Details

<p>Introduction xxvii</p> <p>Assessment Test xxxiv</p> <p><b>Part I AWS Fundamentals 1</b></p> <p><b>Chapter 1 Introduction to Systems Operations on AWS 3</b></p> <p>The AWS Ecosystem 5</p> <p>The AWS Services Model 6</p> <p>The AWS Global Presence 7</p> <p>AWS Managed Services 8</p> <p>What is Systems Operations? 14</p> <p>The AWS Shared Responsibility Model 15</p> <p>The AWS Service Level Agreement 16</p> <p>The Seven Domains 16</p> <p>Working with AWS 17</p> <p>The AWS Management Console 17</p> <p>The AWS CLI 19</p> <p>AWS SDKs 19</p> <p>Technical Support and Online Resources 19</p> <p>Support Plans 20</p> <p>Other Support Resources 20</p> <p>Key Exam Resources 20</p> <p>Summary 21</p> <p>Exam Essentials 21</p> <p>Review Questions 24</p> <p><b>Part II Monitoring and Reporting 29</b></p> <p><b>Chapter 2 Amazon CloudWatch 31</b></p> <p>Monitoring on AWS 32</p> <p>Monitoring is Event-Driven 33</p> <p>Monitoring is Customizable 34</p> <p>Monitoring Drives Action 36</p> <p>Basic CloudWatch Terms and Concepts 36</p> <p>CloudWatch is Metric- and Event-Based 36</p> <p>Alarms Indicate Notifiable Change 36</p> <p>Events and CloudWatch Events are Lower Level 37</p> <p>CloudWatch Events Has Three Components 37</p> <p>Choosing Between Alarms and Events 37</p> <p>What’s in a Namespace? 37</p> <p>To the 10th Dimension 38</p> <p>Statistics Aggregate Metrics 38</p> <p>Monitoring Compute 39</p> <p>EC2 Instance Metrics 39</p> <p>EC2 EBS Metrics 40</p> <p>ECS Metrics 41</p> <p>Monitoring Storage 41</p> <p>S3 Metrics 42</p> <p>RDS Metrics 42</p> <p>DynamoDB2 Metrics 43</p> <p>CloudWatch Alarms 44</p> <p>Create an Alarm Threshold 45</p> <p>Set Off an Alarm 45</p> <p>Respond to an Alarm 45</p> <p>CloudWatch Events 46</p> <p>Events 46</p> <p>Rules 46</p> <p>Targets 47</p> <p>Summary 47</p> <p>Resources to Review 48</p> <p>Exam Essentials 48</p> <p>Exercises 49</p> <p>Review Questions 56</p> <p><b>Chapter 3 AWS Organizations 61</b></p> <p>Managing Multiple Accounts 62</p> <p>AWS Organizations Consolidates User Management 63</p> <p>AWS Organizations Consolidates Billing 63</p> <p>Core AWS Organizations Concepts 64</p> <p>An Organization is a Collection of Accounts 64</p> <p>Organizations Have a Master Account 65</p> <p>Manage Organizational Units Across Accounts 65</p> <p>Apply Service Control Policies 66</p> <p>AWS Organizations and Consolidated Billing 68</p> <p>Compliance Benefits 69</p> <p>Prefer AWS Organizations Over Tagging 69</p> <p>Summary 69</p> <p>Exam Essentials 70</p> <p>Exercises 70</p> <p>Review Questions 73</p> <p><b>Chapter 4 AWS Config 77</b></p> <p>Managing Configuration Changes 78</p> <p>Continuous Everything 79</p> <p>On-Premises Solutions 80</p> <p>Configuration in the Cloud 80</p> <p>AWS Config Use Cases 81</p> <p>Centralized Configuration Management 81</p> <p>Audit Trails 83</p> <p>Configuration as Security 83</p> <p>AWS Config Rules and Responses 83</p> <p>Rules are Desired Configurations 83</p> <p>A Configuration Item Represents a Specific Configuration 84</p> <p>Rules are Evaluated 85</p> <p>AWS Config or AWS CloudTrail? 87</p> <p>Summary 87</p> <p>Resources to Review 88</p> <p>Exam Essentials 88</p> <p>Exercises 89</p> <p>Review Questions 96</p> <p><b>Chapter 5 AWS CloudTrail 101</b></p> <p>API Logs are Trails of Data 102</p> <p>What Exactly is a Trail? 103</p> <p>The CloudTrail Process 105</p> <p>CloudTrail as a Monitoring Tool 106</p> <p>Viewing CloudTrail Logs 106</p> <p>Connect a CloudTrail Trail to SNS 107</p> <p>CloudTrail Handles Permissions…Sometimes 108</p> <p>Summary 108</p> <p>Resources to Review 108</p> <p>Exam Essentials 109</p> <p>Exercises 109</p> <p>Review Questions 115</p> <p><b>Part III High Availability 119</b></p> <p><b>Chapter 6 Amazon Relational Database Service 121</b></p> <p>Creating Databases with Amazon RDS 122</p> <p>Amazon RDS vs. Your Own Instances 123</p> <p>Supported Database Engines 125</p> <p>Database Configuration and Parameter Groups 125</p> <p>Scalability with Amazon RDS 127</p> <p>Amazon RDS Key Features 128</p> <p>Scaling Amazon RDS Instances 128</p> <p>Backing Up Amazon RDS Instances 128</p> <p>Securing Amazon RDS Instances 129</p> <p>Multi-AZ Configuration 129</p> <p>Creating a Multi-AZ Deployment 129</p> <p>Failing Over to the Secondary Instance 130</p> <p>Read Replicas 131</p> <p>Replication to Read Replicas 131</p> <p>Connecting to Read Replicas 132</p> <p>Read Replicas’ Requirements and Limitations 132</p> <p>Amazon Aurora 132</p> <p>Aurora Volumes 133</p> <p>Aurora Replicas 133</p> <p>Summary 133</p> <p>Resources to Review 134</p> <p>Exam Essentials 134</p> <p>Review Questions 136</p> <p><b>Chapter 7 Auto Scaling 141</b></p> <p>Auto Scaling Terms and Concepts 142</p> <p>Auto Scaling Groups 143</p> <p>Scaling In and Scaling Out 143</p> <p>Scaling More than EC2 144</p> <p>Minimums, Maximums, and Desired Capacity 145</p> <p>Auto Scaling Groups Auto Scale 145</p> <p>Auto Scaling Instances Must Be Maintained 146</p> <p>Launch Configurations 147</p> <p>EC2 Instances are Launch Configuration Templates 147</p> <p>One Auto Scaling Group Has One Launch Configuration 148</p> <p>Launch Templates: Versioned Launch Configurations 148</p> <p>Auto Scaling Strategies 149</p> <p>Manual Scaling 149</p> <p>Scheduled Scaling 149</p> <p>Dynamic Scaling 150</p> <p>Cooldown Periods 150</p> <p>Instances Terminate in Order 151</p> <p>When Auto Scaling Fails 152</p> <p>Summary 153</p> <p>Resources to Review 153</p> <p>Exam Essentials 153</p> <p>Exercises 154</p> <p>Review Questions 158</p> <p><b>Part IV Deployment and Provisioning 163</b></p> <p><b>Chapter 8 Hubs, Spokes, and Bastion Hosts 165</b></p> <p>VPC Peering 166</p> <p>Understanding the Use Case for Hub-and-Spoke Architecture 168</p> <p>Using a VPC Peering Connection Across Multiple Regions</p> <p>(Interregion Peering) 169</p> <p>Bastion Hosts 169</p> <p>Architecting for Bastion Host Use 170</p> <p>Options for Bastion Hosts 170</p> <p>Summary 171</p> <p>Resources to Review 172</p> <p>Linux Bastion Hosts on the AWS Cloud: 172</p> <p>Exam Essentials 172</p> <p>Exercises 173</p> <p>Review Questions 183</p> <p><b>Chapter 9 AWS Systems Manager 187</b></p> <p>AWS Systems Manager 188</p> <p>Communication with AWS Systems Manager 189</p> <p>AWS Managed Instances 190</p> <p>AWS Resource Groups 191</p> <p>Taking Action with AWS Systems Manager 191</p> <p>Summary 196</p> <p>Resources to Review 196</p> <p>Exam Essentials 197</p> <p>Exercises 197</p> <p>Review Questions 205</p> <p><b>Part V Storage and Data Management 209</b></p> <p><b>Chapter 10 Amazon Simple Storage Service (S3) 211</b></p> <p>Object Storage and Amazon S3 212</p> <p>What’s in a URL? 214</p> <p>Availability and Durability 215</p> <p>S3 Storage Classes 216</p> <p>Securing and Protecting Data in S3 217</p> <p>Access Control 217</p> <p>Versioning 220</p> <p>Encryption 221</p> <p>Amazon Glacier 222</p> <p>Amazon Glacier Deep Archive 223</p> <p>S3 Lifecycle Management 223</p> <p>Storage Gateways 224</p> <p>Summary 225</p> <p>Resources to Review 225</p> <p>Exam Essentials 226</p> <p>Exercises 226</p> <p>Review Questions 232</p> <p><b>Chapter 11 Elastic Block Store (EBS) 237</b></p> <p>Understanding Block Storage and EBS 238</p> <p>Types of EBS Storage 239</p> <p>EBS vs. Instance Stores 241</p> <p>Encrypting Your EBS Volumes 242</p> <p>EBS Snapshots 244</p> <p>Summary 244</p> <p>Resources to Review 244</p> <p>Exam Essentials 245</p> <p>Exercises 245</p> <p>Review Questions 248</p> <p><b>Chapter 12 Amazon Machine Image (AMI) 253</b></p> <p>Amazon Machine Images (AMIs) 254</p> <p>Accessibility of AMIs 255</p> <p>AMI Storage 257</p> <p>AMI Security 258</p> <p>Launch Permissions 258</p> <p>Encryption 258</p> <p>Moving AMIs Between Regions 258</p> <p>AWS Management Console 259</p> <p>AWS CLI 259</p> <p>Common AMI Issues 260</p> <p>Summary 260</p> <p>Resources to Review 260</p> <p>Exam Essentials 261</p> <p>Exercises 261</p> <p>Review Questions 264</p> <p><b>Part VI Security and Compliance 269</b></p> <p><b>Chapter 13 IAM 271</b></p> <p>Shared Responsibility Model: A Cloud Security Primer 272</p> <p>Building Blocks of IAM 273</p> <p>Users 273</p> <p>Groups 274</p> <p>Roles 274</p> <p>Policies 275</p> <p>Managing IAM 278</p> <p>Managing Passwords 278</p> <p>Managing Access Keys 279</p> <p>Securing Your AWS Accounts 281</p> <p>Protecting the Root Account 281</p> <p>IAM Best Practices 281</p> <p>Trusted Advisor 282</p> <p>Other Identity Services 282</p> <p>Cognito 282</p> <p>Federation 283</p> <p>AWS KMS 283</p> <p>Summary 283</p> <p>Resources to Review 284</p> <p>Exam Essentials 284</p> <p>Exercises 285</p> <p>Review Questions 290</p> <p><b>Chapter 14 Reporting and Logging 295</b></p> <p>Reporting and Monitoring in AWS 296</p> <p>AWS CloudTrail 296</p> <p>Applying a Trail to All Regions 298</p> <p>Management Events 298</p> <p>Data Events 298</p> <p>But You Said CloudTrail Was Free… 300</p> <p>Amazon CloudWatch 300</p> <p>Amazon CloudWatch Alarms 301</p> <p>Amazon CloudWatch Logs 302</p> <p>Amazon CloudWatch Events 303</p> <p>Amazon CloudWatch Dashboard 303</p> <p>AWS Config 304</p> <p>Summary 305</p> <p>Resources to Review 305</p> <p>Exam Essentials 306</p> <p>Exercises 306</p> <p>Review Questions 311</p> <p><b>Chapter 15 Additional Security Tools 315</b></p> <p>Amazon Inspector 316</p> <p>Amazon GuardDuty 318</p> <p>Summary 320</p> <p>Resources to Review 320</p> <p>Exam Essentials 320</p> <p>Exercises 321</p> <p>Review Questions 326</p> <p><b>Part VII Networking 331</b></p> <p><b>Chapter 16 Virtual Private Cloud 333</b></p> <p>Understanding AWS Networking 334</p> <p>Classless Inter-Domain Routing Refresher 335</p> <p>Virtual Private Cloud 336</p> <p>Subnets 337</p> <p>Route Tables 338</p> <p>Internet Gateways 339</p> <p>NAT Gateways and Instances 340</p> <p>VPC Endpoints 342</p> <p>Connecting to the Outside 344</p> <p>Securing Your Network 345</p> <p>Security Groups 345</p> <p>Network Access Control Lists 346</p> <p>Troubleshooting Network Issues 347</p> <p>VPC Flow Logs 347</p> <p>Other Resources 348</p> <p>Summary 348</p> <p>Resources to Review 349</p> <p>Exam Essentials 350</p> <p>Exercises 351</p> <p>Review Questions 356</p> <p><b>Chapter 17 Route 53 361</b></p> <p>Domain Name System 362</p> <p>DNS Records 363</p> <p>Amazon Route 53 364</p> <p>Amazon Traffic Flow 366</p> <p>AWS Private DNS 366</p> <p>Routing Policies 366</p> <p>Simple Routing Policy 366</p> <p>Failover Routing Policy 367</p> <p>Geolocation Routing Policy 368</p> <p>Geoproximity Routing Policy 368</p> <p>Latency Routing Policy 369</p> <p>Multivalue Answer Routing Policy 369</p> <p>Weighted Routing Policy 370</p> <p>Health Checks and Failover 371</p> <p>Summary 372</p> <p>Resources to Review 372</p> <p>Exam Essentials 373</p> <p>Exercises 373</p> <p>Review Questions 377</p> <p><b>Part VIII Automation and Optimization 381</b></p> <p><b>Chapter 18 CloudFormation 383</b></p> <p>An Introduction to IaaS 384</p> <p>CloudFormation Templates 385</p> <p><i>AWSTemplateFormatVersion </i>385</p> <p>Description 385</p> <p>Metadata 386</p> <p>Parameters 386</p> <p>Mappings 386</p> <p>Conditions 387</p> <p>Transform 388</p> <p>Resources 388</p> <p>Outputs 388</p> <p>Creating and Customizing Your Stacks 389</p> <p>Parameters 389</p> <p>Outputs 390</p> <p>Improving Your Templates 390</p> <p>Built-in Functions 390</p> <p>Mapping 391</p> <p>Pseudo Parameters 392</p> <p>Issues with CloudFormation Templates 392</p> <p>Summary 392</p> <p>Resources to Review 393</p> <p>Exam Essentials 393</p> <p>Exercise 394</p> <p>Review Questions 396</p> <p><b>Chapter 19 Elastic Beanstalk 401</b></p> <p>What is Elastic Beanstalk? 402</p> <p>Platforms and Languages 403</p> <p>Creating a Custom Platform 405</p> <p>Updates in Elastic Beanstalk 408</p> <p>All-at-Once Deployment 409</p> <p>Rolling Deployment 409</p> <p>Rolling with Additional Batches Deployment 409</p> <p>Immutable Deployment 409</p> <p>Testing Your Application with a Blue/Green Deployment 410</p> <p>Configuring Elastic Beanstalk 410</p> <p>Securing Elastic Beanstalk 412</p> <p>Data Protection 412</p> <p>Identity and Access Management 412</p> <p>Logging and Monitoring 412</p> <p>Compliance 412</p> <p>Resilience 413</p> <p>Configuration and Vulnerability Analysis 413</p> <p>Security Best Practices 413</p> <p>Applying Security Best Practices to Elastic Beanstalk 413</p> <p>AWS Elastic Beanstalk CLI 414</p> <p>Troubleshooting Elastic Beanstalk 414</p> <p>Summary 415</p> <p>Resources to Review 415</p> <p>Exam Essentials 416</p> <p>Exercise 416</p> <p>Review Questions 418</p> <p><b>Appendix Answers to Review Questions 423</b></p> <p>Chapter 1: Introduction to Systems Operations on AWS 424</p> <p>Chapter 2: Amazon CloudWatch 425</p> <p>Chapter 3: AWS Organizations 427</p> <p>Chapter 4: AWS Config 429</p> <p>Chapter 5: AWS CloudTrail 430</p> <p>Chapter 6: Amazon Relational Database Service 432</p> <p>Chapter 7: Auto Scaling 434</p> <p>Chapter 8: Hubs, Spokes, and Bastion Hosts 436</p> <p>Chapter 9: AWS Systems Manager 437</p> <p>Chapter 10: Amazon Simple Storage Service (S3) 439</p> <p>Chapter 11: Elastic Block Store (EBS) 440</p> <p>Chapter 12: Amazon Machine Image (AMI) 441</p> <p>Chapter 13: IAM 443</p> <p>Chapter 14: Reporting and Logging 444</p> <p>Chapter 15: Additional Security Tools 446</p> <p>Chapter 16: Virtual Private Cloud 447</p> <p>Chapter 17: Route 53 449</p> <p>Chapter 18: CloudFormation 451</p> <p>Chapter 19: Elastic Beanstalk 452</p> <p>Index 455</p>

<p><b>SARA PERROTT</b> is an accredited AWS Academy instructor at Bellevue College where she is an adjunct professor. She works full-time in the cybersecurity field and is passionate about her work. She has an MS in Cybersecurity and Information Assurance and holds several industry certifications such as the CISSP and GCIH, in addition to the AWS Certified Solutions Architect Associate and AWS Certified SysOps Administrator Associate certifications. You can contact Sara via her website at https://www.saraperrott.com. <p><b>BRETT M<small>C</small>LAUGHLIN</b> currently works in cloud computing, focusing on scalable cloud platforms and staging and distributing petabyte-scale data stores. He is an expert in cloud-based architectures and large data sets and has led projects for NASA and billion-dollar AUM hedge funds. He is currently the CTO for Volusion, as well as an active instructor in the AWS and serverless communities.

<p><b>Includes one year of FREE access after activation to online learning environment and study tools:</b> <ul><li>2 custom practice exams</li> <li>100 electronic flashcards</li> <li>Searchable key term glossary</li> </ul> <p><b>Your #1 all-in-one reference and exam Study Guide for the AWS SysOps Administrator certification!</b> <p>The <i>AWS Certified SysOps Administrator Study Guide</i> is your complete, one-stop resource for success on Amazon's <b>Associate (SOA-C01) Exam.</b> This comprehensive book provides clear and accurate coverage of every exam topic—offering step-by-step guidance on AWS platform deployment, management, and operations. Fully up-to-date content, real-world scenarios, practical advice, hands-on exercises, and challenging review questions will thoroughly prepare you for this important AWS certification. <p>Ensure that you're prepared to perform the duties expected of SysOps Administrators. With the help of this indispensable guide, you'll be ready for your exam day and your workday as an AWS professional. <p><b>Coverage of 100% of all exam objectives in this</b> <b><i>Study Guide</i></b><b> means you'll be ready for:</b> <ul> <li>Monitoring and Reporting Services</li> <li>High Availability Environments on AWS</li> <li>Storage and Data Management</li> <li>Deployment and Provisioning</li> <li>Security and Compliance</li> <li>Networking and Connectivity Services of AWS</li> <li>Automation and Optimization</li> </ul> <p><b>Interactive learning environment</b> <p>Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit <b>http://www.wiley.com/go/sybextestprep,</b> type in your unique PIN, and instantly gain one year of FREE access after activation to: <ul> <li>Interactive test bank with 2 practice exams help you to identify areas where further review is needed. Get more than 90% of the answers correct, and you're ready to take the certification exam.</li> <li>100 electronic flashcards to reinforce learning and last-minute prep before the exam</li> <li>Comprehensive glossary in PDF format gives you instant access to the key terms so you are fully prepared</li> </ul> <p><b>ABOUT THE AWS CERTIFICATION PROGRAM</b> <p>AWS Certifications recognize IT professionals with the technical skills and expertise to design, deploy, and operate applications and infrastructure on AWS. Exams are offered in multiple languages at testing centers around the world.??The AWS Certified SysOps Administrator Associate Exam is intended for individuals with experience automating and creating repeatable deployments of networks and systems on the AWS Cloud. <p><b>Visit http://aws.amazon.com/certification</b> for more information.

US