Chapter 4. Setting up your cloud
This chapter covers
- Security model and identity management in AWS
- Logging, alerting, and custom metrics
- Monitoring and estimating AWS costs
Most of the architecture described in this book is built on top of AWS. This means you need a clear understanding of AWS from the perspectives of security, logging, alerting, and costs. It doesn’t matter whether you use Lambda alone or have a large mix of services. Being able to configure security correctly, knowing where to look for logs, and controlling cost are important. This chapter is designed so that you can understand these concerns and learn where to look for important information in AWS.
AWS security is a complex subject, but this chapter gives you an overview of the difference between users and roles and shows you how to create policies. This information is needed to configure a system in which services can communicate effectively and securely.
Logging and alerting are critical components of any system, serverless or traditional. They can help to surface serious events such as failing services or sudden escalation of costs. When things go bad, you’ll be thankful that you have a robust logging and alerting framework in place.