AWS Certified SysOps Administrator Official Study Guide: Associate Exam 9781119377429, 1119377420

Comprehensive, interactive exam preparation and so much more The AWS Certified SysOps Administrator Official Study Gui

1,198 90 6MB

English Pages xxxiii, 517 pages : illustrations ; 24 cm Year 2018;2017

Report DMCA / Copyright


AWS Certified SysOps Administrator Official Study Guide: Associate Exam
 9781119377429, 1119377420

Table of contents :
Foreword xixIntroduction xxiAssessment Test xxviChapter 1 Introduction to Systems Operations on AWS 1Systems Operators 2Deploying Systems 2Monitoring Systems 2Optimizing Systems 3Fortifying Systems 3Securing Systems 3AWS Certified SysOps Administrator - Associate 4Which AWS Services Should You Study? 4Reference Architecture: The Three-Tier Design 5Introduction to the Three-Tier Design 5Sample Scenario 6Reference Architecture: The Serverless Design 14Key Product: Serverless Design 17Summary 18Exam Essentials 18Key Pieces to Study 19Review Questions 20Chapter 2 Working with AWS Cloud Services 23Introduction to AWS Cloud Services 24Systems Operations Using the AWS Toolset 24AWS Software Development Kits (SDKs) 30AWS Internet of Things (IoT) and Mobile SoftwareDevelopment Kits (SDKs) 33Summary 34Exam Essentials 35Resources to Review 35Exercises 35Review Questions 38Chapter 3 Security and AWS Identity and Access Management (IAM) 41Security on AWS 43Shared Responsibility Model 43AWS Security Responsibilities 43Customer Security Responsibilities 44AWS Global Infrastructure Security 44Physical and Environmental Security 46Business Continuity Management 47Network Security 48Network Monitoring and Protection 49AWS Compliance Program 50Securing Your AWS Account with AWS Identity and Access Management (IAM) 51IAM User 52IAM Groups 56IAM Policies 56IAM Roles 57Best Practices for Securing Your AWS Account 58Securing Your AWS Cloud Services 59Key Pairs 59Monitoring to Enhance Security 62AWS CloudTrail 62Amazon Virtual Private Cloud (Amazon VPC) Flow Logs 62Amazon CloudWatch 63AWS Config 63Amazon Inspector 64AWS Certificate Manager 64AWS Web Application Firewall (AWS WAF) 64AWS Trusted Advisor 64AWS Cloud Service-Specific Security 65Compute Services 65Networking 69Storage 75AWS Storage Gateway Security 80Database 80Application Services 88Analytics Services 89Deployment and Management Services 91Mobile Services 92Applications 94Summary 95Exam Essentials 96Exercises 98Review Questions 103Chapter 4 Compute 107Introduction to AWS Compute Services 109Amazon Elastic Compute Cloud (Amazon EC2) 111Implementation 111Management 117Security 122Amazon EC2 Container Service (Amazon ECS) 123Implementation 124Management 124Security 125AWS Elastic Beanstalk 125Languages Supported in AWS Elastic Beanstalk 126Services that AWS Elastic Beanstalk Deploys 126Management 126Security 127AWS Lambda 128Implementation 128Management 130Security 130Amazon Lightsail 130Implementation 131Management 131Security 133AWS Batch 133Implementation 133Management 135Security 135Summary 135Exam Essentials 136Resources to Review 139Exercises 140Review Questions 146Chapter 5 Networking 151Introduction to Networking on AWS 153Amazon Virtual Private Cloud (Amazon VPC) 154Amazon VPC Implementation 154Amazon VPC Management 164AWS Direct Connect 166AWS Direct Connect Implementation 167AWS Direct Connect Management 169AWS Direct Connect Security 170Load Balancing 171Load Balancing Implementation 172Load Balancing Management 176Load Balancing Security 178Virtual Private Network (VPN) 178VPN Installation 178VPN Management 179Amazon Route 53 179Amazon Route 53 Implementation 180Amazon Route 53 Management 185Amazon CloudFront 185Amazon CloudFront Implementation 186Amazon CloudFront Management 194Amazon CloudFront Security 194Summary 195Resources to Review 195Exam Essentials 196Exercises 198Review Questions 201Chapter 6 Storage Systems 207Understanding Different Storage Options 209Block Storage vs. Object Storage 209Block Storage Basics 210Object Storage Basics 210Retrieval Times (Hot vs. Cold Storage) 211Cost Efficiency 211Block Storage on AWS 212Amazon Elastic Block Store (Amazon EBS) 212Instance Store 221Amazon Elastic File System (Amazon EFS) 222Object Storage on AWS 224Amazon Simple Storage Service (Amazon S3) 224Amazon Glacier 230Systems Operator Scenario: The Newspaper 232Storage Needs 233Solution Breakdown 233Additional Storage Solutions 234Amazon CloudFront 234AWS Storage Gateway 235AWS Snowball 235Summary 236Resources to Review 236Exam Essentials 237Exercises 239Review Questions 244Chapter 7 Databases 249Introduction to AWS Databases 250SQL vs. NoSQL 251Relational Databases Overview 252Relational Database Design 252Non-Relational Database Overview 253Amazon RDS Features and Benefits 254Amazon Aurora 256Monitoring Amazon RDS 278Monitoring Tools 278Amazon RDS Pricing 282Non-Relational Databases 283Amazon DynamoDB 283Amazon DynamoDB Core Components 284Amazon Redshift 292Cluster Management 293Cluster Access and Security 293Databases 294Monitoring Clusters 295Amazon ElastiCache 296Summary 298Resources to Review 298Exam Essentials 299Exercises 300Review Questions 307Chapter 8 Application Deployment and Management 313Introduction to Application Deployment and Management 314Deployment Strategies 314Provisioning Infrastructure 314Deploying Applications 315Configuration Management 315Scalability Capabilities 318Monitoring Resources 318Continuous Deployment 319Deployment Services 322AWS Elastic Beanstalk 323Amazon EC2 Container Service 325AWS OpsWorks Stacks 328AWS CloudFormation 330AWS Command Line Interface (AWS CLI) 345Summary 346Resources to Review 347Exam Essentials 347Exercises 349Review Questions 358Chapter 9 Monitoring and Metrics 363Introduction to Monitoring and Metrics 364An Overview of Monitoring 364Why Monitor? 364Amazon CloudWatch 365AWS CloudTrail 365AWS Config 365AWS Trusted Advisor 366AWS Service Health Dashboard 366AWS Personal Health Dashboard 367Amazon CloudWatch 367Metrics 369Custom Metrics 369Amazon CloudWatch Metrics Retention 370Namespaces 371Dimensions 372Statistics 373Units 374Periods 374Aggregation 375Dashboards 376Percentiles 376Monitoring Baselines 377Amazon EC2 Status Checks 378Authentication and Access Control 379AWS Cloud Services Integration 382Amazon CloudWatch Limits 382Amazon CloudWatch Alarms 384Alarms and Thresholds 384Missing Data Points 386Common Amazon CloudWatch Metrics 386Amazon CloudWatch Events 395Events 396Rules 397Targets 397Metrics and Dimensions 398Amazon CloudWatch Logs 399Archived Data 400Log Monitoring 400Amazon CloudWatch Logs: Agents and IAM 401Searching and Filtering Log Data 403Monitoring AWS Charges 406Detailed Billing 407Cost Explorer 409AWS Billing and Cost Management Metrics and Dimensions 410AWS CloudTrail 411What Are Trails? 411Types of Trails 411Multiple Trails per Region 412Encryption 412AWS CloudTrail Log Delivery 412Overview: Creating a Trail 413Monitoring with AWS CloudTrail 413AWS CloudTrail vs. Amazon CloudWatch 414AWS CloudTrail: Trail Naming Requirements 414Getting and Viewing AWS CloudTrail Log Files 414AWS Config 417Ways to Use AWS Config 418AWS Config Rules 419AWS Config and AWS CloudTrail 420Pricing 421Summary 421Resources to Review 422Exam Essentials 423Exercises 425Review Questions 438Chapter 10 High Availability 441Introduction to High Availability 443Amazon Simple Queue Service 444Using Amazon Simple Queue Service to Decouple an Application 444Standard Queues 448First-In, First-Out Queues 448Dead Letter Queues 449Shared Queues 449Amazon Simple Notification Service 450Mobile Push Messaging 451Amazon SNS Fan-Out Scenario 451Highly Available Architectures 452Network Address Translation (NAT) Gateways 453Elastic Load Balancing 453Auto Scaling 454Session State Management 455Amazon Elastic Compute Cloud Auto Recovery 455Scaling Your Amazon Relational Database Service Deployment 456Multi-Region High Availability 457Amazon Simple Storage Service 457Amazon DynamoDB 457Amazon Route 53 457Highly Available Connectivity Options 463Redundant Active-Active VPN Connections 463Redundant Active-Active AWS Direct Connect Connections 465AWS Direct Connect with Backup VPN Connection 466Disaster Recovery 467Backup and Restore Method 467Pilot Light Method 468Warm-Standby Method 470Multi-Site Solution Method 470Failing Back from a Disaster 471Summary 472Resources to Review 473Exam Essentials 473Exercises 474Review Questions 478Appendix Answers to the Review Questions 481Chapter 1: Introduction to Systems Operations on AWS 482Chapter 2: Working with AWS Cloud Services 483Chapter 3: Security and AWS Identity and Access Management (IAM) 483Chapter 4: Compute 485Chapter 5: Networking 486Chapter 6: Storage Systems 488Chapter 7: Databases 490Chapter 8: Application Deployment and Management 492Chapter 9: Monitoring and Metrics 494Chapter 10: High Availability 496Index 499Table of ExercisesExercise 2.1 Install and Configure AWS CLI on Linux or Mac 36Exercise 2.2 Install and Configure AWS CLI on Windows with MSI36Exercise 3.1 Creating AWS Identity and Access Management (IAM) Users99Exercise 3.2 Create IAM Credentials99Exercise 3.3 Create IAM Groups100Exercise 3.4 Working with IAM Policies.101Exercise 3.5 Working with IAM Roles.101Exercise 4.1 Create a Linux Instance via the AWS Management Console.141Exercise 4.2 Create a Windows Instance via the AWS Management Console142Exercise 4.3 Create a Linux Instance via the AWS CLI142Exercise 4.4 Create a Windows Instance via the AWS CLI.143Exercise 4.5 Inspect the AWS Service Health Dashboards143Exercise 4.6 Use the Elastic IP Addresses144Exercise 4.7 Work with Metadata144Exercise 4.8 Attach an AWS IAM Role to an Instance145Exercise 5.1 Create an Elastic IP (EIP)198Exercise 5.2 Create an Amazon VPC 198Exercise 5.3 Tag Your Amazon VPC and Subnets199Exercise 5.4 Create an Elastic Network Interface (ENI)199Exercise 5.5 Associate the ENI200Exercise 5.6 Test Your ENI200Exercise 5.7 Delete VPC200Exercise 6.1 Create an Encrypted Amazon EBS Volume240Exercise 6.2 Monitor Amazon EBS Using Amazon CloudWatch.240Exercise 6.3 Create and Attach an Amazon EFS Volume.240Exercise 6.4 Create and Use an Amazon S3 Bucket241Exercise 6.5 Enable Amazon S3 Versioning242Exercise 6.6 Enable Cross-Region Replication242Exercise 6.7 Create an Amazon Glacier Vault242Exercise 6.8 Enable Lifecycle Rules243Exercise 7.1 Create a New Option Group Using the Console300Exercise 7.2 Create an Amazon DynamoDB Table from the AWS CLI301Exercise 7.3 Add Items to the Amazon DynamoDB Table MusicCollection Using the AWS CLI302Exercise 7.4 Create a MySQL Amazon RDS DB Instance303Exercise 8.1 Create an AWS Elastic Beanstalk Environment.349Exercise 8.2 Manage Application Versions with AWS Elastic Beanstalk349Exercise 8.3 Perform a Blue/Green Deployment with AWS Elastic Beanstalk350Exercise 8.4 Create an Amazon ECS Cluster350Exercise 8.5 Launch an Amazon EC2 Instance Optimized for Amazon ECS351Exercise 8.6 Use Amazon ECR.352Exercise 8.7 Work with Amazon ECS Task Definitions.352Exercise 8.8 Work with Amazon ECS Services354Exercise 8.9 Create an AWS OpsWorks Stack355Exercise 8.10 Make a Layer in AWS OpsWorks Stacks.355Exercise 8.11 Add an Amazon EC2 Instance to an AWS OpsWorks Stacks Layer356Exercise 8.12 Add an Application to AWS OpsWorks Stacks 356Exercise 8.13 Create an AWS CloudFormation Stack.357Exercise 8.14 Delete an AWS CloudFormation Stack.357Exercise 9.1 Search for Available Metrics425Exercise 9.2 View Available Metrics for Running Amazon EC2 Instances by Namespace and Dimension Using the Amazon CloudWatch Console426Exercise 9.3 View Available Metrics by Namespace, Dimension, or Metric Using the AWS CLI429Exercise 9.4 List All Available Metrics for a Specific Resource.430Exercise 9.5 List all Resources that Use a Single Metric430Exercise 9.6 Get Statistics for a Specific Resource430Exercise 9.7 Get CPU Utilization for a Single Amazon EC2 Instance from the Command Line433Exercise 9.8 Create a Billing Alert. 435Exercise 9.9 Create a Billing Alarm.435Exercise 9.10 Create an Amazon CloudWatch Dashboard.436Exercise 10.1 Create an Amazon SNS Topic475Exercise 10.2 Create a Subscription to Your Topic475Exercise 10.3 Publish to Your Topic 475Exercise 10.4 Create an Amazon Simple Queue Service (Amazon SQS).476Exercise 10.5 Subscribe the Queue to Your Amazon SNS Topic476Exercise 10.6 Deploy Amazon RDS in a Multi-AZ Configuration477

Polecaj historie