style="font-size:15px;"> 8. What AWS Cloud service is designed to give you an easy way to establish a trusted relationship between your Active Directory and AWS?
A. Amazon Elastic Compute Cloud (Amazon EC2)
B. AWS Key Management Service (AWS KMS)
C. Amazon Virtual Private Cloud (Amazon VPC)
D. Active Directory Connector
9. What AWS Cloud service provides a logically isolated section of the AWS Cloud where systems operators can launch AWS resources into a virtual network they defined?
A. Amazon Virtual Private Cloud (Amazon VPC)
B. Amazon Route 53
C. Availability Zones
D. Security Groups
10. You manage a fleet of web servers hosted on Amazon Elastic Compute Cloud (Amazon EC2). Most, if not all, of the websites are static in nature. What AWS Cloud service can host a static website, thus replacing servers?
A. Amazon Elastic Compute Cloud (Amazon EC2)
B. Amazon Simple Storage Service (Amazon S3)
C. Amazon Route 53
D. Amazon API Gateway
Chapter 2
Working with AWS Cloud Services
THE AWS CERTIFIED SYSOPS ADMINISTRATOR – ASSOCIATE EXAM TOPICS COVERED IN THIS CHAPTER MAY INCLUDE, BUT ARE NOT LIMITED TO, THE FOLLOWING:
Domain 4.0 Deployment and Provisioning
✔ 4.2 Demonstrate the ability to provision cloud resources and manage implementation automation.
Content may include the following:
■ How to configure your workstation to manage and deploy AWS resources
Introduction to AWS Cloud Services
As a qualified candidate for the AWS Certified SysOps Administrator – Associate certification, it’s not enough to read the guide – you need to get your hands dirty by digging in. This chapter provides you with a starting point for using several AWS tools that will help you be successful as you learn how to use the cloud in a more effective manner.
It’s likely that you are familiar with the AWS Management Console, the web-based interface to AWS Cloud services. In this study guide, we won’t spend much time instructing you on the basics of the AWS Management Console. You’ve probably been using it already, and we believe there is more value in instructing you, the systems operator, in the tools that will allow you to integrate AWS functionality into the scripting environments in which you are already an expert.
There are several AWS-provided tools available for customers to create, maintain, and delete AWS resources at the command line or in code: the AWS Command Line Interface (AWS CLI), AWS Tools for PowerShell, and AWS Software Development Kits (SDKs). Understanding these tools is an essential part of an effective cloud operations team’s automation and scripting toolkit.
To find instructions on how to install the latest version of the AWS CLI, navigate to http://aws.amazon.com/cli in a web browser. For Windows, you’ll download and install the 32-bit or 64-bit installer that is appropriate for your computer. If you’re using Mac or Linux and have Python and pip installed, installing the latest version of the AWS CLI is as simple as running pip install awscli.
Upgrading the AWS CLI on a Linux or Mac computer is as simple as running pip install – upgrade awscli. For Windows users, you’ll have to download the latest installer and install the latest version.
After installing the AWS CLI, run aws configure to configure it with your credentials. Specifically, you will need an access key and secret key created for your AWS Identity and Access Management (IAM) user. Optionally, you can set a region (for example, us-east-1) and a default output format (for example, JSON) after entering your access key and secret key. The aws configure Command Options are shown in Table 2.1.
TABLE 2.1 The aws configure Command Options
If you ever believe that your credentials are compromised, you should inactivate them immediately.
You can also create multiple profiles by appending -profile profile-name to the aws configure command. This can be handy in a number of different situations. You may want to have separate profiles with separate privileges for development, testing, and production environments. You could also create unique profiles for multiple accounts that you need to access. Creating different profiles will allow you to execute commands using different configurations for each.
After you’ve run aws configure, your credentials are stored in ~/.aws/credentials on Mac or Linux, or in %UserProfile%\.aws/credentials on Windows. Your other configuration parameters are stored in ~/.aws/config on Mac or Linux, or in %UserProfile%\.aws/config on Windows. The AWS CLI will look in these locations for the credentials and configuration information each time it is called to execute a command.
You can specify configuration parameters using environment variables as well, as listed in Table 2.2. This ability can come in handy for making swift changes in scripts or on a temporary basis from the command line.
TABLE 2.2 Environment Variables
How you change the variable depends on the shell you are using. In the bash shell, which is most commonly the default on Linux and Mac systems, you use the format export environment_variable=option to set the new variable.
You
