AWS SysOps Administrator Associate

Notes for my Cloud certifications.

AWS SysOps Administrator Associate

Monitoring:


Monitoring is accomplished through the usage of CloudWatch, which is a service to monitor your AWS resources as well as the applications that you run on AWS.

CloudWatch Monitoring:

Configuring custom metrics:

Monitoring EBS:

Monitoring RDS:

Monitoring ELB:

Monitoring Elasticache:

Organizations & Consolidated Billing:


AWS Organizations is an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage

Consolidated Billing:

Cost Optimization:

Elasticity and Scalability:


Elasticity is focused around being able to scale your infrastructure up, and down automatically based on traffic, where Scalability is focused on scaling your infrastrucure out more permanentlty. - Elasticity - Allows you to stretch out and retract your infrastructure based on demand - Pay for only what you need - Used during a short time period, such as hours or days - EC2: - Increase instance sizes as required using RIs - DynamoDB - Increase additional IOPS for additional spikes in traffic, then decrease IOPS after the spike - RDS - Not elastic, can’t scale RDS based on demand

RDS Multi Availability Zones & Failover:


Multi AZ Deployment:

Read Replicas:

RDS Multi AZ and Read Replicas:

Connectivity and Troubleshooting:


Connectivity:

High Availability Troubleshooting:

Elastic Load Balancers:


Root Access:

ELB Configurations:

Backups and Disaster Recovery:


Disaster Recovery:

DR Strategies:

Backups:

Services with automated backups:

EC2 & EBS:


EC2:

EBS:

Snapshots:

Opsworks:


Security:


Shared Security Model:

IAM Policies:

{
  "Version": "2012-10-17",
  "Statement": {
    "Effect": "Allow",
    "Action": "s3:ListBucket",
    "Resource": "arn:aws:s3:::example_bucket"
  }
}

This sample policy would allow a ListBucket Request to be performed on the example_bucket S3 bucket for example.

STS (Security Token Service):

Route53:


DNS:

Route53 Routing Policies:

VPCs and Direct Connect:


VPC’s:

Lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking, IP ranges, creation of subnets and configuration of route tables and network gateways.

Direct Connect (DX):