Good Tips to be a good AWS SysOps

…and of course achieve the AWS SysOps Associate

I recently took the trainning and AWS SysOps exam, my result was very good (above 900 points). I do not pretend to make a complete guide on how to pass the exam, nor do i share sample questions, because I also do not intend to violate the clauses as an AWS certificated worker. What I want in this post is to propose a study method that makes you think like a real life System Operator.

I just want to share a few different and very focused tips on the topics that helped me get that score but even more important to prepare for the day-to-day operations in the Cloud.

I want to share a list of topics that will help you focus your efforts in the last phase study (4 o 5 days before exam date) to face the questions in an effective way like in the real life as SysOperator:

1. Be very clear about how to avoid any single point of failure in scenarios where services such as: RDS, Elastic Load Balancer, Availability Zone, TCP / HTTP checks, and auto-scaling configurations are present.

2. Mastering CloudWatch concepts and features very well, for example: ¿What can you do from an Operations point of view with Basic Monitoring and Detailed Monitoring? ¿When to use custom metrics? What can this type of metric serve as an operator for? Very important, CloudWatch Logs, can you monitor logs in real time? Can you ingest logs over time to apply detailed analysis? Set alarms on any of your metrics to receive notifications or take other automated actions when your metric crosses your specified threshold.

As an AWS Operator: How can you use the graphs and statistics that CloudWatch offers? And one of the most important things, Amazon CloudWatch Events enables you to respond quickly to application availability issues or resource changes, with notifications from AWS services delivered in near-real-time. You can write rules to indicate which events are of interest to your application and what automated action to take when a rule matches an event.

3. Monitoring metrics for EC2. Study very well the different metrics that you have at your disposal, since this is a day-to-day job for Operations

4. What protection mechanisms are available to you to access the APIs of your AWS account.

5. Choose the best option to avoid a disruption in planned and unplanned maintenance tasks, and those of updating or modifying the elements of your architecture.

6. A lot about S3, problems and situations about bucket policies, access control lists, or IAM policies. Understand the difference between them, and understand the correct usage application in the proposed scenarios. When should you use S3 policies and when should IAM policies? Again, with clear concepts, you will solve these situations easily in your daily job as a SysOperator.

7. Another frequent scenario in the real world: ¿what we need to do with migrations projects, moving our workloads from one region to another, so how can you get support from the AMIs to achieve it? ¿Can you share an AMI between regions? ¿Can you share it between accounts?

8. Know how to identify the HTTP XXX errors that are registered in S3, in the ELBs and be able to quickly identify where the root cause is.

8. You must reinforce the Networking aspects very well to quickly solve issues about the parameters of the VCP, Security Groups, VPN, NAT Gateway, NAT Instances, IGW, etc., which allow you a specific traffic flow between your resources in AWS.

10. Once again, S3 and Glacier, Data Lifecycle Policy Settings, select very well the correct classes to choose the best option.

11. Amazon Elastic Cache for Redis and Memcached. How can you achieve High Availability and relieve the load on the backend Databases to improve performance and response times of your apps?

12. Scenarios about enabling federated AWS access for your workforce. Be very clear about the concepts and the correct flow of the tasks for configuration and operation.

13. CloudFormation, about CF, I recommend you review the benefits very well, and remember that the great template writers notices and copy in some way :P, although you must always keep the credits and respect the license with which it is released. In this topic it is important to take into account the options and parameters to consider for a correct deployment, and how can you avoid deleting your stacks accidently. You will face situations where you should recommend a troubleshooting action

14. Again with S3, study some policies and how are written, how are structured, in the real life you will have to review policy code to solve a specific situation.

15. Something that you should already know well if you took the Associate certification, but I still invite you to review it in detail. The different types of EBS, their use case, when to change or not an EBS type to increase performance, or increase bandwidth, throughput, or the amount of IOPS.

16. A bit of Security controls and mechanisms: Encryption at rest, encryption in transit, encryption in EBS, in Snapshots, in S3, in EFS. Study this part please.

17. Granting Permission to Launch EC2 Instances with IAM Roles (PassRole Permission)

18. Prepare well about using AWS Systems Manager OpsCenter and AWS Config for compliance purposes and monitoring. Remember, AWS Config allows you to remediate noncompliant resources using AWS Systems Manager Automation documents. Get some practice creating AWS Config rules

19. Important point in Operations: Governance and Cost Control using Resource Tagging.

20. But also, Control access to AWS resources through resource tags. Control Access to and for IAM Users and Roles Using Tags

21. You will be asked to propose a multi-regional implementation of an application where a controlled portion of your traffic is being processed by an another region. What can you do to achieve that goal? Think about which of these services can help you: Route 53, ELB, Auto Scaling

22. Please, study well the different between:

• Auto Scaling launch configuration
• Auto Scaling launch template
• Auto Scaling group
• Auto Scaling policy
• Auto Scaling tags

23. As an AWS operator you need to have a good understanding of the tools, concepts and strategies to establish a recovery against regional failures or local failures (in AZs). What AWS services help you support the strategy? Snapshots, AWS Backup, Manual Failover, Automatic Failover.

24. You will find situations where you face a scenario where a company asks you to configure a way that allows them for example: to use a single payee account by using the consolidated billing option. But also, what other options and mechanisms does AWS provide to generate reports and notifications about the billing account? generating consumption reports, health reports, etc. These concepts are key for the SysOps role.

25. As an AWS operator you are faced with a scenario where a company asks you to configure a way that allows them, for example: to use a single payee account by using the consolidated billing option. But also, what other options and mechanisms does AWS provide to generate reports and notifications about the billing account? generating consumption reports, health reports, an so on. These concepts are key to the exam as well.

26. ¿How can services like Trust Advisor and Cost Explorer helps me in my Operations day to day responsabilities?

BONUS: First identify the option that is discarded in a very obvious way, identify the distractors and focus your analysis on what you are asked or proposed to solve the situation or issue, ALWAYS! Remember that you need to think like a SysOps worker.