Published by Pearson IT Certification (August 17, 2023) © 2023

Mark Wilkins
    VitalSource eTextbook (Lifetime access)
    €46,99
    Adding to cart… The item has been added
    ISBN-13: 9780137941513

    AWS Certified Solutions Architect - Associate (SAA-C03) Cert Guide ,2nd edition

    Language: English

    This is the eBook version of the print title. Note that the eBook does not provide access to the practice test software that accompanies the print book.

    Learn, prepare, and practice for AWS Certified Solutions Architect - Associate (SAA-C03) exam success with this Cert Guide from Pearson IT Certification, a leader in IT Certification.

    • Master AWS Certified Solutions Architect - Associate (SAA-C03) exam topics
    • Assess your knowledge with chapter-ending quizzes
    • Review key concepts with exam preparation tasks

    AWS Certified Solutions Architect - Associate (SAA-C03) Cert Guide from Pearson IT Certification prepares you to succeed on the exam by directly addressing the exam's official objectives as stated by Amazon. Leading Cloud expert Mark Wilkins shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

    The book presents you with an organized test preparation routine using proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

    Well regarded for its level of detail, study plans, assessment features, and challenging review questions and exercises, this study guide helps you master all the topics on the AWS Certified Solutions Architect - Associate (SAA-C03) exam, including

    • Secure Architectures: Secure access to AWS resources, secure workloads and applications, data security controls
    • Resilient Architectures: Scalable and loosely coupled architectures, highly available and fault-tolerant architectures
    • High-Performing Architectures: High-performing and scalable storage solutions; high-performing and elastic compute solutions; high-performing database solutions, scalable network architecture, data ingestion, and transformations solutions
    • Cost-Optimized Architectures: Cost-optimized storage solutions, compute solutions, and database solutions; cost-effective network architectures

    Introduction xxx
    Chapter 1 Understanding the Foundations of AWS Architecture 3
    Essential Characteristics of AWS Cloud Computing 6
    AWS Cloud Computing and NIST 8
    On-Demand Self-Service 9
    Broad Network Access 10
    Resource Pooling 10
    Rapid Elasticity 11
    Measured Service 12
    Moving to AWS 13
    Infrastructure as a Service (IaaS) 14
    Platform as a Service (PaaS) 17
    Operational Benefits of AWS 19
    Cloud Provider Responsibilities 20
    Security at AWS 21
    Network Security at AWS 22
    Application Security at AWS 23
    Migrating Applications 24
    Applications That Can Be Moved to AWS and Hosted on an EC2 Instance with No Changes 26
    Applications with Many Local Dependencies That Cause Problems When Being Moved to the Cloud 27
    Replacing an Existing Application with a SaaS Application Hosted by a Public Cloud Provider 28
    Applications That Should Remain On Premises and Eventually Be Deprecated 28
    The AWS Well-Architected Framework 28
    The Well-Architected Tool 30
    AWS Services Cheat Sheet 31
    In Conclusion 36
    Chapter 2 The AWS Well-Architected Framework 39
    “Do I Know This Already?” 40
    Foundation Topics 42
    The Well-Architected Framework 42
    Operational Excellence Pillar 44
    Security Pillar 45
    Reliability Pillar 47
    Performance Efficiency Pillar 49
    Cost Optimization Pillar 51
    Sustainability Pillar 51
    Designing a Workload SLA 52
    Reliability and Performance Are Linked 54
    Disaster Recovery 54
    Placing Cloud Services 55
    Deployment Methodologies 60
    Factor 1: Use One Codebase That Is Tracked with Version Control to Allow Many Deployments 63
    Factor 2: Explicitly Declare and Isolate Dependencies 65
    Factor 3: Store Configuration in the Environment 66
    Factor 4: Treat Backing Services as Attached Resources 66
    Factor 5: Separate Build and Run Stages 67
    Factor 6: Execute an App as One or More Stateless Processes 67
    Factor 7: Export Services via Port Binding 69
    Factor 8: Scale Out via the Process Model 69
    Factor 9: Maximize Robustness with Fast Startup and Graceful Shutdown 69
    Factor 10: Keep Development, Staging, and Production as Similar as Possible 70
    Factor 11: Treat Logs as Event Streams 70
    Factor 12: Run Admin/Management Tasks as One-Off Processes 71
    Exam Preparation Tasks 71
    Review All Key Topics 71
    Define Key Terms 72
    Q&A 72
    Chapter 3 Designing Secure Access to AWS Resources 75
    “Do I Know This Already?” 75
    Foundation Topics 79
    Identity and Access Management (IAM) 79
    IAM Policy Definitions 81
    IAM Authentication 82
    Requesting Access to AWS Resources 84
    The Authorization Process 85
    Actions 87
    IAM Users and Groups 88
    The Root User 88
    The IAM User 90
    IAM Groups 94
    Signing In as an IAM User 94
    IAM Account Details 95
    Creating a Password Policy 96
    Rotating Access Keys 97
    Using Multi-Factor Authentication 99
    Creating IAM Policies 99
    IAM Policy Types 100
    IAM Policy Creation 105
    IAM Roles 118
    When to Use IAM Roles 119
    AWS Security Token Service 126
    IAM Best Practices 128
    IAM Security Tools 130
    IAM Cheat Sheet 132
    AWS Identity Center 132
    AWS Organizations 134
    AWS Organizations Cheat Sheet 136
    AWS Resource Access Manager 136
    AWS Control Tower 138
    Exam Preparation Tasks 140
    Review All Key Topics 140
    Define Key Terms 141
    Q&A 142
    Chapter 4 Designing Secure Workloads and Applications 145
    “Do I Know This Already?” 145
    Foundation Topics 149
    Securing Network Infrastructure 149
    Networking Services Located at Edge Locations 150
    VPC Networking Services for Securing Workloads 154
    Network ACL Cheat Sheet 169
    VPC Flow Logs 172
    NAT Services 174
    Amazon Cognito 176
    User Pool 177
    Federated Identity Provider 179
    External Connections 180
    Virtual Private Gateway 181
    Customer Gateway 182
    AWS Managed VPN Connection Options 183
    Understanding Route Propagation 184
    AWS Direct Connect 185
    AWS Direct Connect Cheat Sheet 187
    Amazon GuardDuty 187
    Amazon GuardDuty Cheat Sheet 189
    Amazon Macie 189
    Amazon Macie Cheat Sheet 190
    Security Services for Securing Workloads 191
    AWS CloudTrail 191
    AWS Secrets Manager 194
    Amazon Inspector 195
    AWS Trusted Advisor 196
    AWS Config 198
    Exam Preparation Tasks 199
    Review All Key Topics 199
    Define Key Terms 200
    Q&A 201
    Chapter 5 Determining Appropriate Data Security Controls 203
    “Do I Know This Already?” 204
    Foundation Topics 207
    Data Access and Governance 207
    Data Retention and Classification 207
    Infrastructure Security 209
    IAM Controls 210
    Detective Controls 210
    Amazon EBS Encryption 212
    Amazon S3 Bucket Security 216
    S3 Storage at Rest 220
    Amazon S3 Object Lock Policies 221
    Legal Hold 222
    Amazon S3 Glacier Storage at Rest 222
    Data Backup and Replication 223
    AWS Key Management Service 224
    Envelope Encryption 225
    AWS KMS Cheat Sheet 226
    AWS CloudHSM 227
    AWS Certificate Manager 227
    Encryption in Transit 228
    Exam Preparation Tasks 229
    Review All Key Topics 229
    Define Key Terms 230
    Q&A 230
    Chapter 6 Designing Resilient Architecture 233
    “Do I Know This Already?” 233
    Foundation Topics 237
    Scalable and Resilient Architecture 237
    Scalable Delivery from Edge Locations 238
    Stateful Versus Stateless Application Design 239
    Changing User State Location 241
    User Session Management 243
    Container Orchestration 244
    Migrating Applications to Containers 246
    Resilient Storage Options 246
    Application Integration Services 247
    Amazon Simple Notification Service 248
    Amazon Simple Queue Service 250
    AWS Step Functions 254
    Amazon EventBridge 256
    Amazon API Gateway 258
    API Gateway Cheat Sheet 261
    Building a Serverless Web App 262
    Automating AWS Infrastructure 266
    AWS CloudFormation 268
    AWS Service Catalog 277
    AWS Elastic Beanstalk 279
    Updating Elastic Beanstalk Applications 282
    Exam Preparation Tasks 284
    Review All Key Topics 284
    Define Key Terms 285
    Q&A 285
    Chapter 7 Designing Highly Available and Fault-Tolerant Architecture 287
    “Do I Know This Already?” 289
    Foundation Topics 293
    High Availability and Fault Tolerance 293
    High Availability in the Cloud 294
    Reliability 295
    AWS Regions and Availability Zones 296
    Availability Zones 300
    AWS Services Use Cases 308
    Choosing an AWS Region 310
    Compliance Rules 311
    Latency Concerns 319
    Services Offered in Each AWS Region 320
    Calculating Costs 321
    Distributed Design Patterns 321
    Designing for High Availability and Fault Tolerance 322
    Removing Single Points of Failure 325
    Immutable Infrastructure 327
    Storage Options and Characteristics 329
    Failover Strategies 330
    Backup and Restore 332
    Pilot Light 333
    Warm Standby 337
    Multi-Region Scenarios 339
    Single and Multi-Region Recovery Cheat Sheet 343
    Disaster Recovery Cheat Sheet 344
    AWS Service Quotas 345
    AWS Service Quotas Cheat Sheet 347
    Amazon Route 53 348
    Route 53 Health Checks 349
    Route 53 Routing Policies 350
    Route 53 Traffic Flow Policies 351
    Alias Records 352
    Route 53 Resolver 352
    Exam Preparation Tasks 354
    Review All Key Topics 354
    Define Key Terms 355
    Q&A 355
    Chapter 8 High-Performing and Scalable Storage Solutions 357
    “Do I Know This Already?” 358
    Foundation Topics 362
    AWS Storage Options 362
    Workload Storage Requirements 363
    Amazon Elastic Block Store 365
    EBS Volume Types 367
    General Purpose SSD (gp2/gp3) 369
    Elastic EBS Volumes 370
    Attaching an EBS Volume 371
    Amazon EBS Cheat Sheet 372
    EBS Snapshots 373
    Local EC2 Instance Storage Volumes 377
    Amazon Elastic File System 379
    EFS Performance Modes 380
    EFS Throughput Modes 381
    EFS Security 382
    EFS Storage Classes 382
    EFS Lifecycle Management 383
    Amazon EFS Cheat Sheet 383
    AWS DataSync 384
    Amazon FSx for Windows File Server 386
    Amazon FSx for Windows File Server Cheat Sheet 388
    Amazon Simple Storage Service 388
    Amazon S3 Bucket Concepts 390
    Amazon S3 Data Consistency 393
    Amazon S3 Storage Classes 394
    Amazon S3 Management 396
    S3 Bucket Versioning 400
    Amazon S3 Access Points 401
    Multi-Region Access Points 402
    Preselected URLs for S3 Objects 403
    S3 Cheat Sheet 403
    Amazon S3 Glacier 404
    Vaults and Archives 405
    S3 Glacier Retrieval Policies 405
    S3 Glacier Deep Archive 406
    Amazon S3 Glacier Cheat Sheet 406
    AWS Data Lake 407
    AWS Lake Formation 409
    Structured and Unstructured Data 411
    Analytical Tools and Datasets 412
    AWS Glue 413
    Analytic Services 415
    Amazon Kinesis Data Streams 417
    Exam Preparation Tasks 418
    Review All Key Topics 418
    Define Key Terms 419
    Q&A 419
    Chapter 9 Designing High-Performing and Elastic Compute Solutions 421
    “Do I Know This Already?” 421
    Foundation Topics 425
    AWS Compute Services 425
    AWS EC2 Instances 427
    Amazon Machine Images 429
    AWS Lambda 436
    AWS Lambda Integration 438
    AWS Lambda Cheat Sheet 441
    Amazon Container Services 441
    Amazon Elastic Container Service 443
    AWS ECS Task Definition Choices 443
    Amazon Elastic Kubernetes Service 446
    Monitoring with AWS CloudWatch 447
    CloudWatch Basic Monitoring 448
    CloudWatch Logs 449
    Collecting Data with the CloudWatch Agent 451
    Planning for Monitoring 452
    Amazon CloudWatch Integration 453
    Amazon CloudWatch Terminology 455
    Creating a CloudWatch Alarm 459
    Additional Alarm and Action Settings 460
    Amazon CloudWatch Cheat Sheet 461
    Auto Scaling Options at AWS 461
    EC2 Auto Scaling 463
    EC2 Auto Scaling Operation 463
    Cooldown Period 471
    Termination Policy 471
    Lifecycle Hooks 472
    EC2 Auto Scaling Cheat Sheet 473
    AWS Auto Scaling 473
    Exam Preparation Tasks 474
    Review All Key Topics 474
    Define Key Terms 475
    Q&A 475
    Chapter 10 Determining High-Performing Database Solutions 477
    “Do I Know This Already?” 477
    Foundation Topics 481
    AWS Cloud Databases 481
    Amazon Relational Database Service 481
    Amazon RDS Database Instances 483
    Database Instance Class Types 485
    High-Availability Design for RDS 485
    Multi-AZ RDS Deployments 488
    Big-Picture RDS Installation Steps 488
    Monitoring Database Performance 490
    Best Practices for RDS 491
    Amazon Relational Database Service Proxy 492
    Amazon RDS Cheat Sheet 493
    Amazon Aurora 493
    Amazon Aurora Storage 496
    Amazon Aurora Replication 498
    Communicating with Amazon Aurora 499
    Amazon Aurora Cheat Sheet 500
    Amazon DynamoDB 501
    Amazon DynamoDB Tables 503
    Amazon DynamoDB Accelerator 511
    Backup and Restoration 511
    Amazon DynamoDB Cheat Sheet 512
    Amazon ElastiCache 512
    Amazon ElastiCache for Memcached 513
    Amazon ElastiCache for Memcached Cheat Sheet 514
    Amazon ElastiCache for Redis 514
    Amazon ElastiCache for Redis Cheat Sheet 516
    ElastiCache for Redis: Global Datastore 516
    Amazon Redshift 517
    Amazon Redshift Cheat Sheet 519
    Exam Preparation Tasks 520
    Review All Key Topics 520
    Define Key Terms 521
    Q&A 521
    Chapter 11 High-Performing and Scalable Networking Architecture 523
    “Do I Know This Already?” 523
    Foundation Topics 527
    Amazon CloudFront 527
    How Amazon CloudFront Works 527
    Regional Edge Caches 528
    CloudFront Use Cases 529
    HTTPS Access 529
    Serving Private Content 530
    CloudFront Origin Failover 532
    Video-on-Demand and Live Streaming Support 533
    Edge Functions 534
    CloudFront Cheat Sheet 536
    AWS Global Accelerator 536
    Elastic Load Balancing Service 539
    Application Load Balancer Features 540
    Health Checks 548
    Network Load Balancer 554
    Multi-Region Failover 555
    AWS VPC Networking 556
    The Shared Security Model 557
    AWS Networking Terminology 558
    VPC Cheat Sheet 560
    Creating a VPC 561
    How Many VPCs Does Your Organization Need? 564
    Subnets 570
    Subnet Cheat Sheet 572
    IP Address Types 573
    Private IPv4 Addresses 573
    Private IPv4 Address Summary 574
    Public IPv4 Addresses 574
    Inbound and Outbound Traffic Charges 578
    Bring-Your-Own IP 579
    IPv6 Addresses 580
    VPC Flow Logs 581
    Connectivity Options 583
    VPC Peering 583
    Establishing a Peering Connection 584
    VPC Endpoints 585
    Exam Preparation Tasks 590
    Review All Key Topics 590
    Define Key Terms 591
    Q&A 587
    Chapter 12 Designing Cost-Optimized Storage Solutions 593
    “Do I Know This Already?” 593
    Foundation Topics 597
    Calculating AWS Costs 597
    Cloud Service Costs 598
    Tiered Pricing at AWS 599
    Management Tool Pricing Example: AWS Config 600
    Cost Management Tools 602
    AWS Cost Explorer 604
    AWS Budgets 607
    AWS Cost and Usage Reports 609
    Managing Costs Cheat Sheet 610
    Tagging AWS Resources 611
    Using Cost Allocation Tags 612
    Storage Types and Costs 613
    AWS Backup 618
    Lifecycle Rules 619
    AWS Backup Cheat Sheet 620
    Data Transfer Costs 621
    AWS Storage Gateway 625
    AWS Storage Gateway Cheat Sheet 627
    Exam Preparation Tasks 627
    Review All Key Topics 628
    Define Key Terms 628
    Q&A 629
    Chapter 13 Designing Cost-Effective Compute Solutions 631
    “Do I Know This Already?” 631
    Foundation Topics 633
    EC2 Instance Types 633
    What Is a vCPU? 634
    EC2 Instance Choices 634
    Dedicated Host 636
    Dedicated Instances 638
    Placement Groups 638
    EC2 Instance Purchasing Options 638
    EC2 Pricing—On-demand 640
    On-demand Instance Service Quotas 641
    Reserved Instances 644
    Term Commitment 645
    Payment Options 646
    EC2 Reserved Instance Types 646
    Scheduled Reserved EC2 Instances 646
    Regional and Zonal Reserved Instances 647
    Savings Plans 649
    Spot Instances 650
    Spot Fleet Optimization Strategies 653
    Spot Capacity Pools 653
    EC2 Pricing Cheat Sheet 655
    Compute Tools and Utilities 655
    Strategies for Optimizing Compute 656
    Matching Compute Utilization with Requirements 659
    Compute Scaling Strategies 661
    Exam Preparation Tasks 662
    Review All Key Topics 662
    Define Key Terms 662
    Q&A 663
    Chapter 14 Designing Cost-Effective Database Solutions 665
    “Do I Know This Already?” 665
    Foundation Topics 668
    Database Design Choices 668
    RDS Deployments 668
    NoSQL Deployments 675
    Migrating Databases 680
    Database Data Transfer Costs 681
    Data Transfer Costs and RDS 682
    Data Transfer Costs with DynamoDB 683
    Data Transfer Costs with Amazon Redshift 685
    Data Transfer Costs with DocumentDB 686
    Data Transfer Costs Cheat Sheet 686
    Database Retention Policies 687
    Database Backup Policies Cheat Sheet 688
    Exam Preparation Tasks 689
    Review All Key Topics 690
    Define Key Terms 690
    Q&A 690
    Chapter 15 Designing Cost-Effective Network Architectures 693
    “Do I Know This Already?” 693
    Foundation Topics 695
    Networking Services and Connectivity Costs 695
    Elastic Load Balancing Deployments 695
    NAT Devices 696
    AWS CloudFront 698
    VPC Endpoints 701
    Network Services from On-Premises Locations 703
    Data Transfer Costs 706
    Accessing AWS Services in the Same Region 707
    Workload Components in the Same Region 709
    Accessing AWS Services in Different Regions 710
    Data Transfer at Edge Locations 713
    Network Data Transfer 714
    Public Versus Private Traffic Charges 714
    Data Transfer Costs Cheat Sheet 716
    Exam Preparation Tasks 717
    Review All Key Topics 717
    Define Key Terms 718
    Q&A 718
    Chapter 16 Final Preparation 721
    Exam Information 721
    Tips for Getting Ready for the Exam 724
    Scheduling Your Exam 725
    Tools for Final Preparation 726
    Pearson Test Prep Practice Test Software and Questions on the Website 727
    Updating Your Exams 729
    Chapter-Ending Review Tools 730
    Suggested Plan for Final Review/Study 730
    Summary 731
    Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections 733
    Appendix B AWS Certified Solutions Architect – Associate (SAA-C03) Cert Guide Exam Updates 749
    Glossary of Key Terms 751

    Online Elements:
    Appendix C
    Study Planner
    Glossary of Key Terms


    9780137941582 TOC 4/6/2023