This chapter covers the following official AWS Certified SysOps Administrator – Associate (SOA-C02) exam domains:
Domain 1: Monitoring, Logging, and Remediation
Domain 2: Reliability and Business Continuity
Domain 3: Deployment, Provisioning, and Automation
Domain 4: Security and Compliance
Domain 5: Networking and Content Delivery
Domain 6: Cost and Performance Optimization
(For more information on the official AWS Certified SysOps Administrator – Associate [SOA-C02] exam topics, see the Introduction.)
Before we dive into the inner workings of Amazon Web Services (AWS), we need to cover the basics of cloud computing and the AWS platform itself. This approach allows you to build your knowledge of the AWS cloud from the ground up. A good understanding of the cloud and AWS core concepts will make it much easier to grasp complex service-level concepts and design decisions that AWS has opted for when providing a certain service or feature.
We recommend you take the time to cover the basics even if you feel that you are familiar with general cloud computing concepts already because the definitions and acronyms explained in this first chapter will be used in future chapters without additional explanation.
This section covers the following official AWS Certified SysOps Administrator – Associate (SOA-C02) exam domains:
Domain 2: Reliability and Business Continuity
Domain 3: Deployment, Provisioning, and Automation
Domain 4: Security and Compliance
CramSaver
If you can correctly answer these questions before going through this section, save time by completing the Cram Quiz at the end of the section.
1. Which characteristic of cloud computing as defined by NIST describes the ability of the cloud resources to be expanded or contracted at a moment’s notice?
2. List the three delivery models defined by NIST.
3. Which cloud deployment model requires the most consideration from a security point of view?
Answers
1. Answer: Rapid elasticity. The cloud provider needs to ensure there is ample capacity for all users to expand and contract the resources their applications consume in real time as required.
2. Answer: IaaS, PaaS, and SaaS. The three delivery models defined by NIST define how a service is consumed and determine the level of interaction the user has with the underlying compute services.
3. Answer: Hybrid cloud. Due to the fact that a hybrid deployment is connected across a private and public cloud solution, there are typically additional security considerations that you need to address when considering such a deployment.
In recent times cloud adoption has accelerated at an unprecedented rate. Finding an enterprise that does not utilize the cloud to some extent is now virtually impossible. Although cloud adoption has been in progress for well over a decade, the recent requirement to overcome economic and health hardships of 2020 has put additional emphasis on utilizing the cloud. The rapid move to virtual workforces and the need for instant access have provided a decisive push for enterprises that have so far been keeping the cloud option on the sidelines.
All of these rapid moves, however, mean that you start using services without covering the basics. And as everyone knows, a house is only as good as the foundation it is built on. This is the way we would like to start building your knowledge of the AWS cloud.
Luckily for us, the good people at the National Institute of Standards and Technology (NIST) have come up with a clear definition of the standards and features a cloud computing environment must have. These can be broken down into three categories:
Cloud deployment models
Standard features of the cloud
Service delivery models
Cloud deployments come in four types:
Public cloud: Any publicly available cloud service such as AWS. Most public cloud providers deliver cloud services in several geographically distinct locations that are independent of each other and (in the case of AWS and others) distributed globally. Using multiple locations with an all-in public cloud deployment can be considered more reliable than a deployment on-premises and can help you deliver content to global audiences in the most efficient manner. Most public cloud providers have services that allow for the replication and backup of services and data across multiple locations in a transparent manner.
Private cloud: A cloud environment deployed within an organization available only on the private network. These are typically found in enterprises that are required to adhere to certain regulation or laws, or environments where a massive investment into IT systems has already been taken in the past. Having your own cloud can also be a good option when the application requires local computing at the lowest latency possible.
Hybrid cloud: A connected cloud deployment across a private and public solution. Hybrid is becoming a more popular option for many enterprises seeking to expand their capacities into the public cloud. One consideration of hybrid cloud is that there are additional security concerns due to the fact that the private and public resources are connected. You need to consider both how you secure the connection itself and how to grant access to resources from one cloud platform to another. However, the hybrid cloud is a great option when mission-critical systems are required to switch from private to public cloud and vice versa in case of disruptions or resource constraints and for backup and disaster recovery.
Community cloud: A hybrid deployment where members of a community share their resources to all members of the community. Community cloud deployments are mostly found in academic circles and open-source projects.
Acedexam Training Policies
Learning resources
Other resources
Our Training Providers
