Advanced CloudFormation Skills
AWS Systems Manager
AWS Secrets Manager
Parameter Store vs. Secrets Manager
AWS Service Catalog
AWS Control Tower
Managing Product Licenses
Amazon Managed Grafana
Amazon Managed Service for Prometheus
AWS Resilience Hub
The course is part of this learning path
This course provides detail on the AWS Management & Governance services relevant to the AWS Certified DevOps Engineer - Professional exam.
Want more? Try a lab playground or do a Lab Challenge!
- Learn how AWS AppConfig can reduce errors in configuration changes and prevent application downtime
- Understand how the AWS Cloud Development Kit (CDK) can be used to model and provision application resources using common programming languages
- Get a high-level understanding of Amazon CloudWatch
- Learn about the features and use cases of the service
- Create your own CloudWatch dashboard to monitor the items that are important to you
- Understand how CloudWatch dashboards can be shared across accounts
- Understand the cost structure of CloudWatch dashboards and the limitations of the service
- Review how monitored metrics go into an ALARM state
- Learn about the challenges of creating CloudWatch Alarms and the benefits of using machine learning in alarm management
- Know how to create a CloudWatch Alarm using Anomaly Detection
- Learn what types of metrics are suitable for use with Anomaly Detection
- Create your own CloudWatch log subscription
- Learn how AWS CloudTrail enables auditing and governance of your AWS account
- Understand how Amazon CloudWatch Logs enables you to monitor and store your system, application, and custom log files
- Explain what AWS CloudFormation is and what it’s used for
- Determine the benefits of AWS CloudFormation
- Understand what the core components are and what they are used for
- Create a CloudFormation Stack using an existing AWS template
- Learn what VPC flow logs are and what they are used for
- Determine options for operating programmatically with AWS, including the AWS CLI, APIs, and SDKs
- Learn about the capabilities of AWS Systems Manager for managing applications and infrastructure
- Understand how AWS Secrets Manager can be used to securely encrypt application secrets
Managing licenses in the cloud can become a headache for both asset managers and auditors. AWS License Manager has been designed to make the management and control of licenses with third party vendors such as Microsoft, SAP, Oracle and IBM when they are used both in the cloud and on-premises. It supports and tracks any software where the licensing agreement is set against virtual cores, VCPUs, physical cores, sockets, or a number of machines. AWS License Manager enables you to create license configurations which are made of multiple customizable rules that can be centered around the stipulations made by your different licensing agreements. These different rule types can include license counting type and this defines how your licenses are counted, by vCPU or physical core. Minimum and maximum allowed number of vCPUS or physical cores. This is dependent on the previous rule and the counting type but it essentially sets a threshold value for vCPUs or physical cores. License count, this specifies the number of licenses used within the license configuration. License count hard limit, when I hard limit is set it will block the launch of an instance that would make a breach of license amount. If you set a soft limit it will allow the launch of the instance however it will send a notification alert of the issue. Allowed tenancy, here you can specify which EC2 tenancy can consume a license with the configuration such as shared tenancy, which is the default, dedicated instance or dedicated host.
These rules are evaluated against your EC2 computer resources based on the software running on them to assess if your environment has reached its licensing limits on your EC2 instances. AWS License Manager is currently supported and integrated with EC2 instances, dedicated instances, dedicated hosts, spot instances, spot fleets, and also auto-scaling groups. The customized rules help to minimize licensing breaches and depending on the configuration the EC2 instance can be prevented from being launched if there is a breach or it can send notifications to the appropriate team informing them of the limitations. AWS License Manager is integrated with AWS Systems Manager and AWS Organizations, allowing you to monitor your license requirements across multiple AWS accounts, plus on-premise environments. This allows you to monitor your licenses for your software vendors via a single account in the dashboard view. In addition to this, if you purchase resources from AWS Marketplace then you can also integrate Bring Your Own License to AWS License Manager as well.
So in essence, AWS License Manager provides a means of addressing, tracking, monitoring and managing licenses in a centralized location for on-premises and multi account AWS environments across multiple third party vendors using customized rules.
That brings me to the end of this lecture. Next I will be looking at Amazon Elastic Inference.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.