AWS Certified Solutions Architect Associate All-in-One Exam Guide, Second Edition (Exam SAA-C02)

AWS Certified Solutions Architect Associate All-in-One Exam Guide, Second Edition (Exam SAA-C02)

by Joyjeet Banerjee

Paperback(2nd ed.)

$50.00
View All Available Formats & Editions
Choose Expedited Shipping at checkout for delivery by Tuesday, June 29

Overview

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.

This up-to-date study guide offers 100% coverage of every objective for the current version of the AWS Certified Solutions Architect Professional exam

Get complete coverage of all objectives included on the SAA-C02 exam from this comprehensive resource. Written by an expert AWS Solutions Architect and well-respected author, this authoritative guide fully addresses the knowledge and skills required for passing the AWS Certified Solutions Architect – Associate exam. You’ll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. You’ll also build your practical knowledge with the many hands-on labs found throughout this guide. Designed to help you pass the exam with ease, this definitive volume also serves as an essential on-the-job reference.

Covers all exam domains, including:

  • Design Resilient Architectures
  • Design High-Performing Architectures
  • Design Secure Applications and Architectures
  • Design Cost-Optimized Architectures

Online content includes:

  • 130 practice exam questions
  • Test engine that provides practice exams or quizzes that can be customized by chapter or exam objective



Product Details

ISBN-13: 9781260470185
Publisher: McGraw-Hill Professional Publishing
Publication date: 01/07/2021
Edition description: 2nd ed.
Pages: 448
Sales rank: 205,528
Product dimensions: 7.30(w) x 9.00(h) x 1.10(d)

About the Author

Joyjeet Banerjee is an enterprise solutions architect with Amazon Web Services, where he crafts highly scalable, flexible, and resilient cloud architectures that address customer business needs. Joyjeet is a regular guest speaker at user and industry conferences and has recently been honored as an Oracle Innovator.

Table of Contents

Acknowledgments xix

Introduction xxi

Chapter 1 Overview of Cloud Computing and Amazon Web Services 1

Advantages of Running Cloud Computing on AWS 2

Three Models of Cloud Computing 4

Three Cloud Computing Deployment Models 5

History of AWS 6

AWS Global Infrastructure 7

AWS Security and Compliance 9

AWS Products and Services 11

Compute 11

Networking 14

Security and Compliance 15

Storage and Content Delivery 18

Database 19

Analytics 21

Application Services 23

Developer Tools 24

Management Tools 25

Messaging 27

Migration 27

Artificial Intelligence 28

Internet of Things 28

Mobile Services 29

Chapter Review 30

Questions 31

Answers 32

Chapter 2 Storage on AWS 35

Amazon Simple Storage Service (S3) 36

Advantages of Amazon S3 36

Usage of Amazon S3 in Real Life 37

Amazon S3 Basic Concepts 38

Amazon S3 Data Consistency Model 41

Amazon S3 Performance Considerations 43

Reverse the Key Name String 45

Adding a Hex Hash Prefix to a Key Name 45

Encryption in Amazon S3 46

Amazon S3 Access Control 47

Access Policies 47

Bucket Policies 49

Access Control List 50

S3 Security Best Practices 50

Amazon S3 Storage Class 50

Versioning of Objects in Amazon S3 54

Amazon S3 Object Lifecycle Management 54

Amazon S3 Replication 55

Static Web Site Hosting in Amazon S3 61

Amazon S3 Glacier 62

Amazon S3 Glacier Key Terminology 63

Accessing Amazon S3 Glacier 64

Uploading Files to AmazonS3 Glacier 64

Retrieving Files from Amazon S3 Glacier 65

Amazon Elastic Block Store 65

Features of Amazon EBS 66

AWS Block Storage Offerings 67

Amazon Elastic File System 69

Using Amazon Elastic File System 71

Performance Mode of Amazon EFS 72

On-Premise Storage Integration with AWS 72

AWS Storage Gateway 73

AWS Snowball and AWS Snowball Edge 74

AWS Snowmobile 74

Chapter Review 74

Lab 2-1 Creating, Moving, and Deleting Objects in Amazon S3 75

Lab 2-2 Using Version Control in Amazon S3 84

Lab 2-3 Using the Bucket Policy Generator for Amazon S3 86

Questions 86

Answers 89

Chapter 3 Virtual Private Cloud 93

Amazon VPC Components and Terminology 94

Amazon VPC 95

Subnet 95

Route Table 98

Internet Gateway 99

Network Address Translation 100

Egress-Only Internet Gateway 102

Elastic Network Interface 103

Enhanced Networking (Linux Only) 104

Elastic IP Address 104

Network Security 105

Amazon VPC Peering 110

Amazon VPC Endpoint 112

Transit Gateway 114

DNS and VPC 115

DHCP Option Sets 116

Connecting to a VPC 117

VPC Flow Logs 119

Default VPC 119

Labs on VPC 120

Lab 3-1 Using the VPC Wizard 120

Lab 3-2 Creating a VPC with Public and Private Subnets 123

Lab 3-3 Exploring All the Options in a Virtual Private Cloud 127

Chapter Review 135

Questions 135

Answers 137

Chapter 4 Introduction to Amazon Elastic Compute Cloud 139

Benefits of Amazon EC2 140

Amazon EC2 Instance Types and Features 141

General Purpose (T3, T3a, T2, M6g, M5, M5a, M5n, M4, and A1) 142

Compute Optimized (C6g, C5, C5a, C5n, and C4) 143

Memory Optimized (R6g, R5, R5a, R5n, R4, X1e, X1, High Memory, and Z1d) 143

Storage Optimized (13, 13en, D2, and H1) 143

Accelerated Computing (P3, P2, Inf1, G4, G3, and F1) 143

Processor Features 144

Network Features 144

Storage Features 145

Steps for Using Amazon EC2 146

Pricing for Amazon EC2 146

On-Demand Instance 146

Reserved Instance 147

Spot Instance 147

Shared Tenancy, Dedicated Hosts, and Dedicated Instances 148

Shared Tenancy 149

Dedicated Host 149

Dedicated Instance 149

Instances and AMIs 149

Instance Root Volume 150

Obtaining an AMI 152

Visualization in AMI 153

HVM AMI 153

PV AMI 154

Instance Life Cycle 154

Launch 154

Start and Stop 154

Reboot 155

Termination 155

Retirement 155

Connecting to an Instance 156

Security Group 158

Amazon Elastic Container Service 159

Lab 4-1 Using EC2 161

Creating a New Key Pair 161

Launching a Web Server Instance 162

Browsing the Web Server 165

Lab 4-2 Creating an BBS Instance and Attaching It to an EC2 Instance 166

Lab 4-3 Creating an Elastic File System (EFS) and Mounting Across Two EC2 Instances in Different AZs 170

Chapter Review 173

Questions 174

Answers 176

Chapter 5 Identity and Access Management and Security on AWS 177

Authentication 177

Authorization 178

Auditing 179

Types of Security Credentials 180

Temporary Security Credentials 180

Users 181

Groups 182

Roles 183

IAM Hierarchy of Privileges 184

IAM Best Practices 184

Use the IAM User 184

Create a Strong Password Policy 185

Rotate Security Credentials Regularly 185

Enable MFA 185

AWS Compliance Program 186

Shared Responsibility Model 187

AWS Responsibility 188

Customer's Responsibility 189

AWS Security Products and Services 192

Resource Access Manager 192

AWS Secrets Manager 193

Amazon GuardDury 193

Amazon Inspector 194

Amazon Macie 195

AWS Certificate Manager 195

AWS Web Application Firewall 195

AWS Shield 195

AWS CloudHSM 196

AWS KMS 196

Lab 5-1 Creating IAM Users, Groups, and Roles 196

Managing IAM User Permissions and Credentials 201

IAM Roles for Amazon EC2 203

Chapter Review 207

Questions 208

Answers 210

Chapter 6 Auto Scaling 211

Benefits of Auto Scaling 212

Scaling Plan 215

Identify Scalable Resources 215

Specify Scaling Strategy 216

Using EC2 Auto Scaling 217

Launch Configuration 217

Auto Scaling Groups 218

Termination Policy t 223

Elastic Load Balancing 223

How ELB Works 225

Types of Load Balancers 225

Load Balancer Key Concepts and Terminology 227

Health Check 231

Using Multiple AZs 232

Lab 6-1 Set Up Auto Scaling 235

Chapter Review 239

Questions 240

Answers 242

Chapter 7 Deploying and Monitoring Applications on AWS 245

AWS Lambda 245

Is AWS Lambda Really Serverless? 246

Understanding AWS Lambda 247

Amazon API Gateway 250

API Types Supported by API Gateway 251

Benefits of Amazon API Gateway 251

Amazon Kinesis 253

Real-Time Application Scenarios 253

Differences Between Batch and Stream Processing 254

Amazon Kinesis Data Steams 254

Benefits of Amazon Kinesis Data Streams 255

Amazon Kinesis Data Firehose 255

Benefits of Amazon Kinesis Data Firehose 256

Amazon Kinesis Data Analytics 257

Benefits of Amazon Kinesis Data Analytics 258

Use Cases for Amazon Kinesis Data Analytics 258

Amazon Kinesis Video Streams 259

Reference Architectures Using Serverless Services 259

Real-Time File Processing 260

Real-Time Stream Processing 260

Extract, Transformation, and Load (ETL) Processing 260

IoT Back Ends 261

Amazon CloudEront 262

Amazon CloudFront Key Concepts 263

Geo Restriction 266

Error Handling 266

Amazon Route 53 266

AWS Web Application Firewall 268

Amazon Shield 273

Benefits of AWS Shield 273

Amazon Simple Queue Service 274

Amazon Simple Notification Service 278

AWS Step Functions and Amazon Simple Workflow (SWF) 280

AWS Elastic Beanstalk 282

AWS OpsWorks 284

Amazon Cognito 286

Amazon Elastic MapReduce 287

AWS CloudFormation 288

Monitoring in AWS 290

Amazon CloudWatch 291

Metrics Collection and Tracking 291

Capture Real-Time Changes Using Amazon Cloud Watch Events 291

Monitoring and Storing Logs 292

Set Alarms 292

View Graphs and Statistics 293

AWS CloudTrail 294

AWS Config 295

Amazon VPC Flow Logs 296

AWS Trusted Advisor 297

AWS Organizations 300

Chapter Review 300

Questions 303

Answers 307

Chapter 8 Databases on AWS 309

Understanding Relational Databases 309

Understanding the Amazon Relational Database Service 311

Scenario 1 Hosting the Database in Your Data Center On-Premises 312

Scenario 2 Hosting the Database on Amazon EC2 Servers 312

Scenario 3 Hosting the Database Using Amazon RDS 313

Hosting a Database in Amazon EC2 vs. Amazon RDS 314

High Availability on Amazon RDS 315

Simplest Architecture: Single-AZ Deployment 315

High Availability: Multiple AZs 315

Scaling on Amazon RDS 318

Changing the Instance Type 318

Read Replica 319

Security on Amazon RDS 320

Amazon VPC and Amazon RDS 320

Backups, Restores, and Snapshots 324

Monitoring 325

Amazon Aurora 327

Amazon Redshift 328

Benefits of Amazon Redshift 329

Amazon Redshift Architecture 329

Sizing Amazon Redshift Clusters 332

Networking for Amazon Redshift 333

Encryption 333

Security 334

Backup and Restore 334

Data Loading in Amazon Redshift 335

Data Distribution in Amazon Redshift 336

Amazon DynamoDB 337

Benefits of Amazon DynamoDB 337

Amazon DynamoDB Terminology 338

Secondary Index 340

Consistency Model 341

Global Table 341

Amazon DynamoDB Streams 341

Amazon DynamoDB Accelerator 342

Encryption and Security 342

Amazon ElastiCache 342

Amazon Neptune 344

Benefits of Amazon Neptune 345

Amazon Neptune Use Cases 345

Amazon DocumentDB 346

Benefits of Amazon DocumentDB 346

Amazon DocumentDB Use Cases 347

Lab 8-1 RDS: Creating an Amazon Aurora Database 348

Lab 8-2 Taking a Snapshot of a Database 352

Lab 8-3 Creating an Amazon Redshift Cluster 353

Lab 8-4 Creating an Amazon DynamoDB Table 356

Chapter Review 358

Questions 360

Answers 362

Chapter 9 AWS Well-Architected Framework and Best Practices 365

Operational Excellence 366

Prepare 367

Operate 368

Evolve 368

Security 368

Have a Strong Identity Foundation 369

Enable Traceability 369

Implement Security at All Layers 370

Secure the Data 370

Automate for Security 371

Plan for Security Events 371

Best Practices 371

Performance 374

Performance Efficiency 375

Reliability 378

Best Practices 378

Cost Optimization Pillar 381

Finding Cost-Effective Resources 382

Matching Supply with Demand 382

Being Aware of Expenditures 383

Optimizing Over Time 383

AWS Best Practices 384

Design for Failures 384

Build Security in Every Layer 387

Leverage Multiple Storage Options 387

Implement Elasticity 388

Think Parallel 389

Loosely Couple Your Architecture 390

There Are No Constraints in the AWS Cloud 391

Chapter Review 391

Questions 392

Answers 394

Appendix A Objective Map 397

Exam SAA-C02 397

Appendix B Additional Resources 399

Whitepapers 399

AWS re:Invent Videos 400

Appendix C About the Online Content 401

System Requirements 401

Your Total Seminars Training Hub Account 401

Privacy Notice 401

Single User License Terms and Conditions 401

TotalTester Online 403

Technical Support 403

Acronyms and Glossary 405

Acronyms 405

Glossary 409

Index 415

Customer Reviews