Book Image

AWS Certified Developer - Associate Guide

By : Vipul Tankariya, Bhavin Parmar
Book Image

AWS Certified Developer - Associate Guide

By: Vipul Tankariya, Bhavin Parmar

Overview of this book

AWS Certified Developer - Associate Guide starts with a quick introduction to AWS and the prerequisites to get you started. Then, this book gives you a fair understanding of core AWS services and basic architecture. Next, this book will describe about getting familiar with Identity and Access Management (IAM) along with Virtual private cloud (VPC). Moving ahead you will learn about Elastic Compute cloud (EC2) and handling application traffic with Elastic Load Balancing (ELB). Going ahead you we will talk about Monitoring with CloudWatch, Simple storage service (S3) and Glacier and CloudFront along with other AWS storage options. Next we will take you through AWS DynamoDB – A NoSQL Database Service, Amazon Simple Queue Service (SQS) and CloudFormation Overview. Finally, this book covers understanding Elastic Beanstalk and overview of AWS lambda. At the end of this book, we will cover enough topics, tips and tricks along with mock tests for you to be able to pass the AWS Certified Developer - Associate exam and develop as well as manage your applications on the AWS platform.

Related Content you might be interested in

Current Title:

Small book image
AWS Certified Developer - Associate Guide
Vipul Tankariya | Bhavin Parmar
Sep, 2017 | 600 pages
Small book image
AWS Certified SysOps Administrator ??? Associate Guide
Marko Sluga
Jan, 2019 | 584 pages
Small book image
Designing AWS Environments
Wayde Gilchrist | Mitesh Soni
Sep, 2018 | 174 pages
Small book image
AWS Tools for PowerShell 6
Ramesh Waghmare
Aug, 2017 | 372 pages
Table of Contents (29 chapters)
Title Page
Title Page
Credits
Credits
About the Author
About the Author
Acknowledgments
Acknowledgments
About the Author
About the Author
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Customer Feedback
Customer Feedback
Dedication
Dedication
Preface
Preface
Free Chapter
1
AWS Certified Developer – Associate Certification
AWS Certified Developer – Associate Certification
Domain 1.0 – AWS fundamentals
Domain 2.0 – Designing and developing
Domain 3.0 – Deployment and security
Domain 4.0 – Debugging
Frequently asked questions about the exam
2
Introduction to Cloud Computing and AWS
Introduction to Cloud Computing and AWS
History of the cloud
Basic AWS concepts
Benefits of using AWS over a traditional data center
Accessing AWS services
AWS overview
What are SaaS, PaaS, and IaaS?
Understanding virtualization
Elasticity versus scalability
Comparing AWS cloud and on-premise data centers
Total Cost of Ownership (TCO) versus Return on Investment (ROI)
Creating a new AWS account
Deleting an AWS account
AWS free tier
Root user versus non-root user
AWS dashboard
Core AWS services
Shared security responsibility model
AWS soft limits
Disaster recovery with AWS
3
Identity and Access Management
Identity and Access Management
Understanding the AWS root user
Elements of IAM
Introduction to AWS CLI
Groups
IAM role
Policy
STS
IAM best practices
Exam tips
4
Virtual Private Clouds
Virtual Private Clouds
AWS VPCs
Subnets
IP addressing
Creating a VPC
Security
VPC networking components
NATs
DHCP option sets
VPC peering
VPC endpoints
ClassicLink
VPC best practices
5
Getting Started with Elastic Compute Cloud
Getting Started with Elastic Compute Cloud
Introduction to EC2
Pricing for EC2
EC2 instance life cycle
AMIs
Introducing EBS
EC2 best practices
6
Handling Application Traffic with Elastic Load Balancing
Handling Application Traffic with Elastic Load Balancing
Introduction to the Elastic Load Balancer
ELB best practices
7
Monitoring with CloudWatch
Monitoring with CloudWatch
How Amazon CloudWatch works
Elements of Amazon CloudWatch
CloudWatch dashboards
Monitoring types – basic and detailed
CloudWatch best practices
8
Simple Storage Service, Glacier, and CloudFront
Simple Storage Service, Glacier, and CloudFront
Amazon S3
Creating a bucket
Transfer Acceleration
Requester Pay model
Understanding objects
Versioning
Object tagging
S3 storage classes
Comparison of S3 storage classes and Glacier
Life cycle management
Hosting a static website on S3
Cross-Origin Resource Sharing (CORS)
Cross-region replication
9
Other AWS Storage Options
Other AWS Storage Options
Amazon EFS
AWS Storage Gateway
AWS Snowball
AWS Snowmobile
10
AWS Relational Database Services
AWS Relational Database Services
Amazon RDS components
RDS engine types
Creating an Amazon RDS MySQL DB instance
Monitoring RDS instances
Creating a snapshot
Restoring a DB from a snapshot
Changing an RDS instance type
Amazon RDS and VPC
Connecting to an Amazon RDS DB instance
RDS best practices
11
AWS DynamoDB - A NoSQL Database Service
AWS DynamoDB - A NoSQL Database Service
Let's first understand what an RDBMS is
Introducing DynamoDB
DynamoDB best practices
12
Amazon Simple Queue Service
Amazon Simple Queue Service
Why use SQS?
How do queues work?
Main features of SQS
Types of queues
Dead Letter Queue (DLQ)
Queue attributes
Creating a queue
Sending a message in a queue
Viewing/deleting a message from a queue
Purging a queue
Deleting a queue
Subscribing a queue to a topic
Adding user permissions to a queue
SQS limits
Queue monitoring and logging
SQS security
13
Simple Notification Service
Simple Notification Service
Introduction to Amazon SNS
Creating an Amazon SNS topic
Subscribing to an SNS topic
Publishing a message to an SNS topic
Deleting an SNS topic
Managing access to Amazon SNS topics
Invoking the Lambda function using SNS notification
Sending Amazon SNS messages to Amazon SQS queues
Monitoring SNS with CloudWatch
SNS best practices
14
Simple Workflow Service
Simple Workflow Service
When to use Amazon SWF
Workflow
Lifecycle of workflow execution
Polling for tasks
SWF endpoints
Managing access with IAM
15
AWS CloudFormation
AWS CloudFormation
What is a template?
What is a stack?
CloudFormation best practices
16
Elastic Beanstalk
Elastic Beanstalk
Elastic Beanstalk components
Architectural concepts
Getting started using Elastic Beanstalk
Version life cycle
Deploying web applications to Elastic Beanstalk environments
Monitoring the web application environment
Elastic Beanstalk best practices
17
Overview of AWS Lambda
Overview of AWS Lambda
Introduction to AWS Lambda
Environment variables
Tagging Lambda functions
Event source mapping for AWS services
Event source mapping for AWS stream-based services
Event source mapping for custom applications
AWS Lambda best practices
18
Mock Tests
Mock Tests
Mock test 1
Mock test 2
Answers to Mock test 1
Answers to Mock test 2
Index
Index

Managing access with IAM

You can manage controlled access to SWF resources using IAM. Using IAM, you can create users in your AWS account and provide them respective permissions. Each IAM user has a separate set of IAM keys. These IAM keys provide users with access to respective resources on AWS. An IAM policy can be attached to a user that controls what resources a user can access. Using IAM policies, you can control access at the granular level, such as allow or deny access to a specific set of SWF domains.

SWF uses the following principles for access control:

  • Access to various SWF resources is controlled only on the basis of IAM policies.
  • IAM uses denying by default policy. That means, if you do not explicitly allow any access, by default, access is denied.
  • You need to attach IAM policies to the actors of the workflow for controlling access to the SWF resources.
  • You can specify resource permissions only for domains.
  • You can use conditions in the permission to further restrict the permission...
Previous Section
End of Chapter 14
Next Chapter