Course Version

This course outline applies to version 1.0 of AWS Academy Cloud Operations in English.

Description

AWS Academy Cloud Operations is designed to prepare participants to pursue entry-level DevOps, support, and cloud operations roles. It will also help prepare them to take the AWS SysOps Administrator – Associate exam. Emphasizing best practices in the AWS Cloud and recommended design patterns, this course will teach students how to solve problems and troubleshoot various scenarios. The course will show students how to create automatable and repeatable deployments of networks and systems on AWS and covers specific AWS features and tools related to configuration and deployment. With case studies and demonstrations, students will learn how some AWS customers design their infrastructures and implement various strategies and services. Students will also have the opportunity to build a variety of infrastructures via guided, hands-on activities.

Curriculum Objectives

This course teaches students how to:

• Understand AWS infrastructure as it relates to system operations, such as global infrastructure, core services, and account security
• Use the AWS Command Line Interface (AWS CLI), and understand additional administration and development tools
• Manage, secure, and scale compute instances on AWS
• Manage, secure, and scale configurations
• Identify container services and AWS services that are available for serverless computing.
• Manage, secure, and scale databases on AWS
• Build virtual private networks with Amazon Virtual Private Cloud (Amazon VPC)
• Configure and manage storage options using the storage services offered with AWS
• Monitor the health of your infrastructure with services such as Amazon CloudWatch, AWS CloudTrail, and AWS Config
• Manage resource consumption in an AWS account by using tags, Amazon CloudWatch, and AWS Trusted Advisor
• Create and configure automated and repeatable deployments with tools such as Amazon Machine Images (AMIs) and AWS CloudFormation

Duration

Approximately 40 hours. AWS Academy Cloud Operations is designed to be delivered over a semester. Actual delivery times vary depending on the format. This course must be delivered over a period of at least four weeks.

Intended Audience

This intermediate (200-level) course is intended for students attending AWS Academy member institutions.

Employment Outcomes

This course is intended for prospective operations/support/DevOps roles including:

• Operations Engineer
• Support Engineer
• Application Support Engineer
• Product Support Engineer
• Customer Support Engineer
• Support Specialist
• Junior DevOps Engineer
• DevOps Engineer
• Operations Engineer
• Platform Engineer
• Cloud Engineer
• Site Reliability Engineer

Student Prerequisites

AWS Academy Cloud Operations requires a strong foundation in IT concepts and skills. To ensure success, students should have:

• Completed AWS Academy Cloud Foundations or have equivalent experience
• A working knowledge of at least one scripting language
• Familiarity with Linux, the command line and Application Programming Interfaces (APIs)
• Familiarity with virtualization and distributed computing
• An understanding of version control (e.g., Git)
• An understanding of data storage mechanisms such as SQL

Delivery Methods

Learning materials are provided to support in-person or online synchronous delivery. Educators may record their lectures for asynchronous delivery.

Educator Prerequisites

This course does not have any prerequisites for educators. However, prior to facilitating this course, educators are recommended to complete this course, and pass the AWS Certified SysOps Administrator

• Associate exam.

Learning Resources

• Video introductions
  • Lecture materials
  • Educator demo instructions
  • Practical activities
  • Lab exercises

Course Contents

		Lecture	Digital Training	Exercise & Lab	Knowledge Check
Course Welcome and Overview		1:15		0:35
Lecture	AWS Academy Cloud Operations on AWS Course Objectives and Overview
Lecture	Create your AWS Training Portal Account
Lecture	Access your Course Materials
Activity	Documentation Scavenger Hunt
Module 1 – Understanding Systems Operations on AWS		4:00		1:20	0:15
Lecture	Systems Operations in the Cloud
Lecture	Introduction to Core Services
Lecture	AWS Identity and Access Management (IAM)
Video	IAM Policy Simulator
Lecture	AWS Command Line Interface (CLI)
Educator Demo	AWS CLI
Activity	Install and Practice Using the AWS CLI
Knowledge Check
Module 2 – Tooling and Automation		4:00		1:50	0:15
Lecture	AWS Systems Manager

Lecture	Additional Administration and Development Tools
Lecture	Hosting a Static Website on Amazon S3
Lab	Using AWS Systems Manager
Activity	Create a Static Website on Amazon S3
Knowledge Check
Module 3 – Computing (Servers)		0:45		1:45	0:15
Lecture	Computing on AWS
Lecture	Managing your AWS Instances
Lecture	Securing your AWS Instances
Lecture	Amazon EC2 Purchasing Options
Lab	Creating Amazon EC2 Instances
Activity	Troubleshoot Creating a LAMP Instance in the AWS CLI
Knowledge Check
Module 4 – Computing (Scaling and Name Resolution)		5:00		1:30	0:15
Lecture	Elastic Load Balancing
Lecture	Amazon EC2 Auto Scaling
Lecture	Amazon Route 53
Video	Amazon Route 53 Routing Options Demo
Lab	Configure EC2 Auto Scaling

Video	Amazon Route 53 Geo Routing Demo
Activity	Configure Failover Routing with Amazon Route 53
Knowledge Check
Module 5 – Computing (Containers and Serverless)		4:00		1:15	0:15
Lecture	AWS Lambda
Lecture	APIs and REST
Lecture	Amazon API Gateway
Lecture	Containers on AWS
Educator Demo	Deploy Docker Container on Amazon Elastic Container Service (ECS)
Video	Introduction to AWS Step Functions
Lecture	AWS Step Functions
Activity	Create an AWS Lambda Function to Email Daily Reports
Knowledge Check
Module 6 – Computing (Database Services)		3:50		2:15	0:15
Lecture	AWS Database Services
Lecture	Amazon Relational Database Service (RDS)
Educator Demo	Create an RDS Instance
Lecture	Amazon Aurora

Video	How to Create Your First Database Cluster on Amazon Aurora
Lecture	Amazon DynamoDB
Lecture	AWS Database Migration Service (AWS DMS)
Activity	Migrate to Amazon RDS
Knowledge Check
Module 7 – Networking		4:00		1:45	0:15
Lecture	AWS Cloud Networking and Amazon Virtual Private Cloud (VPC)
Lecture	Amazon VPC Connectivity Options
Lecture	Securing Your Network
Lecture	Troubleshooting Networks on AWS
Lab	Configuring Virtual Private Cloud (VPC)
Activity	Troubleshoot a VPC
Knowledge Check
Module 8 – Storage and Archiving		4:15		2:00	0:15
Lecture	Cloud Storage Overview
Lecture	Amazon Elastic Block Store (EBS)
Lecture	Instance Store
Lecture	Amazon Elastic File System
Lecture	Amazon S3

Lecture	Amazon S3 Glacier
Lecture	AWS Data Transfer and Migration Services
Lab	Automation and Optimization
Activity	Work with Amazon S3
Knowledge Check
Module 9 – Monitoring and Security		3:45		1:30	0:15
Lecture	Amazon CloudWatch
Lecture	Amazon CloudWatch Monitoring
Lecture	Amazon CloudWatch Events
Lecture	Amazon CloudWatch Logs
Lecture	AWS CloudTrail
Lecture	AWS Service Integration with Amazon Athena
Lecture	AWS Config
Lab	Monitoring Your Applications and Infrastructure
Activity	Working with AWS CloudTrail
Knowledge Check
Module 10 – Managing Resource Consumption		2:00		1:50	0:15
Lecture	Tagging
Video	What are tags and what can I do with them?

Lecture	Cost Management Tools and Best Practices
Lecture	AWS Trusted Advisor
Lab	Managing Resources
Activity	Optimize AWS Resource Utilization
Knowledge Check
Module 11 – Cloud Architecting		2:00		1:45	0:15
Lecture	Configuration Management in the Cloud
Lecture	Using Configuration Software
Lecture	Creating an AMI Building Strategy
Lecture	Amazon EC2 Launch Templates
Educator Demo	Create an EC2 Launch Template
Lecture	Infrastructure as Code
Lecture	Introduction to JSON and YAML
Lecture	AWS CloudFormation
Lecture	Troubleshooting AWS CloudFormation
	Continuous Integration and Continuous Deployment on AWS
Lab	Automating Deployments with AWS CloudFormation
Activity	Infrastructure as Code
Knowledge Check

Recommended & Optional
Lab	Sandbox

Learning Objectives

Module	Learning Objectives
Module 0: Welcome and Overview	Explain the course scope and expectations.Create an AWS Training Portal account.Create your free AWS Educate account.Access course materials and resources.Navigate the AWS documentation website.
Module 1: Understanding Systems Operations on AWS	Describe system operations in the cloud related to automated and repeatable deployments.Explain Amazon Web Services (AWS) regions and edge locations, and criteria for selecting them.Describe core services related to system operations, including services for network, compute, and access.Explain how AWS Identity and Access Management (IAM) provides security over AWS account resources.Describe AWS Command Line Interface (AWS CLI) features.
Module 2: Tooling and Automation	Describe the purpose and function of AWS Systems Manager and its related features.Describe the purpose and function of AWS Tools for PowerShell.Identify additional development tools used for tooling and automation, such as software development kits (SDKs), AWS CloudFormation, and AWS OpsWorks.Explain how Amazon Simple Storage Service (Amazon S3) can be used to host a static website.
Module 3: Computing Servers	Describe Amazon Elastic Compute Cloud (Amazon EC2) virtualization.Differentiate between the instance types and storage options available for EC2 instances.Understand the networking components that must be specified when you launch an EC2 instance.

	Explain Amazon EC2 user data and metadata.Differentiate the lifecycle states for an EC2 instance.Explain the shared responsibility model.Create Amazon EC2 instances.
Module 4: Computing (Scaling and Name Resolution)	Describe Elastic Load Balancing features.Differentiate the types of ELB load balancers.Describe Amazon EC2 Auto Scaling and launch configurations.Use EC2 Auto Scaling.Describe Amazon Route 53 features and routing options.Configure failover routing.
Module 5: Computing (Containers and Serverless)	Explain the purpose and function of AWS Lambda.Describe the purpose and function of application programing interfaces (APIs), including RESTful APIs.Explain the benefits and function of Amazon API Gateway.Explain the purpose and function of containers and the AWS services that support container usage.Explain the purpose and function of AWS Step Functions.
Module 6: Computing (Database Services)	Differentiate the types of managed database services offered by Amazon Web Services (AWS) and identify their recommended use.Identify some of the factors for consideration when selecting a database (engine and workloads).Explain the purpose and function of Amazon Relational Database Service (Amazon RDS), Amazon Aurora, and Amazon DynamoDB and related benefits of each.Describe the main features and benefits of Amazon Relational Database Service (Amazon RDS), Amazon Aurora, and Amazon DynamoDB.

	Explain the benefits of the AWS Database Migration Service (AWS DMS) and the capabilities of the AWS Schema Conversion Tool (AWS SCT).
Module 7: Networking	Explain the foundational role of an Amazon virtual private cloud (VPC) in AWS Cloud networking.Identify the networking components inside of a VPC and their purpose.Differentiate the options for VPC connectivity.Describe the layered network defense model inside a VPC, such as network Access Control Lists (network ACLs), security groups, and bastion hosts.List the steps to troubleshoot common VPC network issues.Configure a VPC.
Module 8: Storage and Archiving	Differentiate the AWS data storage options and explain their purpose and benefits.Create and manage Amazon EBS snapshots.Store, retrieve, and archive Amazon S3 objects.Identify AWS data migration services.
Module 9: Monitoring and Security	Explain the benefits of Amazon CloudWatch.Describe Amazon CloudWatch monitoring features, including metrics and alarm details.Describe Amazon CloudWatch log features and benefits.Explain the purpose and function of AWS CloudTrail.Describe AWS Config features and benefits.Use Amazon CloudWatch to monitor applications and infrastructure.
Module 10: Managing Resource Consumption	Explain the purpose and function of tagging in AWS.Describe the cost management strategies associated with tagging.Describe how to enforce tagging using Identity and Access Management (IAM) policies.

	Identify some of the cost benefits of the cloud.Explain the purpose and function of the AWS Trusted Advisor service.Manage Resources with tagging.
Module 11: Creating Automated and Repeatable Deployments	Identify some of the AWS services for configuration management.Describe the challenges associated with cloud deployments and potential solutions for remedy.Describe infrastructure as code and the value it creates.Describe the purpose of AWS CloudFormation.Describe some of the types of errors with AWS CloudFormation and their remedy.Describe best practices using AWS CloudFormation.
Lab 1 – Using AWS Systems Manager	Use AWS Systems Manager Inventory to verify configurations and permissions.Use AWS Systems Manager Run Command to execute tasks on multiple servers.Use AWS Systems Manager Parameter Store to update application settings or configurations.Use AWS Systems Manager Session Manager to access the command line on an instance.
Lab 2 – Creating Amazon EC2 Instances (Linux)	Launch an Amazon EC2 instance using the management console.Launch an Amazon EC2 instance using the AWS Command Line Interface (CLI).
Lab 3 – Using Auto Scaling (Linux)	Create a new Amazon Machine Image (AMI) by using the Amazon Command Line Interface (CLI).Use Auto Scaling to scale up the number of servers available for a specific task when other servers are experiencing a heavy load.
Lab 4 – Configuring VPC (Linux)	Create a virtual private cloud (VPC) that contains a private and public subnet, an internet gateway, and a Network Translation (NAT) gateway.

	Configure route tables that are associated with a public subnet for internet-bound traffic to be directed to the internet gateway for direct internet access.Configure route tables that are associated with a private subnet for isolated resources to securely connect to the internet through a NAT gateway.Launch a bastion host in a public subnet for resource- based secured access to the private subnet.Evaluate the operation of the private subnet’s ability to communicate with the internet.
Lab 5 – Managing Storage (Linux)	Create and maintain snapshots for Amazon EC2 instances.Upload files to and download files from Amazon S3.
Lab 6 – Monitoring Your Applications and Infrastructure	Use AWS Systems Manager Run Command to install the CloudWatch Agent on Amazon EC2 instances.Monitor Application Logs using CloudWatch Agent and CloudWatch Logs.Monitor system metrics using CloudWatch Agent and CloudWatch Metrics.Create real-time notifications using CloudWatch Events.Track infrastructure compliance using AWS Config.
Lab 7 – Managing Resources (Linux/Windows)	Apply tags to existing AWS resources.Find resources based on tags.Use the AWS CLI or AWS SDK for PHP to stop and terminate Amazon EC2 instances based on certain attributes of the resource.
Lab 8 – Automating Deployments with AWS CloudFormation	Deploy an AWS CloudFormation stack with a defined Virtual Private Cloud (VPC), Identity and Access Management (IAM) role, and Security Group.Configure an AWS CloudFormation stack with resources, such as an Amazon Simple Storage Solution (S3) bucket and Amazon Elastic Compute Cloud (EC2).Terminate an AWS CloudFormation and its respective resources.

Activity 1: Install AWS CLI with IAM challenge	Install and configure the AWS CLI.Connect the AWS CLI to an AWS account.Access IAM by using the AWS CLI.
Activity 2: Create Static Website for Mom & Pop Cafe on S3	Run AWS CLI commands that use IAM and Amazon S3 services.Deploy a static website to an S3 bucket.Create a script that uses the AWS CLI to copy files in a local directory to Amazon S3.
Activity 3: Deploy a LAMP Instance	Launch an Amazon EC2 instance using the AWS CLI.Troubleshoot AWS CLI commands and Amazon EC2 service settings.
Activity 4: Route53 with GeoRouting	Configure a Route 53 health check that sends emails when the health of an HTTP endpoint turns healthy.Configure failover routing in Amazon Route 53.
Activity 5: Lambda function for Mom & Pop Cafe emails latest data	Recognize necessary IAM policy permissions to enable a Lambda function to other AWS resources.Create a Lambda layer to satisfy an external library dependency.Create a Lambda function.Deploy and test a Lambda function that is triggered based on a schedule and that invokes another function.Use CloudWatch logs to troubleshoot the execution of a Lambda function.
Activity 6: Migrate Mom & Pop Cafe from MySQL on instance to RDS	Create an Amazon Relational Database Service (RDS) MariaDB instance using the AWS Command Line Interface (CLI).Migrate data from a local MariaDB database to an Amazon RDS MariaDB database.Monitor an Amazon RDS instance using Amazon CloudWatch metrics.
Activity 7:	Identify VPC configuration issues.

Troubleshooting a VPC	Troubleshoot VPC configuration issues.Enable VPC Flow Logs.Analyze VPC Flow Logs using grep.
Activity 8: Create a Backup Schedule with Snapshots and Migrate S3 Data to Glacier	Use s3api and s3 CLI commands to create and configure an Amazon S3 bucket.Configure an Amazon S3 bucket for file sharing with an external user.Secure an Amazon S3 bucket for different access requirements using S3 permissions.Configure event notification on an Amazon S3 bucket.
Activity 9: Trigger a CloudWatch Alarm, Enable CloudTrail, and Track Activity	Configure an AWS CloudTrail.Analyze CloudTrail logs using a variety of methods to discover relevant information.Import AWS CloudTrail log data into Amazon Athena.Run queries in Amazon Athena to filter AWS CloudTrail log entries.Resolve security concerns within the AWS account and on an EC2 Linux instance.
Activity 10: Creating AMIs and Launching EC2 Templates	Optimize an Amazon EC2 instance to reduce costs.Use the AWS Simple Monthly Calculator to estimate AWS service costs.
Activity 11: Troubleshooting CloudFormation Deployments