Wiley.com
Print this page Share
E-book

AWS Certified Solutions Architect Official Study Guide: Associate Exam

ISBN: 978-1-119-13954-6
504 pages
September 2016
AWS Certified Solutions Architect Official Study Guide: Associate Exam (1119139546) cover image

Description

Validate your AWS skills. 

This is your opportunity to take the next step in your career by expanding and validating your skills on the AWS cloud.  AWS has been the frontrunner in cloud computing products and services, and the AWS Certified Solutions Architect Official Study Guide for the Associate exam will get you fully prepared through expert content, and real-world knowledge, key exam essentials, chapter review questions, access to Sybex’s interactive online learning environment, and much more. This official study guide, written by AWS experts, covers exam concepts, and provides key review on exam topics, including:

  • Mapping Multi-Tier Architectures to AWS Services, such as web/app servers, firewalls, caches and load balancers
  • Understanding managed RDBMS through AWS RDS (MySQL, Oracle, SQL Server, Postgres, Aurora)
  • Understanding Loose Coupling and Stateless Systems
  • Comparing Different Consistency Models in AWS Services
  • Understanding how AWS CloudFront can make your application more cost efficient, faster and secure
  • Implementing Route tables, Access Control Lists, Firewalls, NAT, and DNS
  • Applying AWS Security Features along with traditional Information and Application Security
  • Using Compute, Networking, Storage, and Database AWS services
  • Architecting Large Scale Distributed Systems
  • Understanding of Elasticity and Scalability Concepts
  • Understanding of Network Technologies Relating to AWS
  • Deploying and Managing Services with tools such as CloudFormation, OpsWorks and Elastic Beanstalk.

Learn from the AWS subject-matter experts, review with proven study tools, and apply real-world scenarios. If you are looking to take the AWS Certified Solutions Architect Associate exam, this guide is what you need for comprehensive content and robust study tools that will help you gain the edge on exam day and throughout your career. 

See More

Table of Contents

Foreword xxvii

Introduction xxix

Assessment Test xxxvii

Chapter 1 Introduction to AWS 1

What Is Cloud Computing? 3

Advantages of Cloud Computing 3

Cloud Computing Deployment Models 5

AWS Fundamentals 6

Global Infrastructure 6

Security and Compliance 7

AWS Cloud Computing Platform 8

Accessing the Platform 9

Compute and Networking Services 9

Storage and Content Delivery 11

Database Services 13

Management Tools 13

Security and Identity 15

Application Services 16

Summary 17

Exam Essentials 17

Review Questions 19

Chapter 2 Amazon Simple Storage Service (Amazon S3) and Amazon Glacier Storage 21

Introduction 23

Object Storage versus Traditional Block and File Storage 24

Amazon Simple Storage Service (Amazon S3) Basics 25

Buckets 25

AWS Regions 25

Objects 26

Keys 26

Object URL 26

Amazon S3 Operations 27

REST Interface 27

Durability and Availability 28

Data Consistency 28

Access Control 28

Static Website Hosting 29

Amazon S3 Advanced Features 30

Prefixes and Delimiters 30

Storage Classes 30

Object Lifecycle Management 31

Encryption 32

Versioning 33

MFA Delete 33

Pre-Signed URLs 34

Multipart Upload 34

Range GETs 34

Cross-Region Replication 34

Logging 35

Event Notifications 35

Best Practices, Patterns, and Performance 36

Amazon Glacier 36

Archives 37

Vaults 37

Vaults Locks 37

Data Retrieval 37

Amazon Glacier versus Amazon Simple Storage Service (Amazon S3) 37

Summary 38

Exam Essentials 39

Exercises 40

Review Questions 46

Chapter 3 Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Elastic Block Store (Amazon EBS) 51

Introduction 53

Amazon Elastic Compute Cloud (Amazon EC2) 53

Compute Basics 53

Securely Using an Instance 56

The Lifecycle of Instances 59

Options 61

Instance Stores 65

Amazon Elastic Block Store (Amazon EBS) 65

Elastic Block Store Basics 65

Types of Amazon EBS Volumes 66

Protecting Data 68

Summary 70

Exam Essentials 71

Exercises 73

Review Questions 81

Chapter 4 Amazon Virtual Private Cloud (Amazon VPC) 85

Introduction 87

Amazon Virtual Private Cloud (Amazon VPC) 87

Subnets 89

Route Tables 89

Internet Gateways 90

Dynamic Host Configuration Protocol (DHCP) Option Sets 92

Elastic IP Addresses (EIPs) 92

Elastic Network Interfaces (ENIs) 93

Endpoints 93

Peering 94

Security Groups 95

Network Access Control Lists (ACLs) 97

Network Address Translation (NAT) Instances and NAT Gateways 98

NAT Instance 99

NAT Gateway 99

Virtual Private Gateways (VPGs), Customer Gateways (CGWs), and Virtual Private Networks (VPNs) 100

Summary 101

Exam Essentials 103

Exercises 105

Review Questions 107

Chapter 5 Elastic Load Balancing, Amazon CloudWatch, and Auto Scaling 111

Introduction 112

Elastic Load Balancing 112

Types of Load Balancers 113

Listeners 114

Configuring Elastic Load Balancing 115

Amazon CloudWatch 117

Auto Scaling 119

Auto Scaling Plans 120

Auto Scaling Components 121

Summary 126

Exam Essentials 127

Exercises 128

Review Questions 131

Chapter 6 AWS Identity and Access Management (IAM) 137

Introduction 138

Principals 140

Root User 140

IAM Users 140

Roles/Temporary Security Tokens 141

Authentication 143

Authorization 144

Policies 144

Associating Policies with Principals 145

Other Key Features 147

Multi-Factor Authentication (MFA) 147

Rotating Keys 148

Resolving Multiple Permissions 148

Summary 149

Exam Essentials 149

Exercises 150

Review Questions 154

Chapter 7 Databases and AWS 157

Database Primer 158

Relational Databases 159

Data Warehouses 160

NoSQL Databases 161

Amazon Relational Database Service (Amazon RDS) 161

Database (DB) Instances 162

Operational Benefits 163

Database Engines 164

Storage Options 166

Backup and Recovery 167

High Availability with Multi-AZ 169

Scaling Up and Out 170

Security 172

Amazon Redshift 172

Clusters and Nodes 173

Table Design 174

Loading Data 175

Querying Data 176

Snapshots 176

Security 176

Amazon DynamoDB 177

Data Model 178

Writing and Reading Data 181

Scaling and Partitioning 183

Security 185

Amazon DynamoDB Streams 185

Summary 186

Exam Essentials 187

Exercises 189

Review Questions 192

Chapter 8 SQS, SWF, and SNS 197

Amazon Simple Queue Service (Amazon SQS) 198

Message Lifecycle 199

Delay Queues and Visibility Timeouts 200

Queue Operations, Unique IDs, and Metadata 201

Queue and Message Identifiers 201

Message Attributes 201

Long Polling 202

Dead Letter Queues 202

Access Control 202

Amazon Simple Workflow Service (Amazon SWF) 203

Workflows 204

Actors 204

Tasks 205

Task Lists 205

Long Polling 206

Object Identifiers 206

Workflow Execution Closure 206

Lifecycle of a Workflow Execution 206

Amazon Simple Notification Service (Amazon SNS) 208

Common Amazon SNS Scenarios 209

Summary 211

Exam Essentials 212

Exercises 213

Review Questions 216

Chapter 9 Domain Name System (DNS) and Amazon Route 53 221

Domain Name System (DNS) 223

Domain Name System (DNS) Concepts 223

Steps Involved in Domain Name System (DNS) Resolution 226

Record Types 228

Amazon Route 53 Overview 230

Domain Registration 230

Domain Name System (DNS) Service 230

Hosted Zones 231

Supported Record Types 232

Amazon Route 53 Enables Resiliency 235

Summary 236

Exam Essentials 237

Exercises 238

Review Questions 244

Chapter 10 Amazon ElastiCache 249

Introduction 250

In-Memory Caching 250

Amazon ElastiCache 251

Data Access Patterns 252

Cache Engines 252

Nodes and Clusters 253

Memcached Auto Discovery 254

Scaling 254

Replication and Multi-AZ 255

Backup and Recovery 256

Access Control 257

Summary 257

Exam Essentials 258

Exercises 259

Review Questions 261

Chapter 11 Additional Key Services 263

Introduction 265

Storage and Content Delivery 265

Amazon CloudFront 266

AWS Storage Gateway 269

Security 271

AWS Directory Service 272

AWS Key Management Service (KMS) and AWS CloudHSM 274

AWS CloudTrail 276

Analytics 277

Amazon Kinesis 278

Amazon Elastic MapReduce (Amazon EMR) 280

AWS Data Pipeline 281

AWS Import/Export 283

DevOps 284

AWS OpsWorks 284

AWS CloudFormation 287

AWS Elastic Beanstalk 290

AWS Trusted Advisor 292

AWS Config 294

Summary 296

Exam Essentials 297

Review Questions 301

Chapter 12 Security on AWS 307

Introduction 308

Shared Responsibility Model 308

AWS Compliance Program 309

AWS Global Infrastructure Security 310

Physical and Environmental Security 310

Business Continuity Management 312

Network Security 313

Network Monitoring and Protection 314

AWS Account Security Features 315

AWS Credentials 316

Passwords 317

AWS Multi-Factor Authentication (AWS MFA) 317

Access Keys 318

Key Pairs 319

X.509 Certificates 319

AWS CloudTrail 319

AWS Cloud Service-Specific Security 320

Compute Services 320

Networking 324

Storage 330

AWS Storage Gateway Security 334

Database 334

Application Services 342

Analytics Services 343

Deployment and Management Services 345

Mobile Services 347

Applications 348

Summary 350

Security Model 350

Account Level Security 350

Service-Specific Security 351

Exam Essentials 355

Exercises 357

Review Questions 358

Chapter 13 AWS Risk and Compliance 363

Introduction 364

Overview of Compliance in AWS 364

Shared Responsibility Model 364

Strong Compliance Governance 366

Evaluating and Integrating AWS Controls 366

AWS IT Control Information 367

AWS Global Regions 368

AWS Risk and Compliance Program 368

Risk Management 368

Control Environment 369

Information Security 370

AWS Reports, Certifications, and Third-Party Attestations 370

Summary 374

Exam Essentials 375

Review Questions 377

Chapter 14 Architecture Best Practices 381

Introduction 382

Design for Failure and Nothing Fails 383

Implement Elasticity 385

Scaling Vertically 386

Scaling Horizontally 386

Deployment Automation 388

Leverage Different Storage Options 389

One Size Does Not Fit All 389

Build Security in Every Layer 392

Use AWS Features for Defense in Depth 393

Offload Security Responsibility to AWS 393

Reduce Privileged Access 394

Security as Code 394

Real-Time Auditing 394

Think Parallel 395

Loose Coupling Sets You Free 396

Don’t Fear Constraints 398

Summary 399

Exam Essentials 400

Exercises 401

Review Questions 409

Appendix Answers to Review Questions 415

Chapter 1: Introduction to AWS 416

Chapter 2: Amazon Simple Storage Service (Amazon S3) and Amazon Glacier Storage 417

Chapter 3: Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Elastic Block Store (Amazon EBS) 419

Chapter 4: Amazon Virtual Private Cloud (Amazon VPC) 420

Chapter 5: Elastic Load Balancing, Amazon CloudWatch, and Auto Scaling 421

Chapter 6: AWS Identity and Access Management (IAM) 423

Chapter 7: Databases and AWS 423

Chapter 8: SQS, SWF, and SNS 425

Chapter 9: Domain Name System (DNS) and Amazon Route 53 426

Chapter 10: Amazon ElastiCache 427

Chapter 11: Additional Key Services 428

Chapter 12: Security on AWS 430

Chapter 13: AWS Risk and Compliance 432

Chapter 14: Architecture Best Practices 433

Index 437

See More

Related Titles

Learn more about

Back to Top