Photo by Suad Kamardeen on Unsplash

Caveat emptor

Using AWS costs money, some of these services may not be part of the AWS Free Tier. You can keep costs down by tearing down anything you've created whilst learning, but it's still possible to run up a hefty bill so pay attention to the instances you setup!

I'm very lucky to be able to use my employer's AWS account. You should ask your place of work if a similar arrangement can be made as part of your study.

Velocius quam asparagi conquantur

The format of the blog posts is liable to change as I try to refine my mental model of each domain, so be sure to revisit the blog posts on a regular basis.

Study Gaps

This section will change a lot as I find new gaps whilst sitting in mock exams.

I've had a go at the sample exam under exam condititions (which before AWS made the exams adaptive would leave you with about 2 mins per question). Here's some items where I need to fill in gaps:

General

• Knowing which services are able to use Resource Based Policies:
  • Lambda (Configuration Management and Infrastructure as Code).
  • ECR (via ECS - Configuration Management and Infrastructure as Code).
  • CloudWatch Logs (Monitoring and Logging).
  • AWS Secrets Manager (Policies and Standards Automation).

SDLC Automation

• Need to read the blue/green whitepaper (SLDC automation). Pssst if you have the time you should read all the DevOps related whitepapers!

Blue/Green Techniques using CloudFormation or manually provisioned i.e. through AWS Console

This is based on the Blue/Green whitepaper.

• Update DNS Routing with Amazon Route 53
  • Setup
  • Route 53 DNS
  • Blue/Green Environments
    • Elastic Load Balancer (ELB)
    • Autoscaling group behind xthe ELB
    • Both environments are point to the same database instance (Amazon RDS Multi-AZ)
  • Sub patterns
  • Classic DNS pattern - Flip alias (live) record from blue to green
  • Classic DNS-weighted distribution - Use split to send traffic to different environments
• Swap the Auto Scaling Group Behind Elastic Load Balancer
  • Setup
  • Route 53 DNS
  • ELB pointing to
  • Blue and Green Auto Scaling Groups
  • Both ASGs point to the same database instance (Amazon RDS Multi-AZ)
• Update Auto Scaling Group Launch Configurations
  • Setup
  • Route 53 DNS
  • ELB point to
  • Auto Scaling Group containing
    • Blue Launch Config (LC)
    • Green Launch Config (LC)
  • LCs are point to Amazon DynamoDB, Amazon RDS Multi-AZ or Amazon ElastiCache

There’s patterns for OpsWorks and Elastic Beanstalk, will add if I have time.

Configuration Management and Infrastructure as Code

• Lambda
  • Deploying new versions
  • What triggers are available
  • API Gateway
  • AWS IoT
  • Application Load Balancer
  • CloudWatch Events (Monitoring and Logging)
  • CloudWatch Logs (Monitoring and Logging)
  • CodeCommit (SLDC automation)
  • Cognito Sync Trigger
  • DynamoDB (High Availability, Fault Tolerance, and Disaster Recovery)
  • Kinesis (Incident and Event Response)
  • Also doesn't hurt to know the following services are supported: S3,SNS and SQS

Monitoring and Logging

• CloudWatch events for the services covered in the exam
  • SDLC Automation
    • CodeCommit
    • CodeBuild
    • CodeDeploy
    • CodePipeline
  • Configuration Management and Infrastrcuture as Code
    • AWS Config
    • AWS OpsWorks
    • AWS (Lambda) Step Functions
    • AWS ECS
  • Monitoring and Logging
    • CloudWatch (scheduled events)
  • Policies and Standards Automation
    • Amazon Macie
    • AWS Systems Manager
      • Configuration Compliance
      • Maintenance Windows
      • Parameter Store
    • Trusted Advisor
  • Incident and Event Reporting
    • Amazon GuardDuty
  • Fault Tolerance, High Availability and Disaster Recovery
    • Amazon EC2 Auto Scaling
• CloudWatch Event Rule Targets
  • SDLC Automation
  • Code Build
  • Code Pipeline
  • Configuration Management and Infrastructure as Code
  • Lambda (and Step) function
  • Incident and Events Reporting
  • Kinesis
    • Data Streams
    • Data Firehose
  • Amazon Inspector
  • Policies and Standards Automation
  • Systems Manager
    • Run Command
    • Automation
  • Nice to knows: SNS and SQS

Fault Tolerance, High Availability and Disaster Recovery

• RDS
  • snapshots and their use in a DR situation. (High Availability, Fault Tolerance, and Disaster Recovery).
  • Understanding Recovery Time Objective (RTO) and Recovery Point Objective (RPO) with DR in mind. (High Availability, Fault Tolerance, and Disaster Recovery).

Policies and Standards Automation

• AWS Systems Manager - EC2 patch groups and Patch Manager's baselines (Policies and Standards Automation)
• AWS Service Catalogue - how to offer products that provide different tiers (web, web + db) or stacks (.NET or Ruby) (Policies and Standards Automation)

Unsplash path (what terms I used to get to the cover image): gap

To go to the next part of the series, click on the grey dot below which is next to the current marker (the black dot).