Industry recognized certification enables you to add this credential to your resume upon completion of all courses

Need Custom Training for Your Team?
Get Quote
Call Us

Toll Free (844) 397-3739

Inquire About This Course
Packt Publishing, Instructor - AWS Cloud: Design and Administration Fundamentals

Packt Publishing

Founded in 2004 in Birmingham, UK, Packt's mission is to help the world put software to work in new ways, through the delivery of effective learning and information services to IT professionals. Working towards that vision, we have published over 6,000 books and videos so far, providing IT professionals with the actionable knowledge they need to get the job done - whether that's specific learning on an emerging technology or optimizing key skills in more established tools.

Instructor: Packt Publishing

Learn to effectively monitor your AWS environment while working with AWS storage

    • Get to grips with Identity and Access Management an know how to create users, groups, and roles.
    • Discover techniques to keep your data and applications secure using the newest services from AWS.
    • Understand interconnections between the AWS serverless and microservice concepts.

Duration: 3h 35m

Course Description

You will start by creating and managing users, groups, and permissions. You will then also learn to effectively monitor your AWS environment while working with AWS storage. The course will help you understand and build AWS networking solutions and also apply and implement the right compute option to meet your organization’s needs. Next, you'll be introduced to the serverless architectures and then you'll delve into design considerations, followed by building a serverless application and deploying it on your serverless architecture. We'll cover practical examples of deploying and orchestrating a serverless application using DynamoDB, AWS Lambda, and API Gateway. Towards the end, we will learn about some security considerations in protecting your serverless application.

What am I going to get from this course?

  • Get to grips with Identity and Access Management an know how to create users, groups, and roles 
  • Use Cloud Watch to monitor default and custom key performance metrics
  • Understand how to log access and configuration changes for AWS deployments
  • Deploy and update your infrastructure and applications in AWS
  • Discover techniques to keep your data and applications secure using the newest services from AWS
  • Understand the serverless concept, its benefits and challenges
  • Design and build an application based on AWS serverless services
  • Discover AWS serverless services and their various roles
  • Explore the AWS Lambda function in depth
  • Understand interconnections between the AWS serverless and microservice concepts
  • Monitor and trace serverless applications

Prerequisites and Target Audience

What will students need to know or do before starting this course?

Some knowledge of AWS cloud concepts would be helpful. A basic knowledge of AWS is recommended.

Who should take this course? Who should not?

This course is for administrators, Cloud and DevOps Engineers who are taking the first step towards managing and administering AWS-based deployments. Those preparing for the AWS Certified SysOps Administrator course will also find it useful. This course is targeted at application developers, cloud architects, and engineers. 


Module 1: AWS for Administrators

Lecture 1 The Course Overview

This video provides an overview of the entire course.

Lecture 2 Opening an AWS Account

In order to follow along with the on-screen examples, you should open a free AWS Account. Let's see how to do that. Browse to aws.amazon.com Enter your personal and payment information Verify your identity and choose a support plan

Lecture 3 The Free Tier

For the first year of your AWS Account, there are many things you can do for free. We will discuss what these are and how to avoid accruing any charges. Check what is free for the first year Avoid monthly charges during your first year Know what you can always get for free on AWS

Lecture 4 AWS Command Line Tools

The aim of this video is to discuss the installation of command-line interface on Windows, Linux, and Mac machines and verify that the installation is proper. Install the Command-Line Interface Perform a test to verify that the installation of command line interface is proper

Lecture 5 The Management Console

The AWS Management Console is the easiest way to launch AWS services. In this video, we will show you how to navigate the console, access your billing information, and switch regions. Learn how to log in to the management console Know how to locate the various features and services that AWS provides Understand how to switch regions and how the console changes when you switch

Lecture 6 The Master Account

A new AWS account comes with a default Master User. This user has full privileges for all AWS services and cannot be revoked without deleting the entire account. The best way to keep an AWS account from getting compromised is by limiting its use. Do not use the Master User Account except to access Billing Enable multi-factor authentication to require a one-time password for logins Delete access keys that belong to the master user

Lecture 7 Identity and Access Management

Unless you have only one person who needs AWS access in your organization, you will need to grant privileges to others to use your AWS Account. AWS provides the Identity and Access Management Service (IAM) to allow you to create Users and Groups and assign permissions to them. Create a permissions policy or use one managed by AWS Create IAM users and optionally assign them to groups Associate permissions policies to users and groups to grant or deny access

Lecture 8 Using the AWS CLI

Although AWS provides a simple web interface for interacting with their services, many administrators prefer to work from the command line. Also, with the availability of a Command-Line Interface, you can create simple BASH or Shell scripts for automating common administration tasks. IAM credentials are required to sign AWS API requests and can be easily configured The AWS CLI provides a more robust selection of actions than the Management Console Shell scripts using the AWS CLI can automate common administration tasks

Lecture 9 IAM Roles

Sometimes you may need to give an IAM user temporary access to resources in your account. IAM roles can provide other users, even in other AWS accounts, temporary access. Create a role and assign a permissions policy Identity the users who can use this role in the trust policy Send the role information to the other users

Lecture 10 Instance and Service Roles

It’s not just people who need permissions for the AWS Service APIs. It’s also your applications that interact with AWS Services. For example, putting an object in S3 or querying a DynamoDB table. Some AWS Services themselves, such as Elastic Beanstalk, need to interact with other services as well. Using IAM User credentials for an application is possible, but not the preferred method Create an IAM role that is assumed by the EC2 Instance upon launch Create IAM roles for services that need access to other services

Lecture 11 Identity Federation

Many enterprise AWS customers use Active Directory or other LDAP compatible directory services to authenticate users on their network. AWS offers several options for extending Active Directory into AWS environments Users authenticate with existing AD credentials AWS grants temporary credentials and users are automatically logged in to the console

Lecture 12 Logging AWS Activity

The ease with which infrastructure and services can be configured and deployed on AWS means that sometimes administrators are not completely aware of the configuration changes that are made by other users in their account. This can lead to misconfigurations, compliance issues and outages. Explore CloudTrail that provides detailed logs of the AWS API activity Learn how Config provides an inventory of deployed services and timelines of changes Config Rules can compare your configuration with a set of best practices or custom rules

Lecture 13 Real-Time Monitoring

System administrators need clear visibility into the performance of their AWS resources. Real-time monitoring is needed to take action that can avert system outages before they occur. Understand how CloudWatch monitors important metrics in real time Alarms can be set on metric thresholds Create metrics from logfiles and store them in a centralized repository using CloudWatch

Lecture 14 Access Logging

Administrators and security professionals need proof that their infrastructure and data are secure. Fortunately, AWS provides additional logs that record access to our systems and data. VPC Flow Logs will allow you to see accepted and rejected network traffic within a VPC ELB and CloudFront logs record the network requests at those endpoints S3 Access Logs record who accessed your object data and from where

Lecture 15 Infrastructure as Code

Manual infrastructure deployments are not easily repeatable and are often unreliable. Documenting the infrastructure and maintaining a history of changes can be a laborious process when done manually. Fortunately, CloudFormation provides a way to deploy AWS resources from a text file known as a CloudFormation Template. Create a CloudFormation template in JSON or YAML Execute the template using the CloudFormation Engine and build the stack Publish the templates in Service Catalog

Lecture 16 AMIs and Bootstrapping

To support automatic launching from services such as Autoscaling and CloudFormation, EC2 instances need to be self-configuring. Learn how Custom AMIs can provide a foundational configuration Provide an additional configuration at launch time using Bootstrapping Update groups of instances with the EC2 Run Command

Lecture 17 Application Deployment

Deploying updates to applications without disrupting users can be a particular challenge. In this video, we will look at deploying applications. Perform in-place updates without disruption using Auto scaling Perform Blue-Green deployments with Route 53 or ElasticBeanstalk Code Deploy can do both rolling and blue-green deployments

Lecture 18 Protecting Data in Transit

Communications with AWS often takes place over the internet, so transferring data between your data center and AWS requires protections against accidental disclosure, modification, or attacks such as man-in-the-middle. Use a hardware VPN or dedicated fiber to connect to AWS Transfer data in bulk securely using Snowball Use SSL-protected endpoints that will protect data in transit

Lecture 19 Encrypting Data at Rest

Many security compliance requirements require data to be stored in the encrypted format. AWS enables several options to make this a simple task. Use built-in server side encryption (SSE) available in several services Choose a key management solution Use client-side encryption for services that don’t offer SSE

Lecture 20 Protecting Your Applications

The most damaging attacks occur at the application level. There are several exploits commonly used to cripple a web application or gain access to secure data. With application level attacks, encryption is of no help. One solution is to filter out malicious attacks with the help of a Web Application Firewall. Filter malicious attacks at CloudFront or an Application LB using AWS WAF Defend against the DDoS attacks with AWS Shield Find application vulnerabilities using AWS Inspector

Module 2: Design Serverless Architecture with AWS and AWS Lambda

Lecture 21 The Course Overview

This video provides an overview of the entire course.

Lecture 22 The Rise of Serverless Architecture

The aim of this video is to go over a non-serverless architecture diagram and identify the problems with it, and conclude from it what are the benefits of using serverless. Go over a general web architecture in AWS without serverless Review the decision making and maintenance involved Convert to AWS serverless architecture and highlight the benefits

Lecture 23 AWS Serverless Services

The aim of this video is to review what AWS has to offer in the serverless field and start getting familiar with those services. Define what is a serverless service Review all the AWS serverless services divided into categories Take a closer look at the main services

Lecture 24 AWS Lambda Function

The aim of this video is to get introduced to the basics of AWS Lambda function, how it works and how to create the first one. Introduce AWS Lambda function details Showcase the creation wizard in AWS console Modify the code of AWS Lambda function

Lecture 25 Implementing API using API Gateway and Lambda

The aim of this video is to implement a API serverless solution using API Gateway and Lambda function. Create and deploy API gateway per environment Create the logic behind the API using Lambda Integrate the two to learn the integration options

Lecture 26 Micro-services Solution

Micro-services create a new challenge on how to communicate between services, which we will learn in this video. Understand why micro services is so popular Create micro services with API Gateway and Lambda Review the communication options between services

Lecture 27 DevOps

The aim of this video is to manage dev operations using serverless services. Trigger operation using CloudWatch Review CloudWatch event target options Understand the Lambda function as a DevOps tool

Lecture 28 CDN Edge Location

The aim of this video is to create a Dynamic CDN using CloudFront and Lambda. Learn what CDN is Understand why we need dynamic CDN Integrate Lambda with CloudFront

Lecture 29 Data Services

The aim of this video is to get to know how to manage data using serverless solution. List the available services Overview on AWS S3 Discuss about AWS DynamoDB

Lecture 30 Integrating S3 with Lambda Function

This video teaches you to handle your S3 data with lambda function by responding to events and utilize the AWS-SDK. Define events in S3 on object changes Trigger Lambda function to handle the changes Use the AWS-SDK to interact with S3 from Lambda function code

Lecture 31 Integrating DynamoDB with Lambda Function

This video talks about provision, management, and interaction with DynamoDB. Look at the provision table with DynamoDB Trigger Lambda function on DynamoDB changes Use lambda function for analytics aggregation

Lecture 32 Logs with CloudWatch

Serverless services output both infrastructure and application logs, we need to find a way to manage those logs. This video helps us into doing it. Setup integration between CloudWatch and Lambda function View the logs in CloudWatch and learn how to search it Stream or export the logs the get better capabilities

Lecture 33 CloudWatch Metrics and Alerts

Once our code is in production, we need to monitor it and get notified once something goes wrong. We will see how to monitor using this video. Explore what metrics are available Define Monitor based on metric Define threshold and what to do once exceed to create an alert

Lecture 34 Tracing with X-ray

Serverless tend to have multiple components to compose architecture. In this video, we will see the way to trace to communication between them. Integrate the AWS Lambda function with X-ray Review the traces created in X-ray Review the service map created in X-ray