monitoring and recovery orchestration
		Best practices for automation in resilience
		Automating data loss prevention and recovery
		Scenario-based automation examples
		Further considerations to improve recovery mechanisms
	Disaster recovery planning and drills
		Crafting your AWS disaster recovery plan
		Types of disaster recovery drills
		AWS tools to power your DR drills
		Execution best practices for your drills
		Specific scenarios for DR drills
	Summary
Chapter 4: Orchestrating Graceful Degradation
	Understanding graceful degradation through an example
	Identifying the fault – diagnosing partial failures and minimizing impact
		Log analysis through Amazon CloudWatch
		Performance monitoring
		Root cause analysis through traces
		Predicting issues before they occur
	Isolating the wound – containment strategies to prevent cascading outages
		Automated troubleshooting
		Incident Management
		Architectural design patterns for containment
	Streamlining recovery with preconfigured actions
	Leveraging ML and GenAI to enhance issue detection and response
		GenAI for IR
		ML for issue identification
	Summary
	Further reading
Chapter 5: Exploring the AWS Shared Responsibility Model
	The essence of collaboration
	The synergy of shared resilience
	Adapting shared responsibilities for specific services
		Kubernetes control plane and its operations
	Shared responsibility and cost
	The importance of continuous testing for critical infrastructure resilience in AWS environments
		Tools and techniques to perform continuous testing of AWS environments
		Adapting your security practices alongside AWS’s ever-evolving landscape
		Sharing lessons learned and engaging with the community
	Summary
Part 2: Building Resilient Cloud Architectures on AWS
Chapter 6: Learning AWS Well-Architected Principles for Resiliency
	Technical requirements
	Gaining Operational Excellence for improved resilience
		Performing operations as code
		Making frequent, small, reversible changes
		Refining operations procedures frequently
		Anticipating failure
		Using managed services
		Implementing observability for actionable insights
		Fostering an organizational culture for operational excellence
	Building reliable architectures
		Automatically recovering from failure
		Capacity and quotas management
	Scaling applications to meet demand
	Architecting cost-effective resilience
	Implementing security for improved resilience
		Identity and access management
		Protection
		Incident response
	Summary
Chapter 7: Architecting Fault-Tolerant Applications
	Leveraging AWS global infrastructure for redundancy
		Hardware or infrastructure redundancy
		Leveraging AWS core infrastructure for redundancy
	Load balancing workloads across redundant systems
		State management – stateless versus stateful approaches
	Handling data redundancy
		Applying redundancy for file storage
		Leveraging managed database services
		Backing up data regularly
	Implementing loose coupling for isolating faults
		Using microservices for decoupling services
		Service-to-service communication
		Event-driven architecture (EDA)
		The Twelve-Factor App methodology
	Summary
Chapter 8: Resiliency Considerations for Serverless Applications
	Defining serverless applications
	Building resilience into serverless
		Idempotent and asynchronous function design
		Retries and error handling in AWS Lambda
		Handling throttling and service quotas (service limits)
	Monitoring and observability for serverless applications
	Testing serverless applications
		Mock testing
		Emulation testing
		Testing on AWS
	Summary
Chapter 9: Using Containers to Improve Resiliency
	Technical requirements
	Immutable infrastructure with containers
		Concept of immutable infrastructure
		Building and managing container images
		Deploying containers on AWS
	Scaling and load-balancing containerized applications
		Horizontal scaling
		Vertical scaling
	Inter-service communication with containers
		Service discovery
		Load balancing
		Service mesh
		Async communications with message brokers
	Security considerations for container resilience
		Securing container images and registries
		Securing container runtimes
		Secrets management and encryption
	Summary
Chapter 10: Resilient Architectures Across Regions
	Understanding active-passive architectures
		Failover mechanisms
		Simplified failover with serverless
	Exploring global versus regional services
		Using CloudFront
		Application performance and availability with AWS Global Accelerator
	Delving into active-active regional architectures
		Load balancing across regions
		Data consistency and synchronization
	Introducing cell-based architectures
		What is a cell?
		Advantages of using cells
		Considerations when using cells
	Summary
Part 3: Validating Your Architecture for Resiliency
Chapter 11: Examples of Resilient Architecture
	Introducing single-Region architecture
		Why customers choose single-Region architectures
		Different configurations in single-region architecture
	Multi-Region architecture deployment
		When to utilize a multi-Region architecture
		Different multi-Region configurations
		Reliability configurations in a multi-Region setup
		An example of multi-Region architecture
		The limitations of multi-Region architecture
	Multi-site architecture deployments
		When to utilize multi-site architecture
		Reliability configurations in a multi-site configuration
		An example of multi-site architecture
		The limitations of multi-site architecture
	Designing DDoS/security resilient architecture
		An example of DDoS/security resilient architecture
		What is DDoS, and what are security threats?
		What do we mean by DDoS/security resiliency?
		Reliability configurations to prevent DDoS/security threats
	Summary
Chapter 12: Observability, Auditing, and Continuous Improvement
	Observability is key to resilience
	Designing observability for resilience
		Steps in designing observability
		Observability of common resource
		Alerting
		AWS observability tooling
	Logging key metrics and events
	Auditing environments for resilience
	Continuous observability improvement
		Steps to set up continuous observability
		Using third-party observability tools
	Summary
	Further reading
Chapter 13: Performing Chaos Engineering Testing
	What is chaos engineering?
		What are the benefits of chaos engineering?
		How does chaos engineering differ from traditional testing?
	Stages in chaos engineering
		Defining steady state
		Hypothesizing behavior
		Introducing faults
		Validating the hypothesis
		Improving the system
	Chaos engineering guidelines
	Summary
Chapter 14: Disaster Recovery Planning and Testing
	Disaster recovery and its significance in cloud computing
		Overview of AWS’s disaster recovery features
	Different disaster recovery strategies in AWS
		Backup and restore
		Pilot light
		Warm standby
		Hot standby
	Defining and planning your disaster recovery objectives
	Testing disaster recovery plans
		Functional testing
		Data loss testing
		Performance testing
		Security testing
	Avoiding disaster recovery pitfalls and misconceptions
		Pitfalls
		Misconceptions
	Summary
Chapter 15: Exploring AWS Resilience Services
	Backing up using the AWS Backup service
		AWS Backup process
		Immutable backups with AWS Backup Vault Lock
	Following the resilience lifecycle framework
		Why do you need the AWS resilience lifecycle framework?
		How does the AWS resilience lifecycle framework work?
	Utilizing AWS Resilience Hub
		How does AWS Resilience Hub work?
	Recovery using AWS DRS
		AWS DRS architecture
		AWS DRS components
		AWS DRS best practices
	Advantages of AWS resilience services
	Summary
	Further reading
Index
Other Books You May Enjoy