Switch content of the page by the Role togglethe content would be changed according to the role
AWS Certified Solutions Architect - Associate (SAA-C02) Cert Guide, 1st edition
Published by Pearson IT Certification (August 17, 2021) © 2022
- Mark Wilkins
eTextbook
$57.99
- Available for purchase from all major ebook resellers, including InformIT.com.
- To request a review copy, click on the "Request a Review Copy" button.
$47.99
- A print text (hardcover or paperback)Â
- Free shipping
- Also available for purchase as an ebook from all major ebook resellers, including InformIT.com
The AWS Certified Solutions Architect Associate certification demonstrates your expertise in architecting and deploying secure and robust applications on the leading cloud platform in the world, Amazon Web Services. Designed for all AWS Certified Solutions Architect Associate candidates, the AWS Certified Solutions Architect -- Associate (SAA-C02) Cert Guide covers every exam objective concisely and logically, with proven study features that enable students to succeed on the exam the first time. Expert author and trainer Mark Wilkins shares preparation hints and test-taking tips, helping to identify areas of weakness and improve both conceptual knowledge and hands-on skills. This complete study package provides a test-preparation routine proven to help students pass the exams, including quizzes, cheat sheets, a study plan, and hundreds of exam-realistic questions. Â
- Authoritative coverage of every exam topic, with all the context and practical examples you need to succeedÂ
- Logical, well-organized, and practical coverage of defining AWS solutions that reflect customer requirements and best practices for AWS architectural designÂ
- Offers expert implementation guidance for the entire AWS project lifecycleÂ
- Provides two realistic practice tests, plus proven features to help you review more efficientlyÂ
- Includes 30 focused videos from the author: over 2 full hours of video trainingÂ
Fully revised for the Amazon SAA-CO2 exam, with updated content across all domains and thorough coverage of new objectives, including databases, cost optimization, and security.
The full text downloaded to your computer
With eBooks you can:
- search for key concepts, words and phrases
- make highlights and notes as you study
- share your notes with friends
eBooks are downloaded to your computer and accessible either offline through the Bookshelf (available as a free download), available online and also via the iPad and Android apps.
Upon purchase, you'll gain instant access to this eBook.
Introduction xxvi
Chapter 1 Understanding the Foundations of AWS
Essential Characteristics of AWS Cloud Computing
   On-Demand Self-Service
   Broad Network Access
   Resource Pooling
   Rapid Elasticity
   Measured Service
Moving to AWS
   Infrastructure as a Service (IaaS)
   Platform as a Service (PaaS)
Operational Benefits of AWS
Cloud Provider Limitations
Security at AWS
   Network Security at AWS
   Application Security at AWS
   Playing in the AWS Sandbox
   Determining What Problem Needs to Be Solved
Migrating Applications
   Applications That Can Be Moved to AWS and Hosted on an EC2 Instance with No Changes
   Applications with Many Local Dependencies That Cause Problems When Being Moved to the Cloud
   Replacing an Existing Application with a SaaS Application Hosted by a Public Cloud Provider
   Applications That Should Remain on Premises and Eventually Be Deprecated
The AWS Well-Architected Framework
   The Well-Architected Tool
In Conclusion
Chapter 2 Designing Multi-Tier Architecture Solutions
"Do I Know This Already?" Quiz
Foundation Topics
Availability and Reliability
   Availability in the Cloud
   Reliability
AWS Regions and Availability Zones
   Availability Zones
   Availability Zone Distribution
   Multiple Availability Zones
Choosing a Region
   Compliance Rules
       Understanding Compliance Rules at AWS
       The Shared Responsibility Model
       AWS and Compliance
       HIPAA
       NIST
       GovCloud
   Latency Concerns
   Services Offered in Each AWS Region
   Calculating Costs
Multi-Tier Architecture Solutions
   Resilient VPC Architecture
   Design Problems to Overcome
   Multi-Tier Data Redundancy
       Protecting Against Application Failure
AWS Global Services: Edge Locations
   Services Located at the Edge
       Route 53
       AWS Shield (Standard and Advanced)
       Web Application Firewall (WAF)
       CloudFront
       AWS Lambda@Edge
AWS Service Quotas
Exam Preparation Tasks
Chapter 3 Highly Available and Fault-Tolerant Architectures
"Do I Know This Already?" Quiz
Foundation Topics
Comparing Architecture Designs
   Designing for High Availability
   Adding Fault Tolerance
   Removing Single Points of Failure
Disaster Recovery and Business Continuity
   Backup and Restoration
   Pilot Light Solution
   Warm Standby Solution
   Hot Site Solution
   Multi-Region Active-Active Application Deployment
   The AWS Service-Level Agreement (SLA)
Automating AWS Architecture
   Automating Infrastructure with CloudFormation
       CloudFormation Components
       CloudFormation Templates
       CloudFormation Stacks
       CloudFormation Stack Sets
   Third-Party Solutions
   AWS Service Catalog
Elastic Beanstalk
   Updating Elastic Beanstalk Applications
Deployment Methodologies
   Rule 1: Use One Codebase That Is Tracked with Version Control to Allow Many Deployments
       AWS CodeCommit
   Rule 2: Explicitly Declare and Isolate Dependencies
   Rule 3: Store Configuration in the Environment
   Rule 4: Treat Backing Services as Attached Resources
   Rule 5: Separate the Build and Run Stages
   Rule 6: Execute an App as One or More Stateless Processes
   Rule 7: Export Services via Port Binding
   Rule 8: Scale Out via the Process Model
   Rule 9: Maximize Robustness with Fast Startup and Graceful Shutdown
   Rule 10: Keep Development, Staging, and Production as Similar as Possible
   Rule 11: Treat Logs as Event Streams
   Rule 12: Run Admin/Management Tasks as One-Off Processes
Exam Preparation Tasks
Chapter 4 Decoupling Mechanisms Using AWS Services
"Do I Know This Already?" Quiz
Foundation Topics
Stateful Design
   Changing User State Locations
   User Session Management
Application Integration Services
   Amazon SNS
       SNS Cheat Sheet
   Amazon SQS
       SQS Cheat Sheet
   AWS Step Functions
Lambda
   Lambda Cheat Sheet
API Gateway
   API Gateway Cheat Sheet
Building a Serverless Web App
   Step 1: Create a Static Website
   Step 2: Handle User Authentication
   Step 3: Create the Serverless Backend Components
   Step 4: Set Up the API Gateway
   Step 5: Register for Conference
Exam Preparation Tasks
Chapter 5 Choosing Resilient Storage
Do I Know This Already?
Foundation Topics
AWS Storage Options
   Workload Storage Requirements
Elastic Block Storage (EBS)
   EBS Volume Types
   General-Purpose SSD (gp2/gp3)
   Elastic Volumes
   Attaching an EBS Volume
   EBS Cheat Sheet
   EBS Snapshots
       Taking a Snapshot from a Linux Instance
       Taking a Snapshot from a Windows Instance
       Snapshot Administration
       Snapshot Cheat Sheet
   Local Instance Storage
Elastic File System (EFS)
   EFS Performance Modes
   EFS Throughput Modes
   EFS Security
   EFS Lifecycle Management
   EFS DataSync
   EFS Cheat Sheet
FSx for Windows File Server
Simple Storage Service (S3)
   Buckets, Objects, and Keys
   S3 Data Consistency
   S3 Storage Classes
   S3 Management
   Versioning
   Amazon S3 Access Points
   S3 Cheat Sheet
S3 Glacier Storage Options
   S3 Glacier
   Vaults and Archives
   S3 Glacier Deep Archive
   Glacier Cheat Sheet
Exam Preparation Tasks
Chapter 6 Designing High-Performing Compute Architecture
Do I Know This Already?
Foundation Topics
EC2 Instances
   Instance Families
   What Is a vCPU?
   EC2 Instance Choices
       Micro Instances
       General-Purpose Instances
       Instances Designed to Burst
       Compute-Optimized Instances
       Memory-Optimized Instances
       x1 Instances
       High-Memory Instances
       z1d Instances
       Accelerated Computing Instances
       g3 Instances
       f1 Instances
       Storage-Optimized Instances
       Bare-Metal Instances
   Dedicated Hosts
       Dedicated Hosts Cheat Sheet
   Dedicated Instances
   EC2 Network Performance
   Using Launch Templates
   Changing the Current Instance Type
   Amazon Lightsail
Amazon Machine Images (AMIs)
   Choosing an AMI
       AWS Linux AMIs
       Windows AMIs
   AMIs at AWS Marketplace
   Creating a Custom AMI
   Instance Store-Backed Windows or Linux AMIs
   Custom Instance Store AMIs
   AMI Build Considerations
Elastic Container Service (ECS)
   Amazon Elastic Container Service (ECS)
   AWS Fargate
   AWS ECS for Kubernetes (EKS)
Monitoring with CloudWatch
   CloudWatch Basic Monitoring
   CloudWatch Logs
   Collecting Data with the CloudWatch Agent
   Planning for Monitoring
   CloudWatch Integration
   CloudWatch Terminology
   Creating a CloudWatch Alarm
   Additional Alarm and Action Settings
   CloudWatch Cheat Sheet
Elastic Load Balancing (ELB) Services
   Redundancy in Design
   Health Checks
   ELB Cheat Sheet
   Classic Load Balancer (CLB)
   Application Load Balancer (ALB)
       Target Groups
       ALB Cheat Sheet
       Big-Picture Steps: ALB Creation
       Rule Choices
       HTTPS Listener Security Settings
       Target Group Routing
       Target Group Attributes
       Maintaining User Sessions
       Sticky Session Support
       Configuring Health Checks
       ALB Security
   Monitoring Load Balancer Operation
       CloudWatch
       Access Logs
   Network Load Balancer
       NLB Cheat Sheet
EC2 Auto Scaling
   EC2 Auto Scaling Cheat Sheet
   EC2 Auto Scaling Operation
       Launch Configuration
       Launch Templates
       Auto Scaling Groups (ASGs)
       Scaling Options for Auto Scaling Groups
   Cooldown Period
   Termination Policy
   Lifecycle Hooks
Exam Preparation Tasks
Chapter 7 Choosing High-Performing and Scalable Storage Solutions
Do I Know This Already?
Foundation Topics
Elastic Block Storage (Provisioned IOPS)
   io1 and io2
   Storage-Optimized EC2 Instances
Shared File Storage at AWS
   Elastic File System (EFS)
       EFS Performance Modes
       Storage Classes
       EFS Throughput Modes
       EFS Security
       EFS Cheat Sheet
   Storage Options Compared
   Amazon FSx for Windows File Server
       FSx File System Performance
       FSx Cheat Sheet
   FSx for Lustre
       FSx for Lustre Cheat Sheet
AWS Data Transfer Options
AWS Storage Gateway Family
   AWS Storage Gateway Cheat Sheet
Exam Preparation Tasks
Chapter 8 Selecting Networking Solutions for Workloads
Do I Know This Already?
Foundation Topics
VPC Networking
   Partnering with AWS
   VPC Cheat Sheet
   To Host or to Associate?
   What's Behind the Networking Curtain?
   It's All About Packet Flow
       The Mapping Service
   Creating a VPC
       Using the Create VPC Wizard
       Using the Launch VPC Wizard
       Using the AWS CLI to Create a VPC
   How Many VPCs Do You Need?
   Creating the VPC CIDR Block
       Planning Your Primary VPC CIDR Block
       Adding a Secondary CIDR Block
   The Default VPC
   Revisiting Availability Zones
Subnets
   Subnet Cheat Sheet
Route Tables
   The Main Route Table
   Custom Route Tables
   Route Table Summary
   Route Table Cheat Sheet
IP Address Types
   Private IPv4 Addresses
   Private IP Address Summary
   Public IPv4 Addresses
       Elastic IP Addresses
       Public IPv4 Address Cheat Sheet
   Inbound and Outbound Traffic Charges
   Bring-Your-Own IP (BYOIP)
       The BYOIP Process
   IPv6 Addresses
Security Groups
   Security Group Cheat Sheet
   Custom Security Groups
       Application Server Inbound Ports
       Database Server Inbound Ports
   Administration Access
   Pinging an EC2 Instance
   Elastic Load Balancing (ELB)
   Security Group Planning
Network ACLs
   Network ACL Implementation Details
   Network ACL Cheat Sheet
   Network ACL Rule Processing
   Understanding Ephemeral Ports
   Network ACL Planning
   VPC Flow Logs
Connectivity Options
   Peering VPCs
   Establishing a Peering Connection
   Endpoints
       Gateway Endpoints
       Interface Endpoints
       Endpoint Services with PrivateLink
External Connections
   Internet Gateway: The Public Door
       Internet Gateway Cheat Sheet
   Egress-Only Internet Gateway
   NAT
       NAT Gateway
       NAT Gateway Cheat Sheet
       Transit Gateway
   VPN Connections
   Virtual Private Gateway
   Customer Gateway
   VPN CloudHub
   Understanding Route Propagation
   Direct Connect
   Direct Connect Cheat Sheet
Exam Preparation Tasks
Chapter 9 Designing High-Performing Database Solutions
Do I Know This Already?
Foundation Topics
Relational Database Service (RDS)
   RDS Database Instances
   Database Instance Class Types
   High-Availability Design for RDS
   Multi-AZ RDS Deployments
   Big-Picture RDS Installation Steps
   Monitoring Database Performance
   Best Practices for RDS
   RDS Cheat Sheet
Amazon Aurora
   Aurora Storage
   Communicating with Aurora
   Aurora Cheat Sheet
DynamoDB
   Database Design 101
   DynamoDB Tables
       Provisioning Table Capacity
       Adaptive Capacity
       Data Consistency
       ACID and DynamoDB
       Global Tables
   DynamoDB Accelerator (DAX)
   Backup and Restoration
ElastiCache
   Memcached Cheat Sheet
   Redis Cheat Sheet
Amazon Redshift
Exam Preparation Tasks
Chapter 10 Securing AWS Resources
Do I Know This Already?
Foundation Topics
Identity and Access Management (IAM)
   IAM Policy Definitions
   IAM Authentication
   Requesting Access to AWS Resources
   The Authorization Process
   Actions
IAM Users and Groups
   The Root User
   The IAM User
       Creating an IAM User
       IAM User Access Keys
   IAM Groups
   Signing In as an IAM User
   IAM Account Details
   Creating a Password Policy
   Rotating Access Keys
   Using Multifactor Authentication (MFA)
Creating IAM Policies
   IAM Policy Types
       Identity-Based Policies
       Resource-Based Policies
       In-Line Policies
   IAM Policy Creation
       Policy Elements
       Reading a Simple JSON Policy
       Policy Actions
       Additional Policy Control Options
       Reviewing Policy Permissions
       IAM Policy Versions
       Using Conditional Elements
       Using Tags with IAM Identities
IAM Roles
   When to Use Roles
       Using Roles When AWS Services Perform Actions on Your Behalf
       Using Roles for EC2 Instances Hosting Applications That Need Access to AWS Resources
       Using Roles with Mobile Applications
   Cross-Account Access to AWS Resources
   AWS Security Token Service (STS)
   IAM Cheat Sheet
   Identity Federation
   IAM Best Practices
   IAM Security Tools
AWS Organizations
   AWS Organizations Cheat Sheet
AWS Resource Access Manager (RAM)
Exam Preparation Tasks
Chapter 11 Securing Application Tiers
Do I Know This Already?
Foundation Topics
AWS CloudTrail
   Creating a CloudWatch Trail
   CloudTrail Cheat Sheet
Essential AWS Management Tools
   AWS Secrets Manager
   GuardDuty
   Amazon Inspector
   AWS Trusted Advisor
Exam Preparation Tasks
Chapter 12 Selecting Appropriate Data Security Options
Do I Know This Already?
Foundation Topics
EBS Encryption
S3 Bucket Security
   S3 Storage at Rest
   Object Lock Policies
   Legal Hold
   S3 Glacier Storage at Rest
Key Management Service (KMS)
   Envelope Encryption
   KMS Cheat Sheet
   CloudHSMfa
Amazon Certificate Manager (ACM)
Exam Preparation Tasks
Chapter 13 Designing Cost-Effective Solutions
Do I Know This Already?
Foundation Topics
Calculating AWS Costs
   Management Service Costs
   Understanding Tiered Pricing at AWS
Compute Costs
   EC2 Pricing
   On-Demand Instance Limits
   Reserved Instances (RI)
   Term Commitment
   Payment Options
   EC2 Reserved Instance Types
   Scheduled Reserved EC2 Instances
   Regional and Zonal Reserved Instances
   Savings Plans
   Spot Instances
   Spot Fleet Optimization Strategies
   Spot Capacity Pools
   EC2 Fleet
   EC2 Pricing Cheat Sheet
Storage Costs
   Tagging EBS Volumes and Snapshots
   Cost Allocation Tags
   Storage Performance Comparison
Database Costs
   Database Design Solutions
Networking Costs
   Network Design Solutions
   Public Versus Private Traffic Charges
   Data Transfer Costs Cheat Sheet
   Management Tool Pricing Example: AWS Config
       AWS Config Results
AWS Billing Costs
   AWS Cost Explorer
   AWS Budgets
   Cost Explorer
   Cost and Usage Report
   Managing Costs Cheat Sheet
Exam Preparation Tasks
Chapter 14 Final Preparation
Exam Information
Tips for Getting Ready for the Exam
Scheduling Your Exam
Tools for Final Preparation
   Pearson Test Prep Practice Test Software and Questions on the Website
       Accessing the Pearson Test Prep Software Online
       Accessing the Pearson Test Prep Software Offline
       Customizing Your Exams
   Updating Your Exams
       Premium Edition
   Chapter-Ending Review Tools
Suggested Plan for Final Review/Study
Summary
Glossary of Key Terms
Appendix A Answers to the "Do I Know This Already?" Quizzes and Q&A Sections
Appendix B AWS Certified Solutions Architect - Associate (SAA-C02) Cert Guide Exam Updates
Online Elements:
Appendix C Study Planner
Glossary of Key Terms
9780137325214Â Â Â TOCÂ Â Â 5/27/2021
Chapter 1 Understanding the Foundations of AWS
Essential Characteristics of AWS Cloud Computing
   On-Demand Self-Service
   Broad Network Access
   Resource Pooling
   Rapid Elasticity
   Measured Service
Moving to AWS
   Infrastructure as a Service (IaaS)
   Platform as a Service (PaaS)
Operational Benefits of AWS
Cloud Provider Limitations
Security at AWS
   Network Security at AWS
   Application Security at AWS
   Playing in the AWS Sandbox
   Determining What Problem Needs to Be Solved
Migrating Applications
   Applications That Can Be Moved to AWS and Hosted on an EC2 Instance with No Changes
   Applications with Many Local Dependencies That Cause Problems When Being Moved to the Cloud
   Replacing an Existing Application with a SaaS Application Hosted by a Public Cloud Provider
   Applications That Should Remain on Premises and Eventually Be Deprecated
The AWS Well-Architected Framework
   The Well-Architected Tool
In Conclusion
Chapter 2 Designing Multi-Tier Architecture Solutions
"Do I Know This Already?" Quiz
Foundation Topics
Availability and Reliability
   Availability in the Cloud
   Reliability
AWS Regions and Availability Zones
   Availability Zones
   Availability Zone Distribution
   Multiple Availability Zones
Choosing a Region
   Compliance Rules
       Understanding Compliance Rules at AWS
       The Shared Responsibility Model
       AWS and Compliance
       HIPAA
       NIST
       GovCloud
   Latency Concerns
   Services Offered in Each AWS Region
   Calculating Costs
Multi-Tier Architecture Solutions
   Resilient VPC Architecture
   Design Problems to Overcome
   Multi-Tier Data Redundancy
       Protecting Against Application Failure
AWS Global Services: Edge Locations
   Services Located at the Edge
       Route 53
       AWS Shield (Standard and Advanced)
       Web Application Firewall (WAF)
       CloudFront
       AWS Lambda@Edge
AWS Service Quotas
Exam Preparation Tasks
Chapter 3 Highly Available and Fault-Tolerant Architectures
"Do I Know This Already?" Quiz
Foundation Topics
Comparing Architecture Designs
   Designing for High Availability
   Adding Fault Tolerance
   Removing Single Points of Failure
Disaster Recovery and Business Continuity
   Backup and Restoration
   Pilot Light Solution
   Warm Standby Solution
   Hot Site Solution
   Multi-Region Active-Active Application Deployment
   The AWS Service-Level Agreement (SLA)
Automating AWS Architecture
   Automating Infrastructure with CloudFormation
       CloudFormation Components
       CloudFormation Templates
       CloudFormation Stacks
       CloudFormation Stack Sets
   Third-Party Solutions
   AWS Service Catalog
Elastic Beanstalk
   Updating Elastic Beanstalk Applications
Deployment Methodologies
   Rule 1: Use One Codebase That Is Tracked with Version Control to Allow Many Deployments
       AWS CodeCommit
   Rule 2: Explicitly Declare and Isolate Dependencies
   Rule 3: Store Configuration in the Environment
   Rule 4: Treat Backing Services as Attached Resources
   Rule 5: Separate the Build and Run Stages
   Rule 6: Execute an App as One or More Stateless Processes
   Rule 7: Export Services via Port Binding
   Rule 8: Scale Out via the Process Model
   Rule 9: Maximize Robustness with Fast Startup and Graceful Shutdown
   Rule 10: Keep Development, Staging, and Production as Similar as Possible
   Rule 11: Treat Logs as Event Streams
   Rule 12: Run Admin/Management Tasks as One-Off Processes
Exam Preparation Tasks
Chapter 4 Decoupling Mechanisms Using AWS Services
"Do I Know This Already?" Quiz
Foundation Topics
Stateful Design
   Changing User State Locations
   User Session Management
Application Integration Services
   Amazon SNS
       SNS Cheat Sheet
   Amazon SQS
       SQS Cheat Sheet
   AWS Step Functions
Lambda
   Lambda Cheat Sheet
API Gateway
   API Gateway Cheat Sheet
Building a Serverless Web App
   Step 1: Create a Static Website
   Step 2: Handle User Authentication
   Step 3: Create the Serverless Backend Components
   Step 4: Set Up the API Gateway
   Step 5: Register for Conference
Exam Preparation Tasks
Chapter 5 Choosing Resilient Storage
Do I Know This Already?
Foundation Topics
AWS Storage Options
   Workload Storage Requirements
Elastic Block Storage (EBS)
   EBS Volume Types
   General-Purpose SSD (gp2/gp3)
   Elastic Volumes
   Attaching an EBS Volume
   EBS Cheat Sheet
   EBS Snapshots
       Taking a Snapshot from a Linux Instance
       Taking a Snapshot from a Windows Instance
       Snapshot Administration
       Snapshot Cheat Sheet
   Local Instance Storage
Elastic File System (EFS)
   EFS Performance Modes
   EFS Throughput Modes
   EFS Security
   EFS Lifecycle Management
   EFS DataSync
   EFS Cheat Sheet
FSx for Windows File Server
Simple Storage Service (S3)
   Buckets, Objects, and Keys
   S3 Data Consistency
   S3 Storage Classes
   S3 Management
   Versioning
   Amazon S3 Access Points
   S3 Cheat Sheet
S3 Glacier Storage Options
   S3 Glacier
   Vaults and Archives
   S3 Glacier Deep Archive
   Glacier Cheat Sheet
Exam Preparation Tasks
Chapter 6 Designing High-Performing Compute Architecture
Do I Know This Already?
Foundation Topics
EC2 Instances
   Instance Families
   What Is a vCPU?
   EC2 Instance Choices
       Micro Instances
       General-Purpose Instances
       Instances Designed to Burst
       Compute-Optimized Instances
       Memory-Optimized Instances
       x1 Instances
       High-Memory Instances
       z1d Instances
       Accelerated Computing Instances
       g3 Instances
       f1 Instances
       Storage-Optimized Instances
       Bare-Metal Instances
   Dedicated Hosts
       Dedicated Hosts Cheat Sheet
   Dedicated Instances
   EC2 Network Performance
   Using Launch Templates
   Changing the Current Instance Type
   Amazon Lightsail
Amazon Machine Images (AMIs)
   Choosing an AMI
       AWS Linux AMIs
       Windows AMIs
   AMIs at AWS Marketplace
   Creating a Custom AMI
   Instance Store-Backed Windows or Linux AMIs
   Custom Instance Store AMIs
   AMI Build Considerations
Elastic Container Service (ECS)
   Amazon Elastic Container Service (ECS)
   AWS Fargate
   AWS ECS for Kubernetes (EKS)
Monitoring with CloudWatch
   CloudWatch Basic Monitoring
   CloudWatch Logs
   Collecting Data with the CloudWatch Agent
   Planning for Monitoring
   CloudWatch Integration
   CloudWatch Terminology
   Creating a CloudWatch Alarm
   Additional Alarm and Action Settings
   CloudWatch Cheat Sheet
Elastic Load Balancing (ELB) Services
   Redundancy in Design
   Health Checks
   ELB Cheat Sheet
   Classic Load Balancer (CLB)
   Application Load Balancer (ALB)
       Target Groups
       ALB Cheat Sheet
       Big-Picture Steps: ALB Creation
       Rule Choices
       HTTPS Listener Security Settings
       Target Group Routing
       Target Group Attributes
       Maintaining User Sessions
       Sticky Session Support
       Configuring Health Checks
       ALB Security
   Monitoring Load Balancer Operation
       CloudWatch
       Access Logs
   Network Load Balancer
       NLB Cheat Sheet
EC2 Auto Scaling
   EC2 Auto Scaling Cheat Sheet
   EC2 Auto Scaling Operation
       Launch Configuration
       Launch Templates
       Auto Scaling Groups (ASGs)
       Scaling Options for Auto Scaling Groups
   Cooldown Period
   Termination Policy
   Lifecycle Hooks
Exam Preparation Tasks
Chapter 7 Choosing High-Performing and Scalable Storage Solutions
Do I Know This Already?
Foundation Topics
Elastic Block Storage (Provisioned IOPS)
   io1 and io2
   Storage-Optimized EC2 Instances
Shared File Storage at AWS
   Elastic File System (EFS)
       EFS Performance Modes
       Storage Classes
       EFS Throughput Modes
       EFS Security
       EFS Cheat Sheet
   Storage Options Compared
   Amazon FSx for Windows File Server
       FSx File System Performance
       FSx Cheat Sheet
   FSx for Lustre
       FSx for Lustre Cheat Sheet
AWS Data Transfer Options
AWS Storage Gateway Family
   AWS Storage Gateway Cheat Sheet
Exam Preparation Tasks
Chapter 8 Selecting Networking Solutions for Workloads
Do I Know This Already?
Foundation Topics
VPC Networking
   Partnering with AWS
   VPC Cheat Sheet
   To Host or to Associate?
   What's Behind the Networking Curtain?
   It's All About Packet Flow
       The Mapping Service
   Creating a VPC
       Using the Create VPC Wizard
       Using the Launch VPC Wizard
       Using the AWS CLI to Create a VPC
   How Many VPCs Do You Need?
   Creating the VPC CIDR Block
       Planning Your Primary VPC CIDR Block
       Adding a Secondary CIDR Block
   The Default VPC
   Revisiting Availability Zones
Subnets
   Subnet Cheat Sheet
Route Tables
   The Main Route Table
   Custom Route Tables
   Route Table Summary
   Route Table Cheat Sheet
IP Address Types
   Private IPv4 Addresses
   Private IP Address Summary
   Public IPv4 Addresses
       Elastic IP Addresses
       Public IPv4 Address Cheat Sheet
   Inbound and Outbound Traffic Charges
   Bring-Your-Own IP (BYOIP)
       The BYOIP Process
   IPv6 Addresses
Security Groups
   Security Group Cheat Sheet
   Custom Security Groups
       Application Server Inbound Ports
       Database Server Inbound Ports
   Administration Access
   Pinging an EC2 Instance
   Elastic Load Balancing (ELB)
   Security Group Planning
Network ACLs
   Network ACL Implementation Details
   Network ACL Cheat Sheet
   Network ACL Rule Processing
   Understanding Ephemeral Ports
   Network ACL Planning
   VPC Flow Logs
Connectivity Options
   Peering VPCs
   Establishing a Peering Connection
   Endpoints
       Gateway Endpoints
       Interface Endpoints
       Endpoint Services with PrivateLink
External Connections
   Internet Gateway: The Public Door
       Internet Gateway Cheat Sheet
   Egress-Only Internet Gateway
   NAT
       NAT Gateway
       NAT Gateway Cheat Sheet
       Transit Gateway
   VPN Connections
   Virtual Private Gateway
   Customer Gateway
   VPN CloudHub
   Understanding Route Propagation
   Direct Connect
   Direct Connect Cheat Sheet
Exam Preparation Tasks
Chapter 9 Designing High-Performing Database Solutions
Do I Know This Already?
Foundation Topics
Relational Database Service (RDS)
   RDS Database Instances
   Database Instance Class Types
   High-Availability Design for RDS
   Multi-AZ RDS Deployments
   Big-Picture RDS Installation Steps
   Monitoring Database Performance
   Best Practices for RDS
   RDS Cheat Sheet
Amazon Aurora
   Aurora Storage
   Communicating with Aurora
   Aurora Cheat Sheet
DynamoDB
   Database Design 101
   DynamoDB Tables
       Provisioning Table Capacity
       Adaptive Capacity
       Data Consistency
       ACID and DynamoDB
       Global Tables
   DynamoDB Accelerator (DAX)
   Backup and Restoration
ElastiCache
   Memcached Cheat Sheet
   Redis Cheat Sheet
Amazon Redshift
Exam Preparation Tasks
Chapter 10 Securing AWS Resources
Do I Know This Already?
Foundation Topics
Identity and Access Management (IAM)
   IAM Policy Definitions
   IAM Authentication
   Requesting Access to AWS Resources
   The Authorization Process
   Actions
IAM Users and Groups
   The Root User
   The IAM User
       Creating an IAM User
       IAM User Access Keys
   IAM Groups
   Signing In as an IAM User
   IAM Account Details
   Creating a Password Policy
   Rotating Access Keys
   Using Multifactor Authentication (MFA)
Creating IAM Policies
   IAM Policy Types
       Identity-Based Policies
       Resource-Based Policies
       In-Line Policies
   IAM Policy Creation
       Policy Elements
       Reading a Simple JSON Policy
       Policy Actions
       Additional Policy Control Options
       Reviewing Policy Permissions
       IAM Policy Versions
       Using Conditional Elements
       Using Tags with IAM Identities
IAM Roles
   When to Use Roles
       Using Roles When AWS Services Perform Actions on Your Behalf
       Using Roles for EC2 Instances Hosting Applications That Need Access to AWS Resources
       Using Roles with Mobile Applications
   Cross-Account Access to AWS Resources
   AWS Security Token Service (STS)
   IAM Cheat Sheet
   Identity Federation
   IAM Best Practices
   IAM Security Tools
AWS Organizations
   AWS Organizations Cheat Sheet
AWS Resource Access Manager (RAM)
Exam Preparation Tasks
Chapter 11 Securing Application Tiers
Do I Know This Already?
Foundation Topics
AWS CloudTrail
   Creating a CloudWatch Trail
   CloudTrail Cheat Sheet
Essential AWS Management Tools
   AWS Secrets Manager
   GuardDuty
   Amazon Inspector
   AWS Trusted Advisor
Exam Preparation Tasks
Chapter 12 Selecting Appropriate Data Security Options
Do I Know This Already?
Foundation Topics
EBS Encryption
S3 Bucket Security
   S3 Storage at Rest
   Object Lock Policies
   Legal Hold
   S3 Glacier Storage at Rest
Key Management Service (KMS)
   Envelope Encryption
   KMS Cheat Sheet
   CloudHSMfa
Amazon Certificate Manager (ACM)
Exam Preparation Tasks
Chapter 13 Designing Cost-Effective Solutions
Do I Know This Already?
Foundation Topics
Calculating AWS Costs
   Management Service Costs
   Understanding Tiered Pricing at AWS
Compute Costs
   EC2 Pricing
   On-Demand Instance Limits
   Reserved Instances (RI)
   Term Commitment
   Payment Options
   EC2 Reserved Instance Types
   Scheduled Reserved EC2 Instances
   Regional and Zonal Reserved Instances
   Savings Plans
   Spot Instances
   Spot Fleet Optimization Strategies
   Spot Capacity Pools
   EC2 Fleet
   EC2 Pricing Cheat Sheet
Storage Costs
   Tagging EBS Volumes and Snapshots
   Cost Allocation Tags
   Storage Performance Comparison
Database Costs
   Database Design Solutions
Networking Costs
   Network Design Solutions
   Public Versus Private Traffic Charges
   Data Transfer Costs Cheat Sheet
   Management Tool Pricing Example: AWS Config
       AWS Config Results
AWS Billing Costs
   AWS Cost Explorer
   AWS Budgets
   Cost Explorer
   Cost and Usage Report
   Managing Costs Cheat Sheet
Exam Preparation Tasks
Chapter 14 Final Preparation
Exam Information
Tips for Getting Ready for the Exam
Scheduling Your Exam
Tools for Final Preparation
   Pearson Test Prep Practice Test Software and Questions on the Website
       Accessing the Pearson Test Prep Software Online
       Accessing the Pearson Test Prep Software Offline
       Customizing Your Exams
   Updating Your Exams
       Premium Edition
   Chapter-Ending Review Tools
Suggested Plan for Final Review/Study
Summary
Glossary of Key Terms
Appendix A Answers to the "Do I Know This Already?" Quizzes and Q&A Sections
Appendix B AWS Certified Solutions Architect - Associate (SAA-C02) Cert Guide Exam Updates
Online Elements:
Appendix C Study Planner
Glossary of Key Terms
9780137325214Â Â Â TOCÂ Â Â 5/27/2021
Mark Wilkins is an electronic engineering technologist with a wealth of experience in designing, deploying, and supporting software and hardware technology in the corporate and small business world. Since 2013, Mark has focused on supporting and designing cloud service solutions with Amazon Web Services, Microsoft Azure, and the IBM Cloud. He is certified in Amazon Web Services (Architecture and SysOps). Mark is also a Microsoft Certified Trainer (MCT) and holds certifications in MCTS, MCSA, Server Virtualization with Windows Server Hyper-V, and Azure Cloud Services.
Mark's published books include Windows 2003 Registry for Dummies, Administering SMS 3.0, Administering Active Directory, and Learning Amazon Web Services (AWS): A Hands-On Guide to the Fundamentals of AWS Cloud.
Mark worked as a technical evangelist for IBM SoftLayer from 2013 through 2016 and taught both SoftLayer fundamentals and SoftLayer design classes to many Fortune 500 companies in Canada, the United States, Europe, and Australia. As former course director for Global Knowledge, Mark developed and taught many technical seminars, including Configuring Active Directory Services, Configuring Group Policy, and Cloud and Virtualization Essentials. Mark currently develops AWS curriculum on technical aspects of AWS architecture for O'Reilly Media, Pluralsight, and LinkedIn Learning. To read and discuss all things Mark finds interesting about the cloud visit The Cloud Thingy, at https://thecloudthingy.substack.com/.
Need help? Get in touch
Play
Privacy and cookies
By watching, you agree Pearson can share your viewership data for marketing and analytics for one year, revocable by deleting your cookies.
Pearson eTextbook: What’s on the inside just might surprise you
They say you can’t judge a book by its cover. It’s the same with your students. Meet each one right where they are with an engaging, interactive, personalized learning experience that goes beyond the textbook to fit any schedule, any budget, and any lifestyle.Â
Digital Learning NOW
Extend your professional development and meet your students where they are with free weekly Digital Learning NOW webinars. Attend live, watch on-demand, or listen at your leisure to expand your teaching strategies. Earn digital professional development badges for attending a live session.