AWS Certified SysOps Administrator – Associate (SOA-C01)

Course

Intro Video

Photo of Mark Richman

Mark Richman

AWS Training Architect II in Content

Length

28:34:31

Difficulty

Intermediate

Course Details

The AWS Certified SysOps Administrator - Associate (SOA-C01) is a certification based around administering applications on AWS from an operations viewpoint. Although there are some deployment topics, this certification deals more with decisions we must make in our environments based on information we receive from monitoring, auditing, and any performance feedback we gather.

This course has been developed to provide you with the requisite knowledge to not only pass the AWS SysOps Administrator certification exam but also gain the hands-on experience required to become a qualified AWS Systems Operator working in a real-world environment.

Course GitHub repo: https://github.com/linuxacademy/content-aws-soa-c01

Syllabus

Introduction

Getting Started

Course Introduction

00:03:42

Lesson Description:

This video introduces the AWS Certified Sysops Administrator - Associate course, designed for the newest revision of the exam (SOA-C01) released in September 2018.

About the Training Architect

00:00:58

Lesson Description:

A little more about the author of this course - me!

Course Features and Tools

00:03:05

Lesson Description:

This video will walk you through how to use the various course features and tools on the Linux Academy website. We will also walk through the interactive diagram. We will use the interactive diagram throughout this course, helping you to visualize the various concepts presented. Interactive diagram: https://interactive.linuxacademy.com/diagrams/AWSSysOpsAdminFullDiagram.html

AWS Free Tier: Usage Tracking and Billing Widget

00:03:56

Lesson Description:

This video gives you a walkthrough on how to use the AWS Free Tier Tracking and Billing Widget for you own AWS Account!

Course Content

Security on AWS

Shared Responsibility Model

00:06:27

Lesson Description:

In this video, we'll explain the AWS Shared Responsibility Model. AWS is responsible for securing the underlying infrastructure that supports its cloud platform. You, the customer, are responsible for any resources you operate on, place in, or connect to AWS. This shared responsibility model can reduce your total cost of ownership and help improve your security posture without the undifferentiated heavy lifting involved in an on-premises infrastructure. Lesson Resources: Shared Responsibility ModelPenetration Testing

IAM: Users and Groups

00:08:45

Lesson Description:

This lesson covers IAM users, which you create to provide authentication for people and processes in your AWS account. You will also learn about IAM groups, which are collections of IAM users you can manage as a unit.

IAM: Policies

00:07:43

Lesson Description:

Knowing how to create policies is at the very center of IAM management. We use these policies to enable permissions for users, groups, and roles. This lesson discusses both the AWS managed policies as well as custom policies and how to create them.

IAM: Roles

00:03:52

Lesson Description:

Roles are a way for us to grant our AWS resources permission to interact with each other. We can also grant temporary permissions to users outside of our AWS environment by using roles with delegation and federation. This lesson discusses roles and how we use them.

IAM: Multi-Factor Authentication (MFA)

00:04:07

Lesson Description:

MFA adds extra security because it requires users to provide unique authentication from an AWS-supported MFA mechanism in addition to their regular sign-in credentials when they access AWS websites or services. Read more about MFA form factors and virtual MFA applications in the MFA documentation.

Amazon S3: Bucket Policies

00:08:30

Lesson Description:

S3 bucket policies allow us to have fine, granular control over the access of objects in our S3 buckets. Using these policies, we can implement additional layers of security and access control for objects. This lesson discusses what these policies are and how to implement them in S3. This sample bucket policy allows for both SSE-S3 and SSE-KMS based encrypted objects while denying everything else: { "Version": "2012-10-17", "Id": "PutObjPolicy", "Statement": [ { "Sid": "DenyUnEncryptedObjectUploads", "Effect": "Deny", "Principal": { "AWS": "*" }, "Action": "s3:PutObject", "Resource": "arn:aws:s3:::your-bucket/*", "Condition": { "StringNotEquals": { "s3:x-amz-server-side-encryption": [ "AES256", "aws:kms" ] } } }, { "Sid": "DenyUnEncryptedObjectUploads", "Effect": "Deny", "Principal": "*", "Action": "s3:PutObject", "Resource": "arn:aws:s3:::your-bucket/*", "Condition": { "Null": { "s3:x-amz-server-side-encryption": "true" } } } ] } You can read more about specifying conditions in a policy here.

S3: Data Integrity

00:07:43

Lesson Description:

S3 offers several features that can assist with data integrity in addition to its built-in availability and durability features. We also need methods to protect our objects from human error. This lesson discusses versioning, replication, and multi-factor authentication delete. Also, in the AWS documention, there's a table comparing the Amazon S3 storage classes.

Amazon VPC: Security Groups and NACLs

00:09:05

Lesson Description:

Security groups and Network Access Control Lists (NACLs) are extremely important when looking to lock down the security of our applications. This lesson discusses a strategy to make them work together more efficiently. Misconfiguring either one of these tools can lead to a lot of time troubleshooting. Here is the example CloudFormation template used in this lesson.

AWS STS: Federation

00:05:49

Lesson Description:

Identity federation needs to be understood for us to administer our applications on AWS. STS affects both customers and employees. For users, they often need to authenticate into our applications with third-party providers. For employees, they can use their domain credentials from on-premises services such as Active Directory to authenticate into and use AWS services. This lesson discusses these scenarios in further detail. Helpful Links Web Identity Federation PlaygroundJSON Web Tokens

Amazon Inspector

00:07:02

Lesson Description:

Inspector gives us the ability to evaluate our EC2 instances against a built-in library of best practices, common compliance standards, and public libraries of known vulnerabilities. AWS has compiled libraries using several focus areas for evaluating your instances. This lesson shows how to install the Inspector agent on EC2 instances and how to configure targets, templates, and runs from within Inspector. Here's the AWS documentation on installing Amazon Inspector agents.

AWS KMS Essentials

00:07:42

Lesson Description:

AWS Key Management Service (KMS) is a managed service that makes it easy to create and control the encryption keys used to encrypt data. It's a FIPS 140-2 level 2 compliant service, and in this lesson, we walk through its architecture and key points as they relate to real-world usage and the exam.

AWS Certificate Manager

00:06:10

Lesson Description:

ACM handles the complexity of creating and managing SSL certificates for your web applications. You can also use public certificates provided by ACM for free. You can create a listener on your load balancer that uses encrypted connections (also known as SSL offload). This feature enables traffic encryption between your load balancer and the clients that initiate SSL sessions. To use an HTTPS listener, you must deploy a certificate on your load balancer. The load balancer uses this certificate to terminate the connection and then decrypt requests from clients before sending them to the targets. In this lesson, we'll cover how to create a certificate in ACM, bind that to the load balancer, and browse to it using HTTPS with the domain name provided in the Route 53 hosted zone. Course GitHub repo: https://github.com/linuxacademy/content-aws-soa-c01

AWS Web Application Firewall (WAF)

00:06:34

Lesson Description:

The AWS WAF service protects your web applications from common exploits that could affect availability, compromise security, or consume excessive resources. WAF monitors HTTP requests directed at Amazon CloudFront, API Gateway, or an Application Load Balancer. Helpful Links CloudFormation template used in this lessonLinux Academy Instant Terminal

AWS Trusted Advisor

00:03:20

Lesson Description:

AWS Trusted Advisor can help you reduce costs, increase performance, and improve the security of your AWS environments. It provides real-time guidance to help provision resources following AWS best practices.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Security on AWS

01:00:00

Compute

Amazon EC2 Status Checks

00:03:47

Lesson Description:

Status checks are made up of instance status checks and system status checks. Errors in these indicate different issues and should, therefore, be recovered differently. This lesson discusses AWS system and instance status checks and how to recover from an error in these checks.

EC2 Instance Types and Performance

00:05:29

Lesson Description:

There is a wide variety of EC2 instance types available. Some families are more suited for particular tasks. There is also a large difference in most families between the smallest and largest instance size that can affect performance. This lesson discusses the virtualization types, instance types, and instance sizes we can configure for our EC2 instances. Note: For complete EC2 purchase options, see: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-purchasing-options.html

EC2: Scale Out or Scale Up?

00:04:47

Lesson Description:

In AWS, scaling out means horizontal scaling by increasing the number of instances in an Auto Scaling group. Scaling up refers to vertical scaling by increasing the instance size or family. This lesson discusses decisions administrators need to make regarding Auto Scaling versus increasing instance size.

EC2: NAT Gateways and Bastion Hosts

00:13:41

Lesson Description:

In the event of an Availability Zone (AZ) failure, instances will still need access to the internet for updates. If multiple NAT gateways are deployed, we can allow for this. Bastion hosts also need to be available when an AZ fails. This lesson discusses how to make bastion hosts and NAT gateways fault tolerant.

EC2: Reserved Instances

00:06:09

Lesson Description:

EC2 reserved instances can be an effective method of saving money if long-term compute capacity is needed. They can also reserve us capacity in case of an Availability Zone or region shortage of on-demand instances. In this lesson, we discuss reserved instances in greater detail, as well as provide scenarios that show the benefits of using them. For more information on reserved instances, see the "On-Demand Capacity Reservations" documentation.

EC2: Initializing Volumes

00:05:27

Lesson Description:

When restoring a volume from a snapshot, maximum volume performance is not achieved until all blocks on the device have been read. This lesson discusses initializing EBS volumes and when we should use it. The commands from the lesson are: sudo dd if=/dev/nvme2n1 of=/dev/null bs=1M sudo yum install -y fio sudo fio --filename=/dev/nvme2n1 --rw=read --bs=128k --iodepth=32 --ioengine=libaio --direct=1 --name=volume-initialize For more information on initializing volumes, see the "Initializing Amazon EBS Volumes" documentation.

EC2: Troubleshooting Auto Scaling Issues

00:05:18

Lesson Description:

Auto Scaling issues can be difficult to troubleshoot. There are many different configuration steps and items that can lead to problems. This lesson discusses many of the common issues when Auto Scaling is not working.

Amazon Lightsail and AWS Batch

00:03:04

Lesson Description:

Lightsail is a virtual private server (VPS) solution from AWS. It allows for a monthly "rental" of an instance. Batch is a fully managed AWS service for handling batch computing jobs. These compute services are mentioned in AWS documentation, and they are new in terms of the exam. This lesson is a quick overview of what Lightsail and Batch are and what they do.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Compute

00:30:00

Data Storage

S3: Cross-Region Replication

00:08:10

Lesson Description:

It may seem strange that we are discussing backups for S3 because it has some impressive numbers for durability and availability. The issue with S3 buckets is that, even though the names are global, they exist in a particular region. If that region were to fail, we would not be able to access our objects. This lesson demonstrates how S3 cross-region replication works and what limitations are involved with this replication.

S3: Storage Classes

00:10:42

Lesson Description:

This lesson walks through the storage tiers available in S3 in addition to evaluating Intelligent-Tiering and lifecycle policies. Helpful Links Amazon S3 Storage Classes

AWS Storage Gateway

00:02:17

Lesson Description:

For hybrid environments, ones that include some sort of on-premises infrastructure, AWS provides services to assist with data durability. Storage Gateway provides us a way to back up and even migrate to the cloud. It has three main types, and they all include some sort of on-premises component. This lesson discusses the three types of Storage Gateway offers and how they are used.

AWS Snowball

00:02:17

Lesson Description:

For massive data transfers, transporting data over the ground can sometimes be faster and cheaper than over the internet. In this lesson, we'll cover AWS Snowball, Snowball Edge, and Snowmobile. Helpful Links AWS SnowballAWS Snowmobile

Amazon EBS Essentials

00:03:00

Lesson Description:

It is important to know the basics of EBS volumes to make informed decisions in our environment. This lesson discusses some of the facts that are necessary to know for administering EBS and for the exam.

EBS: Performance

00:09:07

Lesson Description:

The performance of your EBS volumes should be a priority in your environment. Storage size, bursting, throughput, and IOPS can all cause issues. Also, if we haven't "tuned" our EBS usage carefully, we could be spending more than we need to. This lesson discusses the performance options a user has when provisioning EBS volumes. For the latest performance information (some has changed), see: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html

EBS: Metrics

00:03:53

Lesson Description:

The metrics we need to monitor are varied and greatly depend on the volume type. This lesson discusses EBS metrics in CloudWatch and how we can use them to make performance decisions with our volumes.

EBS: Resizing or Changing Root Volumes

00:06:26

Lesson Description:

Resizing a root volume is a necessary skill as a Systems Operator. At some point, you will either run out of storage or need better IOPS performance. This video will show a couple of different techniques for resizing or changing a root EBS volume. For information on extending a Linux file system after resizing, check out: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recognize-expanded-volume-linux.html

EBS: Ensuring Data Durability

00:06:07

Lesson Description:

Knowing how to preserve data is an important tool for any administrator. EBS volumes can behave differently depending on how they are being used. This lesson discusses methods of preserving data when our instances need to be terminated. There is also a short discussion on instance store-backed instances.

Amazon EFS: Deployment and Provisioning

00:06:58

Lesson Description:

EFS is a highly scalable managed file system that can be shared by multiple instances. These attributes make it perfect for a web server data store. We can have many instances running and only have to launch and update our websites in one place. This lesson shows the process.

EFS: Monitoring for Performance and Availability

00:03:01

Lesson Description:

EFS is a scalable, highly available block storage file system we can use with our EC2 instances and on-premises servers. EFS is becoming a bigger part of all the Associate exams. In this lesson, we discuss a brief overview of what it is. Then, we move on to how to monitor it through CloudWatch. Helpful Links Amazon CloudWatch Metrics for Amazon EFS

RDS: Scaling for Performance

00:06:07

Lesson Description:

Read replicas allow us to offload database resources to another instance to improve read performance. Read replicas are also a useful tool for disaster recovery and migrations. In this lesson, we will discuss RDS Read Replicas and how they can help the performance of an application. Helpful Links Working with Read Replicas

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Data Storage

01:00:00

Networking

VPC Essentials

00:11:32

Lesson Description:

Virtual Private Cloud allows us to create networks for our applications to run on. We can customize many different features, such as IP address range, how many layers our application needs, routing, security, and many more. This lesson discusses the basics of VPCs, the building blocks, and the attributes of a default VPC.

VPC Flow Logs

00:07:37

Lesson Description:

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow log data can be published to Amazon CloudWatch Logs and Amazon S3. After you've created a flow log, you can retrieve and view its data in the chosen destination.

VPC Peering

00:10:54

Lesson Description:

VPC peering is a tool we can use when we want our VPCs to communicate using private IP addresses as if they are on the same network. We also have the newly released ability to peer VPCs across regions.

AWS VPN

00:05:41

Lesson Description:

AWS Virtual Private Network (VPN) is a way to get secured communications to AWS from an on-premises environment using the public internet. This lesson discusses the basics and components of an AWS VPN connection.

AWS Direct Connect

00:05:20

Lesson Description:

AWS Direct Connect is a great solution for organizations needing a private connection to AWS with dedicated throughput. It also gives us virtual interfaces that can route to AWS services in different ways. This lesson discusses the components and details a SysOps Administrator needs to know about Direct Connect. Direct Connect Partners: https://aws.amazon.com/directconnect/partners/

EC2: Elastic IP (EIP) and Elastic Network Interfaces (ENI)

00:10:57

Lesson Description:

Elastic IP (EIP) and Elastic Network Interfaces (ENI) give us a flexible way to retain the same IP address on an instance. This ability is useful in many application scenarios. With ENI, settings such as IP addresses and security groups migrate with the interface. Instances must still be in public subnets to be accessible with either. This lesson shows how to use each and some of the behaviors we need to be aware of.

ELB: Monitoring for Performance and Availability

00:13:12

Lesson Description:

There are three types of load balancers in AWS. The use cases and behaviors need to be known for each to properly deploy and administer load balancers in an AWS environment. This lesson discusses the differences and shows configuration examples for each type.

Amazon ELB: High Availability

00:05:08

Lesson Description:

Load balancers are responsible for serving traffic to multiple instances in an application. In addition, they can also prevent poor application performance by evaluating the health of the instances it serves. Traffic can then be directed to only those instances that are "healthy." This lesson discusses how Elastic Load Balancing can assist in scalable, highly available applications.

ELB: SSL Offloading

00:05:38

Lesson Description:

Using SSL for secure web communications can increase the processing your application servers are required to do. It might even start to affect your application's performance. Offloading the SSL handshake and decryption duties to a load balancer is a great way to alleviate this. We can also use AWS Certificate Manager to create and renew our SSL certificates. This lesson discusses the process of offloading the SSL workload. Helpful Links Create an HTTPS Listener for Your Application Load Balancer Using SNI with ALB

Network Bottlenecks

00:03:09

Lesson Description:

Network performance is highly important to any application. It is also the first culprit to be blamed when an application is not performing efficiently. Systems Operators need to know the most common causes of network bottlenecks in AWS. This lesson discusses several of those causes.

Amazon CloudFront

00:05:42

Lesson Description:

CloudFront is the AWS content delivery network (CDN). It allows us to cache our web applications around the world to provide lower latency and a better experience for our end users. It is important to know how our content is distributed to the edge locations and what happens when the edge location does not have a cached version of our content. This lesson discusses the basics of how to configure a CloudFront distribution and processes we need to be aware of. Helpful Links AWS Global Cloud Infrastructure How CloudFront Delivers Content

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Networking

00:45:00

Databases

Amazon RDS: Understanding Multi-AZ Deployments

00:05:54

Lesson Description:

Multi-AZ is a fault-tolerant feature in Relational Database Service (RDS). It prevents an Availability Zone failure from removing database access from an application. This lesson discusses RDS Multi-AZ deployments and how they handle fault tolerance. There is also a simulated failover executed.

RDS: Monitoring for Performance and Availability

00:04:38

Lesson Description:

The performance of your RDS instances can affect your application greatly. We can use these metrics to make decisions about instance types and read replicas. This lesson discusses the Relational Database Service (RDS) and how to monitor performance.

Amazon ElastiCache: Monitoring for Performance and Availability

00:04:22

Lesson Description:

Amazon ElastiCache is a web service that makes it easy to set up, manage, and scale a distributed in-memory cache environment in the cloud. It provides a high-performance, scalable, and cost-effective caching solution while removing the complexity associated with deploying and managing a distributed cache environment. ElastiCache is ideal for storing web application session state data. It can also offload the read traffic from a database to reduce latency caused by a read-heavy workload. Helpful Links Performance at Scale with ElastiCache

Amazon DynamoDB Concepts

00:25:21

Lesson Description:

DynamoDB is a nonrelational database (often referred to as "NoSQL") that delivers performance at any scale. It's a fully managed, multi-region, multi-master database service that adapts to your throughput needs and offers built-in security, backups and restores, and in-memory caching. It's ideal for mobile, web, gaming, ad tech, IoT, and other applications that need consistent, low-latency data access. Helpful Links NoSQL Design for DynamoDBFrom SQL to NoSQLPartitions and Data DistributionDynamoDB TransactionsDynamo: Amazon's Highly Available Key-value StoreSample movies data and scripts used in this lesson

Amazon Redshift

00:10:22

Lesson Description:

The Amazon Redshift service manages all of the work of setting up, operating, and scaling a data warehouse. These tasks include provisioning capacity, monitoring and backing up the cluster, and applying patches and upgrades to the Redshift engine. For more information on the Amazon Data Lake - Project Name "Andes": AWS re:Invent 2017: A Look Under the Hood – How Amazon.com Uses AWS Services for Analytics at Massive Scale (ABD329)

Amazon Aurora

00:12:16

Lesson Description:

Amazon Aurora is a fully managed database engine, compatible with MySQL and PostgreSQL. The code, tools, and applications you use today with your existing MySQL and PostgreSQL databases can be used with Aurora. With some workloads, Aurora can deliver up to 5X the throughput of MySQL and up to 3X the throughput of PostgreSQL without requiring changes to most of your existing applications. Helpful Links Amazon Aurora FAQs

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:30:00

Databases

00:30:00

Provisioning, Deployment, and Management

AWS Elastic Beanstalk

00:11:07

Lesson Description:

AWS Elastic Beanstalk enables you to deploy and manage applications without worrying about the infrastructure that runs those applications. Elastic Beanstalk reduces management complexity without restricting choice or control. You simply upload your application, and Elastic Beanstalk automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring. In this video, you will learn about the AWS Elastic Beanstalk service. Specifically, you'll see how you can use Elastic Beanstalk to simplify the deployment of your applications on AWS by allowing Elastic Beanstalk to manage the deployment of many different AWS services for you. By the end of the video, you should understand the basic purpose of Elastic Beanstalk, as well as how to deploy a sample application using the service.

Amazon Elastic Container Service (ECS)

00:13:07

Lesson Description:

Amazon Elastic Container Service (ECS) is a highly scalable, high-performance container management service that makes it easy to run, stop, and manage Docker containers on a cluster of EC2 instances or using serverless technology with AWS Fargate.

AWS Systems Manager

00:14:49

Lesson Description:

AWS Systems Manager is a management service that helps you automatically collect software inventory, apply operating system patches, create system images, and configure Windows and Linux operating systems. Systems Manager can be used for both EC2 instances, on-premises servers, and VMs. These capabilities help you define and track system configurations, prevent drift, and maintain software compliance of your EC2 and on-premises configurations.

AWS OpsWorks

00:05:46

Lesson Description:

OpsWorks is a service that uses Chef cookbooks developed in the Ruby language. It allows us to manage our application in layers. We can use recipes to affect our layers at various lifecycle events in an application's deployment. This video walks through the deployment of a sample Node.js application to further understand the OpsWorks infrastructure. Helpful Links OpsWorks FAQ

Disaster Recovery

00:06:24

Lesson Description:

There are many different decisions administrators must make when it comes to disaster recovery planning. A DR solution should be cost-effective so that it does not cost the organization more than it would lose during an outage. Cost, downtime, and frequent testing are important decisions in any company. This lesson discusses disaster recovery scenarios as well as the cost versus downtime planning decisions that need to be made.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Provisioning, Deployment, and Management

00:30:00

Application Integration and Automation

Amazon SQS and Amazon SNS: Scalability

00:09:44

Lesson Description:

Messaging services can be used to decouple applications. Because these services are scalable and highly available, they provide applications with the ability to grow automatically. This lesson discusses how we can use messaging services to make applications scalable.

AWS Lambda

00:10:22

Lesson Description:

AWS Lambda is a serverless compute service. It runs your code in response to events. Lambda automatically manages the underlying compute resources with no server configuration from you. There is no need to provision or manage servers. Lambda functions can be triggered by events generated by other AWS services.

Application Integration and Automation

00:15:00

Monitoring and Metrics

Amazon CloudWatch Essentials

00:05:20

Lesson Description:

CloudWatch is a very powerful tool for monitoring and troubleshooting in AWS. In this lesson, we will discuss CloudWatch metrics and dashboards, the actions we can perform with them, and how to configure them.

CloudWatch Alarms

00:06:07

Lesson Description:

You can use CloudWatch alarms to automatically initiate actions on your behalf. An alarm watches a single metric over a specified timeframe and performs one or more specified actions, based on the value of the metric relative to a threshold over time. The action is a notification sent to an SNS topic or an Auto Scaling policy. You can also add alarms to dashboards.

CloudWatch Logs

00:07:13

Lesson Description:

CloudWatch Logs can be used to monitor, store, and access log files from EC2 instances, AWS CloudTrail, and servers running in an on-premises datacenter. It is then possible to retrieve and report on the associated log data from CloudWatch Logs.

CloudWatch Events

00:04:31

Lesson Description:

CloudWatch Events are a way to automatically take action with our AWS resources based on certain event triggers or schedules. In this lesson, we will discuss what CloudWatch Events are, how to configure them, and common uses for them.

AWS CloudTrail

00:08:03

Lesson Description:

CloudTrail is a service we can use to log all the API calls in our account. API Calls include interaction from the console, AWS CLI, and SDKs. We can also create trails that we can analyze with CloudWatch Logs or third-party tools. This lesson shows us how.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Monitoring and Metrics

00:30:00

Management, Governance, and Cost Controls

AWS Config

00:08:34

Lesson Description:

AWS Config is a service we can use to evaluate the configurations of our resources. It records all the details, including relationships between resources. This can be very helpful in troubleshooting situations. We can also create a set of rules for evaluating our resources. When a resource is non-compliant with our set rules, AWS Config will let us know. This lesson shows how to configure and use the AWS Config service.

Health Dashboards

00:02:19

Lesson Description:

The AWS Service Health Dashboard provides access to the current status and historical data about every AWS Cloud service. If there’s a problem with a service, it is possible to expand the appropriate line in the details section to get more information. The AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that impact customers.

AWS Billing and Organizations

00:08:42

Lesson Description:

Running our applications in the cloud can present large cost savings for our organizations. We must know how to monitor and optimize costs to take full advantage of these savings. AWS Billing and Cost Management hold several features we use to not only pay our bills but also monitor and optimize costs.

AWS Cost Explorer

00:05:33

Lesson Description:

AWS provides a way for us to investigate expenses in our account. We can tag resources by environments (dev, test, prod) and see cost reports for each. We can also filter costs by region, VPC, instance type, and many more. This lesson is a basic walkthrough of the AWS Cost Explorer service.

Cost Optimization

00:07:32

Lesson Description:

Costs can always increase unexpectedly. Some common mistakes contribute to these increases. In this lesson, we will discuss AWS recommendations to optimize costs and avoid some of the common causes of cost increases. Further reading Cost Optimization: https://aws.amazon.com/pricing/cost-optimization/

Management, Governance, and Cost Controls

00:30:00

Practice Exam

Practice Exam

AWS Certified SysOps Administrator - Associate

01:00:00

Conclusion

Final Thoughts

How to Prepare for the Exam

00:09:42

Lesson Description:

This lesson goes over the steps you can take to ensure your success on the exam. We’ll outline a full strategy for preparing for the exam, including study tips, key terms you should know and helpful test-taking strategies. Lesson links https://aws.amazon.com/certification/certified-sysops-admin-associate/ https://d0.awsstatic.com/training-and-certification/docs/AWS_certified_sysops_associate_examsample.pdf https://d1.awsstatic.com/training-and-certification/docs-sysops-associate/AWS%20Certified%20SysOps%20-%20Associate_Exam%20Guide_Sep18.pdf http://slack.linuxacademy.com/

Get Recognized

00:01:01

Lesson Description:

Now that you have completed this course, take some time to share your success and get recognized in our community and on LinkedIn.