AWS Certified DevOps Engineer – Professional Certification and Beyond: Pass the DOP-C01 exam and prepare for the real world using case studies and real-life examples
by Adam Book
- Length: 638 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2021-11-25
- ISBN-10: 1801074453
- ISBN-13: 9781801074452
- Sales Rank: #174354 (See Top 100 Books)
Explore the ins and outs of becoming an AWS certified DevOps professional engineer with the help of easy-to-follow practical examples and detailed explanations
Key Features
- Discover how to implement and manage continuous delivery systems and methodologies on AWS
- Explore real-world scenarios and hands-on examples that will prepare you to take the DOP-C01 exam with confidence
- Learn from enterprise DevOps scenarios to prepare fully for the AWS certification exam
Book Description
The AWS Certified DevOps Engineer certification is one of the highest AWS credentials, vastly recognized in cloud computing or software development industries. This book is an extensive guide to helping you strengthen your DevOps skills as you work with your AWS workloads on a day-to-day basis.
You’ll begin by learning how to create and deploy a workload using the AWS code suite of tools, and then move on to adding monitoring and fault tolerance to your workload. You’ll explore enterprise scenarios that’ll help you to understand various AWS tools and services. This book is packed with detailed explanations of essential concepts to help you get to grips with the domains needed to pass the DevOps professional exam. As you advance, you’ll delve into AWS with the help of hands-on examples and practice questions to gain a holistic understanding of the services covered in the AWS DevOps professional exam. Throughout the book, you’ll find real-world scenarios that you can easily incorporate in your daily activities when working with AWS, making you a valuable asset for any organization.
By the end of this AWS certification book, you’ll have gained the knowledge needed to pass the AWS Certified DevOps Engineer exam, and be able to implement different techniques for delivering each service in real-world scenarios.
What you will learn
- Automate your pipelines, build phases, and deployments with AWS-native tooling
- Discover how to implement logging and monitoring using AWS-native tooling
- Gain a solid understanding of the services included in the AWS DevOps Professional exam
- Reinforce security practices on the AWS platform from an exam point of view
- Find out how to automatically enforce standards and policies in AWS environments
- Explore AWS best practices and anti-patterns
- Enhance your core AWS skills with the help of exercises and practice tests
Who this book is for
This book is for AWS developers and SysOps administrators looking to advance their careers by achieving the highly sought-after DevOps Professional certification. Basic knowledge of AWS as well as its core services (EC2, S3, and RDS) is needed. Familiarity with DevOps concepts such as source control, monitoring, and logging, not necessarily in the AWS context, will be helpful.
Table of Contents
- Amazon Web Service Pillars
- Fundamental AWS Services
- Identity and Access Management and Working with secrets in AWS
- Amazon S3 Blob Storage
- Amazon DynamoDB
- Understanding CI / CD and the SDLC
- Using CloudFormation Templates to Deploy Workloads
- Creating Workloads with CodeCommit and CodeBuild
- Deploying Workloads with CodeDeploy and CodePipeline
- Using AWS Opsworks to Manage and Deploy your Application Stack
- Using Elastic Beanstalk to Deploy your Application
- Lambda Deployments and Versioning
- Blue Green Deployments
- CloudWatch and X-Ray’s Role in DevOps
- CloudWatch Metrics and Amazon EventBridge
- Various Logs Generated (VPC Flow Logs, Load Balancer Logs, CloudTrail Logs)
- Advanced and Enterprise Logging Scenarios
AWS Certified DevOps Engineer - Professional Certification and Beyond
Contributors
About the author
About the reviewers
Acknowledgments
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share your thoughts
Section 1: Establishing the Fundamentals
Chapter 1: Amazon Web Service Pillars
Service pillars overview
Operational excellence
Performing Operations as Code
Refining operations frequently
Making small, frequent, and reversible changes
Anticipating failure
Learning from failure
Example – operational excellence
Security
Implementing a strong identity foundation
Enabling traceability
Applying security at all layers
Automating security best practices
Protecting data in transit and at rest
Using mechanisms to keep people away from data
Preparing for security events
Reliability
Automating recovery from failure
Testing recovery procedures
Scaling horizontally to increase workload availability
Stop guessing capacity
Managing changes in automation
Performance efficiency
Making advanced technologies easier for your team to implement
Being able to go global in minutes
Using serverless architectures
Allowing your teams to experiment
Using technology that aligns with your workload's goals
Cost optimization
Implementing cloud financial management
Adopting a consumption model
Measuring overall efficiency
Stop spending money on undifferentiated heavy lifting
Analyzing and attributing expenditure
Overarching service pillar principals
Summary
Review questions
Review answers
Further reading
Chapter 2: Fundamental AWS Services
Technical requirements
Setting up and accessing your AWS account
Accessing the AWS Management Console
Setting up and using the AWS CLI v2
Configuring the CLI
Cloud compute in AWS
Amazon Elastic Cloud Compute (EC2)
AWS Batch
Virtual Private Cloud networking and Route 53 networking
VPC
Route 53
Cloud databases
Relational databases
Key-value databases
In-memory databases
Document databases
Message and queueing systems
Simple Notification Service (SNS)
Simple Queue Service (SQS)
Amazon MQ
Simple Email Service (SES)
Trusted Advisor
Accessing Trusted Advisor
Summary
Review questions
Review answers
Chapter 3: Identity and Access Management and Working with Secrets in AWS
Technical requirements
Understanding the Shared Responsibility Model in AWS
Authorization versus authentication
Terms to understand for IAM
IAM roles, groups, users, and policies
IAM policies
Using AWS Organizations as part of your guidance
Separation with OUs
SCPs
Integrating federation with an AWS account
When would you use federation?
Using AD federation with IAM
AWS SSO
Choosing a user identity strategy
Storing secrets securely in AWS
AWS Secrets Manager
SSM Parameter Store
Using Cognito with application authentication
Where would you use Cognito?
User pools
Identity pools
Summary
Review questions
Review answers
Chapter 4: Amazon S3 Blob Storage
S3 concepts
Interacting with S3
S3 naming guidelines
Moving data to S3
S3 storage tiers
Using lifecycle policies in S3
S3 endpoints
S3 access control
Resource-based policies
User-based policies
Cross-account access
S3 access logs
Encryption options with S3
Server-side encryption
Client-side encryption
Using S3 events to trigger other AWS services
S3 Batch operations
S3 Batch hands on-example
S3 replication
S3 versioning
Summary
Review questions
Review answers
Chapter 5: Amazon DynamoDB
Understanding the basis and background of DynamoDB
DynamoDB origins
NoSQL versus relational databases
Core components of Dynamo
Tables and their attributes
The primary key
Secondary indexes
Other pertinent Dynamo information
Understanding DynamoDB data modeling
Read and write capacity
Adaptive capacity
Data types available in DynamoDB tables
Inserting and accessing data in DynamoDB
Creating tables in Dynamo DB
Inserting data into DynamoDB
Scanning data
Querying data
Secondary indexes in Dynamo, both global and local
Understanding DynamoDB Streams
Global tables
Using the DynamoDB accelerator (DAX)
Authenticating and authorizing in DynamoDB
Web Identity Federation
Monitoring DynamoDB
Contributor Insights
Summary
Review questions
Review answers
Section 2: Developing, Deploying, and Using Infrastructure as Code
Chapter 6: Understanding CI/CD and the SDLC
Introduction to the SDLC
CI
Continuous delivery
CD
Testing
Maturing throughout the process
Development teams
The application team
The infrastructure team
The tools team
Understanding the different types of deployments
In-place deployments
Immutable and blue-green deployments
Canary deployments
Rolling deployments
Linear deployments
All-at-once deployments
Review questions
Review answers
Summary
Chapter 7: Using CloudFormation Templates to Deploy Workloads
Technical requirements
Essential CloudFormation topics
The anatomy of a CloudFormation template
Launching CloudFormation templates
Using change sets
Rollback features of CloudFormation
Intrinsic functions in CloudFormation
CloudFormation best practices
Creating nested stacks with dependencies
Packaging up your nested stack for deployment
Creating a nested stack using the AWS CLI
Using DependsOn to order resources
Adding wait conditions to a template
Using curl to signal
Adding a helper script to a CloudFormation template
Understanding how to detect drift in CloudFormation templates
Managing templates with Service Catalog
Using the Cloud Development Kit
Concepts of the AWS CDK
Advantages of using the AWS CDK
Summary
Review questions
Review answers
Chapter 8: Creating Workloads with CodeCommit and CodeBuild
Technical requirements
Using CodeCommit for code versioning
What is CodeCommit?
Benefits of CodeCommit
Controlling access to repositories
Setting up your CodeCommit repository
Creating your IAM group for developers
Creating your developer
Adding your developer's SSH key
Creating a developer branch and pushing commits to that branch
Approvals in CodeCommit
Merging your developer branch with the main branch
Using AWS CodeBuild
Features to know about CodeBuild
Creating a CodeBuild job
Constructing the buildspec file
Storing CodeBuild artifacts
Using CodeBuild to test
Triggering CodeBuild jobs via CodeCommit
Advanced features of AWS CodeBuild
Summary
Review questions
Review answers
Chapter 9: Deploying Workloads with CodeDeploy and CodePipeline
Technical requirements
About AWS CodePipeline
CodePipeline structure for actions
Use cases for AWS CodePipeline
Setting up a code pipeline
Creating our code base prior to setting up the pipeline
Creating our tools team member
Creating a pipeline
Updating our developer users
CodePipeline concepts
Approval actions in a code pipeline
Using Jenkins to build your workloads
About AWS CodeDeploy
Basic CodeDeploy concepts to understand
Installing the CodeDeploy agent file
Understanding the appspec file
Deployment rollbacks and content redeployment
Use cases for AWS CodeDeploy
Deploying application updates to servers in an on-premises data center
Deploying application updates to Windows or Linux servers in the AWS cloud
Deploying application updates to multiple regions with one deployment push
Deploying a new task to ECS in blue/green fashion
Deploying a task to Amazon ECS and using Lambda to validate before switching traffic over
Monitoring CodeDeploy jobs
Summary
Review questions
Review answers
Chapter 10: Using AWS Opsworks to Manage and Deploy your Application Stack
Technical requirements
OpsWorks essentials
Understanding the components of OpsWorks
Lifecycle events in OpsWorks
Access management in OpsWorks
Use cases for AWS OpsWorks
Available OpsWorks platforms
OpsWorks Stacks
OpsWorks for Chef Automate
OpsWorks for Puppet Enterprise
Creating and deploying a recipe
Deployments in OpsWorks
Monitoring OpsWorks
Summary
Review questions
Review answers
Chapter 11: Using Elastic Beanstalk to Deploy your Application
Technical requirements
Understanding the built-in functionality of Elastic Beanstalk
Different environments in Elastic Beanstalk
The different components that make up Elastic Beanstalk
Creating a service role in the IAM console
Installing and using the Elastic Beanstalk command-line interface (EB CLI)
Installing the EB CLI
Using the EB CLI to create a project
Understanding advanced configuration options with .ebextensions
Deployment types with Elastic Beanstalk
All-at-once deployments
Rolling deployments
Rolling with additional batch
Immutable
Traffic splitting
Using Elastic Beanstalk to deploy an application
Troubleshooting the deployment with the EB CLI
Elastic Beanstalk use cases
Elastic Beanstalk anti-patterns
Summary
Review questions
Review answers
Chapter 12: Lambda Deployments and Versioning
Technical requirements
AWS Lambda overview
Serverless instead of servers
Synchronous versus asynchronous invocation
Lambda functions
The basic concepts of Lambda
The Lambda handler
Limits of Lambda
Creating a Lambda function
Lambda triggers and event source mappings
Looking at event source mappings
Services that Lambda can read from event sources
Deploying versions using Lambda
Using aliases in Lambda
Working with Lambda layers
Adding a Lambda layer to our function
Monitoring Lambda functions
Using X-Ray to help troubleshoot your functions
Optimal Lambda use cases and anti-patterns
AWS Lambda optimal use cases
Lambda anti-patterns
Orchestrating Step Functions with Lambda
Understanding state machines inside of Step Functions
How do Step Functions work?
States available in Step Functions
Creating a Step Function
Summary
Questions
Answers
Chapter 13: Blue Green Deployments
Understanding the concept of blue/green deployments
Deployments are not easy
AWS services that you can use for blue/green deployments
AWS CloudFormation
AWS Elastic Beanstalk
AWS CodeDeploy
AWS ELB
Amazon ECS
Amazon Elastic Kubernetes Service
AWS OpsWorks
Amazon CloudWatch
Amazon Route 53
Benefits of blue/green deployments with AWS
Techniques for performing blue/green deployments in AWS
Updating DNS routing with Route 53
Swapping the Auto Scaling group behind ELB
Updating Auto Scaling group launch configurations
Updating ECS
Swapping the environment of an Elastic Beanstalk application
Cloning an OpsWorks stack and then updating the DNS record
Using best practices in your data tier with blue/green deployments
Separating schema changes from code changes
Summary
Review questions
Review answers
Section 3: Monitoring and Logging Your Environment and Workloads
Chapter 14: CloudWatch and X-Ray's Role in DevOps
CloudWatch overview
Understanding and using the CloudWatch unified agent
Installing the CloudWatch agent on an EC2 instance
Using CloudWatch to aggregate your logs
CloudWatch Logs terminology
CloudWatch alarms
Creating a CloudWatch alarm
Adding application tracing with X-Ray
How does the X-Ray service work?
X-Ray and serverless services
Implementing X-Ray on a Lambda function
Summary
Review questions
Review answers
Chapter 15: CloudWatch Metrics and Amazon EventBridge
A closer look at CloudWatch metrics
Viewing your metrics in CloudWatch
Streaming metrics with CloudWatch metric streams
Basic metrics in CloudWatch for AWS services
Basic monitoring for the EC2 service
Using custom metrics in CloudWatch
High-resolution metrics in CloudWatch
Creating custom metrics in CloudWatch
Publishing a custom metric
Using CloudWatch metrics to create dashboards
Creating a base dashboard to monitor our resources
Amazon EventBridge overview
EventBridge service limits
Event-driven architectures with EventBridge
Using EventBridge to capture AWS service events
Summary
Questions
Review answers
Chapter 16: Various Logs Generated (VPC Flow Logs, Load Balancer Logs, CloudTrail Logs)
Previous logs discussed
The power of AWS CloudTrail
Setting up CloudTrail
Enabling Elastic Load Balancer logs
Setting up an Elastic Load Balancer and enabling logging
Use cases for Elastic Load Balancer logs
Using VPC Flow Logs
Limitations regarding VPC Flow Logs
Enabling VPC Flow Logs
Use cases for VPC Flow Logs
Going back to our CloudTrail logs
Searching through CloudTrail logs
Cleaning up the resources
Summary
Review questions
Review answers
Chapter 17: Advanced and Enterprise Logging Scenarios
Using QuickSight to visualize data
Querying data with Amazon Athena
Amazon QuickSight use cases
Creating a dashboard with Amazon QuickSight
Searching and grouping logs with managed Elasticsearch
Use cases for managed Elasticsearch
Streaming logs from CloudWatch Logs to the Elasticsearch service
Understanding the Amazon Kinesis service
Using Amazon Kinesis to process logs
Using tagging and metadata to properly categorize logs
Cleaning up resources
Summary
Review questions
Review answers
Section 4: Enabling Highly Available Workloads, Fault Tolerance, and Implementing Standards and Policies
Chapter 18: Autoscaling and Lifecycle Hooks
Understanding AWS Auto Scaling
Understanding the differences between vertical and horizontal scaling
The key components of Auto Scaling
Understanding the different types of Auto Scaling
The four primary use cases for AWS Auto Scaling
Deploying EC2 instances with Auto Scaling
The Auto Scaling lifecycle
Using Auto Scaling lifecycle hooks
Use cases for lifecycle hooks
Cleaning up resources
Summary
Review questions
Review answers
Chapter 19: Protecting Data in Flight and at Rest
Data encryption introduction
Options for encrypting data at rest in AWS
Understanding KMS keys
Using AWS-managed CMKs keys to encrypt storage
Creating and managing a customer-managed key in KMS
Adding encryption to data stores using our custom KMS key
Protecting data in transit with AWS Certificate Manager
The two functions that ACM can serve
Adding a certificate to Amazon CloudFront
Summary
Review questions
Review answers
Chapter 20: Enforcing Standards and Compliance with System Manger's Role and AWS Config
The various capabilities of AWS Systems Manager
Key features and benefits of Systems Manager
Node management with Systems Manager
Running remote commands on an EC2 instance
Use cases for Systems Manager
AWS Config essentials
Concepts to understand about AWS Config
Understanding how Config works
Standing up AWS Config – a practical example
The Config rule structure
Summary
Questions
Review answers
Chapter 21: Using Amazon Inspector to Check your Environment
Understanding Amazon Inspector
Getting started with Amazon Inspector
Use cases for Amazon Inspector
Configuring the Inspector agent both manually and automatically
Using Amazon Inspector hands-on
Comprehending the findings of Inspector assessment reports
Summary
Review questions
Review answers
Chapter 22: Other Policy and Standards Services to Know
Detecting threats with Amazon GuardDuty
Key information to understand regarding GuardDuty
Use cases for Amazon GuardDuty
Amazon GuardDuty integrates naturally with AWS Security Hub
Seeing how to protect data intelligently with Amazon Macie
Amazon Macie use cases
A brief look at the migration tools available from AWS
Bringing your servers into AWS with SMS
Key features of SMS
Migrating multi-tier applications with SMS
Summary
Review questions
Review answers
Section 5: Exam Tips and Tricks
Chapter 23: Overview of the DevOps Professional Certification Test
The DOP-C01 exam guide
The exam requirements as per the exam guide
How the exam is scored
Obtaining a passing score
If you do not pass the exam on your first attempt
Understanding the different testing options
Registering to take the exam
Taking the test at a testing center
Taking the test via online proctoring
Taking a certification test at re:Invent – a cautionary tale
Study tips for preparing for the exam
AWS whitepapers to read
Final test tips
Summary
Chapter 24: Practice Exam 1
Test questions
Test answers
Question breakdown
Summary
Why subscribe?
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughtsDonate to keep this site alive
To access the Link, solve the captcha.
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: AWS Certified DevOps Engineer – Professional Certification and Beyond: Pass the DOP-C01 exam and prepare for the real world using case studies and real-life examples, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.
