1. IAM a. Domain i. Users 1. Represents a specific set of credentials tied to the identity of a specific user ii. Groups 1. Group of users that can have permissions or roles associated 2. You can’t nest groups iii. Roles 1. Defines a set of permissions for a specific resource 2. Rather than … Continue reading AWS Certified SysOps Administrator Part IX: IAM, CloudWatch and RDS High Availability
1. Configuring Route 53 a. Characteristics i. Name comes from the default DNS port of UDP Port 53 ii. Built from the ground up iii. Worldwide distributed DNS iv. Database of name to IP address mappings v. Uptime SLA of 100% vi. Server health checks b. Record Types i. A 1. ‘A record’ 2. … Continue reading AWS Certified SysOps Administrator Part VIII: Route 53
1. Configuring Elastic Load Balancer (ELB) a. Characteristics i. Region wide load balancer 1. Deploy to multiple availability zones ii. Fully managed load balancer iii. Can be used internally or externally iv. Layer-7 functionality 1. SSL termination and processing a. Important because if its not done at the ELB it will happen on the … Continue reading AWS Certified SysOps Administrator Part VII: ELB & Auto Scaling
1. What is it? a. Its not a file system b. AWS Region-level storage 2. Types of Storage a. Standard Storage i. 11 9s durability: 99.999999999% durability ii. Availability 99.99% b. RRS i. 99.99% durability ii. 99.99% availability 3. Replication a. Data is stored on multiple facilities, multiple devices within each facility b. RRS … Continue reading AWS Certified SysOps Administrator Part VI: S3
1. EBS a. Storage Types i. Instance Store 1. Ephemeral ii. S3 1. Standard 2. RRS iii. EBS 1. GP-SSD 2. PIOPS 3. Magnetic iv. EFS 1. Network Attached Storage 2. Managed file system 3. Only supports Linux instances b. EBS Characteristics i. Billed on storage capacity and I/O ii. Does not need to … Continue reading AWS Certified SysOps Administrator Part V: EBS
1. On-Demand a. Pricing Model: Standard Retail b. Attributes i. Default type ii. Most expensive iii. No commitment and no advanced fee iv. Billed on an hourly basis 2. Reserved Instances a. Pricing Model: Pre-paid b. Attributes i. Less expensive ii. Requires a commitment (1 or 3 year commitment) iii. Reserved capacity. AWS will … Continue reading AWS Certified SysOps Administrator Part IV: EC2 Instance Types
1. VPC Access a. VPN i. Hardware-based VPN 1. Types of VPN a. Client-to-Site: Users that are getting access to corporate resources b. Site-to-Site: Corporate office connecting to another corporate office but using the internet c. Private Connection (e.g. MPLS): usually don’t have encryption on it 2. When you setup a hardware-based VPN is … Continue reading AWS Certified SysOps Administrator Part III: VPC Access & VPC Peering
1. Layered Security a. Overview i. Resources are inside a.. ii. VM Firewall (instance level – OS provided) iii. Security Groups (instance level - AWS platform provided) iv. NACLs (Subnet level) 2. Security Groups a. Resource level traffic firewall i. Instance, ELB, etc. ii. Control egress / ingress b. Stateful (return traffic allowed) c. Only … Continue reading AWS Certified SysOps Administrator Part II: Security Groups & NACLs
1. Understanding Virtual Networking on AWS a. What is a VPC? i. Logically isolated network in the AWS cloud ii. Every AWS subscription gets a root VPC, you can further segment that VPC down into smaller and smaller VPCs iii. VPCs are free but VPN has some costs associated with it b. AWS Reference Model … Continue reading AWS Certified SysOps Administrator Part I: VPC
Below are my observations and any relevant commentary with regards to the course 'Amazon Web Services (AWS) Fundamentals for System Administrators’, which is available on Pluralsight. I’ve organized this feedback by the modules offered. The entire course is 7 hours, 19 minutes. I watched the course mostly at 1.5X speed. I did the introduction sections … Continue reading AWS Fundamentals for System Administrators
