Wednesday, March 15, 2023

Complete DevOps Ansible Automation Training By Imran available on Udemy with Quiz

Complete DevOps Ansible Automation Training 

Practical / Labs Questions

Course content

  1. Introduction
    Duration: 1 minute

  2. Course overview
    Duration: 5 minutes

  3. What is Ansible?
    Duration: 6 minutes

  4. Brief history of Ansible
    Duration: 2 minutes

  5. Benefits of Ansible
    Duration: 6 minutes

  6. Terminologies in Ansible
    Duration: 6 minutes

  7. How Ansible Works?
    Duration: 5 minutes

  8. Other Automation Tools
    Duration: 2 minutes

  9. Free source Ansible and Red Hat Ansible
    Duration: 3 minutes

  10. Handouts
    Duration: 0 minutes

Quiz 1: Quiz

  1. YAML File Syntax
    Duration: 5 minutes

  2. YAML File Syntax Example
    Duration: 8 minutes

  3. Creating First Playbook
    Duration: 11 minutes

  4. Output Playbook
    Duration: 6 minutes

  5. Multiple Tasks Playbook
    Duration: 7 minutes

  6. Playbook for Installing and Managing a Service
    Duration: 10 minutes

  7. Handouts
    Duration: 1 minute

Quiz 3: Quiz

  1. Welcome to Ansible Automation for Remote Clients
    Duration: 1 minute

  2. Remote Clients Hosts File Syntax
    Duration: 8 minutes

  3. Establish Connection to Remote Clients
    Duration: 9 minutes

  4. Playbook - Check Remote Clients Connectivity
    Duration: 4 minutes

  5. Playbook - Copy Files to Remote Clients
    Duration: 11 minutes

  6. Playbook - Change File Permissions
    Duration: 6 minutes

  7. Playbook - Setup Apache and Open Firewall Port
    Duration: 12 minutes

  8. Playbook - Run Shell Scripts on Remote Clients
    Duration: 9 minutes

  9. Playbook - Schedule a Job (crontab)
    Duration: 7 minutes

  10. Playbook - User Account Management
    Duration: 6 minutes

  11. Playbook - Add or Update User Password
    Duration: 8 minutes

  12. Playbook - Download Package from a URL
    Duration: 9 minutes

  13. Playbook - Kill a Running Process
    Duration: 9 minutes

  14. Pick and Choose Steps
    Duration: 8 minutes

  15. Create and Mount New Storage
    Duration: 13 minutes

  16. Handouts
    Duration: 1 minute

Quiz 4: Quiz

  1. Welcome to Ansible Automation with Ad-hoc Tasks
    Duration: 1 minute

  2. Ansible Ad-Hoc Commands (Part 1)
    Duration: 11 minutes

  3. Ansible Ad-Hoc Commands (Part 2)
    Duration: 9 minutes

  4. Ansible Ad-Hoc Commands (Part 3)
    Duration: 9 minutes

  5. Handouts
    Duration: 1 minute

Quiz 5: Quiz

  1. Roles
    Duration: 20 minutes

  2. Roles by Application
    Duration: 4 minutes

  3. Roles on Ansible Galaxy
    Duration: 5 minutes

  4. Tags
    Duration: 10 minutes

  5. Variables
    Duration: 9 minutes

  6. Variables in Inventory File
    Duration: 2 minutes

  7. Handouts
    Duration: 1 minute

Quiz 6: Quiz

  1. Handlers
    Duration: 5 minutes

  2. Conditions
    Duration: 9 minutes

  3. Loops
    Duration: 17 minutes

  4. Handouts
    Duration: 0 minutes

Quiz 7: Quiz

  1. Ansible Vault
    Duration: 10 minutes

  2. Encrypt Strings within a Playbook
    Duration: 6 minutes

  3. Handouts
    Duration: 0 minutes

Quiz 8: Quiz

  1. Welcome to Ansible Management Tools
    Duration: 1 minute

  2. Ansible AWX
    Duration: 12 minutes

  3. Ansible Tower
    Duration: 4 minutes

  4. Handouts
    Duration: 1 minute

Quiz 9: Quiz

  1. Ansible Additional Commands
    Duration: 12 minutes

  2. Ansible Documentation
    Duration: 7 minutes

  3. Community Help
    Duration: 3 minutes

  4. Handouts
    Duration: 1 minute

  5. Congratulations
    Duration: 1 minute

  6. Bonus Lecture
    Duration: 4 minutes

All in one course for learning Terraform and gaining the official HashiCorp Certified: Terraform Associate certification.


All in one course for learning Terraform and gaining the official HashiCorp Certified: Terraform Associate certification.

Udemy course by Zeal 

Course content


1. Introduction to the Course and Certification

8


2. Document - Code Repository

1


3. Our Community

1


4. Central PPT Notes

1


5. Choosing a right Infrastructure as Code tool

10


6. Installation Process of Terraform

6


7. Document - Terraform Downloads Page

0


8. Installing Terraform - MacOS and Linux Users

5


9. Choosing Right IDE for Terraform

6


10. Install & Setup Source Code Editor

5


11. Note - Visual Studio Setup

1


12. Setting up AWS account

6


13. Notes - Getting ed

1


14. Small Note - New AWS Console Update

1


15. Creating first EC2 instance with Terraform

20


16. New Console Update - AWS

1


17. Terraform Code - First EC2 Instance

0


18. Important Security Pointer

1


19. Understanding Resources & Providers - NEW

12


20. Understanding Resource & Providers - Part 2 NEW

9


21. Destroying Infrastructure with Terraform (NEW)

9


22. Understanding Terraform State files (NEW)

10


23. Understanding Desired & Current States (NEW)

6


24. Challenges with the current state on computed values (NEW)

5


25. Terraform Provider Versioning

13


26. Notes - Deploying Infrastructure with Terraform

1


Quiz 1: Practice Test - Domain 1


27. Overview of Course Lecture Format

6


28. Understanding Attributes and Output Values in Terraform

13


29. Referencing Cross-Account Resource Attributes

12


30. Terraform Variables

8


31. Approaches for Variable Assignment

11


32. Data Types for Variables

13


33. Fetching Data from Maps and List in Variable

3


34. Count and Count Index

11


35. Conditional Expressions

8


36. Local Values

5


37. Terraform Functions

19


38. Data Sources

8


39. Note - Filters in Data Sources

1


40. Debugging in Terraform

4


41. Terraform Format

2


42. Validating Terraform Configuration Files

3


43. Load Order & Semantics

7


44. Dynamic Blocks

10


45. Tainting Resources

7


46. Splat Expressions

3


47. Terraform Graph

6


48. Saving Terraform Plan to File

4


49. Terraform Output

3


50. Terraform Settings

5


51. Dealing with Large Infrastructure

11


52. Zipmap Function

5


53. Comments in Terraform

5


54. Challenges with Count Meta-Argument

7


55. Data Type - SET

4


56. for_each in Terraform

7


57. Notes - Read, Generate, Modify Configuration

1


Quiz 2: Practice Test


58. Understanding Provisioners in Terraform

6


59. Types of Provisioners

5


60. Implementing remote-exec provisioners

17


61. Implementing local-exec provisioners

5


62. Creation-Time & Destroy-Time Provisioners

10


63. Failure Behavior for Provisioners

4


64. Null Resource

10


65. Notes - Terraform Provisioners

1


Quiz 3: Practice Tests


66. Understanding DRY principle

7


67. Implementing EC2 module with Terraform

8


68. Variables and Terraform Modules

6


69. Using Locals with Modules

8


70. Referencing Module Outputs

8


71. Terraform Registry

11


72. Requirement for Publishing Modules in Terraform Registry

7


73. Terraform Workspace

5


74. Implementing Terraform Workspace

8


75. Notes - Module Section

1


76. Integrating with GIT for team management

7


77. Important Note

1


78. Security Challenges in Commiting TFState to GIT

8


79. Module Sources in Terraform

7


80. Terraform and .gitignore

5


81. Terraform Backends

7


82. Implementing S3 Backend

7


83. State File locking

7


84. Integrating DynamoDB with S3 for state locking

6


85. Terraform State Management

10


86. Cross- Project Collaboration using Remote State

7


87. Implementing Remote States Connections

10


88. Importing Existing Resources with Terraform Import

12


89. Notes - Remote State Management

1


90. Handling Access & Secret Keys the Right Way in Providers

4


91. Terraform Provider UseCase - Resources in Multiple Regions

7


92. Handling Multiple AWS Profiles with Terraform Providers

4


93. Note - STS

1


94. Terraform & Assume Role with AWS STS

8


95. Sensitive Parameter

3


96. Note - HashiCorp Vault

1


97. Overview of HashiCorp Vault

7


98. Terraform and Vault Integration

6


99. Notes - Security Primer

1


100. Overview of Terraform Cloud

7


101. Creating Terraform Cloud Account

3


102. Creating Infrastructure with Terraform Cloud

10


103. Overview of Sentinel

9


104. Overview of Remote Backends

6


105. Implementing Remote Backend Operations

7


106. Air Gapped Environments

4


107. Notes - Terraform Cloud & Enterprise

1


108. Our Community

1


109. Overview of HashiCorp Exams

15


110. Important Pointers for Exams - Part 01

8


111. Important Pointers for Exams - Part 02

8


112. Important Pointers for Exams - Part 03

7


113. Important Pointers for Exams - Part 04

7


114. Important Pointers for Exams - Part 05

14


115. Important Pointers for Exams - Part 06

14


116. Updated - Important Pointers for Exams

2


117. Notes - Important Pointers for Exams

1


Quiz 4: Exam Preparation Practice Test - 1


Quiz 5: Exam Preparation Practice Test - 2


Quiz 6: Exam Preparation Practice Test - 3


Practice Test 1: Exam Preparation Practice Test - 4


Practice Test 2: Exam Preparation Practice Test - 5


Quiz 7: Exam Preparation Practice Test - 6


118. Additional Resources - Bonus

1

All in one course for learning Terraform and gaining the official certification.


Master Course to prepare for Certified Kubernetes Application Developer Udemy by Zeal

Master Course to prepare for Certified Kubernetes Application Developer CKAD Udemy by Zeal

 Course content


1. Introduction to the Course

6


2. Document - Link to Code Repository

1


3. Our Community

1


4. Overview of Container Orchestration

11


5. Introduction to Kubernetes

11


6. Installation Options for Kubernetes

10


7. Using Managed Kubernetes Service from CSP

9


8. Document - MSSP

1


9. Overview of kubectl

8


10. Document - kubectl

0


11. Installing & Configuring kubectl for Linux and macOS

6


12. Note - ikube

1


13. Configuring Kubernetes in ikube in Windows

7


14. Document - ikube Installation Commands

1


15. Configuring Kubernetes in ikube in Linux

6


16. Document - ikube Installation Commands

1


17. Introduction to API

16


18. Kubernetes API Primitives

10


19. Understanding PODS

11


20. Understanding Kubernetes Objects

10


21. Creating First POD Configuration in YAML

13


22. Note - API Documentation

1


23. Document - API Resources for writing YAML files

1


24. Document - Note on CMD vs Entrypoint

1


25. Revising Dockerfile - CMD vs ENTRYPOINT

4


26. Understanding Commands and Arguments in Kubernetes

13


27. Revising DockerFile - EXPOSE Instruction

10


28. Exposing Ports for PODS

5


29. Generating Pod Manifests via CLI

7


30. Document - Pod Manifest via CLI

1


31. CLI Documentation of K8s Resources

6


32. Practice Test - Domain 1

1


33. Practice Tests Solutions - Domain 1

1


34. Notes - Domain 1

1


35. Introduction to Labels and Selectors

14


36. Implementing Labels and Selectors

8


37. Overview of ReplicaSets

5


38. Creating our first ReplicaSet

9


39. Note - ReplicaSet

1


40. Introduction to Deployments

6


41. Creating our first deployment

11


42. Rolling Back Deployments

4


43. Generate Deployment via CLI

4


44. maxSurge and maxUnavailable

9


45. Important Pointers - Deployments

9


46. Overview of Batch Jobs

10


47. Creating first Job in Kubernetes

10


48. CronJobs

6


49. Practice Test - Domain 2

1


50. Practice Tests Solutions - Domain 2

2


51. Notes - Workload and Scheduling

1


52. Overview of Service

14


53. Creating First Service and Endpoint

12


54. Service Type: ClusterIP

4


55. Using Selectors for Service Endpoints

9


56. Service Type: NodePort

6


57. Service Type: Load Balancer

8


58. Generating Service Manifests via CLI

11


59. Overview of Ingress

9


60. Understanding Ingress Resource and Ingress Controllers

11


61. Overview of Helm

7


62. Installing Helm

4


63. Deploying our First Helm Chart

13


64. Creating Ingress Resource

9


65. Deploying Ingress Controller

8


66. Namespace

8


67. Service Accounts

10


68. Network Security Policies

10


69. Practice Test - Domain 3

1


70. Practice Test Solutions - Domain 3

2


71. Notes - Services and Networking

1


72. Kubernetes Secrets

15


73. Document - Commands for Generating Secrets

1


74. Mounting Secrets Inside Pods

6


75. Resource Limits

13


76. Practice Test - Domain 4

1


77. Practice Test Solutions - Domain 4

1


78. Notes - Configuration

1


79. Understanding Liveness Probe

9


80. Understanding Readiness Probe

9


81. Understanding Docker Logging Drivers

9


82. Monitoring Application Logs

5


83. Note - Monitoring Components

1


84. Monitoring Nodes and Pods

7


85. Deploying Metric Server

2


86. Kubernetes Events

5


87. Understanding Field Selectors

7


88. Practice Test - Domain 5

1


89. Practice Test Solution - Domain 5

1


90. Notes - Observability

1


91. Overview of Docker Volumes

16


92. Creating Volumes in Kubernetes

9


93. PersistentVolume and PersistentVolumeClaim

14


94. Understanding ConfigMaps

12


95. Security Contexts

11


96. Practice Test - Domain 6

1


97. Practice Test 6 - Solutions

1


98. Notes - State Persistence

1


99. Working with Multi-Container Pods

9


100. Practice Test - Multi-Container PODS

1


101. Practice Test Solution - Multi-Container Pods

1


102. Multi-Container POD Design Patterns

4


103. Ambassador Pattern

9


104. Practice Test - Ambassador Pattern

1


105. Practice Test Solution - Ambassador Pattern

1


106. Adapter Pattern

11


107. Practice Test - Adapter Pattern

1


108. Practice Solution - Adapter Pattern

1


109. Understanding K8s Deployment Strategies

13


110. Implementing Blue-Green Deployments

8


111. Document - Blue Green Deployments

1


112. Implementing Canary Deployments

7


113. Document - Canary Deployments

1


114. Custom Resources in Kubernetes

13


115. Document - CRDs

1


116. Understanding Authentication

9


117. Authenticating with K8s using Tokens

6


118. Overview of Authorization

10


119. ClusterRole and ClusterRole Bindings

10


120. Important Note - Docker Section

1


121. Creating Infrastructure for Docker Setup

8


122. Installing Docker in Linux

3


123. Document - Linux Installation Commands

1


124. Docker Image vs Docker Container

8


125. Container Identification

6


126. Removing Docker Container

4


127. Working with Docker Images

6


128. Revising Dockerfile

14


129. Document - Dockerfile

1


130. Tagging Docker Image

4


131. Docker Commit

7


132. Layers of Docker Image

15


133. Moving Images Across Hosts

4


134. Notes - New Exam Updates

1


135. Practice Test

1


136. Our Community

1


137. Registering for CKAD Exams

14


138. Overview of Candidate Handbook

16


139. Important Tips for Exams

21


140. Delta Changes in K8s Versions

5


141. Important Note - New Kubernetes Version

1


142. Important Pointers for Exams - Domain 1

6


143. Important Pointers for Exams - Domain 2

4


144. Important Pointers for Exams - Domain 3

3


145. Important Pointers for Exams - Domain 4

4


146. Important Pointers for Exams - Domain 5

5


147. Important Pointers for Exams - Domain 6

2


148. Important Pointers for Exams - Domain 7

2


149. New Updated Topics

1

Master Course to prepare for Certified Kubernetes Application Developer

Certified Kubernetes Administrator (CKA) with Practice Tests Udemy Courses to follow

Certified Kubernetes Administrator (CKA) with Practice Tests Udemy Courses to follow by KodeKloud


 Course content


1. Course Introduction

3


2. Certification

3


3. Certification Details

1


4. Course Release Notes

1


5. The Kubernetes Trilogy

5


6. Join our Slack Channel for support and interaction

1


7. A note on the Course Curriculum

1


8. Reference Notes for lectures and labs

1


9. Core Concepts Section Introduction

1


10. Download Presentation Deck for this section

1


11. Cluster Architecture

9


12. ETCD For Beginners

7


13. ETCD in Kubernetes

3


14. ETCD - Commands (Optional)

1


15. Kube-API Server

5


16. Kube Controller Manager

4


17. Kube Scheduler

4


18. Kubelet

2


19. Kube Proxy

4


20. Recap - PODs

9


21. PODs with YAML

7


22. Demo - PODs with YAML

6


23. Practice Test Introduction

6


24. Demo: Accessing Labs

3


25. Accessing the Labs

1


26. Practice Test - Pods

1


27. Practice Test - Solution (Optional)

12


28. Recap - ReplicaSets

16


29. Practice Test - ReplicaSets

1


30. Practice Test - ReplicaSets - Solution (Optional)

14


31. Deployments

4


32. Certification Tip!

1


33. Practice Test - Deployments

1


34. Solution - Deployments (optional)

7


35. Services

14


36. Services Cluster IP

4


37. Services - Loadbalancer

4


38. Practice Test - Services

1


39. Solution - Services (optional)

9


40. Namespaces

8


41. Practice Test - Namespaces

1


42. Solution - Namespaces (optional)

6


43. Imperative vs Declarative

13


44. Certification Tips - Imperative Commands with Kubectl

2


45. Practice Test - Imperative Commands

1


46. Solution - Imperative Commands (optional)

13


47. Kubectl Apply Command

5


48. Here's some inspiration to keep going

0


49. Scheduling Section Introduction

1


50. Download Presentation Deck for this section

1


51. Manual Scheduling

3


52. Practice Test - Manual Scheduling

0


53. Solution - Manual Scheduling (optional)

7


54. Labels and Selectors

6


55. Practice Test - Labels and Selectors

1


56. Solution : Labels and Selectors : (Optional)

6


57. Taints and Tolerations

10


58. Practice Test - Taints and Tolerations

1


59. Solution - Taints and Tolerations (Optional)

10


60. Node Selectors

3


61. Node Affinity

7


62. Practice Test - Node Affinity

1


63. Solution - Node Affinity (Optional)

10


64. Taints and Tolerations vs Node Affinity

3


65. Resource Requirements and Limits

6


66. Note on default resource requirements and limits

1


67. A quick note on editing PODs and Deployments

1


68. Practice Test - Resource Requirements and Limits

0


69. Solution: Resource Limits : (Optional)

5


70. DaemonSets

4


71. Practice Test - DaemonSets

0


72. Solution - DaemonSets (optional)

6


73. Static Pods

9


74. Practice Test - Static Pods

1


75. Solution - Static Pods (Optional)

15


76. Multiple Schedulers

10


77. Practice Test - Multiple Schedulers

1


78. Solution - Practice Test - Multiple Schedulers : (Optional)

7


79. Configuring Scheduler Profiles

10


80. References

1


81. Logging and Monitoring Section Introduction

1


82. Download Presentation Deck

1


83. Monitor Cluster Components

4


84. Practice Test - Monitoring

1


85. Solution: Monitor Cluster Components : (Optional)

4


86. Managing Application Logs

2


87. Practice Test - Monitor Application Logs

0


88. Solution: Logging : (Optional)

3


89. Application Lifecycle Management - Section Introduction

1


90. Download Slide Deck

1


91. Rolling Updates and Rollbacks

7


92. Practice Test - Rolling Updates and Rollbacks

0


93. Solution: Rolling update : (Optional)

9


94. Configure Applications

1


95. Commands

7


96. Commands and Arguments

3


97. Practice Test - Commands and Arguments

0


98. Solution - Commands and Arguments (Optional)

20


99. Configure Environment Variables in Applications

1


100. Configuring ConfigMaps in Applications

5


101. Practice Test: Environment Variables

0


102. Solution - Environment Variables (Optional)

9


103. Configure Secrets in Applications

8


104. A note about Secrets!

1


105. Practice Test - Secrets

0


106. Solution - Secrets (Optional)

10


107. Demo: Encrypting Secret Data at Rest

19


108. Scale Applications

1


109. Multi Container PODs

2


110. Practice Test - Multi Container PODs

1


111. Solution - Multi-Container Pods (Optional)

15


112. Multi-container PODs Design Patterns

1


113. InitContainers

2


114. Practice Test - Init Containers

1


115. Solution - Init Containers (Optional)

11


116. Self Healing Applications

1


117. If you like it, Share it!

1


118. Cluster Maintenance - Section Introduction

1


119. Download Presentation Deck

1


120. OS Upgrades

4


121. Practice Test - OS Upgrades

0


122. Solution - OS Upgrades (optional)

11


123. Kubernetes Software Versions

3


124. References

1


125. Cluster Upgrade Process

11


126. Demo - Cluster upgrade

12


127. Practice Test - Cluster Upgrade

0


128. Solution: Cluster Upgrade

17


129. Backup and Restore Methods

6


130. Working with ETCDCTL

1


131. Practice Test - Backup and Restore Methods

0


132. Solution - Backup and Restore

19


133. Practice Test Backup and Restore Methods 2

1


134. Certification Exam Tip!

1


135. References

1


136. Security - Section Introduction

2


137. Download Presentation Deck

1


138. Kubernetes Security Primitives

3


139. Authentication

6


140. Article on Setting up Basic Authentication

1


141. A note on Service Accounts

1


142. TLS Introduction

1


143. TLS Basics

20


144. TLS in Kubernetes

8


145. TLS in Kubernetes - Certificate Creation

11


146. View Certificate Details

5


147. Resource: Download Kubernetes Certificate Health Check Spreadsheet

1


148. Practice Test - View Certificates

0


149. Solution - View Certification Details

21


150. Certificates API

6


151. Practice Test - Certificates API

0


152. Solution Certificates API

8


153. KubeConfig

9


154. Practice Test - KubeConfig

0


155. Solution KubeConfig

8


156. Persistent Key/Value Store

1


157. API Groups

6


158. Authorization

8


159. Role Based Access Controls

4


160. Practice Test - RBAC

0


161. Solution Role Based Access Controls

14


162. Cluster Roles and Role Bindings

5


163. Practice Test - Cluster Roles and Role Bindings

0


164. Solution Cluster Roles

11


165. Service Accounts

15


166. Practice Test Service Accounts

1


167. Image Security

5


168. Practice Test - Image Security

0


169. Solution Image Security

7


170. Pre-requisite - Security in Docker

6


171. Security Contexts

2


172. Practice Test - Security Contexts

0


173. Solution Security Contexts

6


174. Network Policy

8


175. Developing network policies

12


176. Practice Test - Network Policy

0


177. Kubectx and Kubens – Command line Utilities

1


178. Solution - Network Policies (optional)

14


179. Storage - Section Introduction

1


180. Introduction to Docker Storage

1


181. Storage in Docker

13


182. Volume Driver Plugins in Docker

2


183. Container Storage Interface (CSI)

4


184. Download Slide Deck

1


185. Volumes

4


186. Persistent Volumes

3


187. Persistent Volume Claims

4


188. Using PVCs in PODs

1


189. Practice Test - Persistent Volumes and Persistent Volume Claims

0


190. Solution - Persistent Volumes and Persistent Volume Claims

18


191. Application Configuration

1


192. Additional Topics

1


193. Storage Class

4


194. Practice Test - Storage Class

0


195. Solution - Storage Class

10


196. Networking - Section Introduction

2


197. Download Presentation Deck

1


198. Prerequisite - Switching Routing

12


199. Prerequisite - DNS

14


200. Prerequisite - CoreDNS

1


201. Prerequisite - Network Namespaces

15


202. FAQ

1


203. Prerequisite - Docker Networking

7


204. Prerequisite - CNI

6


205. Cluster Networking

2


206. Important Note about CNI and CKA Exam

1


207. Practice Test - Explore Kubernetes Environment

0


208. Solution - Explore Environment (optional)

8


209. Pod Networking

9


210. CNI in kubernetes

3


211. CNI weave

6


212. Practice Test - Explore CNI

1


213. Solution - Explore CNI (optional)

3


214. Practice Test - Deploy Network Solution

1


215. Solution - Deploy Network Solution (optional)

4


216. IP Address Management - Weave

3


217. Practice Test - Networking Weave

0


218. Solution - Networking Weave (optional)

8


219. Service Networking

9


220. Practice Test - Service Networking

0


221. Solution - Service Networking (optional)

5


222. DNS in kubernetes

6


223. CoreDNS in Kubernetes

7


224. Practice Test - Explore DNS

0


225. Solution - Explore DNS (optional)

16


226. Ingress

22


227. Article: Ingress

1


228. Practice Test - Ingress - 1

1


229. Solution - Ingress Networking 1 - (optional)

16


230. Ingress - Annotations and rewrite-target

1


231. Practice Test - Ingress - 2

1


232. Solution - Ingress Networking - 2 (optional)

15


233. Download Presentation Deck

1


234. Design a Kubernetes Cluster

6


235. Choosing Kubernetes Infrastructure

6


236. Configure High Availability

8


237. ETCD in HA

13


238. Important Update: Kubernetes the Hard Way

1


239. Introduction to Deployment with Kubeadm

3


240. Resources

1


241. Deploy with Kubeadm - Provision VMs with Vagrant

6


242. Demo - Deployment with Kubeadm

24


243. Practice Test - Deploy a Kubernetes Cluster using Kubeadm

1


244. Solution - Deploy a Kubernetes Cluster using kubeadm : (Optional)

10


245. Important Update: End to End Section

1


246. Troubleshooting - Section Introduction

1


247. Download Presentation Deck

1


248. Application Failure

3


249. Practice Test - Application Failure

1


250. Solution - Application Failure : (Optional)

28


251. Control Plane Failure

1


252. Practice Test - Control Plane Failure

1


253. Solution - Control Plane Failure : (Optional)

16


254. Worker Node Failure

2


255. Practice Test - Worker Node Failure

1


256. Solution - Worker Node Failure : (Optional)

10


257. Network Troubleshooting

4


258. Practice Test - Troubleshoot Network

0


259. Pre-Requisites - JSON PATH

1


260. Practice Test - JSON PATH

1


261. Advanced Kubectl Commands

12


262. Practice Test - Advanced Kubectl Commands

1


263. Lightning Lab Introduction

1


264. Lightning Lab - 1

1


265. Mock Exam - 1

1


266. Solution - Mock Exam -1 (Optional)

23


267. Mock Exam - 2

1


268. Mock Exam - 2 - Solution : (Optional)

37


269. Mock Exam - 3

1


270. Mock Exam - 3 - Solution : (Optional)

43


271. Frequently Asked Questions!

1


272. More Certification Tips!

0


273. Bonus Lecture: Accessing the Labs

1

Kubernetes Certified Application Developer (CKAD) with Tests Course content

 Kubernetes Certified Application Developer (CKAD)

This course available on  Udemy by KodeKloud to follow

Course content  


1. Introduction

2. Kubernetes Series

3. Kubernetes for Beginners Course

4. Certification Details

5. CNCF Certification

6. Download Course Deck

7. A note on Course Curriculum

8. Course release notes

9. Join our Slack Group

10. Recap - Kubernetes Architecture

11. Recap - PODs

12. YAML Basics

13. Recap - PODs with YAML

14. Recap - Demo - Creating PODs with YAML

15. Note!

16. Practice Test - Introduction

17. Demo: Accessing Labs

18. Accessing the Labs

19. Practice Test - Pods

20. Solution - Pods (optional)

21. Edit Pods

22. Recap - ReplicaSets

23. Practice Test - ReplicaSets

24. Solution - ReplicaSets (optional)

25. Recap - Deployments

26. Practice Test - Deployments

27. Solution - Deployments (optional)

28. Certification Tip: Formatting Output with kubectl

29. Recap - Namespaces

30. Practice Test - Namespaces

31. Solution - Namespaces (optional)

32. Certification Tip: Imperative Commands

33. Practice Test - Imperative Commands

34. Solution - Imperative Commands (optional)

35. Here's some inspiration to keep going

36. Pre-Requisite - Commands and Arguments in Docker

37. Commands and Arguments in Kubernetes

38. A quick note on editing PODs and Deployments

39. Practice Test - Commands and Arguments

40. Solution - Commands and Arguments (Optional)

41. Environment Variables

42. ConfigMaps

43. Practice Test - ConfigMaps

44. Solution: ConfigMaps (Optional)

45. Secrets

46. A quick note about Secrets!

47. Practice Test - Secrets

48. Solution - Secrets (Optional)

49. Demo: Encrypting Secret Data at Rest

50. Docker Security

51. Security Contexts

52. Practice Test - Security Contexts

53. Solution: Security Contexts

54. Service Account

55. Practice Test - Service Account

56. Solution: Service Account

57. Resource Requirements

58. Note on default resource requirements and limits

59. Practice Test - Resource Requirements

60. Solution: Resource Requirements

3


61. Taints and Tolerations

10


62. Practice Test - Taints and Toleration

1


63. Solution - Taints and Tolerations (Optional)

10


64. Node Selectors

3


65. Node Affinity

7


66. Practice Test - Node Affinity

1


67. Solution - Node Affinity (Optional)

10


68. Taints & Tolerations vs Node Affinity

3


69. Practice Test

1


70. Certification Tips - Student Tips

1


71. If you like it, Share it!

1


72. Multi-Container PODs

5


73. Practice Test - Multi-Container PODs

1


74. Solution - Multi-Container Pods (Optional)

15


75. Init Containers

2


76. Practice Test – Init Containers

0


77. Solution – Init Containers (Optional)

7


78. Readiness and Liveness Probes

8


79. Liveness Probes

3


80. Practice Test - Readiness and Liveness Probes

1


81. Solution: Readiness and Liveness Probes

10


82. Container Logging

2


83. Practice Test - Container Logging

1


84. Solution - Logging (optional)

3


85. Monitor and Debug Applications

4


86. Practice Test - Monitoring

1


87. Solution - Monitoring (optional)

4


88. Labels, Selectors and Annotations

6


89. Practice Test - Labels, Selectors and Annotations

1


90. Solution - Labels and Selectors (optional)

6


91. Rolling Updates & Rollbacks in Deployments

7


92. Updating a Deployment

2


93. Demo - Deployments

15


94. Practice Test - Rolling Updates & Rollbacks

1


95. Solution - Rolling Updates (Optional)

9


96. Jobs

8


97. CronJobs

2


98. Practice Test - Jobs & CronJobs

1


99. Solution - Jobs and Cronjobs (optional)

9


100. Services

14


101. Services - Cluster IP

4


102. Practice Test - Services

1


103. Solution - Services (optional)

9


104. Ingress Networking

22


105. Article: Ingress

1


106. Practice Test - Ingress Networking - 1

1


107. Solution: Ingress Networking - 1

16


108. FAQ - What is the rewrite-target option?

1


109. Practice Test - Ingress Networking - 2

1


110. Solution: Ingress Networking - 2

15


111. Network Policies

8


112. Developing network policies

12


113. Practice Test - Network Policies

1


114. Solution - Network Policies (optional)

14


115. Volumes

5


116. Persistent Volumes

3


117. Persistent Volume Claims

4


118. Using PVCs in PODs

1


Quiz 1: Volumes Quiz


119. Practice Test - Persistent Volumes

1


120. Solution - Persistent Volume and Persistent Volume Claims (Optional)

18


121. Note on optional topics

1


122. Storage Classes

4


123. Practice Test - Storage Class

1


124. Why Stateful Sets?

9


125. Stateful Sets Introduction

3


126. Headless Services

7


127. Storage in StatefulSets

4


128. Updates for Sep 2021 Changes

2


129. Define, build and modify container images

8


130. Practice test Docker Images

0


131. Authentication, Authorization and Admission Control

3


132. Authentication

5


133. Article on Setting up Basic Authentication

1


134. Important Updates

1


135. KubeConfig

9


136. Practice Test KubeConfig

0


137. Solution KubeConfig

8


138. API Groups

6


139. Authorization

8


140. Role Based Access Controls

4


141. Practice Test Role Based Access Controls

0


142. Solution Role Based Access Controls

14


143. Cluster Roles

5


144. Practice Test Cluster Roles

0


145. Solution Cluster Roles

11


146. Admission Controllers

8


147. Labs - Admission Controllers

0


148. Solution: Admission Controllers

7


149. Validating and Mutating Admission Controllers

10


150. Labs - Validating and Mutating Admission Controllers

0


151. Solution: Validating and Mutating Admission Controllers

8


152. API Versions

9


153. API Deprecations

14


154. Lab - API Versions/Deprecations

0


155. Solution: API Versions

7


156. Custom Resource Definition

11


157. Practice Test - Custom Resource Definition

0


158. Custom Controllers

4


159. Operator Framework

3


160. Deployment Strategy - Blue Green

5


161. Deployment Strategy - Canary

5


162. Practice Test - Deployment strategies

0


163. Solution: Deployment strategies

6


164. Helm Introduction

6


165. Install Helm

1


166. Labs - Install Helm

0


167. Helm Concepts

6


168. Labs - Helm Concepts

0


169. Kubernetes Challenges

1


170. More Practice!

1


171. Time Management

6


172. Additional Tips

1


173. Introduction - Lightning Labs

1


174. Lightning Lab - 1

1


175. Solution: Lightning Lab1

22


176. Lightning Lab - 2

1


177. Solution: Lightning Lab - 2

15


178. Mock Exam - 1

1


179. Mock Exam -1 (Solution)

20


180. Mock Exam - 2

1


181. Mock Exam -2 (Solution)

18


182. Register for Certification

1


183. Bonus Lecture: Accessing the Labs

1

Learn concepts and practice for the Kubernetes Certification with hands-on

Thursday, September 2, 2021

Student Internship training apprenticeship externship jobs vacancy management system software portal for free to track your employees student project BIT UCSC UoM

For more details whatsapp +94777337279
Email  ITClassSL@gmail.com



Solutions to Increase Your Internship Program ROI

Our best-in-class software and nationally recognized best practices help companies deliver meaningful internship experiences that improve overall satisfaction and productivity. We partner with companies of all shapes and sizes to simplify management of their internship program, automate processes, and develop the next generation of the workforce.

More than Software. Industry-Leading Support and Best Practice Advice.

Developing and deploying successful internship programs can be challenging – especially today. GradLeaders – the industry leader in internship management software – recently partnered with Dr. Robert Shindell – a national leader in the field of experiential education research & consulting and author of “Total Internship Management: An Employers Guide to Building & Sustaining the Ultimate Internship Program” – to create the Intern Management System. Together, our best-in-class software and nationally recognized best practices are designed to help companies build, develop, and enhance their internship programs to attract and retain the next generation of leaders in the workforce.



Proven Methods & Software to Meet Your Unique Needs

  • Internship Syllabus

Give interns a tool to manage daily task lists, projects, automate follow-ups, and track progress.

  • Reporting + Metrics

Flexible canned reports and ROI metrics dashboards for intern/mentor activity, data exports, and more.

  • Virtual Meetings + Live Chat

Allow mentors/supervisors and interns to manage team calendars, schedule virtual 1-on-1 appointments, and use virtual chat channels.

  • Supervisor + Mentor Portal

Company-branded portal for supervisors/mentors that allows for unique types/access levels. 

  •  Surveys + Evaluations

Create pulse surveys and collect satisfaction data using embedded forms or SurveyMonkey integration. 

  • Job Board + Applicant Tracking

Manage the internship application, review, and follow-up communication process with integrated CRM tools.

  • Intern + Alumni Portal

Company-branded, mobile-ready portal for your current interns to utilize and tools to stay engaged with alumni.

  •  Notes, Email Campaigns + SMS

Searchable intern/applicant database with customizable profiles, notes, email/SMS tools, and activity tracking. 

  • Online Resource + Document Library

Provide specific user groups easy access to important links and manage their own documents.

In this guide…

Eight Key Training Management System Features

  • Website integration
  • Online registration (aka checkout)
  • Customer relationship management (CRM)
  • Course management
  • Marketing tools
  • Reporting
  • Certification
  • Elearning

Checklist: Purchasing a Training Management System

  • Features
  • Integrations
  • The Buying Process

Course management
  • Course scheduler: Create new courses in a matter of clicks and schedule them for the year ahead.
  • Course templates to reduce repetitive tasks and speed up course scheduling.
  • Resource availability for creating courses without any double bookings or clashes.
  • Course & resource calendar so you can easily view, manage and check everything from one system.
  • Trainer matrix: A database of trainer information so you can assign qualified trainers to every course.
  • Real-time booking & registration that automatically updates availability as places are booked.
  • Document templates for quickly creating and sending documents to customers and personnel.
Delegate management
  • Certificate generation: Create certificates for delegates upon course completion.
  • Degalate profiles for quickly capturing and storing delegate information, such as IDs, licence numbers and signatures.
  • Group bookings: Add group bookings to a course date and make changes to individual delegate assignments at any time.
  • Cancellations & transfers: Easily manage course cancellations and transfer delegates to alternative courses.
  • Evaluation & feedback: Automatically capture meaningful feedback from delegates and improve your courses.
  • Training expiry notifications: Automatically send refresher training reminders ahead of expiry dates.
Course booking system
  • Website integration so you can take bookings on your course pages.
  • Customer account portal: An interface for customers to manage their bookings.
  • Payment processing: Integration with payment processors so you can accept payments on your website.
  • Checkout pages: Customisable checkout pages to match the design of your website.
  • Live course availability that always shows the number of available seats in real-time.

Training CRM & email marketing
  • Customer database for keeping track of statuses and information throughout the customer cycle.
  • Delegate database: Store and manage delegate data, including availability statuses, qualifications and more.
  • Training database: Access all information related to training, such as bookings, invoices and instructors.
  • Email logging: Automatically record email interactions to keep track of communications.
  • Email tracking: View the exact date and time when recipients receive and open emails.
  • Email automation: Automatically send emails, such as course refresher notifications, to maximise repeat business without getting lost in email exchanges.
Accounting & finance
  • Invoices: Send invoices using customisable templates.
  • Price agreements: Create price agreements with customers to apply discounts on specific courses or globally across their account.
  • Payment tracking: Track payments and revenue to ensure payments are made on time and follow-up any delays.
  • Automatic payment reminders: Send automatic payment reminders to inform customers a payment is due.
  • Manage customer credit: Apply customer credit to accounts, allowing them to book courses freely and settle accounts later.
  • Manage cancellations: Manage course cancellations, transfers and fees.
  • Integration: Integrate seamlessly with major accounting platforms, including Sage and Zero.

We’ve picked the 7 main features we think are essential in a training management platform to ensure it will take care of all the main tasks you need tackled.

1. Online Course Booking
Having the ability to sell your courses online is great because it not only makes your life a lot easier, but it also makes your customer happier! While some customers may still wish to make bookings over the phone, the ease and convenience of booking online means that in this day and age you really have to offer online booking to ensure you don’t lose out to a competitor who is only one click away on Google.

2. Excellent Reporting
One thing that is massively important to training companies is reporting. Your training management platform is going to hold lots of lovely data, and you want to make sure you’re able to report on any of that data at any given time.

3. Financial Integrations
Chances are you already have financial integrations that you work with and are happy with. Whether this is accounting packages or payment providers, you’ll probably want to continue working with what you’re comfortable with, as you make the move to be more organised in other areas.

4. Sales System
As we mentioned above, it’s really important for your Sales team to make sure they never lose a lead during the sales process, but keeping track of all that information can prove difficult sometimes, and it can be hard to find a system that works exactly the way you need it to.

5. Automated Communications
You probably don’t think about how much time per day you and your team spend sending emails, but it can really add up quite quickly!

6. Learning Management System
If you offer eLearning, or you’re looking to make the move to eLearning in the near future, why try and find two separate system to do what you need? Find a training management platform which also has a Learning Management System (LMS), and not only does it mean you only need to spend time looking for one system, it’s also likely to be cheaper than purchasing two separate systems.




7. Quick And Easy Course Scheduling
Much like emails, you probably don’t realize how much time you spend setting up all your courses in a training management platform or on your website. As we’ve said, integrating these two means no more duplicate data entry, but you can’t get around the fact that you will still have to enter all the information at least once.

Online registration system

It may be appropriate to have a registration solution integrated into the course administration solution. A digital registration solution integrated and customized to your website will make it easy for potential participants to register for your courses. This will generate revenue in the form of increased bookings, as a result of a user-friendly booking experience.
In the worst case, having a complicated enrollment form can cause you to scare off potential participants to enroll in your courses. This weakens the potential to make income for the course and training business.
Through many web-integrated sign-up systems, you can easily customize the design and layout of the solution to create a unity with your brand and website. This builds the brand, and thus also trust. In addition, the registration systems can often be customized for both PC, tablet and mobile. Having an integrated sign-up system creates a positive customer experience and increases the recruitment of participants.

Possibility of multiple payment options
The possibility of multiple payment options is also an advantage. Unfinished orders are a growing problem in digital commerce. A common reason for this is that customers are not offered the “correct” payment method. According to Statista, 75.6 per cent of all online payments were abandoned in the first quarter of 2018. In 2017, Postnord asked Nordic consumers how important it was to them that they were offered various payment options in e-commerce. In the survey, 72 percent responded that it was a little or very important.
It will therefore obviously be advantageous to choose a system that gives you a certain amount of choice when it comes to the type of payment option. Providing the customer with more payment options to choose from increases the conversion of participants. For millions of people, electronic payments are the most important option, as many consumers increasingly use mobile to make payments, as a result of technological advances.
Choose to acquire an administration system that offers both card payment and invoice as payment options, making everyday life easier for both yourself and the customer. The benefit of the card payment is that the payment for the course comes in before the course takes place, and there will be no additional administrative work for you. Should the customer prefer to pay by invoice, the invoice information can be sent automatically to your invoice. This will make it easier for you to keep track of the payment status of your participants. By choosing a system that includes payment solution and invoice function, this will reduce the administration time in the form of less invoicing and payment collection. As well as reducing wastage in the case of unpaid cancellations just before the course starts. Avoid moving orders from reservation system to billing system. An automatic payment system sends orders directly to the customers payment system on incoming bookings. Showing a clear overview of invoiced, outstanding and received amounts.

Automatic sending of course and competency certificates

Do you currently have a separate system for booking, an inefficient diploma system, or no system at all? Avoid ineffective processes by sending out certificates, as well as gathering personal information, photos, necessary documentation and/or scanning signatures. Get a system that does this through e-onboarding. This solution will ensure easy access to all information on each participant. Strengthen your company’s brand by creating customized course certificates digitally.This will save time through efficient production and distribution.

Create a system for your routines
Communication is an important factor in running a business with multiple people involved. A routine feature as part of your course management solution, makes it easier for you to communicate with participants, roles, users and instructors. When setting up messages in advance, you can send out the necessary information about your courses through text messages and email.
By acquiring a solution where you can coordinate, automate, and map communications around your routines, you increase productivity and thus, improve customer service in the long run.
If you automate the management of routines that come with running courses, time is freed up in the organization and you can prioritize it on more value-adding tasks. This creates benefits for participants in several points of the customer journey.

Student Internship Portal project is a web application which is developed in PHP platform. This PHP project with tutorial and guide for developing a code. Student Internship Portal is a open source you can Download zip and edit as per you need. If you want more latest PHP projects here. This is simple and basic level small project for learning purpose. Also you can modified this system as per your requriments and develop a perfect advance level project. Zip file containing the source code that can be extracted and then imported into notepad ++. This Source code for BE, BTech, MCA, BCA, Engineering, Bs.CS, IT, Software Engineering final year students can submit in college. This script developed by Mani Soni. This web application 100% working smooth without any bug. It is developed using php,mysql and Database mysql. This software code helpful in academic projects for final year students. We have a great collection of PHP projects.

Saturday, June 12, 2021

AWS-Certified-Solutions-Architect-Associate_Exam-Guide SAA-C002 Classes Sri Lanka

Email ITClassSL@gmail.com Whatapp https://wa.link/qj2yy6 to schedule your online classes. https://www.youtube.com/channel/UCo--CBzGxwhlpDQqyYCCZCg

AWS services and features

Analytics:

· Amazon Athena Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.

Athena is easy to use. Simply point to your data in Amazon S3, define the schema, and start querying using standard SQL. Most results are delivered within seconds. With Athena, there’s no need for complex ETL jobs to prepare your data for analysis. This makes it easy for anyone with SQL skills to quickly analyze large-scale datasets.

Athena is out-of-the-box integrated with AWS Glue Data Catalog, allowing you to create a unified metadata repository across various services, crawl data sources to discover schemas and populate your Catalog with new and modified table and partition definitions, and maintain schema versioning.

· Amazon Elasticsearch Service (Amazon ES) Amazon Elasticsearch Service is a fully managed service that makes it easy for you to deploy, secure, and run Elasticsearch cost effectively at scale. You can build, monitor, and troubleshoot your applications using the tools you love, at the scale you need. The service provides support for open source Elasticsearch APIs, managed Kibana, integration with Logstash and other AWS services, and built-in alerting and SQL querying. Amazon Elasticsearch Service lets you pay only for what you use – there are no upfront costs or usage requirements. With Amazon Elasticsearch Service, you get the ELK stack you need, without the operational overhead.

· Amazon EMR Amazon EMR is the industry-leading cloud big data platform for processing vast amounts of data using open source tools such as Apache SparkApache HiveApache HBaseApache FlinkApache Hudi, and Presto. Amazon EMR makes it easy to set up, operate, and scale your big data environments by automating time-consuming tasks like provisioning capacity and tuning clusters. With EMR you can run petabyte-scale analysis at less than half of the cost of traditional on-premises solutions and over 3x faster than standard Apache Spark. You can run workloads on Amazon EC2 instances, on Amazon Elastic Kubernetes Service (EKS) clusters, or on-premises using EMR on AWS Outposts.

· AWS Glue AWS Glue is a serverless data integration service that makes it easy to discover, prepare, and combine data for analytics, machine learning, and application development. AWS Glue provides all of the capabilities needed for data integration so that you can start analyzing your data and putting it to use in minutes instead of months.

Data integration is the process of preparing and combining data for analytics, machine learning, and application development. It involves multiple tasks, such as discovering and extracting data from various sources; enriching, cleaning, normalizing, and combining data; and loading and organizing data in databases, data warehouses, and data lakes. These tasks are often handled by different types of users that each use different products.

AWS Glue provides both visual and code-based interfaces to make data integration easier. Users can easily find and access data using the AWS Glue Data Catalog. Data engineers and ETL (extract, transform, and load) developers can visually create, run, and monitor ETL workflows with a few clicks in AWS Glue Studio. Data analysts and data scientists can use AWS Glue DataBrew to visually enrich, clean, and normalize data without writing code. With AWS Glue Elastic Views, application developers can use familiar Structured Query Language (SQL) to combine and replicate data across different data stores.

· Amazon Kinesis Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information. Amazon Kinesis offers key capabilities to cost-effectively process streaming data at any scale, along with the flexibility to choose the tools that best suit the requirements of your application. With Amazon Kinesis, you can ingest real-time data such as video, audio, application logs, website clickstreams, and IoT telemetry data for machine learning, analytics, and other applications. Amazon Kinesis enables you to process and analyze data as it arrives and respond instantly instead of having to wait until all your data is collected before the processing can begin.

· Amazon QuickSight Amazon QuickSight is a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud. QuickSight lets you easily create and publish interactive BI dashboards that include Machine Learning-powered insights. QuickSight dashboards can be accessed from any device, and seamlessly embedded into your applications, portals, and websites.

QuickSight is serverless and can automatically scale to tens of thousands of users without any infrastructure to manage or capacity to plan for. It is also the first BI service to offer pay-per-session pricing, where you only pay when your users access their dashboards or reports, making it cost-effective for large scale deployments.

With QuickSight, you can ask business questions of your data in plain language and receive answers in seconds.

AWS Billing and Cost Management:

· AWS Budgets AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. You can also use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your metrics drop below the threshold you define. Reservation alerts support Amazon EC2, Amazon RDS, Amazon Redshift, Amazon ElastiCache, and Elasticsearch reservations.

· Cost Explorer AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time.

Application Integration:

· Amazon Simple Notification Service (Amazon SNS) Amazon Simple Notification Service (Amazon SNS) is a fully managed messaging service for both application-to-application (A2A) and application-to-person (A2P) communication.

The A2A pub/sub functionality provides topics for high-throughput, push-based, many-to-many messaging between distributed systems, microservices, and event-driven serverless applications. Using Amazon SNS topics, your publisher systems can fanout messages to a large number of subscriber systems including Amazon SQS queues, AWS Lambda functions and HTTPS endpoints, for parallel processing, and Amazon Kinesis Data Firehose. The A2P functionality enables you to send messages to users at scale via SMS, mobile push, and email.

Amazon Simple Queue Service (Amazon SQS) Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. SQS eliminates the complexity and overhead associated with managing and operating message oriented middleware and empowers developers to focus on differentiating work. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available. Get started with SQS in minutes using the AWS console, Command Line Interface or SDK of your choice, and three simple commands.

SQS offers two types of message queues. Standard queues offer maximum throughput, best-effort ordering, and at-least-once delivery. SQS FIFO queues are designed to guarantee that messages are processed exactly once, in the exact order that they are sent.

Compute:

· Amazon EC2 Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment.

Amazon EC2 offers the broadest and deepest compute platform with choice of processor, storage, networking, operating system, and purchase model. We offer the fastest processors in the cloud and we are the only cloud with 400 Gbps ethernet networking. We have the most powerful GPU instances for machine learning training and graphics workloads, as well as the lowest cost-per-inference instances in the cloud. More SAP, HPC, Machine Learning, and Windows workloads run on AWS than any other cloud. Click here to learn What's New with Amazon EC2.

· AWS Elastic Beanstalk AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.

You can simply upload your code and Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, auto-scaling to application health monitoring. At the same time, you retain full control over the AWS resources powering your application and can access the underlying resources at any time.

There is no additional charge for Elastic Beanstalk - you pay only for the AWS resources needed to store and run your applications.

· Amazon Elastic Container Service (Amazon ECS) Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service that helps you easily deploy, manage, and scale containerized applications. It deeply integrates with the rest of the AWS platform to provide a secure and easy-to-use solution for running container workloads in the cloud and now on your infrastructure with Amazon ECS Anywhere.

Amazon ECS leverages serverless technology from AWS Fargate to deliver autonomous container operations, which reduces the time spent on configuration, patching, and security. Instead of worrying about managing the control plane, add-ons, and nodes, Amazon ECS enables you to rapidly build applications and grow your business.

· Amazon Elastic Kubernetes Service (Amazon EKS) Amazon Elastic Kubernetes Service (Amazon EKS) gives you the flexibility to start, run, and scale Kubernetes applications in the AWS cloud or on-premises. Amazon EKS helps you provide highly available and secure clusters and automates key tasks such as patching, node provisioning, and updates. Customers such as Intel, Snap, Intuit, GoDaddy, and Autodesk trust EKS to run their most sensitive and mission critical applications.

EKS runs upstream Kubernetes and is certified Kubernetes conformant for a predictable experience. You can easily migrate any standard Kubernetes application to EKS without needing to refactor your code.

EKS makes it easy to standardize operations across every environment. You can run fully managed EKS clusters on AWS. You can have an open source, proven distribution of Kubernetes wherever you want for consistent operations with Amazon EKS Distro. You can host and operate your Kubernetes clusters on-premises and at the edge with AWS Outposts and AWS Wavelength, and have a consistent cluster management experience with Amazon EKS Anywhere (coming in 2021.)

· Elastic Load Balancing Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, Lambda functions, and virtual appliances. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones. Elastic Load Balancing offers four types of load balancers that all feature the high availability, automatic scaling, and robust security necessary to make your applications fault tolerant.

· AWS Fargate  AWS Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). Fargate makes it easy for you to focus on building your applications. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design.

Fargate allocates the right amount of compute, eliminating the need to choose instances and scale cluster capacity. You only pay for the resources required to run your containers, so there is no over-provisioning and paying for additional servers. Fargate runs each task or pod in its own kernel providing the tasks and pods their own isolated compute environment. This enables your application to have workload isolation and improved security by design. This is why customers such as Vanguard, Accenture, Foursquare, and Ancestry have chosen to run their mission critical applications on Fargate.

· AWS Lambda AWS Lambda is a serverless compute service that lets you run code without provisioning or managing servers, creating workload-aware cluster scaling logic, maintaining event integrations, or managing runtimes. With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Just upload your code as a ZIP file or container image, and Lambda automatically and precisely allocates compute execution power and runs your code based on the incoming request or event, for any scale of traffic. You can set up your code to automatically trigger from over 200 AWS services and SaaS applications or call it directly from any web or mobile app. You can write Lambda functions in your favorite language (Node.js, Python, Go, Java, and more) and use both serverless and container tools, such as AWS SAM or Docker CLI, to build, test, and deploy your functions.

Database:

· Amazon Aurora Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.

Amazon Aurora is up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases. It provides the security, availability, and reliability of commercial databases at 1/10th the cost. Amazon Aurora is fully managed by Amazon Relational Database Service (RDS), which automates time-consuming administration tasks like hardware provisioning, database setup, patching, and backups.

Amazon Aurora features a distributed, fault-tolerant, self-healing storage system that auto-scales up to 128TB per database instance. It delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones (AZs).

Visit the Amazon RDS Management Console to create your first Aurora database instance and start migrating your MySQL and PostgreSQL databases

· Amazon DynamoDB Amazon DynamoDB is a key-value and document database that delivers single-digit millisecond performance at any scale. It's a fully managed, multi-region, multi-active, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications. DynamoDB can handle more than 10 trillion requests per day and can support peaks of more than 20 million requests per second.

Many of the world's fastest growing businesses such as Lyft, Airbnb, and Redfin as well as enterprises such as Samsung, Toyota, and Capital One depend on the scale and performance of DynamoDB to support their mission-critical workloads.

Hundreds of thousands of AWS customers have chosen DynamoDB as their key-value and document database for mobile, web, gaming, ad tech, IoT, and other applications that need low-latency data access at any scale. Create a new table for your application and let DynamoDB handle the rest.

· Amazon ElastiCache Amazon ElastiCache allows you to seamlessly set up, run, and scale popular open-source compatible in-memory data stores in the cloud. Build data-intensive apps or boost the performance of your existing databases by retrieving data from high throughput and low latency in-memory data stores. Amazon ElastiCache is a popular choice for real-time use cases like Caching, Session Stores, Gaming, Geospatial Services, Real-Time Analytics, and Queuing.

Amazon ElastiCache offers fully managed Redis, voted the most loved database by developers in the Stack Overflow 2020 Developer Survey, and Memcached for your most demanding applications that require sub-millisecond response times.

· Amazon RDS Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security and compatibility they need.

Amazon RDS is available on several database instance types - optimized for memory, performance or I/O - and provides you with six familiar database engines to choose from, including Amazon AuroraPostgreSQLMySQLMariaDBOracle Database, and SQL Server. You can use the AWS Database Migration Service to easily migrate or replicate your existing databases to Amazon RDS.

· Amazon Redshift Amazon Redshift is a fully-managed petabyte-scale cloud based data warehouse product designed for large scale data set storage and analysis. It is also used to perform large scale database migrations.

Redshift’s column-oriented database is designed to connect to SQL-based clients and business intelligence tools, making data available to users in real time. Based on PostgreSQL 8, Redshift delivers fast performance and efficient querying that help teams make sound business analyses and decisions.

Management and Governance:

· AWS Auto Scaling AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost. Using AWS Auto Scaling, it’s easy to setup application scaling for multiple resources across multiple services in minutes. The service provides a simple, powerful user interface that lets you build scaling plans for resources including Amazon EC2 instances and Spot Fleets, Amazon ECS tasks, Amazon DynamoDB tables and indexes, and Amazon Aurora Replicas. AWS Auto Scaling makes scaling simple with recommendations that allow you to optimize performance, costs, or balance between them. If you’re already using Amazon EC2 Auto Scaling to dynamically scale your Amazon EC2 instances, you can now combine it with AWS Auto Scaling to scale additional resources for other AWS services. With AWS Auto Scaling, your applications always have the right resources at the right time.

It’s easy to get started with AWS Auto Scaling using the AWS Management Console, Command Line Interface (CLI), or SDK. AWS Auto Scaling is available at no additional charge. You pay only for the AWS resources needed to run your applications and Amazon CloudWatch monitoring fees.

· AWS Backup AWS Backup enables you to centralize and automate data protection across AWS services. AWS Backup offers a cost-effective, fully managed, policy-based service that further simplifies data protection at scale. AWS Backup also helps you support your regulatory compliance or business policies for data protection. Together with AWS Organizations, AWS Backup enables you to centrally deploy data protection policies to configure, manage, and govern your backup activity across your organization’s AWS accounts and resources, including Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Elastic Block Store (Amazon EBS) volumes, Amazon Relational Database Service (RDS) databases (including Amazon Aurora clusters), Amazon DynamoDB tables, Amazon Elastic File System (EFS), Amazon FSx for Lustre, Amazon FSx for Windows File Server, and AWS Storage Gateway volumes.

· AWS CloudFormation AWS CloudFormation gives you an easy way to model a collection of related AWS and third-party resources, provision them quickly and consistently, and manage them throughout their lifecycles, by treating infrastructure as code. A CloudFormation template describes your desired resources and their dependencies so you can launch and configure them together as a stack. You can use a template to create, update, and delete an entire stack as a single unit, as often as you need to, instead of managing resources individually. You can manage and provision stacks across multiple AWS accounts and AWS Regions.

· AWS CloudTrail AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting. In addition, you can use CloudTrail to detect unusual activity in your AWS accounts. These capabilities help simplify operational analysis and troubleshooting.

· Amazon CloudWatch Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on AWS and on-premises servers. You can use CloudWatch to detect anomalous behavior in your environments, set alarms, visualize logs and metrics side by side, take automated actions, troubleshoot issues, and discover insights to keep your applications
running smoothly.

· AWS Config AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This enables you to simplify compliance auditing, security analysis, change management, and operational troubleshooting.

· Amazon EventBridge (Amazon CloudWatch Events) Amazon EventBridge is a serverless event bus that makes it easier to build event-driven applications at scale using events generated from your applications, integrated Software-as-a-Service (SaaS) applications, and AWS services. EventBridge delivers a stream of real-time data from event sources such as Zendesk or Shopify to targets like AWS Lambda and other SaaS applications. You can set up routing rules to determine where to send your data to build application architectures that react in real- time to your data sources with event publisher and consumer completely decoupled.

· AWS Organizations AWS Organizations helps you centrally manage and govern your environment as you grow and scale your AWS resources. Using AWS Organizations, you can programmatically create new AWS accounts and allocate resources, group accounts to organize your workflows, apply policies to accounts or groups for governance, and simplify billing by using a single payment method for all of your accounts.

In addition, AWS Organizations is integrated with other AWS services so you can define central configurations, security mechanisms, audit requirements, and resource sharing across accounts in your organization. AWS Organizations is available to all AWS customers at no additional charge.

· AWS Resource Access Manager AWS Resource Access Manager (RAM) is a service that enables you to easily and securely share AWS resources with any AWS account or within your AWS Organization. You can share AWS Transit Gateways, Subnets, AWS License Manager configurations, and Amazon Route 53 Resolver rules resources with RAM.

Many organizations use multiple accounts to create administrative or billing isolation, and to limit the impact of errors. RAM eliminates the need to create duplicate resources in multiple accounts, reducing the operational overhead of managing those resources in every single account you own. You can create resources centrally in a multi-account environment, and use RAM to share those resources across accounts in three simple steps: create a Resource Share, specify resources, and specify accounts. RAM is available to you at no additional charge.

· AWS Systems Manager AWS Systems Manager is the operations hub for AWS. Systems Manager provides a unified user interface so you can track and resolve operational issues across your AWS applications and resources from a central place. With Systems Manager, you can automate operational tasks for Amazon EC2 instances or Amazon RDS instances. You can also group resources by application, view operational data for monitoring and troubleshooting, implement pre-approved change work flows, and audit operational changes for your groups of resources. Systems Manager simplifies resource and application management, shortens the time to detect and resolve operational problems, and makes it easier to operate and manage your infrastructure at scale.

· AWS Trusted Advisor AWS Trusted Advisors provides recommendations that help you follow AWS best practices. Trusted Advisor evaluates your account by using checks. These checks identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas. You can then follow the check recommendations to optimize your services and resources.

AWS Basic Support and AWS Developer Support customers can access core security checks and all checks for service quotas. AWS Business Support and AWS Enterprise Support customers can access all checks, including cost optimization, security, fault tolerance, performance, and service quotas. For a complete list of checks and descriptions, see the Trusted Advisor Best Practices.

Migration and Transfer:

· AWS Database Migration Service (AWS DMS) database remains fully operational during the migration, minimizing downtime to applications that rely on the database. The AWS Database Migration Service can migrate your data to and from most widely used commercial and open-source databases.

AWS Database Migration Service supports homogeneous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle or Microsoft SQL Server to Amazon Aurora. With AWS Database Migration Service, you can continuously replicate your data with high availability and consolidate databases into a petabyte-scale data warehouse by streaming data to Amazon Redshift and Amazon S3. Learn more about the supported source and target databases.

When migrating databases to Amazon Aurora, Amazon Redshift, Amazon DynamoDB or Amazon DocumentDB (with MongoDB compatibility) you can use DMS free for six months.

· AWS DataSync AWS DataSync is an online data transfer service that simplifies, automates, and accelerates moving data between on-premises storage systems and AWS Storage services, as well as between AWS Storage services. You can use DataSync to migrate active datasets to AWS, archive data to free up on-premises storage capacity, replicate data to AWS for business continuity, or transfer data to the cloud for analysis and processing.

Writing, maintaining, monitoring, and troubleshooting scripts to move large amounts of data can burden your IT operations and slow migration projects. DataSync eliminates or automatically handles this work for you. DataSync provides built-in security capabilities such as encryption of data in-transit, and data integrity verification in-transit and at-rest. It optimizes use of network bandwidth, and automatically recovers from network connectivity failures. In addition, DataSync provides control and monitoring capabilities such as data transfer scheduling and granular visibility into the transfer process through Amazon CloudWatch metrics, logs, and events.

DataSync can copy data between Network File System (NFS) shares, Server Message Block (SMB) shares, self-managed object storage, AWS Snowcone, Amazon Simple Storage Service (Amazon S3) buckets, Amazon Elastic File System (Amazon EFS) file systems, and Amazon FSx for Windows File Server file systems.

 

· AWS Migration Hub AWS Migration Hub provides a single location to track the progress of application migrations across multiple AWS and partner solutions. Using Migration Hub allows you to choose the AWS and partner migration tools that best fit your needs, while providing visibility into the status of migrations across your portfolio of applications. Migration Hub also provides key metrics and progress for individual applications, regardless of which tools are being used to migrate them. This allows you to quickly get progress updates across all of your migrations, easily identify and troubleshoot any issues, and reduce the overall time and effort spent on your migration projects.

AWS Migration Hub provides a single place to monitor migrations in any AWS region where your migration tools are available. There is no additional cost for using Migration Hub. You only pay for the cost of the individual migration tools you use, and any resources being consumed on AWS.

· AWS Server Migration Service (AWS SMS) Amazon Server Migration Service automates the migration of your on-premises VMware vSphere, Microsoft Hyper-V/SCVMM, and Azure virtual machines to the Amazon Cloud. Amazon SMS incrementally replicates your server VMs as cloud-hosted Amazon Machine Images (AMIs) ready for deployment on Amazon EC2. Working with AMIs, you can easily test and update your cloud-based images before deploying them in production.

· AWS Snowball Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud. Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns.

· AWS Transfer Family The AWS Transfer Family provides fully managed support for file transfers directly into and out of Amazon S3 or Amazon EFS. With support for Secure File Transfer Protocol (SFTP), File Transfer Protocol over SSL (FTPS), and File Transfer Protocol (FTP), the AWS Transfer Family helps you seamlessly migrate your file transfer workflows to AWS by integrating with existing authentication systems, and providing DNS routing with Amazon Route 53 so nothing changes for your customers and partners, or their applications. With your data in Amazon S3 or Amazon EFS, you can use it with AWS services for processing, analytics, machine learning, archiving, as well as home directories and developer tools. Getting started with the AWS Transfer Family is easy; there is no infrastructure to buy and set up.

Networking and Content Delivery:

· Amazon API Gateway Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. Using API Gateway, you can create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications. API Gateway supports containerized and serverless workloads, as well as web applications.

API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, CORS support, authorization and access control, throttling, monitoring, and API version management. API Gateway has no minimum fees or startup costs. You pay for the API calls you receive and the amount of data transferred out and, with the API Gateway tiered pricing model, you can reduce your cost as your API usage scales.

· Amazon CloudFront Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

CloudFront offers the most advanced security capabilities, including field level encryption and HTTPS support, seamlessly integrated with AWS ShieldAWS Web Application Firewall and Amazon Route 53 to protect against multiple types of attacks including network and application layer DDoS attacks. These services co-reside at edge networking locations – globally scaled and connected via the AWS network backbone – providing a more secure, performant, and available experience for your users.

CloudFront works seamlessly with any AWS origin, such as Amazon S3Amazon EC2Elastic Load Balancing, or with any custom HTTP origin. You can customize your content delivery through CloudFront using the secure and programmable edge computing features CloudFront Functions and AWS Lambda@Edge.

· AWS Direct Connect makes it easy to establish a dedicated connection from an on-premises network to one or more VPCs in the same region. Using private VIF on AWS Direct Connect, you can establish private connectivity between AWS and your data center, office, or colocation environment, 

· AWS Global Accelerator AWS Global Accelerator is a networking service that improves the performance of your users’ traffic by up to 60% using Amazon Web Services’ global network infrastructure. When the internet is congested, AWS Global Accelerator optimizes the path to your application to keep packet loss, jitter, and latency consistently low.

With Global Accelerator, you are provided two global static public IPs that act as a fixed entry point to your application, improving availability. On the back end, add or remove your AWS application endpoints, such as Application Load Balancers, Network Load Balancers, EC2 Instances, and Elastic IPs without making user-facing changes. Global Accelerator automatically re-routes your traffic to your nearest healthy available endpoint to mitigate endpoint failure.

Set up your accelerator on the AWS Management Console in minutes with step-by-step documentation or with one click in the Elastic Load Balancing Console. Learn more by following the self-service workshop and test performance benefits from your location with the AWS Global Accelerator speed comparison tool.

· Amazon Route 53 Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications by translating names like www.example.com into the numeric IP addresses like 192.0.2.1 that computers use to connect to each other. Amazon Route 53 is fully compliant with IPv6 as well.

Amazon Route 53 effectively connects user requests to infrastructure running in AWS – such as Amazon EC2 instances, Elastic Load Balancing load balancers, or Amazon S3 buckets – and can also be used to route users to infrastructure outside of AWS. You can use Amazon Route 53 to configure DNS health checks to route traffic to healthy endpoints or to independently monitor the health of your application and its endpoints. Amazon Route 53 Traffic Flow makes it easy for you to manage traffic globally through a variety of routing types, including Latency Based Routing, Geo DNS, Geoproximity, and Weighted Round Robin—all of which can be combined with DNS Failover in order to enable a variety of low-latency, fault-tolerant architectures. Using Amazon Route 53 Traffic Flow’s simple visual editor, you can easily manage how your end-users are routed to your application’s endpoints—whether in a single AWS region or distributed around the globe. Amazon Route 53 also offers Domain Name Registration – you can purchase and manage domain names such as example.com and Amazon Route 53 will automatically configure DNS settings for your domains.

· AWS Transit Gateway AWS Transit Gateway connects VPCs and on-premises networks through a central hub. This simplifies your network and puts an end to complex peering relationships. It acts as a cloud router – each new connection is only made once.

As you expand globally, inter-Region peering connects AWS Transit Gateways together using the AWS global network. Your data is automatically encrypted, and never travels over the public internet. And, because of its central position, AWS Transit Gateway Network Manager has a unique view over your entire network, even connecting to Software-Defined Wide Area Network (SD-WAN) devices.

· Amazon VPC (and associated features) Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 for most resources in your virtual private cloud, helping to ensure secure and easy access to resources and applications.

As one of AWS's foundational services, Amazon VPC makes it easy to customize your VPC's network configuration. You can create a public-facing subnet for your web servers that have access to the internet. It also lets you place your backend systems, such as databases or application servers, in a private-facing subnet with no internet access. Amazon VPC lets you to use multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.

Security, Identity, and Compliance:

· AWS Certificate Manager (ACM) AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates.

With AWS Certificate Manager, you can quickly request a certificate, deploy it on ACM-integrated AWS resources, such as Elastic Load Balancers, Amazon CloudFront distributions, and APIs on API Gateway, and let AWS Certificate Manager handle certificate renewals. It also enables you to create private certificates for your internal resources and manage the certificate lifecycle centrally. Public and private certificates provisioned through AWS Certificate Manager for use with ACM-integrated services are free. You pay only for the AWS resources you create to run your application. With AWS Certificate Manager Private Certificate Authority, you pay monthly for the operation of the private CA and for the private certificates you issue

· AWS Directory Service AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft Active Directory (AD), enables your directory-aware workloads and AWS resources to use managed Active Directory (AD) in AWS. AWS Managed Microsoft AD is built on actual Microsoft AD and does not require you to synchronize or replicate data from your existing Active Directory to the cloud. You can use the standard AD administration tools and take advantage of the built-in AD features, such as Group Policy and single sign-on. With AWS Managed Microsoft AD, you can easily join Amazon EC2 and Amazon RDS for SQL Server instances to your domain, and use AWS End User Computing (EUC) services, such as Amazon WorkSpaces, with AD users and groups.

· Amazon GuardDuty Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3. With the cloud, the collection and aggregation of account and network activities is simplified, but it can be time consuming for security teams to continuously analyze event log data for potential threats. With GuardDuty, you now have an intelligent and cost-effective option for continuous threat detection in AWS. The service uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats. GuardDuty analyzes tens of billions of events across multiple AWS data sources, such as AWS CloudTrail event logs, Amazon VPC Flow Logs, and DNS logs. With a few clicks in the AWS Management Console, GuardDuty can be enabled with no software or hardware to deploy or maintain. By integrating with Amazon CloudWatch Events, GuardDuty alerts are actionable, easy to aggregate across multiple accounts, and straightforward to push into existing event management and workflow systems

· AWS Identity and Access Management (IAM) AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.

IAM is a feature of your AWS account offered at no additional charge. You will be charged only for use of other AWS services by your users.

To get started using IAM, or if you have already registered with AWS, go to the AWS Management Console and get started with these IAM Best Practices

· Amazon Inspector Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. ... Amazon Inspector security assessments help you check for unintended network accessibility of your Amazon EC2 instances and for vulnerabilities on those EC2 instances.

· AWS Key Management Service (AWS KMS) AWS Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications. AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2, or are in the process of being validated, to protect your keys. AWS KMS is integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory and compliance needs.

· Amazon Macie Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS.

As organizations manage growing volumes of data, identifying and protecting their sensitive data at scale can become increasingly complex, expensive, and time-consuming. Amazon Macie automates the discovery of sensitive data at scale and lowers the cost of protecting your data. Macie automatically provides an inventory of Amazon S3 buckets including a list of unencrypted buckets, publicly accessible buckets, and buckets shared with AWS accounts outside those you have defined in AWS Organizations. Then, Macie applies machine learning and pattern matching techniques to the buckets you select to identify and alert you to sensitive data, such as personally identifiable information (PII). 

Macie’s alerts, or findings, can be searched and filtered in the AWS Management Console and sent to Amazon EventBridge, formerly called Amazon CloudWatch Events, for easy integration with existing workflow or event management systems, or to be used in combination with AWS services, such as AWS Step Functions to take automated remediation actions. This can help you meet regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) and General Data Privacy Regulation (GDPR). You can get started with Amazon Macie by leveraging the 30-day free trial for bucket evaluation. The trial includes 30-days of Amazon S3 bucket inventory and bucket-level security and access control assessment at no cost. Note that sensitive data discovery is not included in the 30-day free trial for bucket evaluation.

· AWS Secrets Manager AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB. Also, the service is extensible to other types of secrets, including API keys and OAuth tokens. In addition, Secrets Manager enables you to control access to secrets using fine-grained permissions and audit secret rotation centrally for resources in the AWS Cloud, third-party services, and on-premises.

· AWS Shield AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency, so there is no need to engage AWS Support to benefit from DDoS protection. There are two tiers of AWS Shield - Standard and Advanced.

All AWS customers benefit from the automatic protections of AWS Shield Standard, at no additional charge. AWS Shield Standard defends against most common, frequently occurring network and transport layer DDoS attacks that target your web site or applications. When you use AWS Shield Standard with Amazon CloudFront and Amazon Route 53, you receive comprehensive availability protection against all known infrastructure (Layer 3 and 4) attacks.

For higher levels of protection against attacks targeting your applications running on Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing (ELB), Amazon CloudFront, AWS Global Accelerator and Amazon Route 53 resources, you can subscribe to AWS Shield Advanced. In addition to the network and transport layer protections that come with Standard, AWS Shield Advanced provides additional detection and mitigation against large and sophisticated DDoS attacks, near real-time visibility into attacks, and integration with AWS WAF, a web application firewall. AWS Shield Advanced also gives you 24x7 access to the AWS DDoS Response Team (DRT) and protection against DDoS related spikes in your Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing (ELB), Amazon CloudFront, AWS Global Accelerator and Amazon Route 53 charges.

AWS Shield Advanced is available globally on all Amazon CloudFront, AWS Global Accelerator, and Amazon Route 53 edge locations. You can protect your web applications hosted anywhere in the world by deploying Amazon CloudFront in front of your application. Your origin servers can be Amazon S3, Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing (ELB), or a custom server outside of AWS. You can also enable AWS Shield Advanced directly on an Elastic IP or Elastic Load Balancing (ELB) in the following AWS Regions - Northern Virginia, Ohio, Oregon, Northern California, Montreal, São Paulo, Ireland, Frankfurt, London, Paris, Stockholm, Singapore, Tokyo, Sydney, Seoul, and Mumbai.

· AWS Single Sign-On AWS Single Sign-On is a cloud-based single sign-on (SSO) service that makes it easy to centrally manage SSO access to all of your AWS accounts and cloud applications. Specifically, it helps you manage SSO access and user permissions across all your AWS accounts in AWS Organizations. AWS SSO also helps you manage access and permissions to commonly used third-party software as a service (SaaS) applications, AWS SSO-integrated applications as well as custom applications that support Security Assertion Markup Language (SAML) 2.0. AWS SSO includes a user portal where your end-users can find and access all their assigned AWS accounts, cloud applications, and custom applications in one place.

· AWS WAF AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the values of query strings or the IP addresses that requests originate from, CloudFront responds to requests either with the requested content or with an HTTP status code 403 (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF, see the AWS WAF Developer Guide.

After you create an AWS WAF web access control list (web ACL), create or update a web distribution to associate the distribution with the web ACL. You can associate as many CloudFront distributions as you want with the same web ACL or with different web ACLs. For information about creating a distribution and associating it with a web ACL, see Creating a Distribution.

Storage:

· Amazon Elastic Block Store (Amazon EBS) Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes for use with EC2 instances. EBS volumes behave like raw, unformatted block devices. You can mount these volumes as devices on your instances. EBS volumes that are attached to an instance are exposed as storage volumes that persist independently from the life of the instance. You can create a file system on top of these volumes, or use them in any way you would use a block device (such as a hard drive). You can dynamically change the configuration of a volume attached to an instance.

We recommend Amazon EBS for data that must be quickly accessible and requires long-term persistence. EBS volumes are particularly well-suited for use as the primary storage for file systems, databases, or for any applications that require fine granular updates and access to raw, unformatted, block-level storage. Amazon EBS is well suited to both database-style applications that rely on random reads and writes, and to throughput-intensive applications that perform long, continuous reads and writes.

· Amazon Elastic File System (Amazon EFS) Amazon Elastic File System (Amazon EFS) provides a simple, serverless, set-and-forget elastic file system for use with AWS Cloud services and on-premises resources. It is built to scale on demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth. Amazon EFS has a simple web services interface that allows you to create and configure file systems quickly and easily. The service manages all the file storage infrastructure for you, meaning that you can avoid the complexity of deploying, patching, and maintaining complex file system configurations.

Amazon EFS supports the Network File System version 4 (NFSv4.1 and NFSv4.0) protocol, so the applications and tools that you use today work seamlessly with Amazon EFS. Multiple compute instances, including Amazon EC2, Amazon ECS, and AWS Lambda, can access an Amazon EFS file system at the same time, providing a common data source for workloads and applications running on more than one compute instance or server.

· Amazon FSx Amazon FSx for Windows File Server provides fully managed Microsoft Windows file servers, that are backed by a fully native Windows file system. When using Amazon FSx for Windows File Server together with ECS, you can provision your Windows tasks with persistent, distributed, shared, static file storage.

· Amazon S3 Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics. Amazon S3 provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to meet your specific business, organizational, and compliance requirements. Amazon S3 is designed for 99.999999999% (11 9's) of durability, and stores data for millions of applications for companies all around the world.

· Amazon S3 Glacier Amazon S3 Glacier and S3 Glacier Deep Archive are secure, durable, and extremely low-cost Amazon S3 cloud storage classes for data archiving and long-term backup. They are designed to deliver 99.999999999% durability, and provide comprehensive security and compliance capabilities that can help meet even the most stringent regulatory requirements. Customers can store data for as little as $1 per terabyte per month, a significant savings compared to on-premises solutions. To keep costs low yet suitable for varying retrieval needs, Amazon S3 Glacier provides three options for access to archives, from a few minutes to several hours, and S3 Glacier Deep Archive provides two access options ranging from 12 to 48 hours.

· AWS Storage Gateway AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage. Customers use Storage Gateway to simplify storage management and reduce costs for key hybrid cloud storage use cases. These include moving backups to the cloud, using on-premises file shares backed by cloud storage, and providing low latency access to data in AWS for on-premises applications.

To support these use cases, Storage Gateway offers four different types of gateways – Amazon S3 File GatewayAmazon FSx File GatewayTape Gateway, and Volume Gateway – that seamlessly connect on-premises applications to cloud storage, caching data locally for low-latency access. Your applications connect to the service through a virtual machine or gateway hardware appliance using standard storage protocols, such as NFS, SMB, and iSCSI. The gateway connects to AWS storage services, such as Amazon S3, Amazon S3 Glacier, Amazon S3 Glacier Deep Archive, Amazon FSx for Windows File Server, Amazon EBS, and AWS Backup, providing storage for files, volumes, snapshots, and virtual tapes in AWS. The service includes a highly-optimized and efficient data transfer mechanism, with bandwidth management and automated network resilience.

 


Copy - Paste from 

AWS Certified Solutions Architect – Associate (SAA-C02) Exam Guide Version 2.0 SAA-C02 1 | PAGE Introduction The AWS Certified Solutions Architect – Associate (SAA-C02) exam is intended for individuals who perform in a solutions architect role. The exam validates a candidate’s ability to design secure and robust solutions by using AWS technologies. The exam also validates a candidate’s ability to complete the following tasks:  Design a solution by using appropriate AWS services and by following architectural principles based on requirements  Provide implementation guidance based on best practices to the organization throughout the workload lifecycle Target candidate description The target candidate should have at least 1 year of hands-on experience designing secure, highperforming, cost-effective, highly available, and scalable systems by using AWS services. Recommended AWS knowledge The target candidate should have the following knowledge:  Hands-on experience using compute, networking, storage, management, and database AWS services  The ability to identify and define technical requirements for a solution that involves AWS technology  The ability to identify which AWS services meet a given technical requirement  An understanding of best practices for building well-architected solutions on AWS  An understanding of the AWS global infrastructure  An understanding of AWS security services and features in relation to traditional services What is considered out of scope for the target candidate? The following is a non-exhaustive list of related job tasks that the target candidate is not expected to be able to perform. These items are out of scope for the exam:  Design a complex, hybrid network architecture  Design identity federation within multiple accounts  Design an architecture that meets compliance requirements  Incorporate specialized services in a design  Develop deployment strategies  Create a migration strategy for complex multi-tier applications For a detailed list of specific tools and technologies that might be covered on the exam, as well as a list of in-scope AWS services, refer to the Appendix.Version 2.0 SAA-C02 2 | PAGE Exam content Response types There are two types of questions on the exam:  Multiple choice: Has one correct response and three incorrect responses (distractors)  Multiple response: Has two or more correct responses out of five or more response options Select one or more responses that best complete the statement or answer the question. Distractors, or incorrect answers, are response options that a candidate with incomplete knowledge or skill might choose. Distractors are generally plausible responses that match the content area. Unanswered questions are scored as incorrect; there is no penalty for guessing. The exam includes 50 questions that will affect your score. Unscored content The exam includes 15 unscored questions that do not affect your score. AWS collects information about candidate performance on these unscored questions to evaluate these questions for future use as scored questions. These unscored questions are not identified on the exam. Exam results The AWS Certified Solutions Architect – Associate exam is a pass or fail exam. The exam is scored against a minimum standard established by AWS professionals who follow certification industry best practices and guidelines. Your results for the exam are reported as a scaled score of 100–1,000. The minimum passing score is 720. Your score shows how you performed on the exam as a whole and whether or not you passed. Scaled scoring models help equate scores across multiple exam forms that might have slightly different difficulty levels. Your score report could contain a table of classifications of your performance at each section level. This information provides general feedback about your exam performance. The exam uses a compensatory scoring model, which means that you do not need to achieve a passing score in each section. You need to pass only the overall exam. Each section of the exam has a specific weighting, so some sections have more questions than other sections have. The table contains general information that highlights your strengths and weaknesses. Use caution when interpreting section-level feedback. Candidates who pass the exam will not receive this additional information. Content outline This exam guide includes weightings, test domains, and objectives for the exam. It is not a comprehensive listing of the content on the exam. However, additional context for each of the objectives is available to help guide your preparation for the exam. The following table lists the main content domains and their weightings. The table precedes the complete exam content outline, which includes the additional context. The percentage in each domain represents only scored content.Version 2.0 SAA-C02 3 | PAGE Domain % of Exam Domain 1: Design Resilient Architectures 30% Domain 2: Design High-Performing Architectures 28% Domain 3: Design Secure Applications and Architectures 24% Domain 4: Design Cost-Optimized Architectures 18% TOTAL 100% Domain 1: Design Resilient Architectures 1.1 Design a multi-tier architecture solution  Determine a solution design based on access patterns.  Determine a scaling strategy for components used in a design.  Select an appropriate database based on requirements.  Select an appropriate compute and storage service based on requirements. 1.2 Design highly available and/or fault-tolerant architectures  Determine the amount of resources needed to provide a fault-tolerant architecture across Availability Zones.  Select a highly available configuration to mitigate single points of failure.  Apply AWS services to improve the reliability of legacy applications when application changes are not possible.  Select an appropriate disaster recovery strategy to meet business requirements.  Identify key performance indicators to ensure the high availability of the solution. 1.3 Design decoupling mechanisms using AWS services  Determine which AWS services can be leveraged to achieve loose coupling of components.  Determine when to leverage serverless technologies to enable decoupling. 1.4 Choose appropriate resilient storage  Define a strategy to ensure the durability of data.  Identify how data service consistency will affect the operation of the application.  Select data services that will meet the access requirements of the application.  Identify storage services that can be used with hybrid or non-cloud-native applications. Domain 2: Design High-Performing Architectures 2.1 Identify elastic and scalable compute solutions for a workload  Select the appropriate instance(s) based on compute, storage, and networking requirements.  Choose the appropriate architecture and services that scale to meet performance requirements.  Identify metrics to monitor the performance of the solution. Version 2.0 SAA-C02 4 | PAGE 2.2 Select high-performing and scalable storage solutions for a workload  Select a storage service and configuration that meets performance demands.  Determine storage services that can scale to accommodate future needs. 2.3 Select high-performing networking solutions for a workload  Select appropriate AWS connectivity options to meet performance demands.  Select appropriate features to optimize connectivity to AWS public services.  Determine an edge caching strategy to provide performance benefits.  Select appropriate data transfer service for migration and/or ingestion. 2.4 Choose high-performing database solutions for a workload  Select an appropriate database scaling strategy.  Determine when database caching is required for performance improvement.  Choose a suitable database service to meet performance needs. Domain 3: Design Secure Applications and Architectures 3.1 Design secure access to AWS resources  Determine when to choose between users, groups, and roles.  Interpret the net effect of a given access policy.  Select appropriate techniques to secure a root account.  Determine ways to secure credentials using features of AWS IAM.  Determine the secure method for an application to access AWS APIs.  Select appropriate services to create traceability for access to AWS resources. 3.2 Design secure application tiers  Given traffic control requirements, determine when and how to use security groups and network ACLs.  Determine a network segmentation strategy using public and private subnets.  Select the appropriate routing mechanism to securely access AWS service endpoints or internet-based resources from Amazon VPC.  Select appropriate AWS services to protect applications from external threats. 3.3 Select appropriate data security options  Determine the policies that need to be applied to objects based on access patterns.  Select appropriate encryption options for data at rest and in transit for AWS services.  Select appropriate key management options based on requirements. Domain 4: Design Cost-Optimized Architectures 4.1 Identify cost-effective storage solutions  Determine the most cost-effective data storage options based on requirements.  Apply automated processes to ensure that data over time is stored on storage tiers that minimize costs.Version 2.0 SAA-C02 5 | PAGE 4.2 Identify cost-effective compute and database services  Determine the most cost-effective Amazon EC2 billing options for each aspect of the workload.  Determine the most cost-effective database options based on requirements.  Select appropriate scaling strategies from a cost perspective.  Select and size compute resources that are optimally suited for the workload.  Determine options to minimize total cost of ownership (TCO) through managed services and serverless architectures. 4.3 Design cost-optimized network architectures  Identify when content delivery can be used to reduce costs.  Determine strategies to reduce data transfer costs within AWS.  Determine the most cost-effective connectivity options between AWS and on-premises environments.Version 2.0 SAA-C02 6 | PAGE Appendix Which key tools, technologies, and concepts might be covered on the exam? The following is a non-exhaustive list of the tools and technologies that could appear on the exam. This list is subject to change and is provided to help you understand the general scope of services, features, or technologies on the exam. The general tools and technologies in this list appear in no particular order. AWS services are grouped according to their primary functions. While some of these technologies will likely be covered more than others on the exam, the order and placement of them in this list is no indication of relative weight or importance:  Compute  Cost management  Database  Disaster recovery  High availability  Management and governance  Microservices and component decoupling  Migration and data transfer  Networking, connectivity, and content delivery  Security  Serverless design principles  Storage AWS services and features Analytics:  Amazon Athena  Amazon Elasticsearch Service (Amazon ES)  Amazon EMR  AWS Glue  Amazon Kinesis  Amazon QuickSight AWS Billing and Cost Management:  AWS Budgets  Cost Explorer Application Integration:  Amazon Simple Notification Service (Amazon SNS)  Amazon Simple Queue Service (Amazon SQS)Version 2.0 SAA-C02 7 | PAGE Compute:  Amazon EC2  AWS Elastic Beanstalk  Amazon Elastic Container Service (Amazon ECS)  Amazon Elastic Kubernetes Service (Amazon EKS)  Elastic Load Balancing  AWS Fargate  AWS Lambda Database:  Amazon Aurora  Amazon DynamoDB  Amazon ElastiCache  Amazon RDS  Amazon Redshift Management and Governance:  AWS Auto Scaling  AWS Backup  AWS CloudFormation  AWS CloudTrail  Amazon CloudWatch  AWS Config  Amazon EventBridge (Amazon CloudWatch Events)  AWS Organizations  AWS Resource Access Manager  AWS Systems Manager  AWS Trusted Advisor Migration and Transfer:  AWS Database Migration Service (AWS DMS)  AWS DataSync  AWS Migration Hub  AWS Server Migration Service (AWS SMS)  AWS Snowball  AWS Transfer Family Networking and Content Delivery:  Amazon API Gateway  Amazon CloudFront  AWS Direct Connect  AWS Global Accelerator  Amazon Route 53  AWS Transit Gateway  Amazon VPC (and associated features)Version 2.0 SAA-C02 8 | PAGE Security, Identity, and Compliance:  AWS Certificate Manager (ACM)  AWS Directory Service  Amazon GuardDuty  AWS Identity and Access Management (IAM)  Amazon Inspector  AWS Key Management Service (AWS KMS)  Amazon Macie  AWS Secrets Manager  AWS Shield  AWS Single Sign-On  AWS WAF Storage:  Amazon Elastic Block Store (Amazon EBS)  Amazon Elastic File System (Amazon EFS)  Amazon FSx  Amazon S3  Amazon S3 Glacier  AWS Storage Gateway