Scribd
Upload
574 views100 pages

Stratospheric Sample

dfga

Uploaded by

Nguyễn Công Anh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
574 views100 pages

Stratospheric Sample

dfga

Uploaded by

Nguyễn Công Anh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 100

Stratospheric

From Zero to Production with Spring Boot and AWS

Tom Hombergs, Björn Wilmsmann and Philip Riecks

This book is for sale at http://leanpub.com/stratospheric

This version was published on 2021-11-23

This is a Leanpub book. Leanpub empowers authors and publishers with the
Lean Publishing process. Lean Publishing is the act of publishing an
in-progress ebook using lightweight tools and many iterations to get reader
feedback, pivot until you have the right book and build traction once you do.

© 2020 - 2021 Tom Hombergs, Björn Wilmsmann and Philip Riecks


Also By Tom Hombergs
Get Your Hands Dirty on Clean Architecture
Contents

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Why Spring Boot & AWS? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Who Should Read This Book? . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Prerequisites for the Hands-On Examples . . . . . . . . . . . . . . . . . . . 1
What to Expect from This Book? . . . . . . . . . . . . . . . . . . . . . . . . . 1
Getting in Touch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
About the Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Part I: Deploying with AWS . . . . . . . . . . . . . . . . 3

1. Getting Warm with AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4


Getting Ready . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Inspecting the “Hello World” Todo App . . . . . . . . . . . . . . . . . . . . 7
Publishing the “Hello World” App to Docker Hub . . . . . . . . . . . . . . 8
Getting Started with AWS Resources . . . . . . . . . . . . . . . . . . . . . . 10
Inspecting the CloudFormation Templates . . . . . . . . . . . . . . . . . . 12
Inspecting the Deployment Scripts . . . . . . . . . . . . . . . . . . . . . . . 19
Inspecting the AWS Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

2. An Overview of AWS Services . . . . . . . . . . . . . . . . . . . . . . . . . . . 26


AWS CloudFormation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
AWS Cloud Development Kit (CDK) . . . . . . . . . . . . . . . . . . . . . . . 26
Amazon CloudWatch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
CONTENTS

Amazon Cognito . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Amazon DynamoDB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Amazon Elastic Compute Cloud (EC2) . . . . . . . . . . . . . . . . . . . . . . 27
Amazon Elastic Container Registry (ECR) . . . . . . . . . . . . . . . . . . . 27
Amazon Elastic Container Service (ECS) . . . . . . . . . . . . . . . . . . . . 27
Amazon MQ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Amazon Relational Database Service (RDS) . . . . . . . . . . . . . . . . . . 28
Amazon Route 53 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Amazon Simple Email Service (SES) . . . . . . . . . . . . . . . . . . . . . . . 28
Amazon Simple Queue Service (SQS) . . . . . . . . . . . . . . . . . . . . . . 28
Amazon Simple Storage Service (S3) . . . . . . . . . . . . . . . . . . . . . . . 28
Amazon Virtual Private Cloud (VPC) . . . . . . . . . . . . . . . . . . . . . . . 29
AWS Certificate Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
AWS Identity and Access Management (IAM) . . . . . . . . . . . . . . . . . 29
AWS Lambda . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
AWS Secrets Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
AWS Systems Manager (SSM) . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Elastic Load Balancing (ELB) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

3. Managing Permissions with IAM . . . . . . . . . . . . . . . . . . . . . . . . . 31


Users, Groups, and Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Root Users vs. Individual Users . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Defining Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Creating AWS Access Keys for Each User . . . . . . . . . . . . . . . . . . . . 31
Managing IAM Resources Programmatically . . . . . . . . . . . . . . . . . . 32
Best Practices for Managing Permissions with IAM . . . . . . . . . . . . . 32

4. The Evolution of Automated Deployments . . . . . . . . . . . . . . . . . . 33


An Anecdote about Manual Deployments . . . . . . . . . . . . . . . . . . . 33
Self-Service Deployments with the AWS Console . . . . . . . . . . . . . . 33
CONTENTS

Scriptable Deployments with the AWS CLI . . . . . . . . . . . . . . . . . . . 33


Declarative Deployments with CloudFormation . . . . . . . . . . . . . . . 34
Programmable Deployments with CDK . . . . . . . . . . . . . . . . . . . . . 34

5. First Steps with CDK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35


Creating Our First CDK App . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Deploying a Spring Boot App with a CDK Construct . . . . . . . . . . . . . 36
Why Not Stop Here? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

6. Designing a Deployment Project with CDK . . . . . . . . . . . . . . . . . . 38


The Big Picture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Working with CDK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
The Docker Repository CDK App . . . . . . . . . . . . . . . . . . . . . . . . . 38
The Network CDK App . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
The Service CDK App . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Playing with the CDK Apps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

7. Building a Continuous Deployment Pipeline . . . . . . . . . . . . . . . . . 42


GitHub Actions Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Deploying a Shared Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Deploying an Application Environment . . . . . . . . . . . . . . . . . . . . 42
Building a Continuous Deployment Workflow . . . . . . . . . . . . . . . . 43
Supporting High-Frequency Deployments with Amazon SQS and AWS
Lambda . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Addendum: Configuring HTTPS and a Custom Domain with Route 53 and


ELB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Domain Name System (DNS) . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
HTTPS and Transport Layer Security (TLS) . . . . . . . . . . . . . . . . . . . 45
Registering or Transferring a Domain . . . . . . . . . . . . . . . . . . . . . . 45
Creating an SSL Certificate with CDK . . . . . . . . . . . . . . . . . . . . . . 46
CONTENTS

Creating an HTTPS Listener Using the Network App . . . . . . . . . . . . . 46


Associating a Custom Domain For the ELB . . . . . . . . . . . . . . . . . . . 46

Part II: Spring Boot & AWS . . . . . . . . . . . . . . . . . 47

8. The Sample Todo Application . . . . . . . . . . . . . . . . . . . . . . . . . . . 48


Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Application Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Domain Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Skeleton Application Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

9. Local Development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
The Challenges of Local Cloud Development . . . . . . . . . . . . . . . . . 52
LocalStack - Our Local AWS Cloud . . . . . . . . . . . . . . . . . . . . . . . . 52
Local Amazon RDS & Amazon Cognito . . . . . . . . . . . . . . . . . . . . . 52
Bringing It All Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

10. Building User Registration and Login with Amazon Cognito . . . . . . 53


What’s OAuth2? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
OAuth 2.0 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
OpenID Connect 1.0 (OIDC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Alternatives to OAuth2 & OpenID Connect . . . . . . . . . . . . . . . . . . . 54
Using Amazon Cognito for User Management . . . . . . . . . . . . . . . . . 54
Using AWS Cognito as an Identity Provider with Spring Security . . . . . 55
Enabling Local Development . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

11. Connecting to a Database with Amazon RDS . . . . . . . . . . . . . . . . . 57


Introduction to AWS Relational Database Service (RDS) . . . . . . . . . . 57
Setting up IAM Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Creating a Database CDK App . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Strategies for Initializing the Database Structure . . . . . . . . . . . . . . 59
CONTENTS

Configuring the Database in the Todo App . . . . . . . . . . . . . . . . . . . 60


Using the Database for Storing and Retrieving Todos . . . . . . . . . . . . 61
Enabling Local Development . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

12. Sharing Todos with Amazon SQS and Amazon SES . . . . . . . . . . . . . 62


Using AWS SQS for Asynchronous Workloads . . . . . . . . . . . . . . . . . 62
Sending Emails with Amazon SES . . . . . . . . . . . . . . . . . . . . . . . . 63
Enabling Local Development . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

13. Push Notifications with Amazon MQ . . . . . . . . . . . . . . . . . . . . . . 66


What Are Push Notifications Anyway? . . . . . . . . . . . . . . . . . . . . . 66
Push Notifications for Live Updates . . . . . . . . . . . . . . . . . . . . . . . 66
AWS Services for Implementing Push Notifications . . . . . . . . . . . . . 66
Setting up a Message Broker with CDK . . . . . . . . . . . . . . . . . . . . . 67
Implementing Push Notifications in the Todo App . . . . . . . . . . . . . . 68
Enabling Local Development . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

14. Tracing User Actions with Amazon DynamoDB . . . . . . . . . . . . . . . 70


Use Case: Tracing User Actions . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Amazon RDS vs. Amazon DynamoDB . . . . . . . . . . . . . . . . . . . . . . 70
Implementing User Tracing in the Todo App . . . . . . . . . . . . . . . . . 71
Enabling Local Development . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Part III: Production Readiness with AWS . 74

15. Structured Logging with Amazon CloudWatch . . . . . . . . . . . . . . . 75


Logging with AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
CloudWatch Logging Terminology . . . . . . . . . . . . . . . . . . . . . . . . 75
Status Quo: Logging Unstructured Text . . . . . . . . . . . . . . . . . . . . . 75
Logging and Querying Structured Data . . . . . . . . . . . . . . . . . . . . . 76
CONTENTS

16. Metrics with Amazon CloudWatch . . . . . . . . . . . . . . . . . . . . . . . 78


Introduction to Monitoring Metrics with Amazon CloudWatch . . . . . . 78
Sending Metrics from AWS Services . . . . . . . . . . . . . . . . . . . . . . . 78
Sending Metrics from Our Spring Boot Application . . . . . . . . . . . . . 80
Monitoring Metrics with Amazon CloudWatch . . . . . . . . . . . . . . . . 81

17. Alerting with Amazon CloudWatch . . . . . . . . . . . . . . . . . . . . . . . 82


Introduction to Alerting with Amazon CloudWatch . . . . . . . . . . . . . 82
Creating Alarms with the AWS CDK . . . . . . . . . . . . . . . . . . . . . . . 82
Working and Living with Alarms and Incidents . . . . . . . . . . . . . . . . 83

18. Synthetic Monitoring with Amazon CloudWatch . . . . . . . . . . . . . . 84


Introduction to CloudWatch Synthetics . . . . . . . . . . . . . . . . . . . . . 84
Recording a Canary Script for the Todo App . . . . . . . . . . . . . . . . . . 84
Keeping it Simple . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Automating Canary Deployment with CDK . . . . . . . . . . . . . . . . . . 85
Alerting on Canary Failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Closing Thoughts . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

Conquer the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Deployment Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Links and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91


Introduction
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Why Spring Boot & AWS?

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Who Should Read This Book?

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Prerequisites for the Hands-On Examples

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

What to Expect from This Book?

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Introduction 2

Getting in Touch

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

About the Authors

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Tom Hombergs

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Björn Wilmsmann

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Philip Riecks

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Part I: Deploying with AWS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
1. Getting Warm with AWS
Before we start building any features for our Todo app, we want to get comfort-
able with AWS. We’ll start building out the features in Part II of the book.

The first thing we’ll do is to deploy a “Hello World” version of the Todo app to
get a quick boost of dopamine that’ll keep us going!

Don’t expect this chapter to dive very deep into each topic. It’s superficial by
design so that you get a feel for AWS even if you don’t know anything about it.
We’ll dive deep into topics in the later chapters of this book.

If you already know how to deploy a Docker image to AWS Fargate with Cloud-
Formation, you may want to skip this chapter.

Getting Ready

If you’ve never deployed an app to the cloud before, you’re in for a treat. We’re
going to deploy a first version of our Todo app to AWS with only a couple of CLI
commands (it requires some preparation to get these CLI commands working,
though).

We’re going to use Docker to make our app runnable in a container, AWS
CloudFormation to describe the infrastructure components we need, and the
AWS CLI to deploy that infrastructure and our app.

The goal of this chapter is not to become an expert in all things AWS, but instead
to learn a bit about the AWS CLI and CloudFormation because the coming
1. Getting Warm with AWS 5

chapters will build on them. And there’s no better way to learn than to get your
hands dirty.

We’ll start at zero and set up our AWS account first.

Setting up an AWS Account

To do anything with AWS, you need an account with them. If you don’t have an
account yet, go ahead and create one now1 .

If you already have an account running serious applications, you might want to
create an extra account just to make sure you’re not messing around with your
serious business while playing around with this book.

Installing the AWS CLI

To do magic with AWS from our command line, we need to install the AWS CLI.

The AWS CLI is a beast of a command-line interface that provides commands


for many and many different AWS services (224 at the time of this writing). In
this chapter, we’re going to use it to deploy the application and then to get some
information about the deployed application.

Installing the AWS CLI differs across operating systems, so please follow the
official instructions2 for your operating system to install version 2 of the AWS
CLI on your machine.

Once it’s installed, run aws configure. You will be asked to provide 4 parame-
ters:

1 https://portal.aws.amazon.com/billing/signup#/start
2 https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html
1. Getting Warm with AWS 6

1 ~ aws configure
2 AWS Access Key ID [****************Kweu]:
3 AWS Secret Access Key [****************CmqH]:
4 Default region name [ap-southeast-2]:
5 Default output format [yaml]:

You can get the “AWS Access Key ID” and “AWS Secret Access Key” after you
have logged into your AWS account3 when you click on your account name and
then “My Security Credentials”. There, you open the tab “Access keys” and click
on “Create New Access Key”. Copy the values into the prompt of the AWS CLI.

The AWS CLI is authorized to make calls to the AWS APIs in your name, now.

Next, the aws configure command will ask you for a “Default region name”.

The AWS services are distributed across “regions” and “availability zones”.
Each geographical region is fairly isolated from the other regions for reasons
of data residency and low latency. Each region has 2 or more availability zones
to make the services resilient against outages.

Each time we interact with an AWS service, it will be with the service’s instance
in a specific region. So, choose the region nearest to your location from the list
of service endpoints provided by AWS4 and enter the region code into the aws
configure prompt (for example “us-east-1”).

Finally, the aws configure command will prompt you for the “Default output
format”. This setting defines the way the AWS CLI will format any output it
presents to you.

You can choose between two evils: JSON or YAML. We’re not going to judge you
on your choice.

We’re done configuring the AWS CLI now. Run the following command to test
it:
3 https://aws.amazon.com/console/
4 https://docs.aws.amazon.com/general/latest/gr/rande.html
1. Getting Warm with AWS 7

1 aws ec2 describe-regions

This command lists all the AWS regions in which we can make use of EC2
instances. EC2 stands for “Elastic Cloud Compute” which is the AWS service
providing virtual machines that we can deploy our applications into. If the
command prints out a list of regions, you’re good to go.

Inspecting the “Hello World” Todo App

Let’s take a quick peek at the Todo app we’re going to deploy to AWS.

You’ll find the source code for the app in the folder chapters/chapter-
1/application of the GitHub repository5 . Feel free to clone it or to inspect it
on GitHub.

At this point, the app is no more than a stateless “Hello World” Spring Boot app.
We’ll build actual features into this app later in Part II of the book.

The app has a single controller named IndexController that shows nothing
more than the message “Welcome to the Todo Application!”. Feel free to start
the application via this command:

1 ./gradlew bootrun

Then, navigate to http://localhost:8080 to see the message.

To deploy the app to AWS, we need to publish it as a Docker image next.


5 https://github.com/stratospheric-dev/stratospheric/tree/main/chapters/chapter-1/application
1. Getting Warm with AWS 8

Publishing the “Hello World” App to Docker Hub

If you know how to package a Spring Boot app in a Docker image, you can safely
skip this section. We have published the app on Docker Hub already, so you can
use that Docker image in the upcoming steps.

If you’re interested in the steps to create and publish a basic Docker image, stay
tuned.

First, we need a Dockerfile. The repository already contains a Dockerfile with


this content:

1 FROM openjdk:11.0.9.1-jre
2
3 ARG JAR_FILE=build/libs/*.jar
4 COPY ${JAR_FILE} app.jar
5
6 ENTRYPOINT ["java", "-jar", "/app.jar"]

This file instructs Docker to create an image based on a basic openjdk image,
which bundles OpenJDK 11 with a Linux distribution. Starting with version
2.3.0, Spring Boot supports more sophisticated ways of creating Docker images,
including cloud-native Buildpacks. We’re not going to dive into that, but if
you’re interested, this blog post6 gives an introduction to what you can do.

We create the argument JAR_FILE and tell Docker to copy the file specified by
that argument into the file app.jar within the container.

Then, Docker will start the app by calling java -jar /app.jar.

Before we can build a Docker image, we need to build the app with

6 https://spring.io/blog/2020/01/27/creating-docker-images-with-spring-boot-2-3-0-m1
1. Getting Warm with AWS 9

1 ./gradlew build

This will create the file /build/libs/todo-application-0.0.1-


SNAPSHOT.jar, which will be caught by the JAR_FILE argument in the Docker
file.

To create a Docker image we can now call this command:

1 docker build -t stratospheric/todo-app-v1:latest .

Docker will now build an image in the namespace stratospheric and the name
todo-app-v1 and tag it with the tag latest. If you do this yourself, make sure
to use your Docker Hub username as the namespace because you won’t be able
to publish a Docker image into the stratospheric namespace.

A call to docker image ls should list the Docker image now:

1 ~ docker image ls
2 REPOSITORY TAG IMAGE ID CREATED SIZE
3 stratospheric/todo-app-v1 latest 5d3ef7cda994 3 days ago 647MB

To deploy this Docker image to AWS, we need to make it available to AWS


somehow. One way to do that is to publish it to Docker Hub, which is the official
registry for Docker images (later in this book, we’ll use Amazon’s ECR service
to deploy Docker images). To do this, we call docker login and docker push:

1 docker login
2 docker push stratospheric/todo-app-v1:latest

The login command will ask for your credentials, so you need to have an account
at hub.docker.com7 . The push command will upload the image to the Docker
Hub so that anyone can pull it from there with this command:

7 https://hub.docker.com
1. Getting Warm with AWS 10

1 docker pull stratospheric/todo-app-v1:latest

Great! the app is packaged in a Docker image and the image is published. Time
to talk about deploying it to AWS.

Getting Started with AWS Resources

As mentioned above, we’ll be using AWS CloudFormation to deploy some infras-


tructure and finally our Docker image to the cloud.

In a nutshell, CloudFormation takes a YAML or JSON file as input and provisions


all the resources listed in that file to the cloud. This way, we can spin up a
whole network with load balancers, application clusters, queues, databases, and
whatever else we might need.

Pretty much every AWS service provides some resources that we can provision
with CloudFormation. Almost everything that you can do via the AWS web
interface (called the AWS Console), you can also do with CloudFormation. The
docs provide a list of the available CloudFormation resources8 .

The advantage of this is clear: With CloudFormation, we can automate what we


would otherwise have to do manually.

Let’s have a look at what we’re going to deploy in this chapter:


8 https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-

ref.html
1. Getting Warm with AWS 11

We’re deploying an ECS cluster within a public subnet in a virtual private cloud.

For deploying our Todo app, we’re starting with just a few resources so we don’t
get overwhelmed. We’re deploying the following resources:

A Virtual Private Cloud (VPC) is the basis for many other resources we deploy.
It spins up a virtual network that is accessible only to us and our resources.

A VPC contains public and private subnets. A public subnet is reachable from
the internet, a private subnet is not. In our case, we deploy a single public subnet
only. For production deployments, we’d usually deploy at least two subnets,
each in a different availability zone (AZ) for higher availability.

To make a subnet public, we need an internet gateway. An internet gateway


allows outbound traffic from the resources in a public subnet to the internet
and it does network address translation (NAT) to route inbound traffic from the
internet to the resources in a public subnet.

A subnet that is not attached to an internet gateway makes it a private subnet.


1. Getting Warm with AWS 12

Into our public subnet, we deploy an ECS cluster. ECS (Elastic Container Service)
is an AWS service that automates much of the work to deploy Docker images.

Within an ECS cluster, we can define one or more different services that we want
to run. For each service, we can define a so-called task. A task is backed with a
Docker image. We can decide how many instances of each task we want to run
and ECS takes care of keeping that many instances alive at all times.

If the health check of one of our application instances (i.e. task instances) fails,
ECS will automatically kill that instance and restart a new one. If we want to
deploy a new version of the Docker image, we give ECS the URL to the new
Docker image and it will automatically do a rolling deployment, keeping at least
one instance alive at all times until all old instances have been replaced with
new ones.

Let’s get our hands dirty and have a look at the files that describe this infras-
tructure!

Inspecting the CloudFormation Templates

You can find the CloudFormation templates in the cloudformation folder9 on


GitHub.

In that folder, we have two YAML files - network.yml and service.yml - as


well as two shell scripts - create.sh and delete.sh.

The YAML files are the CloudFormation templates that describe the resources
we want to deploy. The shell scripts wrap some calls to the AWS CLI to create
(i.e. deploy) and delete (i.e. destroy) the resources described in those files. net-
work.yml describes the basic network infrastructure we need, and service.yml
describes the application we want to run in that network.
9 https://github.com/stratospheric-dev/stratospheric/tree/main/chapters/chapter-1/cloudformation
1. Getting Warm with AWS 13

Before we look at the CloudFormation files, we need to discuss the concept of


“stacks”.

A stack is CloudFormation’s unit of work. We cannot create single resources


with CloudFormation unless they are wrapped in a stack.

A YAML file (or JSON file, if you enjoy chasing closing brackets more than
chasing spaces) always describes the resources of a stack. Using the AWS CLI,
we can interact with this stack by creating it, deleting it, or modifying it.

CloudFormation will automatically resolve dependencies between the resources


defined in a stack. If we define a subnet and a VPC, for example, CloudFormation
will create the VPC before the subnet, because a subnet always refers to a
specific VPC. When deleting a stack, it will automatically delete the subnet
before deleting the VPC.

The Network Stack

With the CloudFormation basics in mind, let’s have a look at the first couple of
lines of the network stack defined in network.yml:

1 AWSTemplateFormatVersion: '2010-09-09'
2 Description: A basic network stack that creates a VPC with a single public subnet
3 and some ECS resources that we need to start a Docker container
4 within this subnet.
5 Resources:
6 ...

A stack file always refers to a version of the CloudFormation template syntax.


The last version is from 2010. It’s hard to believe that it hasn’t changed for more
than 10 years, but the syntax is rather simple, as we’ll see shortly, so it makes
sense that it’s stable.
1. Getting Warm with AWS 14

Next is a description of the stack and then a big section with the key Resources
that describes the resources we want to deploy in this stack.

In the network stack, we want to deploy the basic resources we need to deploy
our Todo application onto. That means we want to deploy a VPC with a public
subnet, an internet gateway to make that subnet accessible from the internet,
and an ECS cluster that we can later put our Docker image into.

The first resource we define within the Resources block is the VPC:

1 VPC:
2 Type: AWS::EC2::VPC
3 Properties:
4 CidrBlock: '10.0.0.0/16'

The key VPC we can choose as we see fit. We can reference the resource by this
name later in the template.

A resource always has a Type. There are a host of different resource types10
available since almost every AWS service allows us to create resources via
CloudFormation. In our case, we want to deploy a VPC - a virtual private cloud
in which we put all the other resources.

Next, a resource may require some Properties to work. Most resources do


require properties. To find out which properties are available, have a look
at the reference documentation of the resource you want to work with. The
easiest way to get there is by googling “cloudformation <resource name>”. The
documentation is not always clear about which properties are required and
which are optional, so it may require some trial and error when working with
a new resource.

In the case of our VPC, we only define the property CidrBlock that defines the
range of IP addresses available to any resources within the VPC that need an IP
10 https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-

ref.html
1. Getting Warm with AWS 15

address. The value 10.0.0.0/16 means that we’re creating a network with an IP
address range from 10.0.0.0 through 10.0.255.255 (the 16 leading bits 10.0
are fixed, the rest is free to use).

We could deploy the CloudFormation stack with only this single resource, but
we need some more infrastructure for deploying our application. Here’s a list of
all the resources we deploy with a short description for each. You can look them
up in the network.yml11 file to see their configuration:

• PublicSubnet: A public subnet in one of the availability zones of the


region we’re deploying into. We make this subnet public by setting MapPub-
licIpOnLaunch to true and attaching it to an internet gateway.
• InternetGateway: An internet gateway to allow inbound traffic from the
internet to resources in our public subnet and outbound traffic from the
subnet to the internet.
• GatewayAttachment: This resource of type VpcGatewayAttachment
attaches our subnet to the internet gateway, making it effectively public.
• PublicRouteTable: A RouteTable to define routes between the internet
gateway and the public subnet.
• PublicSubnetRouteTableAssociation: Some boilerplate to link the route
table with our public subnet.
• PublicRoute: The actual route telling AWS that we want to allow traffic
from our internet gateway to any IP address within our public subnet.
• ECSCluster: A container for running ECS tasks. We’ll deploy an ECS task
with our Docker image later in the service stack (service.yml).
• ECSSecurityGroup: A security group that we can later use to allow traffic
to the ECS tasks (i.e. to our Docker container). We’ll refer to this security
group later in the service stack (service.yml)
11 https://github.com/stratospheric-dev/stratospheric/blob/main/chapters/chapter-1/cloudformation/

network.yml
1. Getting Warm with AWS 16

• ECSSecurityGroupIngressFromAnywhere: A security group rule that al-


lows traffic from anywhere to any resources attached to our ECSSecurity-
Group.
• ECSRole: A role that attaches some permissions to the ecs-service princi-
pal. We’re giving the ECS service some permissions to modify networking
stuff for us.
• ECSTaskExecutionRole: A role that attaches some permissions to the ecs-
tasks principal. This role will give our ECS tasks permissions to write log
events, for example.

That’s quite some resources we need to know about and configure. Creating
CloudFormation templates quickly becomes a trial-and-error marathon until
you get it configured just right for your use case. Later in the book, we’ll have
a look at the AWS Cloud Development Kit (CDK) which takes some of that work
from our shoulders.

In case you wondered about the special syntax used in some places of the YAML
file, let’s quickly run through it:

• Fn::Select / !Select: Allows us to select one element from a list of


elements. We use it to select the first availability zone of the region we’re
working in.
• Fn::GetAZs / !GetAZs: Gives us a list of all availability zones in a region.
• Fn::Ref / !Ref: Allows us to reference another resource by the name we’ve
given to it.
• Fn::Join / !Join: Joins a list of strings to a single string, with a given
delimiter between each.
• Fn::GetAtt / !GetAtt: Resolves an attribute of a resource we’ve defined.

All functions have a long form (Fn::...) and a short form (!...) which behave
the same but look a bit different in YAML. In a nutshell, we can use the short
1. Getting Warm with AWS 17

form for single-line expressions and the long form for longer expressions that
we might want to split over several lines.

Finally, at the bottom of network.yml, we see an Outputs section:

1 Outputs:
2 ClusterName:
3 Description: The name of the ECS cluster
4 Value: !Ref 'ECSCluster'
5 Export:
6 Name: !Join [ ':', [ !Ref 'AWS::StackName', 'ClusterName' ] ]
7 ... (more outputs)

Each output describes a parameter that we want to export from the stack to be
used in other stacks.

For example, we export the name of the ECS Cluster under the name <NET-
WORK_STACK_NAME>:ClusterName. In other stacks, like our service stack, we
now only need to know the name of the network stack to access all of its output
parameters.

Let’s have a look at the service stack now to see how we deploy our application.

The Service Stack

The service stack is defined in service.yml12 . We call it “service stack” because


it describes an ECS task and an ECS service that spins up Docker containers and
does some magic to make them available via the internet.

Different from the network stack, the service stack starts with a Parameters
section:

12 https://github.com/stratospheric-dev/stratospheric/blob/main/chapters/chapter-1/cloudformation/

service.yml
1. Getting Warm with AWS 18

1 AWSTemplateFormatVersion: '2010-09-09'
2 Description: Deploys a Docker container within a previously created VPC.
3 Requires a running network stack.
4 Parameters:
5 NetworkStackName:
6 Type: String
7 Description: The name of the networking stack that
8 these resources are put into.
9 ServiceName:
10 Type: String
11 Description: A human-readable name for the service.
12 ImageUrl:
13 Type: String
14 Description: The url of a docker image that will handle incoming traffic.
15 ContainerPort:
16 Type: Number
17 Default: 80
18 Description: The port number the application inside the docker container
19 is binding to.
20 ContainerCpu:
21 Type: Number
22 Default: 256
23 Description: How much CPU to give the container. 1024 is 1 CPU.
24 ContainerMemory:
25 Type: Number
26 Default: 512
27 Description: How much memory in megabytes to give the container.
28 DesiredCount:
29 Type: Number
30 Default: 1
31 Description: How many copies of the service task to run.
32 ...

Within the Parameters section, we can define input parameters to a stack.


We’re passing the name of an existing network stack, for example, so that we
can refer to its output parameters. Also, we pass in a URL pointing to the Docker
image we want to deploy and some other information that we might want to
change from one deployment to another.

The service stack deploys merely three resources:


1. Getting Warm with AWS 19

• LogGroup: A container for the logs of our application.


• TaskDefinition: The definition for an ECS task. The task will pull one or
more Docker images from URLs and run them.
• Service: An ECS service that provides some logic around a task definition,
like how many instances should run in parallel and if they should be
assigned public IP addresses.

In several instances, you’ll see references to the network stack’s outputs like
this one:

1 Fn::ImportValue:
2 !Join [':', [!Ref 'NetworkStackName', 'ClusterName']]

Fn:ImportValue imports an output value exported by another stack. Since we


have included the network stack name in the name of its outputs, we need to
join the network stack name with the output parameter name to get the right
value.

So, we’ve looked at over 200 lines of YAML configuration describing the infras-
tructure we want to deploy. Later, we’ll see how to use CDK to achieve this in
Java instead of YAML, making it more reusable and easier to handle in general.

Inspecting the Deployment Scripts

Let’s deploy our app to the cloud! We’ll need the scripts create.sh and
delete.sh from the cloudformation folder in the GitHub repo13 .

Go ahead and run the create.sh script now, if you want. While you’re waiting
for the script to finish (it can take a couple of minutes), we’ll have a look at the
script itself.
13 https://github.com/stratospheric-dev/stratospheric/tree/main/chapters/chapter-1/cloudformation
1. Getting Warm with AWS 20

The script starts with calling aws cloudformation create-stack to create the
network stack:

1 aws cloudformation create-stack \


2 --stack-name stratospheric-basic-network \
3 --template-body file://network.yml \
4 --capabilities CAPABILITY_IAM
5
6 aws cloudformation wait stack-create-complete \
7 --stack-name stratospheric-basic-network

We’re passing the name for the stack, the path to our network.yml stack tem-
plate, and the capability CAPABILITY_IAM to allow the stack to make changes to
IAM (Identity and Access Management) roles.

Since the create-stack command executes asynchronously, we call aws


cloudformation wait stack-create-complete afterward to wait until the
stack is up and running.

Next, we’re doing the same for the service stack:

1 aws cloudformation create-stack \


2 --stack-name stratospheric-basic-service \
3 --template-body file://service.yml \
4 --parameters \
5 ParameterKey=NetworkStackName,ParameterValue=stratospheric-basic-network \
6 ParameterKey=ServiceName,ParameterValue=todo-app-v1 \
7 ParameterKey=ImageUrl,ParameterValue=docker.io/stratospheric/todo-app-v1:latest \
8 ParameterKey=ContainerPort,ParameterValue=8080
9
10 aws cloudformation wait stack-create-complete \
11 --stack-name stratospheric-basic-service

With --parameters, we’re passing in all the parameters that we


want to be different from the defaults. Specifically, we’re passing
docker.io/stratospheric/todo-app-v1:latest into the ImageUrl
parameter to tell AWS to download our Docker image and run it.
1. Getting Warm with AWS 21

After both stacks are up and running, we’re using some AWS command-line
magic to extract the public IP address of the running application:

1 CLUSTER_NAME=$(
2 aws cloudformation describe-stacks \
3 --stack-name stratospheric-basic-network \
4 --output text \
5 --query 'Stacks[0].Outputs[?OutputKey==`ClusterName`].OutputValue | [0]'
6 )
7 echo "ECS Cluster: " $CLUSTER_NAME
8
9 TASK_ARN=$(
10 aws ecs list-tasks \
11 --cluster $CLUSTER_NAME \
12 --output text --query 'taskArns[0]'
13 )
14 echo "ECS Task: " $TASK_ARN
15
16 ENI_ID=$(
17 aws ecs describe-tasks \
18 --cluster $CLUSTER_NAME \
19 --tasks $TASK_ARN \
20 --output text \
21 --query 'tasks[0].attachments[0].details[?name==`networkInterfaceId`].value'
22 )
23 echo "Network Interface: " $ENI_ID
24
25 PUBLIC_IP=$(
26 aws ec2 describe-network-interfaces \
27 --network-interface-ids $ENI_ID \
28 --output text \
29 --query 'NetworkInterfaces[0].Association.PublicIp'
30 )
31 echo "Public IP: " $PUBLIC_IP
32
33 echo "You can access your service at http://$PUBLIC_IP:8080"

We’re using different AWS commands to get the information we want. First,
we output the network stack and extract the name of the ECS cluster. With the
cluster name, we get the ARN (Amazon Resource Name) of the ECS task. With
1. Getting Warm with AWS 22

the task ARN, we get the ID of the network interface of that task. And with the
network interface ID, we finally get the public IP address of the application so
we know where to go.

All commands use the AWS CLI to output the results as text and we extract
certain information from that text with the --query parameter.

The output of the script should look something like that:

1 StackId: arn:aws:cloudformation:.../stratospheric-basic-network/...
2 StackId: arn:aws:cloudformation:.../stratospheric-basic-service/...
3 ECS Cluster: stratospheric-basic-network-ECSCluster-qqX6Swdw54PP
4 ECS Task: arn:aws:ecs:.../stratospheric-basic-network-...
5 Network Interface: eni-02c096ce1faa5ecb9
6 Public IP: 13.55.30.162
7 You can access your service at http://13.55.30.162:8080

Go ahead and copy the URL at the end into your browser and you should see the
text “Welcome to the Todo application” on your screen.

Hooray! We’ve just deployed an app and all the infrastructure it needs to the
cloud with a single CLI command! We’re going to leverage that later to create a
fully automated continuous deployment pipeline.

But first, let’s inspect the infrastructure and application we’ve deployed.

Inspecting the AWS Console

The AWS console is the cockpit for all things AWS. With our browser, we
can view the status of all the resources we’re using, interact with them, and
provision new resources.

We could have done everything we’ve encoded into the CloudFormation tem-
plates above by hand using the AWS console. But manually setting up infras-
1. Getting Warm with AWS 23

tructure is error-prone and not repeatable, so we’re not going to look at how to
do that.

However, the AWS console is a good place to view the resources we’ve deployed,
to check their status, and to kick off debugging if we need it.

Go ahead and log in to the AWS console14 and let’s take a quick tour!

After logging in, type “CloudFormation” into the “Find Services” box and select
the CloudFormation service.

You should see a list of your CloudFormation stacks with a status for each.
The list should contain at least the stacks stratospheric-basic-service
and stratospheric-basic-network in status CREATE_COMPLETE. Click on the
network stack.

In the detail view of a stack, we get a host of information about the stack. Click
on the “Events” tab first.

Here, we see a list of events for this stack. Each event is a status change of one
of the stack’s resources. We can see the history of events: In the beginning, a
bunch of resources were in status CREATE_IN_PROGRESS and transitioned into
status CREATE_COMPLETE a couple of seconds later. Then, when the resources
they depend on are ready, other resources started their life in the same way.
And so on. CloudFormation takes care of the dependencies between resources
and creates and deletes them in the correct sequence.

The “Events” tab is the place to go when the creation of a stack fails for some
reason. It will show which resource failed and will (usually) show an error
message that helps us to debug the problem.

Let’s move on to the “Resources” tab. It shows us a list of the network stack’s
resources. The list shows all the resources we’ve included in the network.yml
14 https://aws.amazon.com/console/
1. Getting Warm with AWS 24

CloudFormation template:

For some resources, we get a link to the resource in the “Physical ID” column.
Let’s click on the ID of the ECSCluster resource to take a look at our application.

The link has brought us to the console of the ECS service. We can also get here
by opening the “Services” dropdown at the top of the page and typing “ECS”
into the search box.

The detail view of our ECS cluster shows that we have 1 service and 1 task
running in this cluster. If we click on the “Tasks” tab, we see a list of running
tasks, which should contain one entry only. Let’s click on the link in the “Task”
column to get a detail view of the task.

The detail view shows a lot of information we’re not interested in, but it also
shows the public IP address of the task. This is the IP address that we extracted
via AWS CLI commands earlier. You can copy it into your browser, append the
port 8080, and you should see the hello message again.

Below the general information is a section called “Containers”, which shows


the container we’ve deployed with this task. Click on the little arrow on the left
to expand it. In the “Log Configuration” section, click on the link “View logs in
CloudWatch”.

CloudWatch is Amazon’s service for monitoring applications. In our service


stack, we added a “LogGroup” resource and used the name of that log group
in the logging configuration of the container definition. This is the reason why
we can now see the logs of that app in CloudWatch.

After the “Events” tab in the CloudFormation UI, the logs are the second place
to look at when (not if) something goes wrong.

This concludes our first experiment with AWS. Feel free to explore the AWS
console a bit more to get a feel for how everything works. We’ll go into more
1. Getting Warm with AWS 25

detail about different services in the rest of this book.

When you’re done, don’t forget to run delete.sh to delete the stacks again,
otherwise they will incur costs at some point. You can also delete the stacks via
the CloudFormation UI.
2. An Overview of AWS Services
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS CloudFormation

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS Cloud Development Kit (CDK)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon CloudWatch

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Cognito

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
2. An Overview of AWS Services 27

Amazon DynamoDB

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Elastic Compute Cloud (EC2)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Elastic Container Registry (ECR)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Elastic Container Service (ECS)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon MQ

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
2. An Overview of AWS Services 28

Amazon Relational Database Service (RDS)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Route 53

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Simple Email Service (SES)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Simple Queue Service (SQS)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Simple Storage Service (S3)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
2. An Overview of AWS Services 29

Amazon Virtual Private Cloud (VPC)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS Certificate Manager

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS Identity and Access Management (IAM)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS Lambda

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS Secrets Manager

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
2. An Overview of AWS Services 30

AWS Systems Manager (SSM)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Elastic Load Balancing (ELB)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
3. Managing Permissions with IAM
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Users, Groups, and Roles

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Root Users vs. Individual Users

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Defining Policies

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating AWS Access Keys for Each User

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
3. Managing Permissions with IAM 32

Managing IAM Resources Programmatically

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Best Practices for Managing Permissions with IAM

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
4. The Evolution of Automated
Deployments
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

An Anecdote about Manual Deployments

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Self-Service Deployments with the AWS Console

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Scriptable Deployments with the AWS CLI

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
4. The Evolution of Automated Deployments 34

Declarative Deployments with CloudFormation

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Programmable Deployments with CDK

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
5. First Steps with CDK
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating Our First CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Installing Node

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Installing the CDK CLI

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating the CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
5. First Steps with CDK 36

Making the CDK App Portable with the Maven Wrapper

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Inspecting the Generated Source Code

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Deploying the Generated CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Deploying a Spring Boot App with a CDK Construct

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Adding the Stratospheric Construct Library

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Using the SpringBootApplicationStack

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
5. First Steps with CDK 37

Deploying the CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Why Not Stop Here?

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
6. Designing a Deployment Project with
CDK
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The Big Picture

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Working with CDK

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The Docker Repository CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
6. Designing a Deployment Project with CDK 39

Parameterizing Account ID and Region

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Sanity Checking Input Parameters

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

One Stack per App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The DockerRepository Construct

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Wrapping CDK Commands with NPM

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The Network CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
6. Designing a Deployment Project with CDK 40

Managing Different Environments

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The Network Construct

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Sharing Output Parameters via SSM

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The Service CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Managing Different Environments

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Accessing Output Parameters from SSM

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
6. Designing a Deployment Project with CDK 41

Pulling a Docker Image

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Managing Environment Variables

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The Service Construct

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Playing with the CDK Apps

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
7. Building a Continuous Deployment
Pipeline
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

GitHub Actions Concepts

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Deploying a Shared Network

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Deploying an Application Environment

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
7. Building a Continuous Deployment Pipeline 43

Building a Continuous Deployment Workflow

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The “Build” Step

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The “Publish” Step

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The “Deploy” Step

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Reviewing the Continuous Deployment Pipeline

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
7. Building a Continuous Deployment Pipeline 44

Supporting High-Frequency Deployments with Amazon


SQS and AWS Lambda

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Building a Sequencer Lambda Function

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Provisioning the Queue and Lambda with CDK

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Splitting Up the “Publish” Workflow

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Reviewing the Continuous Deployment Pipeline

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Addendum: Configuring HTTPS and a
Custom Domain with Route 53 and ELB
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Domain Name System (DNS)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

HTTPS and Transport Layer Security (TLS)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Registering or Transferring a Domain

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Addendum: Configuring HTTPS and a Custom Domain with Route 53 and ELB 46

Creating an SSL Certificate with CDK

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating an HTTPS Listener Using the Network App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Associating a Custom Domain For the ELB

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Part II: Spring Boot & AWS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
8. The Sample Todo Application
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Features

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Registration and Login

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

CRUD: Viewing, Adding, and Deleting Todos

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Sharing Todos and Email Notifications

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
8. The Sample Todo Application 49

Push Notifications

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Application Architecture

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Configuration

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Features

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

User Interface

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Storage

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
8. The Sample Todo Application 50

Domain Model

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Skeleton Application Setup

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Core Dependencies

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS-Specific Configuration

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Our First Thymeleaf View

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
8. The Sample Todo Application 51

Docker Image

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

GitHub Repository Overview

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Building the App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Running the App in Dev Mode

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Build Setup and Continuous Deployment

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
9. Local Development
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The Challenges of Local Cloud Development

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

LocalStack - Our Local AWS Cloud

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Local Amazon RDS & Amazon Cognito

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Bringing It All Together

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
10. Building User Registration and Login
with Amazon Cognito
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

What’s OAuth2?

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

OAuth 2.0 Terminology

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

OpenID Connect 1.0 (OIDC)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
10. Building User Registration and Login with Amazon Cognito 54

Alternatives to OAuth2 & OpenID Connect

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Using Amazon Cognito for User Management

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Introduction to Amazon Cognito

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Cognito Terminology

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The Amazon Cognito CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating the UserPool

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
10. Building User Registration and Login with Amazon Cognito 55

Creating the UserPoolClient and UserPoolDomain

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Cognito Output Parameters

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

A Note on Secure Parameters

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Using AWS Cognito as an Identity Provider with Spring


Security

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

User Registration with Amazon Cognito

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Login with Amazon Cognito

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
10. Building User Registration and Login with Amazon Cognito 56

Shortcomings when Scaling Out

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Logout Process

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Enabling Local Development

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
11. Connecting to a Database with
Amazon RDS
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Introduction to AWS Relational Database Service (RDS)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Setting up IAM Permissions

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating a Database CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
11. Connecting to a Database with Amazon RDS 58

The PostgresDatabase CDK Construct

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Database Security Group

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Secret for Database Authentication

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Database Instance

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Secret Attachment

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Output Parameters

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
11. Connecting to a Database with Amazon RDS 59

The Database CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Deploying the Database Stack

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Modifying the Service Stack

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Strategies for Initializing the Database Structure

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating the Database Structure Manually

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Standard DDL Scripts: schema.sql, data.sql

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
11. Connecting to a Database with Amazon RDS 60

DDL Generation with JPA and Hibernate

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Database Migration Tools: Liquibase and Flyway

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Configuring the Database in the Todo App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Connecting to the Database

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Initializing the Database

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
11. Connecting to a Database with Amazon RDS 61

Using the Database for Storing and Retrieving Todos

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Primary Key and Object Identity

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Constraints and Validation

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Storing and Retrieving Information

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Enabling Local Development

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
12. Sharing Todos with Amazon SQS and
Amazon SES
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Using AWS SQS for Asynchronous Workloads

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Introduction to AWS SQS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Dead-Letter Queues

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS SQS vs. AWS SNS vs. Amazon MQ

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
12. Sharing Todos with Amazon SQS and Amazon SES 63

Creating the AWS SQS Setup with CDK

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Using AWS SQS for Our Todo Application

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Sending Messages to AWS SQS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Receiving AWS SQS Messages with Spring Cloud AWS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Acknowledging AWS SQS Messages with Spring Cloud AWS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Sending Emails with Amazon SES

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
12. Sharing Todos with Amazon SQS and Amazon SES 64

Introduction to AWS SES

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating the AWS SES Instance

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Requesting AWS SES Production Access

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Verifying a Domain

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Using AWS SES for Our Todo Application

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Sending Emails to Invite Collaborators

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
12. Sharing Todos with Amazon SQS and Amazon SES 65

Accepting Confirmations

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Enabling Local Development

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
13. Push Notifications with Amazon MQ
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

What Are Push Notifications Anyway?

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Push Notifications for Live Updates

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS Services for Implementing Push Notifications

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon Pinpoint

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
13. Push Notifications with Amazon MQ 67

Amazon IoT (Core)

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon SNS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon SQS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon MQ

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Setting up a Message Broker with CDK

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating an ActiveMQ User

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
13. Push Notifications with Amazon MQ 68

Defining a Security Group

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating the Message Broker

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Exporting Output Parameters

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

The ActiveMq CDK App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Connecting the Application to ActiveMQ

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Implementing Push Notifications in the Todo App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
13. Push Notifications with Amazon MQ 69

Protocols: WebSocket and STOMP

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Relaying WebSocket Connections

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Connecting to a STOMP Server

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Adding Push Notifications to the Frontend

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Enabling Local Development

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
14. Tracing User Actions with Amazon
DynamoDB
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Use Case: Tracing User Actions

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon RDS vs. Amazon DynamoDB

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

CAP Theorem

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
14. Tracing User Actions with Amazon DynamoDB 71

ACID

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Scenarios

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Benefits of DynamoDB

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

DynamoDB Terminology

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Designing Data Schemas with DynamoDB

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Implementing User Tracing in the Todo App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
14. Tracing User Actions with Amazon DynamoDB 72

Connecting to DynamoDB

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Initializing a DynamoDB Table

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Mapping a DynamoDB Table to Java Objects

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Storing Items in DynamoDB via Spring Events

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Setting up the Required IAM Permissions

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Reading from a DynamoDB Table

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
14. Tracing User Actions with Amazon DynamoDB 73

Enabling Local Development

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Part III: Production Readiness
with AWS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
15. Structured Logging with Amazon
CloudWatch
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Logging with AWS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

CloudWatch Logging Terminology

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Status Quo: Logging Unstructured Text

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
15. Structured Logging with Amazon CloudWatch 76

Configuring ECS to Send Logs to CloudWatch

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Querying Unstructured Logs with CloudWatch Logs Insights

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Logging and Querying Structured Data

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Adding Custom Fields to Log Events

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Configuring Spring Boot to Log JSON

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Configuring ECS to Parse Logs

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
15. Structured Logging with Amazon CloudWatch 77

Querying Structured Log Data with CloudWatch Insights

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
16. Metrics with Amazon CloudWatch
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Introduction to Monitoring Metrics with Amazon


CloudWatch

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Sending Metrics from AWS Services

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon ECS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS ELB

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
16. Metrics with Amazon CloudWatch 79

Amazon Cognito

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon SQS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon RDS

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon DynamoDB

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon SES

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Amazon MQ

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
16. Metrics with Amazon CloudWatch 80

Amazon S3

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

AWS Lambda

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Sending Metrics from Our Spring Boot Application

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Configuration

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Emitting Custom Metrics from the Todo Application

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
16. Metrics with Amazon CloudWatch 81

Monitoring Metrics with Amazon CloudWatch

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating Dashboards with Amazon CloudWatch

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Alternatives to Amazon CloudWatch

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
17. Alerting with Amazon CloudWatch
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Introduction to Alerting with Amazon CloudWatch

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating Alarms with the AWS CDK

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating Metric Alarms

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Adding Alarm Actions

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
17. Alerting with Amazon CloudWatch 83

Creating Alarms Based on Logs

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Creating Composite Alarms

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Working and Living with Alarms and Incidents

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
18. Synthetic Monitoring with Amazon
CloudWatch
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Introduction to CloudWatch Synthetics

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Recording a Canary Script for the Todo App

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Keeping it Simple

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
18. Synthetic Monitoring with Amazon CloudWatch 85

Automating Canary Deployment with CDK

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Alerting on Canary Failure

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Closing Thoughts

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Conquer the Cloud
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Appendix

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Deployment Guide

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Step 1: Deploy the Surrounding Infrastructure

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Step 2: Build and Push the First Docker Image

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
89

Step 3: Deploy the Docker Image to the ECS Cluster

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Step 4: (Optional) Deploy the Monitoring Infrastructure

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Step 5: (Optional) Deploy the Canary Stack

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

Step 6: Destroy Everything

This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Changelog
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.
Links and Resources
This content is not available in the sample book. The book can be purchased on
Leanpub at http://leanpub.com/stratospheric.

You might also like