Introduction xxi
Chapter 1 AWS Fundamentals 1
Getting Started 1 2
The AWS Shared Responsibility Model 8
General Root Account Best Practices 9
The AWS Global Infrastructure 16
The AWS Command-Line Interface 17
The AWS Health API and Dashboards 23
Pricing 24
Summary 25
Exam Essentials 25
Hands-On Exercises 26
Review Questions 29
Chapter 2 Account Creation, Security, and Compliance 33
Shared Responsibility 34
Compliance 37
IAM 38
AWS Organizations and Control Tower 60
AWS Directory Service 68
AWS License Manager 72
Summary 74
Exam Essentials 74
Review Questions 75
Chapter 3 AWS Cost Management 81
AWS Cost and Usage Reports 82
AWS Cost Explorer 88
Savings Plans 90
AWS Budgets 95
Managing Costs with Managed Services 99
Amazon EC2 Spot Instances and Cost Optimization 100
Summary 101
Exam Essentials 102
Review Questions 104
Chapter 4 Automated Security Services and Compliance 109
Review Reports, Findings, and Checks 110
Data Protection Strategies 131
Network Protection Strategies 160
Summary 190
Exam Essentials 193
Review Questions 195
Chapter 5 Compute 201
The Hypervisor 202
Amazon Machine Image (AMI) 203
Amazon EC2 206
Amazon EC2 Image Builder 211
Compute Optimizer 213
Elastic Load Balancing 214
Auto Scaling 218
AWS Application Auto Scaling 223
AWS Lambda 225
Summary 230
Exam Essentials 230
Review Questions 232
Chapter 6 Storage, Migration, and Transfer 237
Storage vs. Migration 238
Amazon Simple Storage Service (S3) 239
Amazon S3 Glacier 247
Amazon Elastic Block Store 252
Amazon Elastic File System 256
Amazon FSx 259
Migration and Transfer 263
AWS Backup 263
AWS Storage Gateway 267
AWS DataSync 270
AWS Transfer Family 272
Summary 273
Exam Essentials 276
Review Questions 278
Chapter 7 Databases 285
Amazon Relational Database Service 286
Amazon ElastiCache 294
Summary 300
Exam Essentials 300
Review Questions 302
Chapter 8 Monitoring, Logging, and Remediation 307
Amazon CloudWatch 308
Monitoring on AWS 313
Basic CloudWatch Terms and Concepts 315
Monitoring Compute 317
Monitoring Storage 318
CloudWatch Alarms 319
CloudWatch Events 320
Exercises 322
AWS CloudTrail 327
API Logs Are Trails of Data 332
CloudTrail as a Monitoring Tool 334
Exercises 336
AWS Config 340
AWS Systems Manager 346
Exercises 351
Summary 357
Exam Essentials 358
Review Questions 360
Chapter 9 Networking 365
Networking 366
Troubleshooting 371
VPC IP Address Manager 371
Hubs, Spokes, and Bastion Hosts 373
Connecting to the Internet 374
Connecting to Networks and Services 375
VPC Peering 376
Bastion Hosts 378
Monitoring VPC Traffic 381
AWS Client VPN 384
VPC Endpoints 385
AWS Transit Gateway 386
Cloud WAN 389
Summary 389
Exam Essentials 389
Review Questions 391
Chapter 10 Content Delivery 395
Domain Name System 396
Amazon Route 53 399
Route 53 Health Checks 401
Routing Policies 404
Route 53 Traffic Flow 408
Route 53 Guided Exercise 409
Amazon CloudFront 412
Edge Locations 413
The CloudFront Cache Process 413
Restricting Access to S3 (OAI vs. OAC) 414
CloudFront Functions 415
CloudFront Guided Exercise 415
AWS Global Accelerator 420
Pricing 421
Summary 421
Exam Essentials 422
Review Questions 423
Chapter 11 Deployment, Provisioning, and Automation 427
Elastic Beanstalk 429
Elastic Beanstalk Extensions 433
AWS CloudFormation 435
Amazon SQS 446
Amazon SNS 449
Amazon Kinesis Services 451
Step Functions 454
Summary 457
Exam Essentials 458
Review Questions 460
Appendix Answers to Review Questions 465
Chapter 1: AWS Fundamentals 466
Chapter 2: Account Creation, Security, and Compliance 468
Chapter 3: AWS Cost Management 470
Chapter 4: Automated Security Services and Compliance 472
Chapter 5: Compute 475
Chapter 6: Storage, Migration, and Transfer 477
Chapter 7: Databases 481
Chapter 8: Monitoring, Logging, and Remediation 483
Chapter 9: Networking 485
Chapter 10: Content Delivery 487
Chapter 11: Deployment, Provisioning, and Automation 488
Index 491
