Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
AWS Certified Developer Associate Certification and Beyond
AWS Certified Developer Associate Certification and Beyond

AWS Certified Developer Associate Certification and Beyond: A comprehensive guide to help you succeed in the AWS DVA-C02 certification exam

Arrow left icon
Profile Icon Rajesh Daswani Profile Icon Dorian Richard
Arrow right icon
₹3723.99
Paperback Jul 2024 710 pages 1st Edition
eBook
₹799.99 ₹2978.99
Paperback
₹3723.99
Subscription
Free Trial
Renews at ₹800p/m
Arrow left icon
Profile Icon Rajesh Daswani Profile Icon Dorian Richard
Arrow right icon
₹3723.99
Paperback Jul 2024 710 pages 1st Edition
eBook
₹799.99 ₹2978.99
Paperback
₹3723.99
Subscription
Free Trial
Renews at ₹800p/m
eBook
₹799.99 ₹2978.99
Paperback
₹3723.99
Subscription
Free Trial
Renews at ₹800p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Table of content icon View table of contents Preview book icon Preview Book

AWS Certified Developer Associate Certification and Beyond

Securing Access with AWS Identity and Access Management

Protecting AWS-hosted applications from unauthorized access is of paramount importance for any business. As an organization, you must ensure that only authorized entities can authenticate against your workloads. Furthermore, those entities must only be permitted to create and manage resources and perform tasks for which they are authorized. This concept is the principle of least privilege (POLP) and is fundamental to developing a secure environment. This chapter will teach you why authentication and authorization services are crucial. You will understand the importance of providing various access options to authenticate internal users and, where required, offer anonymous public access depending on the application use case.

In this chapter, you will learn about one of the foundational security services offered by AWS, identity and access management (IAM). You will learn how to create users, groups, and roles and how to grant...

Introduction to IAM

Every organization has its unique set of tools, systems, environments, projects, and core functions. Within an organization, there exist many groups of people, departments, and business units that share the same services. However, each group will require varying levels of access to those services depending on their function and role within the organization.

For example, developers will require access to development environments that allow them to experiment and design new application features, whereas their access to production environments must be restricted. Similarly, junior system administrators should only be allowed to execute certain tasks and not have full administrative rights on critical workloads.

In this section, you will learn about AWS IAM and see how it may be used to implement crucial elements of cloud security. AWS IAM is a fully managed service that can help you define who or what can access your AWS account, what services can be accessed...

Improving Your Security Posture with MFA

MFA is a security feature that enhances the authentication process by requiring users to input a six-digit token in addition to their usernames and passwords. AWS strongly recommends enabling MFA for your root user account and IAM users to increase security.

When MFA is enabled, a trusted source must provide an authentication code to access the Management Console. MFA can be set up for API calls to AWS and user console logins using a hardware- or software-based (virtual) MFA device.

AWS offers the Universal 2nd Factor (U2F) as an MFA option based on an open authentication standard. U2F can use specialized USB keys or near-field communication (NFC) devices such as smart card technology, but AWS only supports USB-based U2F and not NFC devices for MFA.

For more details on U2F, feel free to review the information at https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable_u2f.hml.

Security Token-Based MFA

Users must...

Accessing AWS Accounts Using Identity Federation with SAML 2.0 and Microsoft AD

In this section, we discuss another option that leverages an existing IdP: Microsoft AD and SAML 2.0 for authentication with your AWS account. SAML 2.0 is an open standard for exchanging authentication and authorization tokens between an IdP such as Microsoft AD FS and a service provider (SP), in this case, AWS. SAML 2.0 is often used to facilitate single-sign-on (SSO) capabilities, which enables users to access multiple services with a single set of credentials without having to log in separately to each service.

Many businesses use an AD environment to manage authentication and authorization for on-premises-hosted services. In large organizations with thousands to millions of users, their credentials, permission policies, and access across multiple platforms can become increasingly difficult to manage. Identity federation enables you to grant permissions to external identities to use the AWS Management...

Using Web Identity Federation for Application Authentication

Most web and mobile applications require some form of authentication and authorization at the application layer before an end user can use its services.

In the case of the new Todo List application, customers will need to sign up for a subscription. Next, to ensure that only valid customers can access this application, a sign-in process will need to be built as part of the authentication and authorization security feature of the application.

Developing a database of users and verifying their credentials is a crucial step in any application’s development life cycle. However, storing credentials data within the application code or on devices is highly insecure and risky. To address this issue, Amazon recommends using web identity federation for web and mobile application authentication workflows. This allows applications to request temporary security credentials dynamically from an IdP, and an IAM role can generate...

Application Authentication and Authorization with Amazon Cognito

Amazon Cognito is an identity service for your web and mobile applications. The service allows you to create a user directory or federate with external IdPs such as Google, Amazon, and Facebook to name a few. The internal directory (or external IdP) is used to verify a user’s identity and authorize their access to your application. This service removes the overhead associated with trying to create your own custom identity service for your application.

Amazon Cognito comprises two key components, which can either be used independently or in tandem. We discuss these next.

Amazon Cognito User Pools

Amazon Cognito user pool is a user directory service that offers user creation, management, and authentication services for your applications. End users can sign up for a user account, which results in creating a user profile. You can create an independent user directory hosted in Amazon Cognito and use OIDC-generated...

Overview of the AWS IAM Identity Center

IAM Identity Center is designed to help centrally create and manage your workforce identities. This service is really an overlay of IAM and AWS Single Sign-On services. With the IAM Identity Center, you can use the default internal AWS IdP or connect and synchronize to an external IdP such as Microsoft AD Domain Services. This makes granting SSO capabilities much more straightforward than standard IAM.

You can use multi-account permissions to assign users access to all AWS accounts within AWS Organizations. This is a much easier approach than trying to configure cross-account access and multiple IAM roles to allow users from one AWS account access to other AWS accounts within your organization.

With the IAM Identity Center, you can also assign access to applications that integrate with the Identity Center or third-party applications that offer SAML 2.0 integration. Several use cases exist for using the IAM Identity Center instead of AWS...

Exercise 2.1 – Creating an IAM User and an IAM Group within your Development Account

In this exercise, you will create an IAM user using your existing AWS development account, which you created in the previous chapter. This IAM user will have both console and programmatic access to AWS This user will be utilized in the subsequent exercises throughout this study guide, providing practical experience and aiding you in preparing for the AWS Certified Developer Associate exam. Follow these steps to create an IAM user and an IAM group within your development account:

  1. Log into your AWS development account, which was created in Chapter 1, Introduction to AWS Accounts and Global Infrastructure. You will be logging in as the root user, as you do not have any IAM users created.
  2. In the top search bar, search IAM, and from the drop-down list that appears, select the IAM service. You will then be taken to the IAM dashboard.
Figure 2.10 – Use the search bar to search for the AWS IAM service

Figure 2.10 –...

Technical Requirements

To complete all upcoming project tasks, ensure you log into your AWS Developer Account as the IAM user Alice.

Project Task 2.1 – Creating an Amazon Cognito User Pool for the Todo List Application

In this project task, you will start working on the Developer project that we discussed in the previous chapter. As discussed, you will work with several AWS services and create multiple AWS resources designed to host and manage the application for our fictitious client, Todo Plus Limited.

In this task, you will create an Amazon Cognito user pool that will be used to authenticate and authorize end-user sign-up and sign-in capabilities for the application.

The following diagram highlights the area of the overall architectural plan you will work on in this project task.

Figure 2.16 – Project Task – Create Cognito user pool

Figure 2.16 – Project Task – Create Cognito user pool

  1. Log in to your AWS development account as the user Alice, which you created in the last exercise.
  2. Navigate to the Cognito service by searching for it in the top search bar.
  3. Click the Create user pool button on the...

Summary

In this chapter, you have learned about the AWS IAM service. AWS IAM offers authentication and authorization services to allow you to define who or what can access your AWS accounts, its services, and resources. You have covered the concepts of IAM users, groups, and roles, and how these features of IAM can help you address different access requirements.

Amazon Cognito was also discussed, which allows you to build an authentication and authorization service for your web and mobile applications. With Amazon Cognito, you can create a user pool to host your own user directory or federate with external IdPs such as those that are OIDC and SAML 2.0 compatible.

Finally, we looked at the new AWS Identity Center, which is a more streamlined process of managing your workforce identities and offers SSO features with external IdPs, such as Microsoft AD.

In the next chapter, we introduce you to the different types of storage services and specifically focus on Amazon S3, which...

Exam Readiness Drill – Chapter Review Questions

Apart from a solid understanding of key concepts, being able to think quickly under time pressure is a skill that will help you ace your certification exam. That is why working on these skills early on in your learning journey is key.

Chapter review questions are designed to improve your test-taking skills progressively with each chapter you learn and review your understanding of key concepts in the chapter at the same time. You’ll find these at the end of each chapter.

How to Access These Materials

To learn how to access these resources, head over to the chapter titled Chapter 17, Accessing the Online Resources.

To open the Chapter Review Questions for this chapter, perform the following steps:

  1. Click the link – https://packt.link/DVAC02_CH02.

    Alternatively, you can scan the following QR code (Figure 2.26):

Figure 2.26 – QR code that opens Chapter Review Questions for logged-in users

Figure 2.26 – QR code that opens Chapter Review Questions...

Working On Timing

Target: Your aim is to keep the score the same while trying to answer these questions as quickly as possible. Here’s an example of how your next attempts should look like:

Attempt

Score

Time Taken

Attempt 5

77%

21 mins 30 seconds

Attempt 6

78%

18 mins 34 seconds

Attempt 7

76%

14 mins 44 seconds

Table 2.1 – Sample timing practice drills on the online platform

Note

The time limits shown in the above table are just examples. Set your own time limits with each attempt based on the time limit of the quiz on the website.

With each new attempt, your score should stay above 75% while your “...

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Gear up for a thriving career in AWS development with this hands-on guide
  • Put your newfound knowledge into action with practical labs
  • Develop, deploy, and debug cloud-based applications using AWS core services
  • Purchase of this book unlocks access to web-based exam prep resources including mock exams, flashcards, exam tips, and the eBook PDF

Description

Becoming an AWS Certified Developer is a rewarding, but challenging endeavor. With AWS’ vast capabilities and abundant resources, finding the right study material and a clear path to success can be daunting. AWS Certified Developer Associate Certification and Beyond is a one-stop guide that not only sets you up for success in the exam, but also lays the foundations for a fulfilling career in the world's most popular cloud infrastructure. This in-depth guide covers everything you need to know to pass the AWS Certified Developer – Associate exam and allows you to test yourself as you go, with knowledge checks throughout the book. You will learn to configure Elastic Load Balancing for high availability, monitor your applications with CloudWatch, and integrate authentication with Amazon Cognito. Additionally, this book grants lifetime access to online exam resources, including mock exams with exam-like timers, detailed solutions, flashcards, and invaluable exam tips, all accessible across PCs, tablets, and smartphones. By the end, you'll be ready to ace the exam and elevate your AWS application development and management skills, positioning yourself for career advancement.

Who is this book for?

If you're an IT professional or a developer preparing to take the AWS Certified Developer Associate exam, this book is for you. Developers looking to build and manage their applications on the AWS platform will also find this book useful. No prior AWS experience is needed.

What you will learn

  • Host static website content using Amazon S3
  • Explore accessibility, segmentation, and security with Amazon VPC
  • Implement disaster recovery with EC2 and S3
  • Provision and manage relational and non-relational databases on AWS
  • Deploy your applications automatically with AWS Elastic Beanstalk
  • Use AWS CodeBuild, AWS CodeDeploy, and AWS CodePipeline for DevOps
  • Manage containers using Amazon EKS and ECS
  • Build serverless applications with AWS Lambda and AWS Cloud9
Estimated delivery fee Deliver to India

Premium delivery 5 - 8 business days

₹630.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Jul 31, 2024
Length: 710 pages
Edition : 1st
Language : English
ISBN-13 : 9781801819299
Tools :

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Estimated delivery fee Deliver to India

Premium delivery 5 - 8 business days

₹630.95
(Includes tracking information)

Product Details

Publication date : Jul 31, 2024
Length: 710 pages
Edition : 1st
Language : English
ISBN-13 : 9781801819299
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
₹800 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
₹4500 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just ₹400 each
Feature tick icon Exclusive print discounts
₹5000 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just ₹400 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 10,575.97
AWS Certified Developer Associate Certification and Beyond
₹3723.99
Functional Programming in Go
₹2978.99
Data Engineering with AWS
₹3872.99
Total 10,575.97 Stars icon

Table of Contents

18 Chapters
Chapter 1: Introduction to AWS Accounts and Global Infrastructure Chevron down icon Chevron up icon
Chapter 2: Securing Access with AWS Identity and Access Management Chevron down icon Chevron up icon
Chapter 3: Understanding Object Storage with Amazon S3, Hybrid Storage, and Static Website Hosting Chevron down icon Chevron up icon
Chapter 4: Building Private Networks in the Cloud with Amazon VPC Chevron down icon Chevron up icon
Chapter 5: Understanding AWS Compute Services with Amazon EC2 and Storage Options Chevron down icon Chevron up icon
Chapter 6: Managing Multiple Datasets with AWS Relational and Non-Relational (NoSQL) Databases Chevron down icon Chevron up icon
Chapter 7: Building Application Solutions with High Availability, Elasticity, and Data Security Chevron down icon Chevron up icon
Chapter 8: Event-Driven Computing with AWS Lambda and Securing Access to Backend APIs with Amazon API Gateway Chevron down icon Chevron up icon
Chapter 9: Incorporating Edge Network Services to Connect to Your Application with Amazon CloudFront and Route 53 Chevron down icon Chevron up icon
Chapter 10: Designing Deployment Strategies with AWS Elastic Beanstalk Chevron down icon Chevron up icon
Chapter 11: Deploying a Multi-Tier Application Stack with Amazon ECS, Fargate, and EKS Chevron down icon Chevron up icon
Chapter 12: Getting to Grips with DevOps Using AWS CI/CD Tools Chevron down icon Chevron up icon
Chapter 13: Building Infrastructure Using Code with CloudFormation and the Cloud Development Kit (CDK) Chevron down icon Chevron up icon
Chapter 14: Designing Serverless Applications with AWS Serverless Application Model (SAM) and AWS AppSync Chevron down icon Chevron up icon
Chapter 15: Decoupling the Application Stack and Managing Data Ingestion Chevron down icon Chevron up icon
Chapter 16: Monitoring with Amazon CloudWatch and AWS CloudTrail Chevron down icon Chevron up icon
Chapter 17: Accessing the Online Practice Resources Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon