Book Image

AWS Certified SysOps Administrator ??? Associate Guide

By : Marko Sluga

Book Image

AWS Certified SysOps Administrator ??? Associate Guide

By: Marko Sluga

Overview of this book

AWS certifications are becoming one of the must have certifications for any IT professional working on an AWS Cloud platform. This book will act as your one stop preparation guide to validate your technical expertise in deployment, management, and operations on the AWS platform. Along with exam specific content this book will also deep dive into real world scenarios and hands-on instructions. This book will revolve around concepts like teaching you to deploy, manage, and operate scalable, highly available, and fault tolerant systems on AWS. You will also learn to migrate an existing on-premises application to AWS. You get hands-on experience in selecting the appropriate AWS service based on compute, data, or security requirements. This book will also get you well versed with estimating AWS usage costs and identifying operational cost control mechanisms. By the end of this book, you will be all prepared to implement and manage resources efficiently on the AWS cloud along with confidently passing the AWS Certified SysOps Administrator – Associate exam.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Overview of AWS Certified SysOps Administrators and Associated Certification

Overview of AWS Certified SysOps Administrators and Associated Certification

The exam blueprint

The exam's requirements

The exam's structure

The exam knowledge domains

The questions structure

Taking the exam

The Fundamentals of Amazon Web Services

The Fundamentals of Amazon Web Services

Technical requirements

What is the AWS platform?

The shared responsibility model

Advantages of using AWS

AWS Foundation Services

AWS Platform Services

Using AWS services

Cloud-native and serverless designs

Choosing availability zones and regions

Further reading

Managing AWS Security with Identity and Access Management

Managing AWS Security with Identity and Access Management

Technical requirements

Overview of Identity and Access Management

Managing access with IAM

Integration with external directories

IAM best practices

Further reading

Networking with the Virtual Private Cloud

Networking with the Virtual Private Cloud

Technical requirements

Connecting to on-premises resources

VPC endpoints and AWS PrivateLink

VPC peering connections

Network security in the VPC

Building a custom VPC

Further reading

Managing Servers on AWS with Elastic Compute Cloud

Managing Servers on AWS with Elastic Compute Cloud

Technical requirements

Components of a virtual machine instance

Instance store and EBS volumes

Connecting instances to the network

EC2 high availability scenarios

EC2 placement groups

Building an EC2 instance in AWS

Further reading

Handling Server Traffic with Elastic Load Balancing

Handling Server Traffic with Elastic Load Balancing

Technical requirements

The AWS Elastic Load Balancing service

Maintaining session state

Building an ELB for EC2 instances

Further reading

Understanding Simple Storage Service and Glacier

Understanding Simple Storage Service and Glacier

Technical requirements

Overview of Amazon S3 and Glacier

S3 storage classes

S3 bucket restrictions and limitations

S3 performance recommendations

Amazon S3 and Glacier use cases

Working with S3

Further reading

Understanding Content Distribution with CloudFront

Understanding Content Distribution with CloudFront

Technical requirements

Overview of CloudFront

Content delivery methods

Working with CloudFront

Further reading

AWS Storage Options

AWS Storage Options

Technical requirements

Overview of storage options on AWS

Introduction to Elastic File System (EFS)

Introduction to Storage Gateway

Introduction to Snowball

Introduction to Snowmobile

Further reading

Working with the Route 53 Domain Name System

Working with the Route 53 Domain Name System

Technical requirements

Introduction to Route 53

Route 53 supported DNS resource record types

Registering a domain and creating a zone

Routing policies

Health checking

Further reading

Working with Relational Database Services

Working with Relational Database Services

Technical requirements

Introduction to RDS

RDS engine types

Best practices for deploying RDS instances

Changing RDS instance types

Sharding data over RDS instances

Creating and restoring snapshots

Further reading

Introduction to ElastiCache

Introduction to ElastiCache

Technical requirements

What is ElastiCache?

Caching strategies

Further reading

Amazon DynamoDB - A NoSQL Database Service

Amazon DynamoDB - A NoSQL Database Service

Technical requirements

Introduction to DynamoDB

ACID versus BASE

Relational versus non-relational DB

DynamoDB core concepts

Read consistency

Creating a DynamoDB table

DynamoDB provisioned throughput

DynamoDB partitions and distribution

Accessing DynamoDB

User authentication and access control

DynamoDB service ceiling

Further reading

Working with Simple Queue Service

Working with Simple Queue Service

Technical requirements

Introduction to queuing

How a queue works

Managing queues

Working with messages

Further reading

Handling Messaging with Simple Notification Service

Handling Messaging with Simple Notification Service

Technical requirements

Introduction to SNS

Working with topics

Managing SNS access

Further reading

Getting Started with Simple Workflow Service

Getting Started with Simple Workflow Service

Technical requirements

Introduction to SWF

Components of the SWF

Managing access with IAM

Further reading

Overview of AWS Lambda

Overview of AWS Lambda

Technical requirements

Introduction to AWS Lambda

Supported languages

Creating a Lambda function

Supported AWS services

Further reading

Monitoring Resources with Amazon CloudWatch

Monitoring Resources with Amazon CloudWatch

Technical requirements

Introduction to Amazon CloudWatch

How CloudWatch works

Elements of CloudWatch

CloudWatch dashboards

Monitoring ElastiCache

SQS monitoring and logging

Monitoring SNS with CloudWatch

Monitoring Elastic Beanstalk environments

Further reading

Understanding Elastic Beanstalk

Understanding Elastic Beanstalk

Technical requirements

Introduction to Elastic Beanstalk

Supported platforms

Supported AWS services

Deploying an application with Elastic Beanstalk

Managing Elastic Beanstalk environments

Updating Elastic Beanstalk environments

Further reading

Automation with the CloudFormation Service

Automation with the CloudFormation Service

Technical requirements

Introduction to CloudFormation

CloudFormation basic elements

How does CloudFormation work?

Creating an EC2 instance using a template (code example)

Further reading

Cloud Orchestration with OpsWorks

Cloud Orchestration with OpsWorks

Technical requirements

Introduction to OpsWorks

How OpsWorks works

Components of OpsWorks

Further reading

Exam Tips and Tricks

Exam Tips and Tricks

Technical requirements

Monitoring metrics and managing cost

High availability and scaling

Analysis of your AWS environment

Deployment and provisioning

Data management

Further reading

Mock Tests

Assessments

Chapter 2 – The Fundamentals of Amazon Web Services

Chapter 3 – Managing AWS Security with Identity and Access Management

Chapter 4 – Networking with Virtual Private Cloud

Chapter 5 – Managing Servers on AWS with Elastic Compute Cloud

Chapter 6 – Handling Server Traffic with Elastic Load Balancing

Chapter 7 – Understanding Simple Storage Service and Glacier

Chapter 8 – Understanding Content Distribution with CloudFront

Chapter 9 – AWS Storage Options

Chapter 10 – Working with Route 53 Domain Name System

Chapter 11 – Working with Relational Database Services

Chapter 12 – Introduction to ElastiCache

Chapter 13 – Amazon DynamoDB – a NoSQL Database Service

Chapter 14 – Working with Simple Queue Service

Chapter 15 – Handling Messaging with SNS

Chapter 16 – Getting Started with Simple Workflow Service

Chapter 17 – Overview of AWS Lambda

Chapter 18 – Monitoring Resources with Amazon CloudWatch

Chapter 19 – Understanding Elastic Beanstalk

Chapter 20 – Automation with CloudFormation service

Chapter 21 – Cloud Orchestration with OpsWorks

Chapter 23 – Mock Test

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

IAM best practices

In this chapter, we have covered some of the best practices that apply to AWS. At this point, I need to again stress the importance of securing your account and making sure that the root user is not being used for day-to-day tasks. The root credentials should be locked away in a secure place so that they are retrievable only in case of emergencies.

As a best practice, we want to create individual users so that these users can be uniquely identified when performing tasks within AWS and assign permissions to the users via group membership. Assigning permissions directly to users can lead to inconsistencies in access levels for users performing similar tasks. By adding permissions to groups, we can simplify the way permissions are delivered to large numbers of AWS users and apply permissions based on job role or service function, rather than configuring permissions...