AWS系統管理員學習指南(第2版·SOA-C01)

AWS系統管理員學習指南(第2版·SOA-C01)

《AWS系統管理員學習指南(第2版·SOA-C01)》是2021年清華大學出版社出版的圖書,作者是[美] 薩拉·佩洛特(Sara Perrott) 布雷特·麥克勞林(Brett McLaughlin),譯者是姚力。

基本介紹

  • 中文名:AWS系統管理員學習指南(第2版·SOA-C01)
  • 作者:[美] 薩拉·佩洛特(Sara Perrott) 布雷特·麥克勞林(Brett McLaughlin)
  • 原作品:AWS Cerified SysOps Administrator Study Guide: Associate(SOA-C01) Exam, 2nd Edition
  • 譯者:姚力
  • 出版社清華大學出版社
  • 出版時間:2021年8月 
  • 定價:98 元
  • 開本:16 開
  • 裝幀:平裝
  • ISBN: 9787302588214
內容簡介,目錄,作者簡介,

內容簡介

《AWS系統管理員學習指南(第2版·SOA-C01) 》是成功通過Amazon的Associate(SOA-C01) Exam的完整一站式資源。這本內容全面的書籍清晰準確地覆蓋了每個考試主題,提供了AWS平台部署、管理和操作的詳細指導步驟。完整的z新內容、真實場景、實用建議、動手練習和富有挑戰性的複習題將為這一重要的AWS認證做好充分的準備。
  請確保你已準備履行SysOps管理員的職責。藉助於這本必不可少的指南,AWS專業人士將能夠為備考和工作做好準備。
涵蓋了所有考試目標:
● 監測和報告服務
● AWS的高可用性環境
● 存儲和數據管理
● 部署和資源供給
● 安全性和合規性
● AWS的網路和連線服務
● 自動化和最佳化

目錄

第Ⅰ部分 AWS 基礎
第1 章 AWS 系統操作簡介·············· 3
1.1 AWS 生態系統·················· 4
1.1.1 AWS 服務模型············· 4
1.1.2 AWS 全球業務············· 5
1.2 AWS 受管服務·················· 7
1.3 什麼是系統操作···············10
1.3.1 AWS 責任共擔模型······ 11
1.3.2 AWS 服務級別協定······12
1.3.3 7 個知識點·················12
1.4 使用AWS ·······················13
1.4.1 AWS 管理控制台·········13
1.4.2 AWS CLI ···················14
1.4.3 AWS SDK··················15
1.4.4 技術支持和線上資源····15
1.4.5 支持計畫···················15
1.4.6 其他支持資源·············16
1.4.7 主要考試資源·············16
1.5 本章小結························16
1.6 考試要點························16
1.7 複習題···························18
第Ⅱ部分 監控和報告工具
第2 章 Amazon CloudWatch ·········23
2.1 AWS 監控·······················24
2.1.1 監控是事件驅動的·······24
2.1.2 監控是可定製的··········25
2.1.3 監控可以驅動操作·······26
2.2 CloudWatch 的基本術語和概念······························26
2.2.1 CloudWatch 是基於指標和事件的···················26
2.2.2 警報顯示可通知的變更·························27
2.2.3 事件和CloudWatch 事件級別較低···················27
2.2.4 CloudWatchEvents 包含3 個組件····················27
2.2.5 在警報和事件之間選擇·························27
2.2.6 什麼是命名空間··········28
2.2.7 到第10 層維度············28
2.2.8 統計聚合指標·············29
2.3 監控計算能力··················29
2.3.1 EC2 實例指標·············29
2.3.2 EC2 EBS 指標·············30
2.3.3 ECS 指標···················31
2.4 存儲監控························31
2.4.1 S3 指標·····················31
2.4.2 RDS 指標··················32
2.4.3 DynamoDB2 指標········32
2.5 CloudWatch 警報···············33
2.5.1 創建一個警報閾值·······33
2.5.2 發出警報···················34
2.5.3 回響警報···················34
2.6 CloudWatch 事件···············34
2.6.1 事件·························35
2.6.2 規則·························35
2.6.3 目標·························35
2.7 本章小結························36
2.8 複習資源························36
2.9 考試要點························37
2.10 練習·····························37
2.11 複習題··························43
第3 章 AWS Organizations············47
3.1 管理多賬戶·····················47
3.1.1 AWS Organizations 整合用戶管理···················48
3.1.2 AWS Organizations 合併賬單·························48
3.2 AWS Organizations 核心概念······························49
3.2.1 組織是一個賬戶的集合·························49
3.2.2 組織擁有一個主賬戶····49
3.2.3 跨賬戶管理組織單位····50
3.2.4 使用服務控制策略·······51
3.3 AWS Organizations 與合併計費······························53
3.3.1 合規性的優勢·············53
3.3.2 AWS Organizations優於標記···················53
3.4 本章小結························53
3.5 考試要點························54
3.6 練習······························54
3.7 複習題···························56
第4 章 AWS Config························59
4.1 管理配置更改··················60
4.1.1 關於持續···················60
4.1.2 本地解決方案·············61
4.1.3 雲中的配置················61
4.2 AWS Config 用例··············62
4.2.1 中央配置管理·············62
4.2.2 審計跟蹤···················63
4.2.3 作為安全的配置··········64
4.3 AWS Config 規則和應答·····64
4.3.1 規則是理想的配置·······64
4.3.2 配置項表示特定配置····65
4.3.3 評估規則···················65
4.4 AWS Config 還是AWS CloudTrail ·······················67
4.5 本章小結························68
4.6 複習資源························68
4.7 考試要點························68
4.8 練習······························69
4.9 複習題···························74
第5 章 AWS CloudTrail ··················79
5.1 API 日誌是數據的跟蹤·······79
5.1.1 跟蹤到底是什麼··········80
5.1.2 CloudTrail 流程···········82
5.2 CloudTrail 作為監控工具·····83
5.2.1 查看CloudTrail 日誌·····83
5.2.2 將CloudTrail 和SNS連線在一起················84
5.2.3 有時CloudTrail 處理許可權·························84
5.3 本章小結························85
5.4 複習資源························85
5.5 考試要點························85
5.6 練習······························86
5.7 複習題···························90
第Ⅲ部分 高可用性
第6 章 Amazon RelationalDatabase Service ···············95
6.1 使用Amazon RDS 創建資料庫···························95
6.1.1 Amazon RDS 對比你自己的實例················96
6.1.2 所支持的資料庫引擎····97
6.1.3 資料庫配置和參數組····98
6.1.4 Amazon RDS 可擴展性······················99
6.2 Amazon RDS 的主要功能·· 100
6.2.1 擴展Amazon RDS實例······················ 100
6.2.2 備份Amazon RDS實例······················· 100
6.2.3 保護Amazon RDS 實例安全······················· 101
6.3 多AZ 配置····················· 101
6.3.1 創建一個多AZ 部署··· 101
6.3.2 故障轉移到從屬實例··· 102
6.4 讀副本························· 103
6.4.1 複製到讀副本··········· 103
6.4.2 連線到讀副本··········· 104
6.4.3 讀副本的要求和限制······················· 104
6.5 Amazon Aurora ··············· 104
6.5.1 Aurora 卷················· 105
6.5.2 Aurora 副本·············· 105
6.6 本章小結······················ 105
6.7 複習資源······················ 105
6.8 考試要點······················ 106
6.9 複習題························· 107
第7 章 自動縮放····························111
7.1 自動縮放的術語和概念···· 112
7.1.1 自動縮放組·············· 112
7.1.2 縮小和放大·············· 112
7.1.3 EC2 以外的縮放········ 113
7.1.4 最小容量、最大容量和預期容量················· 114
7.1.5 自動縮放組的自動縮放······················· 114
7.1.6 自動縮放實例需要維護······················· 115
7.2 啟動配置······················ 116
7.2.1 EC2 實例是啟動配置模板······················· 116
7.2.2 一個自動縮放組擁有一個啟動配置··········· 117
7.2.3 啟動模板:版本化的啟動配置················· 117
7.3 自動縮放策略················ 117
7.3.1 手動縮放················· 117
7.3.2 計畫縮放················· 118
7.3.3 動態縮放················· 118
7.3.4 冷卻期···················· 119
7.3.5 實例按序終止··········· 119
7.4 當自動縮放失敗時·········· 120
7.5 本章小結······················ 121
7.6 複習資源······················ 121
7.7 考試要點······················ 122
7.8 練習···························· 122
7.9 複習題························· 125
第Ⅳ部分 部署和供給
第8 章 中央、分支和堡壘主機·····131
8.1 VPC 夥伴······················ 131
8.1.1 了解中央-分支架構的用例······················· 133
8.1.2 跨多個區域使用VPC夥伴連線 (區域間夥伴網路) ······················ 133
8.2 堡壘主機······················ 134
8.2.1 堡壘主機使用架構····· 134
8.2.2 堡壘主機選項··········· 135
8.3 本章小結······················ 136
8.4 複習資源······················ 136
8.5 考試要點······················ 136
8.6 練習···························· 137
8.7 複習題························· 144
第9 章 AWS Systems Manager ····149
9.1 介紹AWS SystemsManager························ 149
9.1.1 與AWS Systems Manager進行通信················· 150
9.1.2 AWS 受管實例·········· 151
9.1.3 AWS 資源組············· 152
9.1.4 運用AWS Systems Manager 執行操作····· 152
9.2 本章小結······················ 156
9.3 複習資源······················ 156
9.4 考試要點······················ 157
9.5 練習···························· 157
9.6 複習題························· 163
第Ⅴ部分 存儲和數據管理
第10 章 Amazon Simple Storage Service(S3)····················· 169
10.1 對象存儲和Amazon S3 ··· 170
10.2 可用性和持久性············ 172
10.3 S3 中的數據安全和保護··························· 174
10.3.1 訪問控制·············· 174
10.3.2 版本控制·············· 176
10.3.3 加密···················· 177
10.4 Amazon Glacier ············· 178
10.5 S3 生命周期管理··········· 179
10.6 存儲網關····················· 179
10.7 本章小結····················· 180
10.8 複習資源····················· 180
10.9 考試要點····················· 181
10.10 練習························· 181
10.11 複習題······················ 185
第11 章 Elastic Block Store(EBS)······························ 189
11.1 了解塊存儲和EBS········· 189
11.1.1 EBS 存儲類型········ 190
11.1.2 EBS 對比實例存儲···················· 192
11.2 加密EBS 卷················· 192
11.3 EBS 快照····················· 194
11.4 本章小結····················· 194
11.5 複習資源····················· 194
11.6 考試要點····················· 195
11.7 練習··························· 195
11.8 複習題························ 197
第12 章 Amazon Machine Image(AMI)·······························201
12.1 Amazon Machine Images(AMIs)························ 202
12.2 AMI 存儲···················· 204
12.3 AMI 安全···················· 204
12.3.1 啟動許可權·············· 205
12.3.2 加密···················· 205
12.4 在區域間移動AMIs ······· 205
12.4.1 AWS 管理工作檯···· 205
12.4.2 AWS CLI ·············· 206
12.5 常見的AMI 問題··········· 206
12.6 本章小結····················· 207
12.7 複習資源····················· 207
12.8 考試要點····················· 208
12.9 練習··························· 208
12.10 複習題······················ 210
第Ⅵ部分 安全性與合規性
第13 章 IAM ·································215
13.1 共擔責任模型:雲安全入門··························· 215
13.2 IAM 組件···················· 216
13.2.1 用戶···················· 216
13.2.2 組······················· 217
13.2.3 角色···················· 217
13.2.4 策略···················· 217
13.3 管理IAM ···················· 220
13.3.1 管理口令·············· 220
13.3.2 管理訪問密鑰········ 221
13.3.3 保護訪問密鑰········ 222
13.4 保護AWS 賬戶············· 222
13.4.1 保護根賬戶··········· 222
13.4.2 IAM 最佳實踐······· 223
13.4.3 Trusted Advisor······· 223
13.5 其他身份服務··············· 224
13.5.1 Cognito ················ 224
13.5.2 聯邦···················· 224
13.5.3 AWS KMS ············ 224
13.6 本章小結····················· 224
13.7 複習資源····················· 225
13.8 考試要點····················· 225
13.9 練習··························· 226
13.10 複習題······················ 229
第14 章 報告和日誌····················· 233
14.1 AWS 中的報告和監控····· 233
14.2 AWS CloudTrail············· 234
14.2.1 對所有區域使用跟蹤·················· 235
14.2.2 管理事件·············· 235
14.2.3 數據事件·············· 236
14.2.4 但是你說過CloudTrail是免費的·············· 237
14.3 Amazon CloudWatch ······· 237
14.3.1 Amazon CloudWatch警報···················· 238
14.3.2 Amazon CloudWatch日誌···················· 239
14.3.3 Amazon CloudWatch事件···················· 240
14.3.4 Amazon CloudWatch儀錶板················· 240
14.4 AWS Config ················· 241
14.5 本章小結····················· 241
14.6 複習資源····················· 241
14.7 考試要點····················· 242
14.8 練習··························· 243
14.9 複習題························ 246
第15 章 附加安全工具··················249
15.1 Amazon Inspector··········· 249
15.2 Amazon GuardDuty ········ 251
15.3 本章小結····················· 252
15.4 複習資源····················· 252
15.5 考試要點····················· 253
15.6 練習··························· 253
15.7 複習題························ 257
第Ⅶ部分 網路
第16 章 虛擬私有雲(VPC)············263
16.1 了解AWS 網路············· 264
16.1.1 CIDR 介紹············ 264
16.1.2 VPC ···················· 265
16.1.3 子網···················· 266
16.1.4 路由表················· 267
16.1.5 網際網路網關··········· 268
16.1.6 NAT 網關和實例···· 268
16.1.7 VPC 端點············· 271
16.1.8 與外部連線··········· 272
16.2 保護網路安全··············· 273
16.2.1 安全組················· 273
16.2.2 網路訪問控制列表(NACL) ················ 274
16.3 排查網路問題··············· 275
16.3.1 VPC 流日誌·········· 275
16.3.2 其他資源·············· 275
16.4 本章小結····················· 275
16.5 複習資源····················· 276
16.6 考試要點····················· 277
16.7 練習··························· 278
16.8 複習題························ 281
第17 章 Route 53 ························285
17.1 域名系統····················· 286
17.2 Amazon Route 53 ··········· 287
17.2.1 Amazon TrafficFlow···················· 288
17.2.2 AWS 私有DNS ······ 288
17.3 路由策略····················· 289
17.3.1 簡單路由策略········ 289
17.3.2 故障轉移路由策略··· 289
17.3.3 地理定位路由策略·· 290
17.3.4 地理鄰近路由策略··· 291
17.3.5 基於延遲的路由策略···················· 291
17.3.6 多值應答路由策略··· 291
17.3.7 權重路由策略········ 292
17.4 健康檢查和故障轉移······ 293
17.5 本章小結····················· 294
17.6 複習資源····················· 294
17.7 考試要點····················· 294
17.8 練習··························· 295
17.9 複習題························ 298
第Ⅷ部分 自動化和最佳化
第18 章 CloudFormation ·············303
18.1 IaaS 簡介····················· 303
18.2 CloudFormation 模板······ 304
18.3 AWSTemplateFormat-Version························ 304
18.3.1 描述···················· 305
18.3.2 元數據················· 305
18.3.3 參數···················· 305
18.3.4 映射···················· 305
18.3.5 條件···················· 306
18.3.6 轉換···················· 306
18.3.7 資源···················· 307
18.3.8 輸出···················· 307
18.4 創建和定製堆疊············ 307
18.4.1 參數···················· 308
18.4.2 輸出···················· 308
18.5 改進模板····················· 308
18.5.1 內置函式·············· 309
18.5.2 映射···················· 310
18.5.3 偽參數················· 310
18.6 CloudFormation 模板存在的問題··························· 310
18.7 本章小結····················· 311
18.8 複習資源····················· 311
18.9 考試要點····················· 311
18.10 練習························· 312
18.11 複習題······················ 313
第19 章 Elastic Beanstalk ············317
19.1 什麼是Elastic Beanstalk ··· 317
19.1.1 平台和語言··········· 318
19.1.2 創建自定義平台····· 319
19.2 Elastic Beanstalk 更新····· 322
19.2.1 一次性部署··········· 323
19.2.2 滾動部署·············· 323
19.2.3 帶有額外批處理的滾動部署·············· 323
19.2.4 不可變部署··········· 323
19.3 使用藍/綠部署測試套用··· 324
19.4 配置Elastic Beanstalk ····· 324
19.5 保護Elastic Beanstalk ····· 325
19.5.1 數據保護·············· 325
19.5.2 身份和訪問管理····· 326
19.5.3 日誌和監控··········· 326
19.5.4 合規···················· 326
19.5.5 彈性恢復·············· 326
19.5.6 配置和漏洞分析····· 326
19.5.7 安全最佳實踐········ 327
19.5.8 對Elastic Beanstalk 使用安全最佳實踐········ 327
19.6 Elastic Beanstalk CLI······· 327
19.7 Elastic Beanstalk 排錯····· 328
19.8 本章小結····················· 328
19.9 複習資源····················· 329
19.10 考試要點··················· 329
19.11 練習························· 329
19.12 複習題······················ 331
複習題答案······································335

作者簡介

Sara Perrott 是美國華盛頓貝爾維尤學院認證的AWS學院講師,也是該學院的兼職教授。她全職從事網路安全領域的工作,對自己的工作充滿熱情。她擁有網路安全和信息保障碩士學位,並持有多個行業認證,如CISSP和GCIH。此外,她還擁有AWS解決方案架構師助理和AWS SysOps管理員助理認證。
  Brett McLaughlin目前從事雲計算工作,專注於可擴展的雲平台以及PB級數據存儲的暫存和分發。Brett是雲架構和大數據集方面的專家,曾領導美國NASA和價值數十億美元規模的資產管理對沖基金項目。他目前是Volusion的首席技術官,同時是活躍在AWS和無伺服器(Serverless)社區的講師。

相關詞條

熱門詞條

聯絡我們