|
Monitoring, Logging, Analysis, Remediation, and Performance Optimization
|
- Implement metrics, alarms, and filters by using AWS monitoring and logging
services.
-
Configure AWS monitoring and logging by using AWS services (for example, Amazon CloudWatch, AWS CloudTrail, Amazon Managed Service for Prometheus).
-
Configure and manage the CloudWatch agent to collect metrics and logs from EC2 instances, Amazon ECS clusters, or Amazon Elastic Kubernetes Service (Amazon EKS) clusters.
-
Configure, identify, and troubleshoot CloudWatch alarms that can invoke AWS services directly or through Amazon EventBridge (for example, by creating composite alarms and identifying their invokable actions).
-
Create, implement, and manage customizable and shareable CloudWatch dashboards that display metrics and alarms for AWS resources across multiple accounts and AWS Regions.
-
Configure AWS services to send notifications to Amazon Simple Notification Service (Amazon SNS) and to invoke alarms that send notifications to Amazon SNS.
- Identify and remediate issues by using monitoring and availability metrics.
-
Analyze performance metrics and automate remediation strategies by using AWS services and functionality (for example, CloudWatch, AWS User Notifications, Lambda, Systems Manager, CloudTrail, auto scaling).
-
Use EventBridge to route, enrich, and deliver events, and troubleshoot any issues with event bus rules.
-
Create or run custom and predefined Systems Manager Automation runbooks (for example, by using AWS SDKs or custom scripts) to automate tasks and streamline processes on AWS.
- Implement performance optimization strategies for compute, storage, and
database resources.
-
Optimize compute resources and remediate performance problems by using performance metrics, resource tags, and AWS tools.
-
Analyze Amazon Elastic Block Store (Amazon EBS) performance metrics, troubleshoot issues, and optimize volume types to improve performance and reduce cost.
-
Implement and optimize S3 performance strategies (for example, AWS DataSync, S3 Transfer Acceleration, multipart uploads, S3 Lifecycle policies) to enhance data transfer, storage efficiency, and access patterns.
-
Evaluate and select shared storage solutions (for example, Amazon Elastic File System [Amazon EFS], Amazon FSx), and optimize the solutions (for example, EFS lifecycle policies) for specific use cases and requirements.
-
Monitor Amazon RDS metrics (for example, Amazon RDS Performance Insights, CloudWatch alarms), and modify configurations to increase performance efficiency (for example, Performance Insights proactive recommendations, RDS Proxy).
-
Implement, monitor, and optimize EC2 instances and their associated storage and networking capabilities (for example, EC2 placement groups).
|
22% |
|
Reliability and Business Continuity |
- Implement scalability and elasticity.
-
Configure and manage scaling mechanisms in compute environments.
-
Implement caching by using AWS services to enhance dynamic scalability (for example, CloudFront, Amazon ElastiCache).
-
Configure and manage scaling in AWS managed databases (for example, Amazon RDS, DynamoDB).
- Implement highly available and resilient environments.
-
Configure and troubleshoot Elastic Load Balancing (ELB) and Amazon Route 53 health checks.
-
Configure fault-tolerant systems (for example, Multi-AZ deployments).
- Implement backup and restore strategies.
-
Automate snapshots and backups for AWS resources (for example, EC2 instances, RDS DB instances, EBS volumes, S3 buckets, DynamoDB tables) by using AWS services (for example, AWS Backup).
-
Use various methods to restore databases (for example, point-intime restore) to meet recovery time objective (RTO), recovery point objective (RPO), and cost requirements.
-
Implement versioning for storage services (for example, Amazon S3,Amazon FSx).
-
Follow disaster recovery procedures.
|
22% |
|
Deployment, Provisioning, and Automation |
- Provision and maintain cloud resources.
-
Create and manage AMIs and container images (for example, EC2 Image Builder).
-
Create and manage stacks of resources by using CloudFormation and the AWS Cloud Development Kit (AWS CDK).
-
Identify and remediate deployment issues (for example, subnet sizing issues, CloudFormation errors, permissions issues).
-
Provision and share resources across multiple Regions and accounts (for example, AWS Resource Access Manager [AWS RAM], CloudFormation StackSets).
-
Implement deployment strategies and services.
-
Use and manage third-party tools to automate resource deployment (for example, Terraform, Git).
- Automate the management of existing resources.
-
Use AWS services to automate operational processes (for example, Systems Manager).
-
Implement event-driven automation by using AWS services and features (for example, Lambda, S3 Event Notifications).
|
22% |
|
Security and Compliance |
- Implement and manage security and compliance tools and policies.
-
Implement AWS Identity and Access Management (IAM) features (for example, password policies, multi-factor authentication [MFA], roles, federated identity, resource policies, policy conditions).
-
Troubleshoot and audit access issues by using AWS tools (for example, CloudTrail, IAM Access Analyzer, IAM policy simulator).
-
Implement multi-account strategies securely.
-
Implement remediation based on the results of AWS Trusted Advisor security checks.
-
Enforce compliance requirements (for example, Region and service selections).
- Implement strategies to protect data and infrastructure.
-
Implement and enforce a data classification scheme.
-
Implement, configure, and troubleshoot encryption at rest (for example, AWS Key Management Service [AWS KMS]).
-
Implement, configure, and troubleshoot encryption in transit (for example, AWS Certificate Manager [ACM]).
-
Securely store secrets by using AWS services.
-
Configure reports and remediate findings from AWS services (for example, Security Hub, Amazon GuardDuty, AWS Config, Amazon Inspector).
|
16% |
|
Networking and Content Delivery |
- Implement and optimize networking features and connectivity.
-
Configure a VPC (for example, subnets, route tables, network ACLs, security groups, NAT gateways, internet gateway, egress-only internet gateway).
-
Configure private networking connectivity.
-
Audit AWS network protection services (for example, Route 53 Resolver DNS Firewall, AWS WAF, AWS Shield, AWS Network Firewall) in a single account.
-
Optimize the cost of network architectures.
- Configure domains, DNS services, and content delivery.
-
Configure DNS (for example, Route 53 Resolver).
-
Implement Route 53 routing policies, configurations, and query logging.
-
Configure content and service distribution (for example, CloudFront, AWS Global Accelerator).
- Troubleshoot network connectivity issues.
-
Troubleshoot VPC configurations (for example, subnets, route tables, network ACLs, security groups, transit gateways, NAT gateways).
-
Collect and interpret networking logs to troubleshoot issues (for example, VPC flow logs, ELB access logs, AWS WAF web ACL logs, CloudFront logs, container logs).
-
Identify and remediate CloudFront caching issues.
-
Identify and troubleshoot hybrid connectivity issues and private connectivity issues.
-
Configure and analyze CloudWatch network monitoring services.
|
18% |
The AWS SOA-C03 exam preparation guide is designed to provide candidates with necessary information about the CloudOps Engineer Associate exam. It includes exam summary, sample questions, practice test, objectives and ways to interpret the exam objectives to enable candidates to assess the types of questions-answers that may be asked during the AWS Certified CloudOps Engineer - Associate exam.