Scribd
Upload
180 views

Notes AWS SysOps

Notes for AWS_SysOps Exam

Uploaded by

Mohamed ElBeltagy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
180 views

Notes AWS SysOps

Notes for AWS_SysOps Exam

Uploaded by

Mohamed ElBeltagy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

AWS SysOps

AWS SysOps Administrator Exam


The AWS SysOps Administrator exam is designed to validate the skills and
knowledge of professionals who are responsible for managing and operating
systems on the AWS platform. This exam tests the candidate's ability to deploy,
manage, and operate scalable, highly available, and fault-tolerant systems on
AWS.

Topics Covered in the Exam


The AWS SysOps Administrator exam covers a wide range of topics, including:

Deploying, managing, and operating systems on AWS

Implementing and controlling the flow of data to and from AWS

Selecting the appropriate AWS service based on requirements

Identifying operational cost control mechanisms and estimating AWS usage


costs

Migrating on-premises workloads to AWS

Implementing and managing hybrid environments

Ensuring data integrity and data security on AWS

Monitoring, logging, and troubleshooting systems on AWS

Implementing and managing AWS policies and compliance

It is important for candidates to have a solid understanding of these topics and


hands-on experience with AWS services to successfully pass the AWS SysOps
Administrator exam.

AWS SysOps 1
Introduction, AWS Fundamentals, EC2, IAM

Storage & Databases

Networking & Content Delivery

Monitoring, Automation, and Exam Dump Initial Pass

Exam Dump Focused Study and Final Review

Important Topics: db ec2 ecs eks s3 efs ebs network

AWS SysOps 2
Getting Started
These are general information which will be reiterated again on the other notes,
but I find as core details for any Solutions Architect or simply anyone in an AWS
SysOps role.

1. AWS Public and Private Services

2. Stateful and Stateless Firewalls

3. The AWS CLI

4. Public, Private, and Elastic IP

5. Instance Profile

AWS Public and Private Services


AWS is a multi-tenant service - which means that for the most part, you'll be
running your resources on hardware that is shared across multiple customers.

AWS SysOps 3
There are options where you can have dedicated hardware or connection and you
can find more details on that in the other notes, but the majority of AWS services
are configured in a multi-tenant setup.
These AWS services can either be Public or Private.

Public Services
These are services with public endpoints.

have a DNS or IP address whihch you can connect to

as example, S3 buckets have a URL which you can access

Private Services
These are services that can have a public IP address but exist within a VPC.

all resources have private IP address and is in your VPC

as an example, EC2 instances have public IP addresses which you can SSH
into.

from the VPC, your resources can access outside resources through:

Internet Gateway
Can be used to go to the public internet and connect to AWS public
services

VPC Endpoint
Can be used to access AWS public resources throguh a private connection

Stateful and Stateless Firewalls


A Stateful firewall allows the return of traffic automatically. A Security Group is a
stateful firewall.

A Stateless firewall checks for an allow rule for both connections - inbound and
outbound. Network ACLs (NACLs) are stateless firewalls.

<img src="../Images/statefull-less.png" width=700>

The AWS CLI

AWS SysOps 4
You can spun up instances and provision resources by configuring them through
the console. You could also run commands through the AWS Command Line or
AWS CLI.

You can find more details on how to install and use AWS CLI in the AWS
Documentation Page.
<img src="../Images/aws-cli.png" width=700>

Public, Private, and Elastic IP


Below is a comparison of public IP, private IP, and ELastic Ip address which we
use to access our EC2 instances.

<img src="../Images/ip-addr.png" width=700>

How IP addresses work in an instance


Let's say we have an instance and this instance could have a public IP if it's in a
public subnet. We could also allocate an Elastic IP to it if we want the IP address to
be static.

<img src="../Images/ec2-ip-addr.png" width=700>


Now, the public IP is not actually assigned to the instance.

it is associated with the private IP address of that instance

this means that the instance OS is not aware of it's public IP

When data comes in on the internet gateway with destination address set to the
public IP address of the instance, the internet gateway is actually doing a 1:1 NAT
Translation.

destination address (public IP of target instance) is translated to the private IP


of the instance.

it then checks its route table if the private IP address matches a CIDR block

it then forwards the data to the target instance

the same process happens when the instance is sending internet-bound data

AWS SysOps 5
Instance Profile
An Instance Profile is a container for an IAM role that you can use to pass role
information to an EC2 instance when the instance starts.

can only contain 1 IAM role

instance can only have one assigned role at a time

a role can be included in multiple instances profile

You can follow the create-instance-profile.sh to create an isntance profile on your


EC2 instance.

# Make sure you have configured you AWS CLI already with your
information
aws configure

# Create instance profile


aws iam create-instance-profile --instance-profile-name mytes
tinstanceprofile

# Add role to instance profile


aws iam add-role-to-instance-profile --role-name S3ReadOnly -
-instance-profile-name mytestinstanceprofile

# Remove role from instance profile


aws iam remove-role-from-instance-profile --role-name S3ReadO
nly --instance-profile-name mytestinstanceprofile

# Delete instance profile


aws iam delete-instance-profile --instance-profile-name mytes
tinstanceprofile

01-EC2_and_Lambda_for_SysOps

AWS SysOps 6

You might also like