Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
AWS Certified DevOps Engineer - Professional Certification and Beyond

You're reading from   AWS Certified DevOps Engineer - Professional Certification and Beyond Pass the DOP-C01 exam and prepare for the real world using case studies and real-life examples

Arrow left icon
Product type Paperback
Published in Nov 2021
Publisher Packt
ISBN-13 9781801074452
Length 638 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Adam Book Adam Book
Author Profile Icon Adam Book
Adam Book
Arrow right icon
View More author details
Toc

Table of Contents (31) Chapters Close

Preface 1. Section 1: Establishing the Fundamentals
2. Chapter 1: Amazon Web Service Pillars FREE CHAPTER 3. Chapter 2: Fundamental AWS Services 4. Chapter 3: Identity and Access Management and Working with Secrets in AWS 5. Chapter 4: Amazon S3 Blob Storage 6. Chapter 5: Amazon DynamoDB 7. Section 2: Developing, Deploying, and Using Infrastructure as Code
8. Chapter 6: Understanding CI/CD and the SDLC 9. Chapter 7: Using CloudFormation Templates to Deploy Workloads 10. Chapter 8: Creating Workloads with CodeCommit and CodeBuild 11. Chapter 9: Deploying Workloads with CodeDeploy and CodePipeline 12. Chapter 10: Using AWS Opsworks to Manage and Deploy your Application Stack 13. Chapter 11: Using Elastic Beanstalk to Deploy your Application 14. Chapter 12: Lambda Deployments and Versioning 15. Chapter 13: Blue Green Deployments 16. Section 3: Monitoring and Logging Your Environment and Workloads
17. Chapter 14: CloudWatch and X-Ray's Role in DevOps 18. Chapter 15: CloudWatch Metrics and Amazon EventBridge 19. Chapter 16: Various Logs Generated (VPC Flow Logs, Load Balancer Logs, CloudTrail Logs) 20. Chapter 17: Advanced and Enterprise Logging Scenarios 21. Section 4: Enabling Highly Available Workloads, Fault Tolerance, and Implementing Standards and Policies
22. Chapter 18: Autoscaling and Lifecycle Hooks 23. Chapter 19: Protecting Data in Flight and at Rest 24. Chapter 20: Enforcing Standards and Compliance with System Manger's Role and AWS Config 25. Chapter 21: Using Amazon Inspector to Check your Environment 26. Chapter 22: Other Policy and Standards Services to Know 27. Section 5: Exam Tips and Tricks
28. Chapter 23: Overview of the DevOps Professional Certification Test 29. Chapter 24: Practice Exam 1 30. Other Books You May Enjoy

What this book covers

Chapter 1, Amazon Web Service Pillars, focuses on the foundational pillars that make up the Well-Architected Framework in AWS. By understanding these pillars, you will gain a better feel for the context of the questions being asked in the certification exam.

Chapter 2, Fundamental AWS Services, examines a large number of fundamental AWS services that are imperative to know going forward with future chapters. This may seem like a review for some that have already passed some of the lower associate exams. However, it can also serve as a quick refresher and provide a few tips that were previously unknown.

Chapter 3, Identity and Access Management and Working with Secrets in AWS, focuses on the fundamental security building blocks of AWS, which are identity and access management using the IAM service. After a quick look at the shared security model from AWS and the concepts of authorization versus authentication, we review creating users and groups. Providing access to other accounts via cross-account access is also covered in this chapter with a practical exercise. In this fundamental security chapter, we also talk about other essential security services that may appear in test questions, such as AWS Directory Service, Secrets Manager, and Systems Manager Parameter Store. There are comparisons on when to use and not to use the different versions of AWS Directory Service, along with which service would be better to store your secrets. Finally, we take a look at Amazon Cognito and how it can help with application authentication.

Chapter 4, Amazon S3 Blob Storage, focuses on one of the key services in AWS Simple Storage Service, or S3. Even though this service is easy to start using right away, it also has a number of features and functions available to it that you must be aware of if you are trying to become certified on AWS.

Chapter 5, Amazon DynamoDB, explains the native NoSQL database DynamoDB. It looks at not only some of the essential concepts of DynamoDB but also topics such as streams, understanding global tables, using DynamoDB Accelerator, and even using Web Federation to connect to your DynamoDB tables.

Chapter 6, Understanding CI/CD and the SDLC, focuses on many theoretical aspects of continuous integration, continuous development, and continuous deployment. We then look at the SDLC along with which services map to different stages of the SDLC.

Chapter 7, Using CloudFormation Templates to Deploy Workloads, teaches you about using Infrastructure as Code using the native CloudFormation service. First, we'll go over the basics of CloudFormation templates, but then we'll quickly ramp up to examples of creating a changeset for a basic template, and then move on to intrinsic functions and nested stacks. Using the knowledge of CloudFormation templates, we discuss how ServiceCatalog can be used to serve up templated designs for developers and non-developers in a quick and easy fashion. This chapter closes by going over the Cloud Development Kit, which can be programmed in your language of choice and then used to create CloudFormation templates.

Chapter 8, Creating Workloads with CodeCommit and CodeBuild, guides you through the initial steps of the SDLC using native AWS tooling. We start by creating a brand-new group and user, who is a developer, with a whole new set of permissions that are scoped to just this user's role. After creating an initial CodeCommit repository, we have our developer use Git to commit code onto a feature branch and then request a merge to the main branch. Next, we examine the CodeBuild service by having the service build a container using AWS CodeBuild.

Chapter 9, Deploying Workloads with CodeDeploy and CodePipeline, shows you how to create DevOps pipelines using the native AWS CodePipeline service. This is a chapter where many of the services that we have been talking about and practicing previously come into play. The pipeline example being used is crafted in a CloudFormation template. The developer user that we previously created also needs expanded access in order to view and run our pipeline, so there is an exercise to elaborate their IAM permissions. Also discussed in this chapter is how to deploy workloads using the AWS CodeDeploy service.

Chapter 10, Using AWS OpsWorks to Manage and Deploy Your Application Stack, focuses on how to create stacks and layers to deploy infrastructure and applications using the AWS OpsWorks service. There is a comparison of the different versions of OpsWorks available, along with an exercise to create a stack with layers and an application.

Chapter 11, Using Elastic Beanstalk to Deploy Your Application, walks through one of the key services on the DevOps Professional exam – Elastic Beanstalk. Creating and deploying an application in Elastic Beanstalk using the EB CLI not only lets you see things through the lens of the developer, but also allows you to think about how you would automate these types of tasks in the real world.

Chapter 12, Lambda Deployments and Versioning, explores the concepts of serverless and using the AWS Lambda platform for serverless computing. With the cost savings available from running compute needs on an on-demand, pay-per-usage basis, this is becoming a more and more desired state in organizations today. We talk about not only how to deploy and monitor Lambda functions but also how to implement versions and aliases. At the end of the chapter, we even go through orchestrating multiple functions in a step function.

Chapter 13, Blue/Green Deployments, focuses on blue/green deployment strategies and the different variations of those strategies, including which service can use the various strategies and how to implement the different strategies depending on the services that you are utilizing. There are specific strategies that you can employ when using EC2 instances and autoscaling groups, and there are others that are available when using a Lambda function. Ensuring that your end users and customers have a seamless experience, even if you have an issue during deployment, is what this chapter is truly about.

Chapter 14, CloudWatch and X-Ray's Role in DevOps, shows you the role that monitoring and logging play using the native CloudWatch and X-Ray services from AWS. Log streams and searching through logs can be tedious tasks and sometimes feel like looking for a needle in a haystack. The same can be said of performance problems. Adding the X-Ray service to your Lambda application can help you quickly pinpoint where the issues are and know where to remedy the issues.

Chapter 15, CloudWatch Metrics and Amazon EventBridge, shows you how to use the metrics from various services and then tie them in the Amazon EventBridge service to create automated alerts for your systems. We discuss which metrics are some of the most useful for different vital services to keep a watch over. We also walk through creating dashboards in the Amazon CloudWatch console.

Chapter 16, Various Logs Generated (VPC Flow Logs, Load Balancer Logs, and CloudTrail Logs), examines the other types of logs that can be generated by AWS services that are not CloudWatch Logs. These logs are all valuable when troubleshooting information and may need to be turned on some or all of the time. The ability to know where to retrieve these logs and how to search the logs can be a task that you are called upon to do as a DevOps professional.

Chapter 17, Advanced and Enterprise Logging Scenarios, shows you real-world scenarios and architectures for building and processing log files. This includes incorporating not only the CloudWatch and CloudTrail services but also services such as Elasticsearch, Kinesis, and Lambda for the real-time processing of multiple log streams. Understanding the concepts of how to gather and process massive amounts of log files is important both for real-world engagements and for potential scenarios that could appear on the DevOps Professional certification exam.

Chapter 18, Auto Scaling and Lifecycle Hooks, covers how autoscaling and autoscaling groups work in detail. This includes examining the autoscaling life cycle and life cycle hooks. There is an exercise that walks you through creating a launch template, which is the successor of the launch configuration. We also go through a practice of removing and terminating instances inside of an autoscaling group.

Chapter 19, Protecting Data in Flight and at Rest, illustrates how the use of services such as Key Management Service and Amazon Certificate Manager helps protect data that is both sitting at rest as well as in transit. If you are building systems using Infrastructure as Code, you need to incorporate these key pieces into your system so that your data is safe from the very start.

Chapter 20, Enforcing Standards and Compliance with System Manger's Role and AWS Config, focuses on how to use automation to keep your AWS environment in a compliant state. Using the AWS Config service, you can keep a constant check on what is being created in your AWS environment. Combine this with rules that flag violations for what is not allowed in your environment to either send alerts or do automated enforcement and remediation. Add to this the capabilities of System Manager, which can automatically install software on instances using runbooks for needed compliance items such as virus scanners or perform regular operating system upgrades; then, creating an audit trail of performed tasks becomes much easier for your organization.

Chapter 21, Using Amazon Inspector to Check your Environment, shows you how to add automated security scans to your DevOps life cycle using the Amazon Inspector service. We look at how to configure the Inspector service in both an automated and manual manner and then view and understand the different reports that Inspector generates.

Chapter 22, Other Policy and Standards Services to Know, covers some of the services that have the tendency to appear on the DevOps Professional exam but did not make it into other chapters. These include services such as AWS GuardDuty, Amazon Macie, and Server Migration Service. We also go over AWS Organizations once again with its incorporation with the Service Catalog service to make sure that you have a full understanding of how those services work hand in hand.

Chapter 23, Overview of the DevOps Professional Certification Test, explains the testing process itself. It also has a list of extra resources that you should use in conjunction with this book to read and study for the exam, as well as some tips for studying.

Chapter 24, Practice Exam 1, is primarily meant to be a readiness check for you. This chapter presents questions as you will be presented on the exam and then gives you the answers and an explanation of why you would choose the correct answers to help you.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime