4.28 out of 5
209 reviews on Udemy

AWS Certified SysOps Administrator – Associate (2018)

Study for and pass the (2018) AWS Certified SysOps Administrator (Associate) level exam
Linux Academy
1,430 students enrolled
English [Auto-generated] More
Pass the 2018 version of the AWS Certified SysOps Administrator (Associate) level exam.

The AWS Certified SysOps Administrator- Associate is a certification based around administering applications on AWS from an operations viewpoint. Although there are some deployment topics, this certification deals more with decisions we must make in our environments based on information we receive from monitoring, auditing, and any performance feedback we gather.

This course has been developed to provide you with the requisite knowledge to not only pass the AWS SysOps Administrator certification exam but also gain the hands-on experience required to become a qualified AWS Systems Operator working in a real-world environment.

As an added bonus to all who enroll, we have made a select group of Linux Academy’s Hands-On Labs and flashcards available for free to all students who wish to take advantage of them.  Instructions on how to access these bonus features will be provided during the course.  (NOTE: These bonus features are not a required part of the course. they are an addition you can choose if you so wish).


Course Introduction

Welcome to the AWS Certified SysOps Administrator- Associate course! I am excited to be with you on the next step of your certification journey. This certification is an Associate level certification that emphasizes managing AWS resources from an operation and administrator perspective. When you're ready, mark this video complete and let's get started!

About the Training Architect

A brief chat about my background, my roots in IT, and what I like to do in my spare time.

SysOps Codex Interactive Diagram and Web Application

The interactive diagrams for this course are The SysOps Administrator's Codex. The first part of this lesson is a walkthrough on navigating the charts in your own study. The link is on the "Important Links" document in the Downloads section of the course.

I am from an Operations background. This certification is about operations and administration. I developed a web application for us to use in monitoring, deploying, and making changes to throughout the course. This lesson will walk you through the infrastructure involved in running this WordPress application.

AWS Free Tier: Usage Tracking and Billing Widget

This video gives you a walkthrough on how to use the AWS Free Tier Tracking and Billing Widget for you own AWS Account!

Monitoring and Metrics

CloudWatch Essentials

What is CloudWatch? And how do we get started?

CloudWatch is a very powerful tool for monitoring and troubleshooting in AWS. In this lesson, we will discuss CloudWatch basics and move on to CloudWatch alarms, the actions we can perform with them, and how to configure them.

CloudWatch Events

CloudWatch Events are a way to automatically take action with our AWS resources based on certain event triggers or schedules. In this lesson, we will discuss what CloudWatch Events are, how to configure them, and common uses for them.

CloudWatch Logs

CloudWatch Logs are an excellent way to provide alarming, dashboards, and reporting from other sources in AWS like CloudTrail. In this lesson, we will discuss the different components of CloudWatch Logs and how we can use them to set custom alarms in our environment.

EC2 Status Checks

Status checks are made up of Instance Status Checks and System Status Checks. Errors in these indicate different issues, and should, therefore, be recovered differently. This lesson discusses AWS System and Instance Status Checks and how to recover from an error in these checks.

EC2 Types and Performance

There is a large variety when it comes time for us to select an EC2 instance type. Some families are more suited for particular tasks. We, as SysOPs Administrators, should know what options are available to us. There is also a large difference in most families between the smallest and largest instance size that can affect performance. This lesson discusses the virtualization types, instance types, and instance sizes we can configure for our EC2 instances.

EC2 Metrics and Custom Metrics

The EC2 service had the most metrics of any service. There are many we can use without additional charges. There are, however, a few metrics that are not reported by default. These can be called custom metrics and involve installing an agent on the EC2 instance itself. This lesson discusses basic EC2 metrics for CloudWatch and how we can get custom, OS-level metrics sent to CloudWatch as well.

Here are the commands used in this video:

######## Install CloudWatch Agent ############

wget https://s3.amazonaws.com/amazoncloudwatch-agent/linux/amd64/latest/AmazonCloudWatchAgent.zip

unzip AmazonCloudWatchAgent.zip

sudo ./install.sh 

######## Configure CloudWatch Agent ############


######## Start CloudWatch Agent ###############

sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:configuration-file-path -s

EC2 Dedicating an Instance for Monitoring

CloudWatch is not always the best monitoring solution. Applications may sometimes need their own custom solution. Whether for a backup to CloudWatch or for specialized applications, setting up an instance to ping the environment is an important skill. This lesson discusses how to set up an instance and get it monitoring.

EBS Essentials

It is important to know the basics of EBS volumes to be able to make informed decisions in our environment. This lesson discusses some of the facts that are necessary to know for administering EBS and for the exam.

EBS Performance

Performance of your EBS volumes should be a priority in your environment. Storage size, bursting, throughput, and IOPS can all cause issues. Also, if we haven't "tuned" our EBS usage carefully, we could be spending more than we really need to. This lesson discusses the performance options a user has when provisioning EBS volumes.

EBS Metrics

The metrics we need to monitor are varied and greatly depend on the volume type. This lesson discusses EBS metrics in CloudWatch and how we can use them to make performance decisions with our volumes.

EFS Monitoring for Performance and Availability

EFS is a scalable, highly available block storage file system we can use with our EC2 instances and on-prem servers. EFS is becoming a bigger part of all the Associate exams. In this lesson, we discuss a brief overview of what it is. Then, we move on to how to monitor it through CloudWatch.

ELB Monitoring for Performance and Availability
RDS Monitoring for Performance and Availability

The performance of your RDS instances can affect your application greatly. We can use these metrics to make decisions about instance types and read replicas. This lesson discusses Relational Database Service (RDS) and how to monitor performance.

Elasticache: Monitoring for Performance and Availability

ElastiCache is a caching tool we can use to help speed up the performance of our applications for our customers. This lesson discusses ElastiCache and important aspects of monitoring it.

Ability to monitor and manage billing and cost optimization processes

AWS Billing and Organizations

Running our applications in the cloud can present large cost savings for our organizations. We must know how to monitor and optimize costs to take full advantage of these savings. AWS Billing and Cost Managment hold several features we use to not only pay our bills but also monitor and optimize costs.

AWS Cost Explorer

AWS provides a way for us to investigate expenses in our account. We can tag resources by environments (dev, test, prod) and see cost reports for each. We can also filter costs by region, VPC, instance type, and many more. This lesson is a basic walkthrough of the AWS Cost Explorer service.

Cost Optimization

Costs can always increase unexpectantly. There are some common mistakes that contribute to these increases. In this lesson, we will discuss AWS recommendations to optimize costs and avoid some of the common causes of cost increases.

AWS Monitoring and Metrics Concepts for the SysOps Administrator

High Availablity

Scalability and Elasticity Essentials

Scalability and elasticity are key concepts in how cloud computing provides automatic performance increases and cost savings. This lesson discusses the concepts of scalability and elasticity. We go on to show how it works in EC2, RDS, and DynamoDB

EC2: Scale Out or Scale Up

In AWS, scaling out means horizontal scaling by increasing the number of instances in an Auto Scaling group. Scaling up is referring to vertical scaling by increasing the instance size or family. This lesson discusses decisions administrators need to make regarding AutoScaling versus increasing instance size.

EC2 Reserve Instances

EC2 reserved instances can be an effective method of saving money if long-term compute capacity is needed. They can also reserve us capacity in case of an availability zone or region shortage of on-demand instances. In this lesson, we discuss reserved instances in greater detail. Scenarios that show the benefits of using them are also provided.

ELB: High Availability

Load balancers are responsible for serving traffic to multiple instances in an application. In addition, they can also prevent poor application performance by evaluating the health of the instances it serves. Traffic can then be directed to only those instances that are "healthy." This lesson discusses how Elastic Load Balancers can assist in scalable, highly available applications.

SNS and SQS Availability

Messaging services can be used to decouple applications. Because these services are scalable and highly available, they provide applications with the ability to grow automatically. This lesson discusses how we can use messaging services to make applications scalable.

Ensure level of fault tolerance based on business needs

EC2: NAT Gateway and Bastion Hosts

In the event of an availability zone failure, instances will still need access to the internet for updates. If multiple NAT gateways are deployed, we can allow for this. Bastion hosts also need to be available when an AZ fails. This lesson discusses how to make Bastion Hosts and NAT Gateways fault tolerant.

RDS: Understanding Multi AZ

Multi-AZ is a fault tolerant feature in Relational Database Service. It prevents an availability zone failure from removing database access from an application. This lesson discusses RDS Multi-AZ deployments and how they handle fault tolerance. There is also a simulated failover executed.

Overview of Services that Allow Access to the Underlying Operating System

AWS services provide different levels of management. Some services are fully managed while others can provide us access to the operating system. Administrators need to know what services require more administrative work. This lesson is an overview of services that allow access to the underlying operating system.

AWS High Availability Concepts for the SysOps Administrator

Optimize the environment to ensure maximum performance

EC2: Initializing Volumes

When restoring a volume from a snapshot, maximum volume performance is not achieved until all blocks on the device have been read. This lesson discusses initializing EBS volumes and when we should use it. The commands from the lesson are here:

sudo dd if=/dev/xvdf of=/dev/null bs=1M

RDS: Scaling for Performance

Read replicas allow us to offload database resources to another instance to improve read performance. Read replicas are also a useful tool for disaster recovery and migrations. In this lesson, we will discuss RDS Read Replicas and how they can help the performance of an application.

Identify performance bottlenecks and implement remedies

EBS: Resizing or Changing Root Volumes

Resizing a root volume is a necessary skill as a Systems Operator. At some point, you will either run out of storage or need better IOPS performance. This video will show a couple of different techniques for resizing or changing a root EBS volume.

ELB: SSL Offloading

Using SSL for secure web communications can increase the processing your application servers are required to do. It might even start to affect your application's performance. Offloading the SSL handshake and decryption duties to a load balancer is a great way to alleviate this. We can also use Certificate Manager to create and renew our SSL certificates. This lesson discusses the process of offloading the SSL workload.

Network Bottlenecks

Network performance is highly important to any application. It is also the first culprit to be blamed when an application is not performing efficiently. Systems Operators need to know the most common causes of network bottlenecks in AWS. This lesson discusses several of those causes.

Identify potential issues on a given application deployment

EC2: Troubleshoot Autoscaling Issues

Autoscaling issues can be difficult to troubleshoot. There are many different configuration steps and items that can lead to problems. This lesson discusses many of the common issues when AutoScaling is not working.

EBS: Ensuring Data Durability

Knowing how to preserve data is an important tool for any administrator. EBS volumes can behave differently depending on how they are being used. This lesson discusses methods of preserving data when our instances need to be terminated. There is also a short discussion on instance-store backed instances.

AWS Analysis Concepts for the SysOps Administrator

Deployment and Provisioning

ELB: Deployment and Provisioning

There are now three types of load balancers in AWS. The use cases and behaviors need to be known for each to properly deploy and administer load balancers in an AWS environment. This lesson discusses the differences and shows configuration examples for each type.

Lambda: Deployment and Provisioning

Lambda is gaining increased coverage on all the Associate level exams. Even as SysOps Administrators, we need to know the basics of how it works. This lesson walks through configuring a Lambda function from one of the AWS-provided blueprints.

ECS: Deployment and Provisioning

As the popularity of containers continues to grow, we as Systems Operators on AWS need to know how the ECS service works. This lesson discusses what ECS is as well as a walkthrough of deploying a sample app using ECS and Fargate.

LightSail and Batch Essentials

Lightsail is a virtual private server (VPS) solution from AWS. It allows for a monthly "rental" of an instance. Batch is a fully managed AWS service for handling batch computing jobs. These compute services are being mentioned in AWS documentation. These are new in terms of the exam. This lesson is a quick overview of what Lightsail and Batch are and what they do.

RDS: Deployment and Provisioning

Kowing Relational Database Service and all of the features and configurations is an important skill for SysOps Administrators. Deploying an RDS instance from scratch presents us with many options. This lesson discusses a few of those options like subnet groups, backup and maintenance windows, and how MultiAZ works using subnets.

DynamoDB: Deployment and Provisioning

DynamoDB is a managed, NoSQL data store. It provides for schemaless design using key-value pairs. DynamoDB is not a large focus of the SysOps Administrator certification, but you will see it mentioned a few times on the exam. This lesson goes over the important attributes and configurations that all System Operators and Administrators should know.

S3: Provisioning

Simple Storage Service (S3) is a fully scalable, highly available object storage solution in AWS. There are many attributes of S3 to think about when objects are first uploaded and when those objects need to be managed later in the objects' lifecycle. This lesson discusses read consistencies, storage classes, and lifecycle policies.

EFS: Deployment and Provisioning

EFS is a highly scalable managed file system that can be shared by multiple instances. These attributes make it perfect for a web server data store. We can have many instances running and only have to launch and update our websites in one place. This lesson shows the process.

Here is the command to mount the EFS to your instance:

sudo mount -t nfs4 :/ /var/www/html

You can substitute a different path at the end of this command depending on where you want to mount EFS in your instance.

The ability to provision cloud resources and manage implementation automation

Elastic Beanstalk: Essentials

Elastic Beanstalk is a powerful tool used to deploy simple, single-tier applications without having to provision all the resources before deployment. It allows developers a way to deploy code quickly for testing and production environments. There are limitations for this service to be of use. This lesson shows different methods to launch applications and discusses some of the limitations of the service.

CloudFormation Essentials

"Infrastructure as code" is one of the unique abilities of cloud computing. We can launch an entire AWS environment using a text file formatted in JSON or YAML. In AWS, this ability is served using CloudFormation. This lesson will explain templates and template sections as well as the benefits of using this service.

OpsWorks Essentials

OpsWorks is a service that uses Chef cookbooks developed in the Ruby language. It allows us to manage our application in layers. We can use recipes to affect our layers at various lifecycle events in an application's deployment. This video walks through the deployment of a sample Node.js application to further understand the OpWorks infrastructure.

AWS Deployment and Provisioning Concepts for the SysOps Administrator

Demonstrate ability to create backups for different services

Overview of the Services that include Backups

Creating backups for applications is a large responsibility for administrators. Backups are greatly important during disaster recovery events or data corruption incidents. There are services in AWS that offer backup solutions, but they are not enabled by default. As SysOps Admins, we need to be familiar enough to enable these backups.

Automating Backups with Boto3 SDK

As we have seen, EC2 does not provide an automated backup solution directly. The first option we discussed was using CloudWatch Events to create snapshots of EBS volumes. We can also script snapshot creation using API calls. This lesson shows a method using the Boto3 SDK to create snapshots of your EBS volumes all at once without having to know any attributes of the volume itself.

NOTE: The code for this lesson is available in the Resources tab.

S3: Cross-Region Replication

It may seem strange that we are discussing backups for S3 because it has some impressive numbers for durability and availability. The issue is S3 buckets, even though the names are global, they exist in a particular region. If that region were to fail, we would not be able to access our objects. This lesson demonstrates how S3 Cross Region Replication works and what limitations are involved with this replication.

Storage Gateway: Hybrid Environments

For hybrid environments, ones that include some sort of on-premises infrastructure, AWS provides services to assist with data durability. Storage Gateway provides us a way to backup and even migrate to the cloud. It has three main types, and they all include some type of on-prem component. This lesson discusses the three types Storage Gateway offers and how they are used.

Demonstrate ability to enforce compliance requirements

Compliance Overview

Organizations around the world have a lot of different compliance rules and regulations they must adhere to. AWS has provided documentation for compliance audits that you can use, but it applies only to what AWS is responsible for. We must ensure that the applications we deploy are also compliant. This lesson is an overview of how compliance works and some ideas to think about when designing for compliance.

Manage backup and disaster recovery processes

Cross-Region Read Replicas

Disaster recovery strategies when you have databases involved can be tricky. How do we make sure the data in our secondary region is up to date in case of a disaster recovery event? This is what RDS cross-region replicas are built for. This video shows you how to create a cross-region read replica and then simulates a region failure and a promotion of that read-replica in the second region.

Storing Log Files and Backups

Centralizing our log storage can help make our monitoring more efficient. It can also be cheaper if we are not storing multiple copies of logs around our infrastructure. This lesson discusses this strategy of centralized log storage and some tools you can use to help.

Disaster Recovery Strategies

There are many different decisions administrators must make when it comes to disaster recovery planning. A DR solution should be cost-effective so that it does not cost the organization more than it would lose during an outage. Cost, downtime, and frequent testing are important decisions in any company. This lesson discusses disaster recovery scenarios as well as the cost vs. downtime planning decisions that need to be made.

AWS Data Management Concepts for the SysOps Administrator

Implement and manage security policies

IAM Policies

Knowing how to create policies is at the very center of IAM management. We use these policies to enable permissions for users, groups, and roles. This lesson discusses both the pre-built policies as well as custom policies and how to create them.

IAM User and Groups

Managing permissions and policies for users is a big responsibility. Using groups is an efficient way to make management of users easier. This lesson shows how to create users and add them to groups.

IAM Roles

Roles are a way for us to grant our AWS resources permission to interact with each other. We can also grant temporary permissions to users outside of our AWS environment by using roles with delegation and federation. This lesson discusses roles and how we use them.

S3 Bucket Policies

S3 Bucket Policies allow us to have fine, granular control over the access of objects in our S3 buckets. Using these policies, we can implement additional layers of security and access control for objects. This lesson discusses what these policies are and how to implement them in S3.

VPC: NACLs and Security Groups

Security groups and Network Access Control Lists (NACLs) are extremely important when looking to lock down the security of our applications. This lesson discusses a strategy to make them work together more efficiently. Misconfiguring either one of these tools can lead to a lot of time troubleshooting.

Ensure data integrity and access controls when using the AWS platform

Encryption Essentials

Encryption is becoming more and more important in AWS. New services are getting Key Management Service support at a constant rate. An Associate level SysOps Administrator needs to have a basic grasp on encryption and how it is implemented in AWS. This lesson will show you how.

IAM: Mutli-Factor Authentication

Multi-factor authentication should be required for all of your users who have console access, especially administrators. We need to ensure that a compromised password isn't enough to allow someone to enter our environment maliciously. This lesson shows you how to enable MFA and how to set it up using Google Authenticator.

STS: Federation

Identity Federation needs to be understood for us to administer our applications on AWS. STS affects both customers and employees. For users, they need to federate with third-party providers a lot of times to use our applications. For employees, they can use their domain credentials from on-prem services to federate to and use AWS services. This lesson discusses these scenarios in further detail.

S3: Data Integrity

S3 offers several features that can assist with data integrity in addition to its built-in availability and durability numbers. We also need methods to protect our objects from human error. This lesson discusses versioning, replication, and multi-factor authentication delete.

Demonstrate understanding of the shared responsibility model

Shared Responsibilty Overivew

The shared responsibility model is an important concept for any Sysops Administrator to grasp. AWS does not manage everything for you. There are many items and services that require additional administration to protect, monitor, and analyze AWS environments. This lesson discusses the basics of the shared responsibility model along with some examples.

Demonstrate ability to prepare for security assessment use of AWS

AWS Config: Overview

AWS Config is a service we can use to evaluate the configurations of our resources. It records all the details including relationships between resources. This can be very helpful in troubleshooting situations. We can also create a set of rules for evaluating our resources. When a resource is non-compliant with our set rules, AWS Config will let us know. This lesson shows how to configure and use the AWS Config service.

CloudTrail: Overview

CloudTrail is a service we can use to log all the API calls in our account. API Calls include interaction from the console, AWS CLI, and SDKs. We can also create trails that we can analyze with CloudWatch Logs or third-party tools. This lesson shows us how.

Inspector: Overview

Inspector gives us the ability to evaluate our EC2 instances against a built-in library of best practices, common compliance, and vulnerability standards. AWS has compiled libraries using several focus areas for evaluating your instances. This lesson shows how to install the AWS agent on EC2 instances and how to configure targets, templates, and runs from within Inspector.

AWS Security Concepts for the SysOps Administrator

Demonstrate ability to implement networking features of AWS

VPC: Essentials

Virtual Private Cloud allows for us to create networks for our applications to run on. We can customize many different features such as IP address range, how many layers our application needs, routing, security, and many more. This lesson discusses the basics of VPCs, the building blocks, and the attributes of a default VPC.

EC2: Elastic IP and Network Interfaces

Elastic IP (EIP) and Elastic Network Interfaces (ENI) give us a flexible way to retain the same IP address on an instance. This ability is useful in many application scenarios. With ENI, settings such as IP addresses and security groups migrate with the interface. Instances must still be in public subnets to be accessible with either. This lesson shows how to use each and some of the behaviors we need to be aware of as SysOPs Administrators.

CloudFront: Essentials

CloudFront is the AWS Content Delivery Network (CDN). It allows us to cache our web applications around the world to provide lower latency and a better experience for our end-users. It is important to know how our content is distributed to the edge locations and what happens when the edge location does not have a cached version of our content. This lesson discusses the basics of how to configure a CloudFront distribution and some of the processes we need to be aware of.

Route 53: Routing Policy

Route53 is AWS's solution for DNS resolution. Its routing policies can help us decrease latency, implement fault tolerance, and run test deployments. This lesson demonstrates a Route53 failover policy for our WordPress application. The discussion then moves to routing for customers in different locations and test deployments.

AWS Networking Concepts for the SysOps Administrator

Demonstrate ability to implement connectivity features of AWS

VPC Peering

VPC Peering is a tool that we can use when we want our VPCs to communicate using private IP addresses as if they are on the same network. We also have the newly released ability to peer VPCs across regions. This lesson shows you how.


AWS Virtual Private Network (VPN) is a way to get secured communications to AWS from an on-prem environment using the public internet. This lesson discusses the basics and components of an AWS VPN connection.

You can view and review the lecture materials indefinitely, like an on-demand channel.
Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don't have an internet connection, some instructors also let their students download course lectures. That's up to the instructor though, so make sure you get on their good side!
4.3 out of 5
209 Ratings

Detailed Rating

Stars 5
Stars 4
Stars 3
Stars 2
Stars 1
30-Day Money-Back Guarantee


9 hours on-demand video
Full lifetime access
Access on mobile and TV
Certificate of Completion