Название: Security for Cloud Native Applications: The practical guide for securing modern applications using AWS, Azure, and GCP Автор: Eyal Estrin Издательство: BPB Publications Год: 2024 Страниц: 312 Язык: английский Формат: pdf, epub (true) Размер: 11.2 MB
Security for cloud-native applications is an overview of cloud-native application's characteristics from a security point of view, filled with best practices for securing services based on AWS, Azure, and GCP infrastructure.
This book is a practical guide for securing cloud-native applications throughout their lifecycle. It establishes foundational knowledge of cloud services and cloud-native characteristics. It focuses on securing design approaches like APIs, microservices, and event-driven architectures. Specific technologies like containers, Kubernetes, and serverless functions are covered with security best practices. The book emphasizes integrating security throughout development using CI/CD pipelines and IaC tools. It explores policy as code for enforcing security policies and immutable infrastructure for enhanced security posture. Key management and threat detection strategies are also covered. Finally, the book offers a practical example and resources for further learning.
Kubernetes is considered the de facto standard for Container orchestrators. It allows you to deploy applications on a large scale and spin up or down new containers, according to application load, ensuring all containers are healthy (otherwise, Kubernetes deploys new containers to replace the unhealthy ones). There are many benefits to choosing Kubernetes as an orchestrator for provisioning modern applications using containers. Let us discuss some of the benefits of using Kubernetes. Kubernetes can be deployed and run almost anywhere, from managed cloud environments to on-prem clusters (local data centers) and at the edge where compute and storage resources are close to data generation. Kubernetes configurations are done (mostly) using YAML configuration files, allowing you to pull the YAML files from a central code repository, make the relevant changes, and be able to deploy new configurations and new applications in a standard way to all environments, such as Dev, Test, and Prod.
By the end of the book, the reader will be able to design and secure modern applications using the public cloud scale, managed services, automation, and built-in security controls.
Contents:
1. Introduction to Cloud Native Applications 2. Securing Modern Design Architectures 3. Containers and Kubernetes for Cloud Native Applications 4. Serverless for Cloud Native Applications 5. Building Secure CI/CD Pipelines 6. The 12-Factor Application Methodology 7. Using Infrastructure as Code 8. Authorization and Policy as Code 9. Implementing Immutable Infrastructure 10. Encryption and Secrets Management 11. Threat Management in Cloud Native Applications 12. Summary and Key Takeaways Index
Скачать Security for Cloud Native Applications: The practical guide for securing modern applications using AWS, Azure, and GCP
|