Externally indexed torrent

If you are the original uploader, contact staff to have it moved to your account

Textbook in PDF format

Security for cloud-native applications is an overview of cloud-native application's characteristics from a security point of view, filled with best practices for securing services based on AWS, Azure, and GCP infrastructure.
This book is a practical guide for securing cloud-native applications throughout their lifecycle. It establishes foundational knowledge of cloud services and cloud-native characteristics. It focuses on securing design approaches like APIs, microservices, and event-driven architectures. Specific technologies like containers, Kubernetes, and serverless functions are covered with security best practices. The book emphasizes integrating security throughout development using CI/CD pipelines and IaC tools. It explores policy as code for enforcing security policies and immutable infrastructure for enhanced security posture. Key management and threat detection strategies are also covered. Finally, the book offers a practical example and resources for further learning.
Kubernetes is considered the de facto standard for Container orchestrators. It allows you to deploy applications on a large scale and spin up or down new containers, according to application load, ensuring all containers are healthy (otherwise, Kubernetes deploys new containers to replace the unhealthy ones). There are many benefits to choosing Kubernetes as an orchestrator for provisioning modern applications using containers. Let us discuss some of the benefits of using Kubernetes. Kubernetes can be deployed and run almost anywhere, from managed cloud environments to on-prem clusters (local data centers) and at the edge where compute and storage resources are close to data generation. Kubernetes configurations are done (mostly) using YAML configuration files, allowing you to pull the YAML files from a central code repository, make the relevant changes, and be able to deploy new configurations and new applications in a standard way to all environments, such as Dev, Test, and Prod.
By the end of the book, the reader will be able to design and secure modern applications using the public cloud scale, managed services, automation, and built-in security controls.
Introduction to Cloud Native Applications
Securing Modern Design Architectures
Containers and Kubernetes for Cloud Native Applications
Serverless for Cloud Native Applications
Building Secure CI/CD Pipelines
The 12-Factor Application Methodology
Using Infrastructure as Code
Authorization and Policy as Code
Implementing Immutable Infrastructure
Encryption and Secrets Management
Threat Management in Cloud Native Applications
Summary and Key Takeaways