AWS Certified Solutions Architect Study Guide

AWS Certified Solutions Architect Study Guide
Авторы книги: id книги: 1877915     Оценка: 0.0     Голосов: 0     Отзывы, комментарии: 0 4829,04 руб.     (48,35$) Читать книгу Купить и скачать книгу Купить бумажную книгу Электронная книга Жанр: Зарубежная компьютерная литература Правообладатель и/или издательство: John Wiley & Sons Limited Дата добавления в каталог КнигаЛит: ISBN: 9781119713104 Скачать фрагмент в формате   fb2   fb2.zip Возрастное ограничение: 0+ Оглавление Отрывок из книги

Реклама. ООО «ЛитРес», ИНН: 7719571260.

Описание книги

Master the intricacies of Amazon Web Services  and efficiently prepare for the SAA-C02 Exam with this comprehensive study guide   AWS Certified Solutions Study Guide: Associate (SAA-C02) Exam, Third Edition  comprehensively and efficiently prepares you for the SAA-C02 Exam. The study guide contains robust and effective study tools that will help you succeed on the exam. The guide grants you access to the regularly updated Sybex online learning environment and test bank, which contains hundreds of test questions, bonus practice exams, electronic flashcards, and a glossary of key terms.  In this study guide, accomplished and experienced authors Ben Piper and David Clinton show you how to:  Design resilient architectures Create high-performing architectures Craft secure applications and architectures Design cost-optimized architectures Perfect for anyone who hopes to begin a new career as an Amazon Web Services cloud professional, the study guide also belongs on the bookshelf of any existing AWS professional who wants to brush up on the fundamentals of their profession.

Оглавление

David Higby Clinton. AWS Certified Solutions Architect Study Guide

Table of Contents

List of Tables

List of Illustrations

Guide

Pages

AWS Certified Solutions Architect Study Guide. Associate (SAA-C02) Exam

Acknowledgments

About the Authors

Table of Exercises

Introduction

Part I, “The Core AWS Services”

Part II, “The Well‐Architected Framework”

What Does This Book Cover?

Interactive Online Learning Environment and Test Bank

Exam Objectives

Objective Map

Assessment Test

Answers to Assessment Test

Chapter 1 Introduction to Cloud Computing and AWS

Cloud Computing and Virtualization

Cloud Computing Architecture

Cloud Computing Optimization

Scalability

Elasticity

Cost Management

The AWS Cloud

AWS Platform Architecture

AWS Reliability and Compliance

The AWS Shared Responsibility Model

The AWS Service Level Agreement

Working with AWS

The AWS CLI

AWS SDKs

Technical Support and Online Resources

Support Plans

Other Support Resources

Summary

Exam Essentials

EXERCISE 1.1. Use the AWS CLI

Review Questions

Chapter 2 Amazon Elastic Compute Cloud and Amazon Elastic Block Store

Introduction

EC2 Instances

Provisioning Your Instance

EC2 Amazon Machine Images

An Important Note About Billing

Instance Types

Configuring an Environment for Your Instance

AWS Regions

VPCs

Tenancy

EXERCISE 2.1. Launch an EC2 Linux Instance and Log in Using SSH

EXERCISE 2.2. Assess the Free Capacity of a Running Instance and Change Its Instance Type

Configuring Instance Behavior

Placement Groups

Instance Pricing

EXERCISE 2.3. Assess Which Pricing Model Will Best Meet the Needs of a Deployment

Instance Lifecycle

Resource Tags

Service Limits

EC2 Storage Volumes

Elastic Block Store Volumes

EBS‐Provisioned IOPS SSD

EBS General‐Purpose SSD

Throughput‐Optimized HDD

Cold HDD

EBS Volume Features

EXERCISE 2.4. Create and Launch an AMI Based on an Existing Instance Storage Volume

Instance Store Volumes

Accessing Your EC2 Instance

Securing Your EC2 Instance

Security Groups

IAM Roles

NAT Devices

Key Pairs

EC2 Auto Scaling

Launch Configurations

Launch Templates

EXERCISE 2.5. Create a Launch Template

Auto Scaling Groups

Specifying an Application Load Balancer Target Group

Health Checks Against Application Instances

Auto Scaling Options

Manual Scaling

Dynamic Scaling Policies

Simple Scaling Policies

Step Scaling Policies

Target Tracking Policies

Scheduled Actions

AWS Systems Manager

Actions

Automation

Run Command

Session Manager

Patch Manager

State Manager

Insights

Built‐in Insights

Inventory Manager

Compliance

AWS CLI Example

EXERCISE 2.6. Install the AWS CLI and Use It to Launch an EC2 Instance

EXERCISE 2.7. Clean Up Unused EC2 Resources

Summary

Exam Essentials

Review Questions

Chapter 3 AWS Storage

Introduction

S3 Service Architecture

Prefixes and Delimiters

Working with Large Objects

EXERCISE 3.1. Create a New S3 Bucket and Upload a File

Encryption

Server‐Side Encryption

Client‐Side Encryption

Logging

S3 Durability and Availability

Durability

Availability

Eventually Consistent Data

S3 Object Lifecycle

Versioning

Lifecycle Management

EXERCISE 3.2. Enable Versioning and Lifecycle Management for an S3 Bucket

Accessing S3 Objects

Access Control

Presigned URLs

EXERCISE 3.3. Generate and Use a Presigned URL

Static Website Hosting

EXERCISE 3.4. Enable Static Website Hosting for an S3 Bucket

Amazon S3 Glacier

Storage Pricing

EXERCISE 3.5. Calculate the Total Lifecycle Costs for Your Data

Other Storage‐Related Services

Amazon Elastic File System

Amazon FSx

AWS Storage Gateway

AWS Snowball

AWS DataSync

AWS CLI Example

Summary

Exam Essentials

Review Questions

Chapter 4 Amazon Virtual Private Cloud

Introduction

VPC CIDR Blocks

Secondary CIDR Blocks

IPv6 CIDR Blocks

EXERCISE 4.1. Create a New VPC

Subnets

Subnet CIDR Blocks

Availability Zones

EXERCISE 4.2. Create a New Subnet

IPv6 CIDR Blocks

Elastic Network Interfaces

Primary and Secondary Private IP Addresses

Attaching Elastic Network Interfaces

EXERCISE 4.3. Create and Attach a Primary ENI

Enhanced Networking

Internet Gateways

Route Tables

Routes

The Default Route

EXERCISE 4.4. Create an Internet Gateway and Default Route

Security Groups

Inbound Rules

Outbound Rules

Sources and Destinations

Stateful Firewall

Default Security Group

EXERCISE 4.5. Create a Custom Security Group

Network Access Control Lists

Inbound Rules

EXERCISE 4.6. Create an Inbound Rule to Allow Remote Access from Any IP Address

Outbound Rules

Using Network Access Control Lists and Security Groups Together

Public IP Addresses

Elastic IP Addresses

EXERCISE 4.7. Allocate and Use an Elastic IP Address

AWS Global Accelerator

Network Address Translation

Network Address Translation Devices

Configuring Route Tables to Use NAT Devices

NAT Gateway

NAT Instance

VPC Peering

Hybrid Cloud Networking

Virtual Private Networks

AWS Transit Gateway

Transit Gateway Route Table

Centralized Router

Isolated VPCs

Isolated VPCs with Shared Services

EXERCISE 4.8. Create a Transit Gateway

Transit Gateway Peering

Multicast

Blackhole Routes

EXERCISE 4.9. Create a Blackhole Route

AWS Direct Connect

Dedicated

Hosted

Direct Connect Gateways

Virtual Interfaces

High‐Performance Computing

Elastic Fabric Adapter

AWS ParallelCluster

Summary

Exam Essentials

Review Questions

Chapter 5 Database Services

Introduction

Relational Databases

Columns and Attributes

Using Multiple Tables

Structured Query Language

Querying Data

Storing Data

Online Transaction Processing vs. Online Analytic Processing

OLTP

OLAP

Amazon Relational Database Service

Database Engines

Licensing Considerations

Database Option Groups

Database Instance Classes

Standard

Memory Optimized

Burstable Performance

Storage

Understanding Input/Output Operations Per Second

General‐Purpose SSD

EXERCISE 5.1. Create an RDS Database Instance

Provisioned IOPS SSD (io1)

Throughput‐Optimized HDD (st1)

Cold HDD (sc1)

Magnetic Storage (Standard)

Read Replicas

Scaling Vertically

Scaling Horizontally

EXERCISE 5.2. Create a Read Replica

EXERCISE 5.3. Promote the Read Replica to a Master

High Availability (Multi‐AZ)

Multi‐AZ with Oracle, PostgreSQL, MariaDB, MySQL, and Microsoft SQL Server

Multi‐AZ with Amazon Aurora

Single‐Master

Multi‐Master

Backup and Recovery

Automated Snapshots

Maintenance Items

Amazon Redshift

Compute Nodes

Data Distribution Styles

Redshift Spectrum

AWS Database Migration Service

Nonrelational (NoSQL) Databases

Storing Data

Querying Data

Types of Nonrelational Databases

DynamoDB

Partition and Hash Keys

Attributes and Items

Throughput Capacity

EXERCISE 5.4. Create a Table in DynamoDB Using Provisioned Mode

Auto Scaling

Reserved Capacity

Reading Data

Secondary Indexes

Global Secondary Index

Local Secondary Index

Global Tables

Backups

Summary

Exam Essentials

Review Questions

Chapter 6 Authentication and Authorization—AWS Identity and Access Management

Introduction

IAM Identities

IAM Policies

User and Root Accounts

EXERCISE 6.1. Lock Down the Root User

EXERCISE 6.2. Assign and Implement an IAM Policy

Access Keys

Deactivating Unused Keys

Key Rotation

EXERCISE 6.3. Create, Use, and Delete an AWS Access Key

Groups

EXERCISE 6.4. Create and Configure an IAM Group

Roles

Authentication Tools

Amazon Cognito

AWS Managed Microsoft AD

AWS Single Sign‐On

AWS Key Management Service

AWS Secrets Manager

AWS CloudHSM

AWS CLI Example

Summary

Exam Essentials

Review Questions

Chapter 7 CloudTrail, CloudWatch, and AWS Config

Introduction

CloudTrail

Management Events

Data Events

Event History

Trails

Creating a Trail

Logging Management and Data Events

EXERCISE 7.1. Create a Trail

Log File Integrity Validation

CloudWatch

CloudWatch Metrics

Basic and Detailed Monitoring

Regular and High‐Resolution Metrics

Expiration

Graphing Metrics

Metric Math

EXERCISE 7.2. Create a Graph Using Metric Math

CloudWatch Logs

Log Streams and Log Groups

Metric Filters

CloudWatch Agent

Sending CloudTrail Logs to CloudWatch Logs

EXERCISE 7.3. Deliver CloudTrail Logs to CloudWatch Logs

CloudWatch Alarms

Data Point to Monitor

Threshold

Alarm States

Data Points to Alarm and Evaluation Period

Missing Data

Actions

Amazon EventBridge

Event Buses

Rules and Targets

AWS Config

The Configuration Recorder

Configuration Items

Configuration History

Configuration Snapshots

Monitoring Changes

Starting and Stopping the Configuration Recorder

Recording Software Inventory

Managed and Custom Rules

Summary

Exam Essentials

Review Questions

Chapter 8 The Domain Name System and Network Routing: Amazon Route 53 and Amazon CloudFront

Introduction

The Domain Name System

Namespaces

Name Servers

Domains and Domain Names

Domain Registration

Domain Layers

Fully Qualified Domain Names

Zones and Zone Files

Record Types

Alias Records

Amazon Route 53

Domain Registration

DNS Management

EXERCISE 8.1. Create a Hosted Zone on Route 53 for an EC2 Web Server

Availability Monitoring

EXERCISE 8.2. Set Up a Health Check

Routing Policies

Weighted Routing

Latency Routing

Failover Routing

Geolocation Routing

Multivalue Answer Routing

EXERCISE 8.3. Configure a Route 53 Routing Policy

Traffic Flow

Route 53 Resolver

Amazon CloudFront

EXERCISE 8.4. Create a CloudFront Distribution for Your S3‐Based Static Website

AWS CLI Example

Summary

Exam Essentials

Review Questions

Chapter 9 Simple Queue Service and Kinesis

Introduction

Simple Queue Service

Queues

Visibility Timeout

Retention Period

Delay Queues and Message Timers

Queue Types

Standard Queues

First‐In, First‐Out (FIFO) Queues

Polling

Dead‐Letter Queues

Kinesis

Kinesis Video Streams

Kinesis Data Streams

Kinesis Data Firehose

Kinesis Data Firehose vs. Kinesis Data Streams

Summary

Exam Essentials

Review Questions

Chapter 10 The Reliability Pillar

Introduction

Calculating Availability

Availability Differences in Traditional vs. Cloud‐Native Applications

Traditional Applications

Cloud‐Native Applications

Building Serverless Applications with Lambda

Know Your Limits

Increasing Availability

EC2 Auto Scaling

Launch Configurations

Launch Templates

EXERCISE 10.1. Create a Launch Template

Auto Scaling Groups

Specifying an Application Load Balancer Target Group

Health Checks Against Application Instances

Auto Scaling Options

Manual Scaling

Dynamic Scaling Policies

Simple Scaling Policies

Step Scaling Policies

Target Tracking Policies

Scheduled Actions

Data Backup and Recovery

S3

Elastic File System

Elastic Block Storage

Database Resiliency

Creating a Resilient Network

VPC Design Considerations

External Connectivity

Designing for Availability

Designing for 99 Percent Availability

Recovery Process

Availability Calculation

Designing for 99.9 Percent Availability

Recovery Process

Availability Calculation

Designing for 99.99 Percent Availability

Recovery Process

Availability Calculation

Summary

Exam Essentials

Review Questions

Chapter 11 The Performance Efficiency Pillar

Introduction

Optimizing Performance for the Core AWS Services

Compute

EC2 Instance Types

Auto Scaling

EXERCISE 11.1. Configure and Launch an Application Using Auto Scaling

Serverless Workloads

Storage

RAID‐Optimized EBS Volumes

S3 Cross‐Region Replication

EXERCISE 11.2. Sync Two S3 Buckets as Cross‐Region Replicas

Amazon S3 Transfer Acceleration

EXERCISE 11.3. Upload to an S3 Bucket Using Transfer Acceleration

CloudFront and S3 Origins

Database

Network Optimization and Load Balancing

EXERCISE 11.4. Create and Deploy an EC2 Load Balancer

Infrastructure Automation

CloudFormation

EXERCISE 11.5. Launch a Simple CloudFormation Template

Third‐Party Automation Solutions

AWS OpsWorks: Chef

AWS OpsWorks: Puppet

Reviewing and Optimizing Infrastructure Configurations

Load Testing

Visualization

EXERCISE 11.6. Create a CloudWatch Dashboard

Optimizing Data Operations

Caching

Amazon ElastiCache

Other Caching Solutions

Partitioning/Sharding

Compression

Summary

Exam Essentials

Review Questions

Chapter 12 The Security Pillar

Introduction

Identity and Access Management

Protecting AWS Credentials

Fine‐Grained Authorization

AWS Managed Policies

Customer‐Managed Policies

Inline Policies

Permissions Boundaries

EXERCISE 12.1. Create a Limited Administrative User

Roles

Instance Profiles

Assuming a Role

EXERCISE 12.2. Create and Assume a Role as an IAM User

Enforcing Service‐Level Protection

Detective Controls

CloudTrail

CloudWatch Logs

EXERCISE 12.3. Configure VPC Flow Logging

Searching Logs with Athena

Auditing Resource Configurations with AWS Config

Amazon GuardDuty

Amazon Inspector

Amazon Detective

Security Hub

Protecting Network Boundaries

Network Access Control Lists and Security Groups

AWS Web Application Firewall

AWS Shield

Data Encryption

Data at Rest

S3

Elastic Block Store

EXERCISE 12.4. Encrypt an EBS Volume

Elastic File System

Data in Transit

Macie

Summary

Exam Essentials

Review Questions

Chapter 13 The Cost Optimization Pillar

Introduction

Planning, Tracking, and Controlling Costs

AWS Budgets

EXERCISE 13.1. Create an AWS Budget to Send an Alert

Monitoring Tools

Cost Explorer

AWS Cost and Usage Reports

AWS Organizations

AWS Trusted Advisor

Online Calculator Tools

Simple Monthly Calculator

EXERCISE 13.2. Build Your Own Stack in Simple Monthly Calculator

AWS Total Cost of Ownership Calculator

Cost‐Optimizing Compute

Maximizing Server Density

EC2 Reserved Instances

Using Traditional Reserved Instances

Using Savings Plans

EC2 Spot Instances

EXERCISE 13.3. Request a Spot Fleet Using the AWS CLI

Auto Scaling

Elastic Block Store Lifecycle Manager

Summary

Exam Essentials

Review Questions

Chapter 14 The Operational Excellence Pillar

Introduction

CloudFormation

Creating Stacks

Deleting Stacks

Using Multiple Stacks

Nesting Stacks

EXERCISE 14.1. Create a Nested Stack

Exporting Stack Output Values

Stack Updates

Direct Update

Change Set

Update Behavior

Preventing Updates to Specific Resources

Overriding Stack Policies

CodeCommit

Creating a Repository

Repository Security

Interacting with a Repository Using Git

EXERCISE 14.2. Create and Interact with a CodeCommit Repository

CodeDeploy

The CodeDeploy Agent

Deployments

Deployment Groups

Deployment Types

In‐Place Deployment

Blue/Green Deployment

Deployment Configurations

OneAtATime

HalfAtATime

AllAtOnce

Custom Deployment Configurations

Lifecycle Events

The Application Specification File

Triggers and Alarms

Rollbacks

CodePipeline

Continuous Integration

Continuous Delivery

Creating the Pipeline

Source

Build

Test

Approval

Deploy

Invoke

Artifacts

AWS Systems Manager

Actions

Automation

Run Command

Session Manager

Patch Manager

State Manager

Insights

Built‐In Insights

Inventory Manager

Compliance

AWS Landing Zone

Summary

Exam Essentials

Review Questions

Appendix Answers to Review Questions

Chapter 1: Introduction to Cloud Computing and AWS

Chapter 2: Amazon Elastic Compute Cloud and Amazon Elastic Block Store

Chapter 3: AWS Storage

Chapter 4: Amazon Virtual Private Cloud

Chapter 5: Database Services

Chapter 6: Authentication and Authorization—AWS Identity and Access Management

Chapter 7: CloudTrail, CloudWatch, and AWS Config

Chapter 8: The Domain Name System and Network Routing: Amazon Route 53 and Amazon CloudFront

Chapter 9: Simple Queue Service and Kinesis

Chapter 10: The Reliability Pillar

Chapter 11: The Performance Efficiency Pillar

Chapter 12: The Security Pillar

Chapter 13: The Cost Optimization Pillar

Chapter 14: The Operational Excellence Pillar

Index. A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

Z

Online Test Bank

Register and Access the Online Test Bank

WILEY END USER LICENSE AGREEMENT

Отрывок из книги

Third Edition

Ben Piper

.....

NAT will be discussed at greater length in Chapter 4.

As any professional administrator will know, remote login sessions on your running instances should never be initiated over unencrypted plain‐text connections. To ensure properly secured sessions, you'll need to generate a key pair, save the public key to your EC2 server, and save its private half to your local machine. If you're working with a Windows AMI, you'll use the private key file to retrieve the password you'll need to authenticate into your instance. For a Linux AMI, the private key will allow you to open an SSH session.

.....

Добавление нового отзыва

Комментарий Поле, отмеченное звёздочкой  — обязательно к заполнению

Отзывы и комментарии читателей

Нет рецензий. Будьте первым, кто напишет рецензию на книгу AWS Certified Solutions Architect Study Guide
Подняться наверх