a u d i oc r a s hc o u r s e tm
F o l l o wA l o n gM a n u a l
AWS Certified Solution Architect To download the audio version of this course, please visit our website www.AudioLearn.com
TABLE OF CONTENTS Chapter 1. Introduction ............................................................................... 1 Let me tell you about the best approach for taking this course. ................................... 2 Certification Exam Overview ......................................................................................... 3 Let me take some time to discuss how to prepare for the exam. .................................. 5 Quiz ................................................................................................................................ 7 Key Takeaways ............................................................................................................... 8 Chapter 2. The Cloud and AWS ................................................................. 10 Objectives ..................................................................................................................... 10 Virtualization ............................................................................................................... 12 Cloud computing.......................................................................................................... 13 AWS Beginnings .......................................................................................................... 14 AWS Design Principles ................................................................................................ 15 Exam Domains ............................................................................................................. 15 Quiz ...............................................................................................................................17 Key Takeaways ............................................................................................................. 18 Chapter 3. AWS Services ........................................................................... 20 Objectives ..................................................................................................................... 20 Let's start with compute. ............................................................................................. 21 Storage ......................................................................................................................... 23 Networking .................................................................................................................. 24 Quiz .............................................................................................................................. 25 Database....................................................................................................................... 25
Application Management and Integration .................................................................. 26 Security and Identity ................................................................................................... 28 Quiz .............................................................................................................................. 29 Key Takeaways ............................................................................................................. 30 Chapter 4. AWS Compute Service: Elastic Compute Cloud or EC 2 ............ 32 Objectives ..................................................................................................................... 32 Setting up your AWS account ...................................................................................... 33 Provisioning EC 2 ........................................................................................................ 33 Instance Types ............................................................................................................. 34 Launching your EC 2 instance ..................................................................................... 37 Accessing Your EC 2 Instance ..................................................................................... 39 Quiz .............................................................................................................................. 40 Key Takeaways ............................................................................................................. 41 Chapter 5. AWS Compute Service: Lambda ............................................... 43 Objectives ..................................................................................................................... 43 To get started, you need to understand the concept of serverless computing. .......... 43 Advantages of Lambda ................................................................................................ 44 So, exactly how does Lambda work? ........................................................................... 46 Quiz .............................................................................................................................. 48 Key Takeaways ............................................................................................................. 49 Chapter 6. AWS Compute Service: Elastic Beanstalk ................................. 51 Objectives ..................................................................................................................... 51 Let me begin with deployment orchestration. ............................................................ 51 Advantages of Elastic Beanstalk .................................................................................. 53
Elastic Beanstalk Drawbacks ....................................................................................... 54 Concepts and Architecture .......................................................................................... 55 Quiz .............................................................................................................................. 60 Key Takeaways ............................................................................................................. 61 Chapter 7. AWS Storage: Simple Storage Service....................................... 63 Objectives ..................................................................................................................... 63 Advantages of S 3 ......................................................................................................... 64 S3 Infrastructure.......................................................................................................... 65 Now, I'd like to discuss durability and availability. .................................................... 66 Walkthrough ................................................................................................................ 67 Quiz .............................................................................................................................. 69 Key Takeaways ............................................................................................................. 70 Chapter 8. AWS Storage: Glacier ............................................................... 72 Objectives ..................................................................................................................... 72 Glacier versus S3 .......................................................................................................... 72 Glacier Use Cases ......................................................................................................... 73 Glacier infrastructure .................................................................................................. 74 Data Retrieval Options ................................................................................................ 75 Quiz .............................................................................................................................. 76 Key Takeaways ............................................................................................................. 77 Chapter 9. AWS Networking: Virtual Private Cloud................................... 79 Objectives ..................................................................................................................... 79 Classless Interdomain Routing ...................................................................................80 Subnet .......................................................................................................................... 81
Elastic Network Interfaces .......................................................................................... 81 Networking Concepts................................................................................................... 82 Network Access Control List ....................................................................................... 83 IP Addresses................................................................................................................. 83 VPC Peering ................................................................................................................. 84 Quiz .............................................................................................................................. 86 Key Takeaways ............................................................................................................. 87 Chapter 10. AWS Networking: Route Fifty-Three ...................................... 89 Objectives ..................................................................................................................... 89 The Domain Name System .......................................................................................... 89 AWS Route Fifty-Three ............................................................................................... 93 Quiz .............................................................................................................................. 95 Key Takeaways ............................................................................................................. 96 Chapter 11. AWS Networking: CloudFront ................................................ 98 Objectives ..................................................................................................................... 98 Key Features ................................................................................................................ 98 CloudFront Advantages ............................................................................................. 100 Quiz .............................................................................................................................101 Key Takeaways ........................................................................................................... 102 Chapter 12. AWS Database: Relational Database Service ......................... 104 Objectives ................................................................................................................... 104 Relational database.................................................................................................... 104 Structured Query Language....................................................................................... 106 RDS ............................................................................................................................ 107
Instance Classes ......................................................................................................... 108 Replicas ...................................................................................................................... 109 Backup and Recovery..................................................................................................110 Quiz ............................................................................................................................. 112 Key Takeaways ............................................................................................................ 113 Chapter 13. AWS Database: Other Database Offerings.............................. 115 Objectives .................................................................................................................... 115 Amazon Redshift......................................................................................................... 115 Advantages of using Redshift ..................................................................................... 116 Nonrelational or No SQL databases ........................................................................... 117 Dynamo DB ................................................................................................................. 119 Advantages of Dynamo DB ........................................................................................ 120 Elasticache .................................................................................................................. 121 Memcached ................................................................................................................. 121 Redis........................................................................................................................... 122 Quiz ............................................................................................................................ 123 Key Takeaways ........................................................................................................... 124 Chapter 14. AWS Application Management: CloudWatch ........................ 126 Objectives ....................................................................................................................127 Monitoring and Logging .............................................................................................127 CloudWatch ............................................................................................................... 129 CloudWatch Logs ........................................................................................................ 131 CloudWatch Alarms .................................................................................................... 131 Quiz ............................................................................................................................ 133
Key Takeaways ........................................................................................................... 134 Chapter 15. AWS Application Management: CloudTrail, Config, and SNS .................................................................................................... 136 Objectives ................................................................................................................... 136 CloudTrail .................................................................................................................. 136 Config ......................................................................................................................... 138 Simple Notification Service (SNS)............................................................................. 139 Quiz ............................................................................................................................. 141 Key Takeaways ........................................................................................................... 142 Chapter 16. AWS Security and Identity: Identity and Access Management ...................................................................................... 144 Objectives ................................................................................................................... 144 Identities .................................................................................................................... 144 IAM Policies ............................................................................................................... 145 Access Keys ................................................................................................................ 146 Authentication Tools ................................................................................................. 147 Quiz ............................................................................................................................ 149 Key Takeaways ........................................................................................................... 150 Chapter 17. AWS Security and Identity: AWS Secrets Manager .................152 Objectives ................................................................................................................... 152 Secrets Manager......................................................................................................... 152 Features...................................................................................................................... 154 Quiz .............................................................................................................................155 Key Takeaways ........................................................................................................... 156 Chapter 18. The Well-Architected Framework......................................... 158
Objectives ................................................................................................................... 159 The Reliability Pillar .................................................................................................. 159 The Performance Efficiency Pillar .............................................................................. 161 The Security Pillar ..................................................................................................... 162 The Cost Optimization Pillar ..................................................................................... 162 The Operational Excellence Pillar ............................................................................. 163 Quiz ............................................................................................................................ 165 Key Takeaways ........................................................................................................... 166 Chapter 19. Summary, Final Exam, and Final Exam Answer Explanations ...................................................................................... 168 Quiz ............................................................................................................................ 170 Follow Along Manual ............................................................................... 179
CHAPTER 1. INTRODUCTION Hello and welcome to the exciting world of Amazon Web Services, or AWS! I am here to talk about the Amazon AWS cloud service. More importantly, I will help you successfully overcome any hurdles posed by your preparation for the AWS Certified Solutions Architect Associate certification exam! I will be guiding you throughout the course to prepare you for the exam. This course is designed to be interactive and is best experienced while working on either a terminal or the UI that's user interface of AWS. Are you listening along and going through this audio course while not in front of the computer? No worries! You can still follow along scenario-based topics and questions to enhance your learning experience. Whichever learning method you choose, the scenario-based quizzes and exercises you will find at the end of each chapter will help to reinforce what you hear. So, what is AWS? AWS is short for Amazon Web Services, Amazon’s cloud offering to businesses, providing many technology, engineering, and computing services. Unlike those offered by traditional companies, services provided by AWS are consumed and paid for within a pay per use model. Solutions in the technology cloud have grown by leaps and bounds in recent years, and AWS is one of the primary reasons why. In this course, you will learn the many purposes for which businesses use AWS; I will also discuss how AWS services are different from traditional infrastructure and IT services. In the first few chapters of the course, I will discuss the history of server and data center infrastructure and their evolution to the cloud. Next, I will discuss how Amazon addressed concerns about the previous infrastructure by offering AWS. Then, I will talk about how these technologies and services are presented on the Solutions Architect Course exam. A Solutions Architect, by the way, is an individual who designs robust and scalable architectural systems. I will also discuss how the Solutions Architect Course exam fits into the Amazon AWS overall certification path towards AWS expertise.
1
As I mentioned earlier, the course is designed to be interactive. Throughout the course, you will see mention of our Follow along PDF Manual, provided to augment what is being discussed. In this manual, you will see a glossary of terms, acronyms, and services; you will find tools and tips for using specific AWS services and certification exam notes. You will have the opportunity to practice scenario-based quizzes with annotated answers, plus a full practice certification exam. Conventions on how to use the Follow along PDF Manual are described within the document. You can print out the guide or take advantage of the digital version. Choose which format works best for you.
LET ME TELL YOU ABOUT THE BEST APPROACH FOR TAKING THIS COURSE. Amazon suggests practical, hands on experience with the AWS services covered in the exam as the best preparation for the certification test. However, even if you do not have hands on experience, this course will still be helpful in explaining the relevant AWS concepts, technologies, and services. With some practice on the user interface and on the AWS console, you are on your way to becoming certified! I am about to introduce a few study tracks from which you can choose to take this course. Please feel free to choose the best path that will help you to maximize your learning potential. If you are a beginner or someone new to the cloud technology and infrastructure realm, listen to the course from beginning to end, maybe even multiple times. Focus on concepts you are not familiar with. Then, memorize or repeat them as many times as you can. Finally, check out the Follow-along PDF Manual for related hands on or practical implementation. Once you get to the end of chapter quizzes, understand why the annotated answers make sense; compare those answers to the incorrect solutions and scenarios you got. When you’re comfortable that you understand the concepts, try the hands-on exercises and walk throughs in the PDF Manual. Follow the exercise instructions verbatim at first. Later on, as you get more comfortable, take on the other commands and exercises more independently as you level up. 2
If you have experience in IT but not necessarily with AWS technologies, draw on your prior technology expertise and experience. Determine how they might relate to AWS. Focus your attention on general IT and infrastructure concepts first, then identify what makes a particular AWS service different. Some AWS commands and concepts might even be the same as those in the IT realm, albeit in a slightly different syntax. If you have some level of experience with AWS and its services, great! Pay particular attention to optimization and scenario-based sections where you can focus on how different services are integrated. Learn other methods used to perform a service. For example, if you were using the AWS user interface a lot before, try out the same solutions using the AWS console this time around. This course is not just designed to present you with facts and terminologies to learn and memorize. It is designed to present you with practical solutions to common technology and engineering problems using AWS services. The certification exam itself does not test you on terms and their meanings; the exam is more about design and architect solutions at scale. Regardless of that, the first step is learning about terminologies and services in the AWS world; however, the next equally if not more important step is to apply that knowledge into crafting solutions.
CERTIFICATION EXAM OVERVIEW Let’s walk through an overview of the Certification Exam. The AWS Certified Solutions Architect Associate certification measures an examinee’s experience in crafting practical solutions using AWS services. Practical solutions are solutions that are not only correct, but are also cost efficient, fault tolerant, and scalable. This means that, although some answer options on the exam may sound correct, the best possible solution or answer is expected. Put another way, it is not enough that you know what a particular AWS service is, but how to use it in your architectural solutions. The exam is designed for those who have experience with AWS either in a production or development environment. Ideally, you’d have at least one-year experience utilizing the services on AWS such as database maintenance, networking and development, or coding. The certification exam validates your AWS knowledge in terms of whether you
3
can design, and architect scalable and reliable solutions based on customer requirements. AWS Certification helps professionals build credibility by confirming their AWS knowledge in practical, real world scenarios. These certifications highlight expertise in specific technologies or skill sets. They also enhance your experience and help advance your career. Some tangible benefits of an AWS Certification include digital badges to highlight your progress, event and store discounts, and recognition in the global community. The Solutions Architect Associate path is just one of many paths you can take when certifying with Amazon AWS. A Solutions Architect Associate certification signifies the examinee’s ability to architect and deploy correct, secure, and robust solutions on AWS technologies. A Solutions Architect - Professional path, in comparison, signifies advanced technical skills and experience in designing distributed applications on AWS. Other certification paths focus on specific specialties using AWS services. If you are a developer, engineer, or coder who develops applications on AWS, you may focus on the AWS Certified Developer Associate or Professional programs. If you are more into systems integration and administration, you may take on the AWS Certified DevOps Engineer Associate or Professional exam; the Certified SysOps Administrator exam is yet another option. Other specialties include those in Machine Learning, Big Data, Advanced Networking, and Security. The Certified Solutions Architect Associate certification exam is a multiple choice, multiple answer exam that must be taken at a testing center. It is comprised of sixty-five questions to be completed in one hundred thirty minutes; the test has a pass or fail result available immediately after completion. Validity of your certificate and recertification requirements come up every three years. The exam focuses on the core AWS services used in architecting real world solutions to business problems. As I mentioned earlier, the focus is on crafting solutions that are scalable, fault tolerant, performant, and cost efficient using AWS services. I will discuss 4
these characteristics and how they are covered in the exam in more detail throughout the course. AWS has published different domains each of whose scopes are covered in the exam. Be aware, though, that I will cover material that may be beyond the scope of the actual exam; that way, you will get the full picture. After telling you about the particular services, I will spend some time to make sure you can architect and design solutions well using those services. For more information about the certification exam, please check out the Follow-along PDF Manual in the section that’s labeled Certification Exam Details. You will find it on page 4.
LET ME TAKE SOME TIME TO DISCUSS HOW TO PREPARE FOR THE EXAM. You have certainly taken a smart first step in preparing for the exam by listening to this audio course! Other than that, here are some steps to follow before taking on the exam. Listen to this course and repeat sections that you find unclear. There are going to be lots of acronyms and new terminologies discussed in the material. Try not only to memorize them, but also apply what you know of them to the scenario exercises at the end of the chapter. Use the Follow along PDF Manual as a reference. Hands on practice is very valuable in preparing for the exam. If you don’t have access to either your company’s or school’s AWS account, Amazon has generously provided the AWS Free Tier to its users. The AWS Free Tier allows you to try out more than sixty AWS products and services for free! Of course, different services may have different levels of free offers and tiers, depending on which product is used. However, this is still a great way for anyone to try out these services without incurring any cost. To get more information about the AWS Free Tier, go to <read as a web address> AWS dot amazon dot com slash free. That is <read as a web address> AWS dot amazon dot com slash free. Remember, all links mentioned throughout the course are listed in the Follow-along PDF Manual on page seven.
5
Before I get too far into the lectures, let me briefly mention the course overview and structure in a bit more detail. I will begin each chapter with a set of objectives and goals for you. These objectives will help drive the main topic of discussion in the chapter. Typically, each chapter will present a particular AWS service and include a number of scenarios and solutions where that service is used. I will summarize what we have discussed in the chapter in the takeaways section towards the end of the chapter. Most chapters will have a 10 question quiz to reinforce what you have just learned. With very short chapters, I may only give you 5 questions. Related to the quizzes are scenariobased exercises where I discuss practical and real-world problems and solutions. All answers to quizzes and exercises will be annotated in the lectures and in the Follow along PDF Manual. At the end of the course, you will have the chance to work on a practice final exam simulating the real certification exam. The practice test will cover all the topics you have learned about in the course. Most of the exam questions will be scenario-based, in multiple question and answer format just like on the real exam; as with the quizzes, the final exam correct answers will be annotated. I will also highlight why other options are not the right or best answer. Well, so much for the introduction. Even though this brief chapter was just a chance for me to introduce myself and tell you about the course, it still contains a quiz. This will give you the opportunity to see how future quizzes will be formatted and presented.
6
QUIZ This particular quiz was designed to review what you just learned in the chapter. Every answer and, in some chapters, every option, is annotated. You will find the quiz for this chapter on page 11 in the follow along PDF manual. Pause the audio and take the quiz. Then, turn to page 50 in the -PDF manual where you can check your answers against the answer key. If you would like, resume the audio right after you take the quiz. I will review the questions and correct answers, so you can correct the quiz with me. So, if you are ready, pause the audio and take the quiz. I will be here when you are done. Good luck! Welcome back! Right now, I will read the chapter 1 quiz questions and give you the correct answers. Stay on page eleven of the PDF manual and read along as I go through the questions and answers. How did you do on the quiz? Don’t worry if you did not do too well but do take note of the items you missed. This was just an introductory chapter, so the material was not too dense. There will, however, be much more detail in the chapters you are about to listen to. Expect to repeat the chapters more than once. That is one of the best ways to retain all the details you need to learn. I will summarize what you should have learned in every chapter with a key takeaways section.
7
KEY TAKEAWAYS Here is the list of ten takeaways for this first chapter: 1. This course can be taken by someone who is reviewing for the certification exam or someone who is still learning about the AWS service offerings. 2. The Certified Solutions Architect Associate certification exam is designed to determine not only familiarity with AWS services, but also how you can best use them to solve practical and real-world scenarios. 3. Even if you do not intend to take the certificate exam, you can still benefit from this course by learning how different AWS services can be used together to provide real world and practical solutions. 4. You can learn more about the examination by checking out our Follow Along PDF Manual. In the manual, you will read about exam requirements, recertification steps, and other exam related information. 5. Your certificate is based on completion and passing of the written examination, plus a recertification exam every three years. 6. Amazon provides a Free Tier offering to new users of the service. You will have access to many services discussed in this course for free. Definitely take advantage of this offer, available only through your first year of use. 7. Hands on practice is crucial in reinforcing what you will learn in this course. In lieu of that, you can listen to the course and repeat it as many times as possible. 8. When answering exam questions, choose the best alternative whenever the exact answer is not available. Much like in real life, choices that can solve problems may not always be ideal, but an approximation of the best possible outcome could be the next best thing. 9. Learned a new concept or term and you need more information? The Followalong PDF Manual is your friend as it contains terms and concepts introduced in the course along with their definitions. 8
Follow-along PDF Manual AWS Certified Solutions Architect - Associate To download the audio version of this course, please visit our website
www.AudioLearn.com
7. C. Confidentiality refers to the ability to only provide access to authorized users. Integrity, on the other hand, is the ability to ensure that data has not been maliciously changed. 8. A or B. We integrate with AWS services such as CloudWatch, CloudTrail and Config to proactively detect, monitor, and alert for any changes on our AWS services. 9. C. AWS Budgets is a dashboard provided by Amazon that shows all your AWS related costs. 10. C. The key component to achieve operational excellence is automation. Services that allow you to automate repetitive tasks enable you to manage your organization’s workload, goals and compliance requirements more easily.
FIGURES AND TABLES
FIGURE 2.1. VIRTUALIZATION ILLUSTRATION I
63
FIGURE 4.1. AWS DASHBOARD AND MANAGEMENT CONSOLE
Instance Type Family
Types
General Purpose
A1, T3, T3a, T2, M6g, M5, M5a, M5n, M4
Compute Optimized
C5, C5n, C4
Memory Optimized
R5, R5a, R5n, R4, X1e, X1, High Memory, z1d
Accelerated Computing
P3, P2, Inf1, G4, G3, F1
Storage Optimized
I3, I3en, D2, H1 TABLE 4.2 EC2 INSTANCE TYPES
64
Code
Name
us-east-2
US East (Ohio)
us-east-1
US East (N. Virginia)
us-west-1
US West (N. California)
us-west-2
US West (Oregon)
ap-east-1
Asia Pacific (Hong Kong)
ap-south-1
Asia Pacific (Mumbai)
ap-northeast-3
Asia Pacific (Osaka)
ap-northeast-2
Asia Pacific (Seoul)
ap-southeast-1
Asia Pacific (Singapore)
ap-southeast-2
Asia Pacific (Sydney)
ap-northeast-1
Asia Pacific (Tokyo)
ca-central-1
Canada (Central)
eu-central-1
Europe (Frankfurt)
eu-west-1
Europe (Ireland)
eu-west-2
Europe (London)
eu-west-3
Europe (Paris)
eu-north-1
Europe (Stockholm)
me-south-1
Middle East (Bahrain)
sa-east-1
South America (Sao Paulo) TABLE 4.3 AWS AVAILABILITY ZONES
65
To download the audio version of this course, please visit our website www.AudioLearn.com
103