SA Pro Exam Readiness Workshop (Tech Summit)

#Exam #SA pro##Tech Summit# #2019/08/12

Courses:

  • Architecting on AWS

  • Advanced

  • Migrating to AWS

  • Security Engineering on AWS

#Whitepapers:

  • AWS Well-Architected Framework

  • Architecting for the cloud nest practices

  • Microservices on AWS

  • AWS: Overview of Security Processes

  • Using AWS for disaster recovery

Read the Blueprint

Prepare for your AWS Certification Exam

#Test taking#

  • Eliminate obvious answer

  • Identify text in the question that imply certain AWS features - for example “data retrieval times”

  • Identify he features mentioned in the answers

  • Pay attention to qualifying clauses. For example “in the most cost-effective way” and “will best fulfill”.

  • Read the last sentence of the question

#Test Contents# Sub-domain: For complex organizations, how to design: Cross-account authentication and access strategies

User-based access controls Resource-based access control

Temporary access: Delegation

  • Cross account roles

  • Trust policies

  • STS: lets your share permissions with a access shelf life

User Federation

AWS DS

  • Microsoft managed AD

  • Simple AD (cannot connect to existing, must create a new directory)

  • AD Connector (generally DX would be good for latency)

  • AWS SSO

Hybrid - VPN connections

  • AWS VPN CloudHub (hub and spoke model for connecting multiple branch offices to AWS, VPN via net, slow)

  • Managed VPN (HA by default)

  • Software VPN (Running on an EC2 instance? Not HA)

  • Direct Connect: (global resource)

    • Provisioned throughput

    • Customer router -> Customer/Partner Cage -> AWS Cage -> VPG

    • Sub 1Gb partner connects will only have one VIF

  • File Gateway (NFS like UI)

  • Tape Gateway

  • Stored-Volume Gateway (DR? Copy volumes over and VM images as well (to AMI) for easy failover)

  • Cached-Volume Gateway

VPC endpoints

  • Interface endpoint (provisions an EMI)

  • Gateway endpoint (messes with route tables)

  • Manage access to VPC endpoints via IAM policies

Billing strategy for multiple accounts

  • Send notifications to group aliases

  • Use AWS tagging standards across your accounts

AWS Organizations

Route 53

  • Is a global service, good for Load Balancing over regions

  • Good health checks, can make custon

  • 100% SLA uptime

  • Can handle more traffic than a ELB

Kinesis - SQS

  • Kinesis can hold data up to 7 days

  • SQS 14 days

S3

Status 3 or 4 optimizations

DynamoDB Caching (STUDY THIIS)

  • Offloading to Elasticache to reduce load on DynamoDB

  • Dax or Elasticache

PreviousResourcesNextEverything

Last updated

Was this helpful?