AWS SysOps Administrator Associate - 2019

Explore how a virtual private cloud uses subnets and CIDR blocks to assign private IP addresses to instances, enabling structured network design for web and database components.

An availability zone groups data centers within a region to provide fault isolation, while subnets map to zones so workloads stay available if a data center goes down.

Explore the components of a VPC, including Internet gateway, public and private IPs, and routing tables. Learn how a default VPC and subnet ease EC2 provisioning.

Launch and manage virtual servers on the internet with the elastic compute cloud. On-demand billing lets you pay only for running servers and terminate them anytime, avoiding upfront capital investment.

Understand EC2 key pairs by generating a public and private key, storing the public on the server, keeping the private key secure, and logging in with the correct username.

Explore how network access control lists attached to subnets regulate inbound and outbound traffic, evaluate rules in order, and block a specific IP to protect all resources in the subnet.

Explore the AWS simple storage service, a cloud storage solution that scales automatically, requires no upfront capacity planning, and keeps files highly durable while enabling access from anywhere.

Learn how to modify a relational database service for high availability, adjust the underlying instance and storage, and create read replicas in another region, with potential downtime.

Explore IAM policies as JSON-based documents that grant or deny access to AWS resources, detailing effect, actions, resources, and optional conditions for fine-grained control.

Explore how iam roles grant permissions from trusted sources such as ec2, other aws accounts, or identity providers, using policies and temporary credentials for secure access to s3 buckets.

Explore the AWS load balancer service, covering the classic, network, and application load balancers, with emphasis on the classic type due to exam focus.

Explore the network load balancer's TCP traffic handling, target groups, and scales to millions of requests per second, including static IPs for firewall whitelisting and ports like 80 and 8090.

Explore Route 53 as a domain name system service, map a domain to an elastic load balancer, use hosted zones, resource records, health checks, and simple, failover, and weighted routing.

Demonstrates configuring Route 53 simple routing policy by linking a GoDaddy domain to an Apache server via a hosted zone, name servers, and an A record with TTL.

Use Route 53 alias records to point a domain to your application load balancer, linking to S3 websites, CloudFront distributions, classic load balancers, or Elastic Beanstalk environments.

Learn how to scale a two-component architecture with auto scaling that spins up or down compute instances based on CPU thresholds for on-demand video processing stored in S3.

Explore CloudWatch metrics in AWS by enabling detailed monitoring, viewing namespace-based metrics, tagging instances, and graphing CPU utilization and CPU credits for T2 instances.

learn to create CloudWatch dashboards, add widgets (line, stacked area, number, text), enable auto refresh, and combine metrics from namespaces like network load balancer to monitor applications.

Install and configure the cloud watch agent on instances and on-premise servers to send logs to cloud watch logs, creating log groups and streams with proper IAM policies.

Explore AWS CloudTrail governance and auditing, learn how CloudTrail records all calls across users, roles, services, and how to publish events to an S3 bucket and monitor with CloudWatch logs.

Explore how to create and manage CloudTrail trails, view event histories, and store API call logs in S3 buckets across regions for analysis and dashboards.

Explore how AWS Config rules enforce security and compliance by defining constraints, monitoring instance types and unused resources, and triggering CloudWatch events or Lambda to remediate noncompliance.

Learn how AWS inspector detects vulnerabilities on EC2 instances by installing an agent, applying rule packages, and generating reports with high, medium, low, and informational findings.

Learn how cloud HSM provides dedicated hardware to store encryption keys. Compare symmetric and asymmetric keys, achieve full key control, and secure on-premise to cloud key transfer with compliant standards.

Use AWS CloudFormation to provision infrastructure as code with JSON or YAML templates. Define resources like EC2 in a VPC with subnets, including required properties such as the image.

Create an Elastic Beanstalk application and multiple environments (development, staging, production), select a web server and Tomcat platform, deploy a sample Java app, and monitor health and logs.