This course provides detail on the AWS Management & Governance services relevant to the AWS Certified DevOps Engineer - Professional exam.
Want more? Try a lab playground or do a Lab Challenge!
Learning Objectives
- Learn how AWS AppConfig can reduce errors in configuration changes and prevent application downtime
- Understand how the AWS Cloud Development Kit (CDK) can be used to model and provision application resources using common programming languages
- Get a high-level understanding of Amazon CloudWatch
- Learn about the features and use cases of the service
- Create your own CloudWatch dashboard to monitor the items that are important to you
- Understand how CloudWatch dashboards can be shared across accounts
- Understand the cost structure of CloudWatch dashboards and the limitations of the service
- Review how monitored metrics go into an ALARM state
- Learn about the challenges of creating CloudWatch Alarms and the benefits of using machine learning in alarm management
- Know how to create a CloudWatch Alarm using Anomaly Detection
- Learn what types of metrics are suitable for use with Anomaly Detection
- Create your own CloudWatch log subscription
- Learn how AWS CloudTrail enables auditing and governance of your AWS account
- Understand how Amazon CloudWatch Logs enables you to monitor and store your system, application, and custom log files
- Explain what AWS CloudFormation is and what it’s used for
- Determine the benefits of AWS CloudFormation
- Understand what the core components are and what they are used for
- Create a CloudFormation Stack using an existing AWS template
- Learn what VPC flow logs are and what they are used for
- Determine options for operating programmatically with AWS, including the AWS CLI, APIs, and SDKs
- Learn about the capabilities of AWS Systems Manager for managing applications and infrastructure
- Understand how AWS Secrets Manager can be used to securely encrypt application secrets
As useful as this Health dashboard may be, the best case scenario is to not have to visit the page at all, and we can do that by leveraging a Eventbridge. Let me show you. I'm going to type health here and select the Dashboard. Here at the bottom, we have the option for EventBridge and it will take us directly to the rule creation page, just a nice little shortcut. I'll type test-notification, for example, and the defaults are fine here. I click 'Next', and yes, we're trying to use an AWS event, so, that's fine. Let's take a look at an example here. I'll type health and select Health Event. This is just a sample so that you have an idea of what it looks like. This is really useful if you're coding, say an AWS lambda function that is going to be inspecting this JSON document with this information, it's good to look at an example so that you know what kind of information and field and names to expect in your code. There's one sample and I believe there's another one. Yes, you can click on sample event number 2.
It will look slightly different, but more or less you get the idea of what kind of information to expect when you're programming for AWS health related information. Now, if we wanted to do the real thing, we would go down here and the EventSource is AWS services, that's fine. Now, we type health and we say, okay, we're going to be filtering for this particular service and we can keep drilling down, in this case, we can choose all events or specific health events. Let's choose this, for example. And what this is going to allow us to do is specify resources and services. Let's say, for example, EC2, it's very common that you would have, let's say a production EC2 fleet and you don't really care, for example, if AWS lambda or AWS API gateway go out of service if all you're running is EC2 machines, right? So, by selecting EC2 here, you can even go as far as specifying your own ARN here. Let's say that you only have one or two of specific servers running on EC2, if nothing is affecting those, then you don't care to get a notification here at in Eventbridge.
So, for now, let's just say any resource. And in this case, we're going to leave EC2 here and click 'Next'. Now, this is where you would select your target. This is where it actually gets interesting. Let's say you can choose SNS, of course, SNS meaning, let's say that you would have an emergency cell phone that needs to get notified, it would be probably an SNS topic here, or you can have a list of emails if you have a support team that needs to get an alert when something is going on in AWS, you can do that with SNS also. Now, you would choose lambda function if you need something more sophisticated. Let's say that you want to capture this event and create a JIRA ticket, for example, or send a notification to your own internal slack, those things, you would have to write a little bit of code to make them happen, and for that, you would use a lambda function. I'm not actually going to configure this right now because that will get us into the world of lambdas and SNS, and that's out of scope for this course. But the key point to remember here is that you can configure EventBridge to respond to AWS plan and on-plan outages to take an automated response that you can set up to be as specific as you need it to be.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.