AWS系統管理員學習指南(第2版·SOA-C01)

購買商店

AWS系統管理員學習指南(第2版·SOA-C01)

$588.00

馬上購買

內容描述

涵蓋了所有考試目標：
● 監測和報告服務
● AWS的高可用性環境
● 存儲和數據管理
● 部署和資源供給
● 安全性和合規性
● AWS的網絡和連接服務
● 自動化和優化

目錄大綱

目    錄
第Ⅰ部分 AWS 基礎
第1 章 AWS 系統操作簡介·············· 3
1.1 AWS 生態系統·················· 4
1.1.1 AWS 服務模型············· 4
1.1.2 AWS 全球業務············· 5
1.2 AWS 受管服務·················· 7
1.3 什麽是系統操作···············10
1.3.1 AWS 責任共擔模型······ 11
1.3.2 AWS 服務級別協議······12
1.3.3 7 個知識點·················12
1.4 使用AWS ·······················13
1.4.1 AWS 管理控制台·········13
1.4.2 AWS CLI ···················14
1.4.3 AWS SDK··················15
1.4.4 技術支持和在線資源····15
1.4.5 支持計劃···················15
1.4.6 其他支持資源·············16
1.4.7 主要考試資源·············16
1.5 本章小結························16
1.6 考試要點························16
1.7 復習題···························18
第Ⅱ部分 監控和報告工具
第2 章 Amazon CloudWatch ·········23
2.1 AWS 監控·······················24
2.1.1 監控是事件驅動的·······24
2.1.2 監控是可定製的··········25
2.1.3 監控可以驅動操作·······26
2.2 CloudWatch 的基本術語和概念······························26
2.2.1 CloudWatch 是基於指標和事件的···················26
2.2.2 警報顯示可通知的變更·························27
2.2.3 事件和CloudWatch 事件級別較低···················27
2.2.4 CloudWatchEvents 包含3 個組件····················27
2.2.5 在警報和事件之間選擇·························27
2.2.6 什麽是命名空間··········28
2.2.7 到第10 層維度············28
2.2.8 統計聚合指標·············29
2.3 監控計算能力··················29
2.3.1 EC2 實例指標·············29
2.3.2 EC2 EBS 指標·············30
2.3.3 ECS 指標···················31
2.4 存儲監控························31
2.4.1 S3 指標·····················31
2.4.2 RDS 指標··················32
2.4.3 DynamoDB2 指標········32
2.5 CloudWatch 警報···············33
2.5.1 創建一個警報閾值·······33
2.5.2 發出警報···················34
2.5.3 響應警報···················34
2.6 CloudWatch 事件···············34
2.6.1 事件·························35
2.6.2 規則·························35
2.6.3 目標·························35
2.7 本章小結························36
2.8 復習資源························36
2.9 考試要點························37
2.10 練習·····························37
2.11 復習題··························43
第3 章 AWS Organizations············47
3.1 管理多賬戶·····················47
3.1.1 AWS Organizations 整合用戶管理···················48
3.1.2 AWS Organizations 合並賬單·························48
3.2 AWS Organizations 核心概念······························49
3.2.1 組織是一個賬戶的集合·························49
3.2.2 組織擁有一個主賬戶····49
3.2.3 跨賬戶管理組織單位····50
3.2.4 使用服務控制策略·······51
3.3 AWS Organizations 與合並計費······························53
3.3.1 合規性的優勢·············53
3.3.2 AWS Organizations優於標記···················53
3.4 本章小結························53
3.5 考試要點························54
3.6 練習······························54
3.7 復習題···························56
第4 章 AWS Config························59
4.1 管理配置更改··················60
4.1.1 關於持續···················60
4.1.2 本地解決方案·············61
4.1.3 雲中的配置················61
4.2 AWS Config 用例··············62
4.2.1 中央配置管理·············62
4.2.2 審計跟蹤···················63
4.2.3 作為安全的配置··········64
4.3 AWS Config 規則和應答·····64
4.3.1 規則是理想的配置·······64
4.3.2 配置項表示特定配置····65
4.3.3 評估規則···················65
4.4 AWS Config 還是AWS CloudTrail ·······················67
4.5 本章小結························68
4.6 復習資源························68
4.7 考試要點························68
4.8 練習······························69
4.9 復習題···························74
第5 章 AWS CloudTrail ··················79
5.1 API 日誌是數據的跟蹤·······79
5.1.1 跟蹤到底是什麽··········80
5.1.2 CloudTrail 流程···········82
5.2 CloudTrail 作為監控工具·····83
5.2.1 查看CloudTrail 日誌·····83
5.2.2 將CloudTrail 和SNS連接在一起················84
5.2.3 有時CloudTrail 處理權限·························84
5.3 本章小結························85
5.4 復習資源························85
5.5 考試要點························85
5.6 練習······························86
5.7 復習題···························90
第Ⅲ部分 高可用性
第6 章 Amazon RelationalDatabase Service ···············95
6.1 使用Amazon RDS 創建數據庫···························95
6.1.1 Amazon RDS 對比你自己的實例················96
6.1.2 所支持的數據庫引擎····97
6.1.3 數據庫配置和參數組····98
6.1.4 Amazon RDS 可擴展性······················99
6.2 Amazon RDS 的主要功能·· 100
6.2.1 擴展Amazon RDS實例······················ 100
6.2.2 備份Amazon RDS實例······················· 100
6.2.3 保護Amazon RDS 實例安全······················· 101
6.3 多AZ 配置····················· 101
6.3.1 創建一個多AZ 部署··· 101
6.3.2 故障轉移到從屬實例··· 102
6.4 讀副本························· 103
6.4.1 復制到讀副本··········· 103
6.4.2 連接到讀副本··········· 104
6.4.3 讀副本的要求和限制······················· 104
6.5 Amazon Aurora ··············· 104
6.5.1 Aurora 捲················· 105
6.5.2 Aurora 副本·············· 105
6.6 本章小結······················ 105
6.7 復習資源······················ 105
6.8 考試要點······················ 106
6.9 復習題························· 107
第7 章 自動縮放····························111
7.1 自動縮放的術語和概念···· 112
7.1.1 自動縮放組·············· 112
7.1.2 縮小和放大·············· 112
7.1.3 EC2 以外的縮放········ 113
7.1.4 最小容量、最大容量和預期容量················· 114
7.1.5 自動縮放組的自動縮放······················· 114
7.1.6 自動縮放實例需要維護······················· 115
7.2 啟動配置······················ 116
7.2.1 EC2 實例是啟動配置模板······················· 116
7.2.2 一個自動縮放組擁有一個啟動配置··········· 117
7.2.3 啟動模板：版本化的啟動配置················· 117
7.3 自動縮放策略················ 117
7.3.1 手動縮放················· 117
7.3.2 計劃縮放················· 118
7.3.3 動態縮放················· 118
7.3.4 冷卻期···················· 119
7.3.5 實例按序終止··········· 119
7.4 當自動縮放失敗時·········· 120
7.5 本章小結······················ 121
7.6 復習資源······················ 121
7.7 考試要點······················ 122
7.8 練習···························· 122
7.9 復習題························· 125
第Ⅳ部分 部署和供給
第8 章 中央、分支和堡壘主機·····131
8.1 VPC 夥伴······················ 131
8.1.1 瞭解中央-分支架構的用例······················· 133
8.1.2 跨多個區域使用VPC夥伴連接 (區域間夥伴網絡) ······················ 133
8.2 堡壘主機······················ 134
8.2.1 堡壘主機使用架構····· 134
8.2.2 堡壘主機選項··········· 135
8.3 本章小結······················ 136
8.4 復習資源······················ 136
8.5 考試要點······················ 136
8.6 練習···························· 137
8.7 復習題························· 144
第9 章 AWS Systems Manager ····149
9.1 介紹AWS SystemsManager························ 149
9.1.1 與AWS Systems Manager進行通信················· 150
9.1.2 AWS 受管實例·········· 151
9.1.3 AWS 資源組············· 152
9.1.4 運用AWS Systems Manager 執行操作····· 152
9.2 本章小結······················ 156
9.3 復習資源······················ 156
9.4 考試要點······················ 157
9.5 練習···························· 157
9.6 復習題························· 163
第Ⅴ部分 存儲和數據管理
第10 章 Amazon Simple Storage Service(S3)····················· 169
10.1 對象存儲和Amazon S3 ··· 170
10.2 可用性和持久性············ 172
10.3 S3 中的數據安全和保護··························· 174
10.3.1 訪問控制·············· 174
10.3.2 版本控制·············· 176
10.3.3 加密···················· 177
10.4 Amazon Glacier ············· 178
10.5 S3 生命周期管理··········· 179
10.6 存儲網關····················· 179
10.7 本章小結····················· 180
10.8 復習資源····················· 180
10.9 考試要點····················· 181
10.10 練習························· 181
10.11 復習題······················ 185
第11 章 Elastic Block Store(EBS)······························ 189
11.1 瞭解塊存儲和EBS········· 189
11.1.1 EBS 存儲類型········ 190
11.1.2 EBS 對比實例存儲···················· 192
11.2 加密EBS 捲················· 192
11.3 EBS 快照····················· 194
11.4 本章小結····················· 194
11.5 復習資源····················· 194
11.6 考試要點····················· 195
11.7 練習··························· 195
11.8 復習題························ 197
第12 章 Amazon Machine Image(AMI)·······························201
12.1 Amazon Machine Images(AMIs)························ 202
12.2 AMI 存儲···················· 204
12.3 AMI 安全···················· 204
12.3.1 啟動權限·············· 205
12.3.2 加密···················· 205
12.4 在區域間移動AMIs ······· 205
12.4.1 AWS 管理工作台···· 205
12.4.2 AWS CLI ·············· 206
12.5 常見的AMI 問題··········· 206
12.6 本章小結····················· 207
12.7 復習資源····················· 207
12.8 考試要點····················· 208
12.9 練習··························· 208
12.10 復習題······················ 210
第Ⅵ部分 安全性與合規性
第13 章 IAM ·································215
13.1 共擔責任模型：雲安全入門··························· 215
13.2 IAM 組件···················· 216
13.2.1 用戶···················· 216
13.2.2 組······················· 217
13.2.3 角色···················· 217
13.2.4 策略···················· 217
13.3 管理IAM ···················· 220
13.3.1 管理口令·············· 220
13.3.2 管理訪問密鑰········ 221
13.3.3 保護訪問密鑰········ 222
13.4 保護AWS 賬戶············· 222
13.4.1 保護根賬戶··········· 222
13.4.2 IAM 最佳實踐······· 223
13.4.3 Trusted Advisor······· 223
13.5 其他身份服務··············· 224
13.5.1 Cognito ················ 224
13.5.2 聯邦···················· 224
13.5.3 AWS KMS ············ 224
13.6 本章小結····················· 224
13.7 復習資源····················· 225
13.8 考試要點····················· 225
13.9 練習··························· 226
13.10 復習題······················ 229
第14 章 報告和日誌····················· 233
14.1 AWS 中的報告和監控····· 233
14.2 AWS CloudTrail············· 234
14.2.1 對所有區域使用跟蹤·················· 235
14.2.2 管理事件·············· 235
14.2.3 數據事件·············· 236
14.2.4 但是你說過CloudTrail是免費的·············· 237
14.3 Amazon CloudWatch ······· 237
14.3.1 Amazon CloudWatch警報···················· 238
14.3.2 Amazon CloudWatch日誌···················· 239
14.3.3 Amazon CloudWatch事件···················· 240
14.3.4 Amazon CloudWatch儀表板················· 240
14.4 AWS Config ················· 241
14.5 本章小結····················· 241
14.6 復習資源····················· 241
14.7 考試要點····················· 242
14.8 練習··························· 243
14.9 復習題························ 246
第15 章 附加安全工具··················249
15.1 Amazon Inspector··········· 249
15.2 Amazon GuardDuty ········ 251
15.3 本章小結····················· 252
15.4 復習資源····················· 252
15.5 考試要點····················· 253
15.6 練習··························· 253
15.7 復習題························ 257
第Ⅶ部分 網絡
第16 章 虛擬私有雲(VPC)············263
16.1 瞭解AWS 網絡············· 264
16.1.1 CIDR 介紹············ 264
16.1.2 VPC ···················· 265
16.1.3 子網···················· 266
16.1.4 路由表················· 267
16.1.5 互聯網網關··········· 268
16.1.6 NAT 網關和實例···· 268
16.1.7 VPC 端點············· 271
16.1.8 與外部連接··········· 272
16.2 保護網絡安全··············· 273
16.2.1 安全組················· 273
16.2.2 網絡訪問控制列表(NACL) ················ 274
16.3 排查網絡問題··············· 275
16.3.1 VPC 流日誌·········· 275
16.3.2 其他資源·············· 275
16.4 本章小結····················· 275
16.5 復習資源····················· 276
16.6 考試要點····················· 277
16.7 練習··························· 278
16.8 復習題························ 281
第17 章 Route 53 ························285
17.1 域名系統····················· 286
17.2 Amazon Route 53 ··········· 287
17.2.1 Amazon TrafficFlow···················· 288
17.2.2 AWS 私有DNS ······ 288
17.3 路由策略····················· 289
17.3.1 簡單路由策略········ 289
17.3.2 故障轉移路由策略··· 289
17.3.3 地理定位路由策略·· 290
17.3.4 地理鄰近路由策略··· 291
17.3.5 基於延遲的路由策略···················· 291
17.3.6 多值應答路由策略··· 291
17.3.7 權重路由策略········ 292
17.4 健康檢查和故障轉移······ 293
17.5 本章小結····················· 294
17.6 復習資源····················· 294
17.7 考試要點····················· 294
17.8 練習··························· 295
17.9 復習題························ 298
第Ⅷ部分 自動化和優化
第18 章 CloudFormation ·············303
18.1 IaaS 簡介····················· 303
18.2 CloudFormation 模板······ 304
18.3 AWSTemplateFormat-Version························ 304
18.3.1 描述···················· 305
18.3.2 元數據················· 305
18.3.3 參數···················· 305
18.3.4 映射···················· 305
18.3.5 條件···················· 306
18.3.6 轉換···················· 306
18.3.7 資源···················· 307
18.3.8 輸出···················· 307
18.4 創建和定製堆棧············ 307
18.4.1 參數···················· 308
18.4.2 輸出···················· 308
18.5 改進模板····················· 308
18.5.1 內置函數·············· 309
18.5.2 映射···················· 310
18.5.3 偽參數················· 310
18.6 CloudFormation 模板存在的問題··························· 310
18.7 本章小結····················· 311
18.8 復習資源····················· 311
18.9 考試要點····················· 311
18.10 練習························· 312
18.11 復習題······················ 313
第19 章 Elastic Beanstalk ············317
19.1 什麽是Elastic Beanstalk ··· 317
19.1.1 平臺和語言··········· 318
19.1.2 創建自定義平臺····· 319
19.2 Elastic Beanstalk 更新····· 322
19.2.1 一次性部署··········· 323
19.2.2 滾動部署·············· 323
19.2.3 帶有額外批處理的滾動部署·············· 323
19.2.4 不可變部署··········· 323
19.3 使用藍/綠部署測試應用··· 324
19.4 配置Elastic Beanstalk ····· 324
19.5 保護Elastic Beanstalk ····· 325
19.5.1 數據保護·············· 325
19.5.2 身份和訪問管理····· 326
19.5.3 日誌和監控··········· 326
19.5.4 合規···················· 326
19.5.5 彈性恢復·············· 326
19.5.6 配置和漏洞分析····· 326
19.5.7 安全最佳實踐········ 327
19.5.8 對Elastic Beanstalk 使用安全最佳實踐········ 327
19.6 Elastic Beanstalk CLI······· 327
19.7 Elastic Beanstalk 排錯····· 328
19.8 本章小結····················· 328
19.9 復習資源····················· 329
19.10 考試要點··················· 329
19.11 練習························· 329
19.12 復習題······················ 331
復習題答案······································335