CONTENTS
Acknowledgments
Introduction
Objective Map
Chapter 1 Overview of Cloud Computing and Amazon Web Services
Overview of Cloud Computing
Advantages of Running Cloud Computing on AWS
Three Models of Cloud Computing
Three Cloud Computing Deployment Models
History of AWS
AWS Regions and Availability Zones
AWS Security and Compliance
AWS Products and Services
Compute
Networking
Security and Compliance
Storage and Content Delivery
Database
Analytics
Application Services
Developer Tools
Management Tools
Messaging
Migration
Artificial Intelligence
Internet of Things
Mobile Services
Chapter Review
Questions
Answers
Chapter 2 Storage on AWS
Amazon Simple Storage Service (S3)
Advantages of Amazon S3
Usage of Amazon S3 in Real Life
Amazon S3 Basic Concepts
Steps for Installing AWS Command Line Interface
Amazon S3 Data Consistency Model
Amazon S3 Performance Considerations
Reverse the Key Name String
Adding a Hex Hash Prefix to a Key Name
Encryption in Amazon S3
Amazon S3 Access Control
Access Policies
Bucket Policies
Access Control List
Amazon S3 Storage Class
Versioning of Objects in Amazon S3
Amazon S3 Object Lifecycle Management
Amazon S3 Cross-Region Replication
Static Web Site Hosting in Amazon S3
Amazon Glacier
Amazon Glacier Key Terminology
Accessing Amazon Glacier
Uploading Files to Amazon Glacier
Retrieving Files from Amazon Glacier
Amazon Elastic Block Store
Features of Amazon EBS
AWS Block Storage Offerings
Amazon Elastic File System
Using Amazon Elastic File System
Performance Mode of Amazon EFS
On-Premise Storage Integration with AWS
AWS Storage Gateway
AWS Snowball and AWS Snowball Edge
AWS Snowmobile
Chapter Review
Lab 2-1: Creating, Moving, and Deleting Objects in Amazon S3
Lab 2-2: Using Version Control in Amazon S3
Lab 2-3: Using the Bucket Policy Generator for Amazon S3
Questions
Answers
Chapter 3 Virtual Private Cloud
Amazon VPC Components and Terminology
Amazon VPC
Subnet
Route Table
Internet Gateway
Network Address Translation
Egress-Only Internet Gateway
Elastic Network Interface
Elastic IP Address
Security Group
Network Access Control List
Amazon VPC Peering
Amazon VPC Endpoint
DNS and VPC
DHCP Option Sets
Connecting to a VPC
VPC Flow Logs
Default VPC
Labs on VPC
Lab 3-1: Using the VPC Wizard
Lab 3-2: Creating a VPC with Public and Private Subnets
Lab 3-3: Exploring All the Options in a Virtual Private Cloud
Chapter Review
Questions
Answers
Chapter 4 Introduction to Amazon Elastic Compute Cloud
Benefits of Amazon EC2
Amazon EC2 Instance Types and Features
General Purpose (T2, M5, M4, and M3)
Compute Optimized (C5, C4, and C3)
Memory Optimized (X1e, X1, R4, and R3)
Storage Optimized (H1, I3, and D2)
Advanced Computing (P3, P2, G3, and F1)
Processor Features
Network Features
Storage Features
Steps for Using Amazon EC2
Pricing for Amazon EC2
On-Demand Instance
Reserved Instance
Spot Instance
Shared Tenancy, Dedicated Hosts, and Dedicated Instances
Shared Tenancy
Dedicated Host
Dedicated Instance
Instances and AMIs
Instance Root Volume
Obtaining an AMI
Virtualization in AMI
HVM AMI
PV AMI
Instance Life Cycle
Launch
Start and Stop
Reboot
Termination
Retirement
Connecting to an Instance
Security Group
Amazon Elastic Container Service
Lab 4-1: Using EC2
Creating a New Key Pair
Launching a Web Server Instance
Browsing the Web Server
Lab 4-2: Creating an EBS Instance and Attaching It to an EC2 Instance
Lab 4-3: Creating an EBS Instance and Mounting Across Two EC2 Instances in Different AZs
Chapter Review
Questions
Answers
Chapter 5 Identity and Access Management and Security on AWS
Authentication
Authorization
Auditing
Types of Security Credentials
Temporary Security Credentials
Users
Groups
Roles
IAM Hierarchy of Privileges
IAM Best Practices
Use the IAM User
Create a Strong Password Policy
Rotate Security Credentials Regularly
Enable MFA
Manage Permission with Groups
Grant the Least Privileges
Use IAM Roles
Use IAM Roles for Amazon EC2 Instances
Use IAM Policy Conditions for Extra Security
Enable AWS CloudTrail
AWS Compliance Program
Shared Responsibility Model
AWS Responsibility
Customer’s Responsibility
Lab 5-1: Creating IAM Users, Groups, and Roles
Managing IAM User Permissions and Credentials
IAM Roles for Amazon EC2
Chapter Review
Questions
Answers
Chapter 6 Auto Scaling
Benefits of Auto Scaling
Launch Configuration
Auto Scaling Groups
Simple Scaling
Simple Scaling with Steps
Target-Tracking Scaling Policies
Termination Policy
Elastic Load Balancing
How ELB Works
Types of Load Balancers
Load Balancer Key Concepts and Terminology
Health Check
Using Multiple AZs
Lab 6-1: Set Up Auto Scaling
Chapter Review
Questions
Answers
Chapter 7 Deploying and Monitoring Applications on AWS
AWS Lambda
Is AWS Lambda Really Serverless?
Understanding AWS Lambda
Amazon API Gateway
Benefits of Amazon API Gateway
Amazon Kinesis
Real-Time Application Scenarios
Differences Between Batch and Stream Processing
Amazon Kinesis Data Steams
Benefits of Amazon Kinesis Data Streams
Amazon Kinesis Data Firehose
Benefits of Amazon Kinesis Data Firehose
Amazon Kinesis Data Analytics
Benefits of Amazon Kinesis Data Analytics
Use Cases for Amazon Kinesis Data Analytics
Reference Architectures Using Serverless Services
Real-Time File Processing
Real-Time Stream Processing
Extract, Transformation, and Load (ETL) Processing
IoT Back Ends
Amazon CloudFront
Amazon CloudFront Key Concepts
Geo Restriction
Error Handling
Amazon Route 53
AWS Web Application Firewall
Amazon Simple Queue Service
Amazon Simple Notification Service
AWS Step Functions and Amazon Simple Workflow (SWF)
AWS Elastic Beanstalk
AWS OpsWorks
Amazon Cognito
Amazon Elastic MapReduce
AWS CloudFormation
Monitoring in AWS
Amazon CloudWatch
Metrics Collection and Tracking
Capture Real-Time Changes Using Amazon CloudWatch Events
Monitoring and Storing Logs
Set Alarms
View Graph and Statistics
AWS CloudTrail
AWS Config
Amazon VPC Flow Logs
AWS Trusted Advisor
AWS Organizations
Chapter Review
Questions
Answers
Chapter 8 Databases on AWS
Understanding Relational Databases
Understanding the Amazon Relational Database Service
Scenario 1: Hosting the Database in Your Data Center On-Premises
Scenario 2: Hosting the Database on Amazon EC2 Servers
Scenario 3: Hosting the Database Using Amazon RDS
Hosting a Database in Amazon EC2 vs. Amazon RDS
High Availability on Amazon RDS
Simplest Architecture: Single-AZ Deployment
High Availability: Multiple AZs
Scaling on Amazon RDS
Changing the Instance Type
Read Replica
Security on Amazon RDS
Amazon VPC and Amazon RDS
Backups, Restores, and Snapshots
Monitoring
Amazon Aurora
Amazon Redshift
Benefits of Amazon Redshift
Amazon Redshift Architecture
Sizing Amazon Redshift Clusters
Networking for Amazon Redshift
Encryption
Security
Back Up and Restore
Data Loading in Amazon Redshift
Data Distribution in Amazon Redshift
Amazon DynamoDB
Benefits of Amazon DynamoDB
Amazon DynamoDB Terminology
Global Secondary Index
Consistency Model
Global Table
Amazon DynamoDB Streams
Amazon DynamoDB Accelerator
Encryption and Security
Amazon ElastiCache
Lab 8-1: RDS: Creating an Amazon Aurora Database
Lab 8-2: Taking a Snapshot of a Database
Lab 8-3: Creating an Amazon Redshift Cluster
Lab 8-4: Creating an Amazon DynamoDB Table
Chapter Review
Questions
Answers
Chapter 9 AWS Well-Architected Framework and Best Practices
Operational Excellence
Prepare
Operate
Evolve
Security
Have a Strong Identity Foundation
Enable Traceability
Implement Security at All Layers
Secure the Data
Automate for Security
Plan for Security Events
Best Practices
Performance
Performance Efficiency
Reliability
Best Practices
Cost Optimization Pillar
Finding Cost-Effective Resources
Matching Supply with Demand
Being Aware of Expenditures
Optimizing Over Time
AWS Best Practices
Design for Failures
Build Security in Every Layer
Leverage Multiple Storage Options
Implement Elasticity
Think Parallel
Loosely Couple Your Architecture
There Are No Constraints in the AWS Cloud
Chapter Review
Questions
Answers
Appendix About the Digital Content
About the Total Tester
CD-ROM
Your Total Seminars Training Hub Account
Privacy Notice
Single User License Terms and Conditions
TotalTester Online
Technical Support
Glossary
Index