AWS Certified Solution Architect Associate SAA-C03 Step By Step Activity Guides (Hands-On Labs)

This blog post gives a walkthrough of the Step-By-Step Activity Guides and Project works of the AWS Certified Solution Architect Associate (SAA-C03) training program that you must perform to learn this course. These project works are nearly real-time and will help you to gain hands-on experience with multiple AWS services.

The walkthrough of the Step-By-Step Activity Guides of the AWS Certified Solution Architect Associate (SAA-C03) training program will prepare you thoroughly for the AWS SAA-C03 certification apply for the exam click here.

List of Labs that we include in Our training AWS Certified Solution Architect Associate SAA-C03

Activity Guides:

Activity Guide I: Create an AWS Free Trial Account

Amazon Web Services (AWS) is providing a free trial account for 12 months to new subscribers to get hands-on experience with all the services that AWS provides. Amazon is giving no. of different services that we can use with some of the limitations to get hands-on practice and achieve more knowledge on AWS Cloud services as well as regular business use.

With the AWS Free Tier account, all the services offered have limited usage on what we can use without being charged. Here, we will look at how to register for an AWS FREE Tier Account.

To know how to create a free AWS account, check our Step-by-step blog How To Create AWS Free Tier Account

Activity Guide II: CloudWatch: Create billing & service limits

We can enable the AWS billing alerts through Amazon CloudWatch. CloudWatch is an AWS service dedicated to monitoring all of your activities across your AWS account. In addition to billing alerts, CloudWatch also provides the infrastructure for monitoring applications, logs, metrics collections, and other service metadata and detecting the activity in your AWS account usage.

The AWS CloudWatch provides a variety of metrics by which you can schedule your alarms. For example, you could create an alarm to notify you when the CPU or memory Utilization of a running instance goes beyond 90% or when the billing amount goes over $100, In an AWS free tier account, we get 10 alarms and 1,000 email notifications per month.

In this activity guide, you will learn how to create a billing alarm and the service limits of the AWS services.

Activity Guide III: Create & connect to Amazon EC2 Machine

Amazon EC2 presents represents a true virtual computing environment, allowing you to use the console interfaces to launch instances with a variety of operating systems, load them with your custom desired application environment, manage your network’s access permissions, and run the image using as many or few systems as you desire.

In this activity guide, you will learn how to create and connect to a Linux/Windows EC2 Machine.

Activity Guide IV: Install & Configure AWS CLI, setup GIT, Node JS & SDK

The AWS Command Line Interface is an open-source and unified tool that enables you to interact with AWS services/resources using commands in your command-line shell. With minimum configuration, AWS CLI also enables you to start running commands that implement functionality equivalent to that provided by the browser-based AWS Management Console from the command prompt in your favorite terminal program.

In this activity guide, You will learn how to set up and use the AWS CLI, GIT, and SDKs.

Activity Guide V: AWS Identity & Access Management(IAM)

AWS Identity and Access Management is a service provided by AWS that helps you to securely control access to AWS resources. You can use the IAM service to control the user, who is authenticated (signed in) and authorized (has permissions) to use service/resources.

When you first create an AWS account you begin with a single sign-in identity that has complete access to all AWS services/resources in the account. This identity is called the AWS Root user and is accessed by signing in with the email and password that you used to create the account. Here we strongly recommend you do not use the root user for your daily tasks, even the administrative ones. Instead, adhere to the best practice of using your root user only to create the IAM user and for billing purposes only, and then securely lock away your root account credentials and use that account to perform only a few service management tasks.

In this activity guide, You will learn how to create an IAM user, role, and Group and attach policies to it.

Activity Guide VI: Enable Multi-Factor Authentication (MFA)

AWS Multi-Factor Authentication is a simple best practice that adds an additional layer of protection on top of your username and password. With the enabled MFA, when a user signs in to an AWS Console, they will be prompted for their user name and password (First authentication), as well as for an authentication code (Second Authentication) from their AWS MFA device. These details are Taken together to increase security for your AWS account settings and resources.

You can enable MFA for your AWS account as well as for an individual IAM user you have created under your root account. MFA is also used to control access to AWS service APIs. AWS does not charge any additional cost for using the MFA.

In this activity guide, You will learn how to enable the MFA on your root account.

Activity Guide VII: AWS KMS Create & Use

The AWS Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and use them across a wide range of AWS services and in your applications. AWS KMS is a resilient and secure service that uses the hardware security modules that have been validated under FIPS 140-2 or are in the process of being validated, to protect your keys. AWS KMS is integrated with an AWS CloudTrail to provide you with the logs of all key usage to help meet your regulatory and compliance needs.

In this activity guide, You will learn how to create and use the KMS keys with various AWS services.

Activity Guide VIII: IAM Power User

The Power User is the IAM user who has full access to the AWS services and resources but does not allow management of IAM Users and IAM groups. The power to manage users is the highest privilege operation in AWS thus it is provided to the administrative access policy only. A power user is just one step below the admin access and has all the privileges but does not have the ability to manage IAM users.

In this activity guide, You will learn how to create an IAM power user and for what kind of services he is authorized.

Activity Guide IX: Create S3 Bucket, Upload and access a File, And Host a Website

Amazon Simple Storage Service (S3) is an object storage service that offers scalability, durability, data availability, and performance to your data. This means customers of all sizes and industries can use the S3 to store and protect any amount of data for a range of use cases, such as mobile applications, backup & restore, website hosting, archive, enterprise applications, IoT devices, and big data analytics. Amazon S3 is a service that provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to meet your specific business, organizational, and compliance requirements.

Amazon S3 is designed for 99.999999999% (11 9’s) of durability, and stores data for millions of applications for companies all around the world.

In this activity guide, You will learn how to create a bucket, upload and access your file, and host your static website on Amazon S3.

Activity Guide X: S3 Cross-Region Replication

S3 Cross-Region Replication (CRR) is used to copy the objects across Amazon S3 buckets from one region to another in different AWS Regions. Buckets that are configured for object replication can be owned by the same AWS account or they can be different accounts.

In this activity guide, You will learn how to replicate your data files from one region to another region.

Activity Guide XI: S3 Lifecycle Management on S3 Bucket

An S3 Lifecycle configuration is a set of rules and policies that define actions that Amazon S3 applies to a group of objects. To manage your files so that they can be stored in a cost-effective manner throughout their lifecycle, configure their Amazon S3 Lifecycle.

In this activity guide, You will learn how to set a lifecycle management policy on your data files so that they can be stored in a cost-effective manner.

Activity Guide XII: Create & Manage EBS Volumes & Snapshots

Amazon Elastic Block Store (AWS EBS) is a raw block storage service that is designed to be used with Amazon EC2 instances. When mounting to an Amazon EC2 instance, Amazon EBS volumes can be used like any other raw block device: they can be formatted with a specific file system, host operating systems, and applications, and have snapshots or clones made from them.

In this activity guide, You will learn how to create various types of EBS volume and attach them to an EC2 Instance, Also learn about the snapshots.

Activity Guide XIII: Attach & Mount EBS Volume to EC2 Instance

Amazon Elastic Block Store (Amazon EBS) provides block-level storage volumes for EC2 instances. EBS volumes behave like raw, unformatted block devices. You can mount these volumes as a device on your EC2 instances. EBS volumes that are attached to an instance are exposed as storage volumes that persist independently from the life of the instance. You can create a file system on top of these EBS volumes, or use them in such a way that you use a block device (such as a hard drive). Also, you can change the configuration of a volume attached to an instance dynamically.

AWS allows you to create multiple EBS volumes and you can attach them to the instances for extra storage. However, to make the EBS volume usable as storage inside the instance, you need to mount it to a specific folder.

In this activity guide, You will learn how to attach and mount the EBS volume to your Linux/Windows EC2 Instance.

Activity Guide XIV: Create Windows File Systems Using Amazon FSx

Amazon FSx makes it easy and cost-effective to launch and run popular file systems. With Amazon FSx, you can leverage the rich feature sets and fast performance of widely used open-source and commercially licensed file systems, while avoiding time-consuming administrative tasks like hardware provisioning, software configuration, patching, and backups.

It provides high levels of reliability and cost-efficiency, and it integrates with other AWS services so that you can manage and use the file systems in cloud-native ways.

In this activity guide, You will learn how to create and add an Amazon FSx with a Windows EC2 Instance.

Activity Guide XV: Create & Mount Elastic File System (EFS) on EC2 Instances

Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic Network File system (NFS) file system which we can use with AWS Cloud services and on-premises resources. It is built to scale on-demand to petabytes without disrupting the applications, shrinking and growing automatically as you add/remove the files, eliminating the need to provision and manage capacity to accommodate growth. Amazon EFS offers two storage classes: The Standard storage class, and the Infrequent Access storage class (EFS IA). The AWS EFS IA provides price and performance that’s cost-optimized for files that are not accessed every day.

In this activity guide, You will learn how to create an EFS and mount it to a Linux EC2 Instance.

Activity Guide XVI: SSH into EC2 Linux Instance via Username & Password

A password authentication against SSH isn’t bad but creating a long and complicated password may also encourage you to store it in an unsecured manner. Using encryption keys to authenticate SSH connections is a more secure alternative.

In this activity guide, You will learn how to use your username and password to SSH into your Linux Instance.

Activity Guide XVII: AWS Elastic IP

The Elastic IP is an address that has a static IPv4 address designed for dynamic cloud computing. An Elastic IP address is allocated to your AWS account until you release it. If you use an Elastic IP address, you can mask the failure of an instance or software by rapidly remapping the address to another instance of your account.

With the use of Elastic IP addresses, the AWS imposes a small hourly charge if an Elastic IP address is not associated with a running EC2 instance, or if it is associated with a stopped instance or an unattached network interface. While your instance is running, you are not charged for one Elastic IP address associated with the instance, but you are charged for any additional Elastic IP addresses associated with the instance.

In this activity guide, You will learn how to create and attach an Elastic IP to an EC2 Instance.

Activity Guide XVIII: Create Elastic Load Balancer & AutoScaling

Elastic Load Balancing is used to automatically distribute your incoming traffic across multiple EC2 instances that you are running. You use Auto-scaling in combination to increase and decrease the capacity to handle requests depending on the requirement.

In this activity guide, we cover Step-by-step instructions on how to create an elastic Load balancer ELB & Auto Scaling group to create a system that is capable of handling variation in traffic.

Activity Guide XIX: Block Web Traffic with WAF in AWS

AWS Web Application Firewall is a firewall that helps you protect your web application server against common web exploits that might affect the availability and compromise the security concerns of your application. The AWS WAF also gives you control over the traffic that it reaches to your applications by enabling you to create security rules that block common attack patterns like SQL injection and cross-site scripting.

The Users can create their own rules/policies and specify the conditions that AWS WAF searches for in incoming web requests, and the AWS cost for using the WAF is only for what you use.

In this activity guide, you will learn how to create an IP set and test the working of WAF.

Activity Guide XX: Register a Domain Name For Free

All computers on the Internet, from your smartphone, laptop/PC to the servers that serve content for massive retail websites, can be found and communicate with one another by using numbers. These numbers are called IP addresses. When you go visit a website through your browser, you don’t have to remember and enter a long number. Instead, you can enter a DNS name (domain) like example.com.

In this activity guide, you will learn how to get a domain name for free.

Activity Guide XXI: Map DNS Using Route 53

Route 53 is a highly available, and scalable cloud Domain web service. It is designed to give developers/businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating the names like www.mydns.com into the numeric IP addresses like 192.0.3.7 that computers use to connect and communicate to each other. Route 53 is fully compliant with IPv6 IP addresses as well.

Route 53 effectively connects user requests to infrastructure running in AWS – such as Amazon EC2 instances, Elastic load balancers, S3 buckets – and can also be used to route users to infrastructure outside of AWS.

In this activity guide, you will learn how to map a web server’s DNS using Route 53.

Activity Guide XXII: Create Custom Virtual Private Cloud

Amazon Virtual Private Cloud (Amazon VPC) is a service by AWS where you equip a logically outlying section of the AWS cloud where you can launch your AWS resources in a virtual network that you specify. You have complete control over your VPC environment, including a selection of your own IP address range, the creation of your own subnets, and the configuration of route tables and network gateways are all in your hand.

In this activity guide, you will learn about how to create a VPC, subnet, Internet gateway, and NAT gateway and what is the purpose of creating these resources.

Activity Guide XXIII: Configure Amazon CloudWatch to Notify Change in EC2 CPU Utilization

Amazon CloudWatch is a monitoring service built for DevOps engineers, IT engineers, and developers. CloudWatch provides you with data and actionable insights to monitor your own applications and resources, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

With CloudWatch, you can access and collect all your performance and operational data in the form of logs and metrics from a single platform.

In this activity guide, you will learn how to configure a Cloudwatch when your EC2 Instance exceeds a certain CPU utilization.

Activity Guide XXIV: Enable CloudTrail and Store Logs In S3

AWS CloudTrail is a service by AWS that enables governance, compliance, operational & risk auditing of your AWS account/services. With CloudTrail log, you can continuously monitor, and retain account activity related to actions across your AWS infrastructure.

CloudTrail provides the event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, AWS CLI, and other AWS services.

In this activity guide, you will learn how to enable CloudTrail and check the logs in S3.

Activity Guide XXV: Setting Up AWS Config to Assess Audit & Evaluate AWS Resources

AWS Config is a service offered by AWS that enables you to assess, audit, and evaluate the configurations of your AWS resources. setting up an AWS Config will continuously monitor and record your resource configurations in your account and allow you to automate the growth of recorded configurations against desired configurations.

In this activity guide, you will learn about how to configure and verify the AWS Config to evaluate the resources.

Activity Guide XXVI: Create & Query with Amazon DynamoDB

DynamoDB is a service by AWS that provides a fully managed Key-Value database service by AWS which provides fast and predictable performance with compatible scalability. DynamoDB unloads the administrative burdens of operating, managing, and scaling a distributed database so that you don’t have to worry about hardware that you provisioned, set up, configuration, replication, software patching, or cluster scaling.

With DynamoDB, you can create database tables in which you can store and retrieve any amount of data and serve at any level. It allows you to create a full backup of your tables for long-term retention and archival for perspective compliance needs.

In this activity guide, you will learn about the creation and management of DynamoDB.

Activity Guide XXVII: Configure a MySQL DB Instance via Relational Database Service (RDS)

Amazon Relational Database Service by AWS makes it easy to set up a database, operate, and scale a relational database in the cloud. The RDS provides a cost-efficient and resizable capacity while automating time-consuming administration tasks such as patching, database setup, hardware provisioning, and backups. It frees your burden to focus on your applications so you can give them fast performance, high availability, compatibility, and security

Amazon RDS is available on several database instance types – optimized for memory, performance, or I/O – and provides you with six familiar database engines to choose from, including MySQL, Amazon Aurora, PostgreSQL, MariaDB, SQL Server, and Oracle Database. You can use the AWS Database Migration Service to easily migrate or replicate your existing databases to Amazon RD.

In this activity guide, you will learn about the creation and management of Amazon RDS.

Activity Guide XXVIII: Create A Redis Cache & Connect It To EC2 Instance

Redis is a database service offered by AWS which stands for Remote Dictionary Server. Redi is a fast, open-source, in-memory key-value data store for use as a database, cache, message broker, and queue. Redis is a favored choice for caching, gaming, real-time analytics, session management, leaderboards, geospatial, ride-hailing, chat & messaging media streaming, and pub/sub-applications. All of the data resides in memory, in contrast to databases that store data on disk or SSDs.

In this activity guide, you will learn how to create and connect a Redic Cache with an EC2 Instance.

Activity Guide XIX: Visualize Web Traffic Using Kinesis Data Streams

Amazon Kinesis Data Streams is a greatly scalable, highly durable data ingestion and processing service optimized for streaming data. You can configure hundreds of thousands of data producers to continuously put data into a Kinesis data stream. Data will be available within milliseconds to your Amazon Kinesis applications, and those applications will receive data records in the order they were generated.

Kinesis Data Streams can be integrated with a number of AWS services, including Amazon Kinesis Data Firehose for near real-time transformation and delivery of streaming data into an AWS data lake like S3, Kinesis Data Analytics for managed stream processing, AWS Lambda for event or record processing, AWS Private Link for private connectivity, Amazon CloudWatch for metrics and log processing, and AWS KMS for server-side encryption.

In this activity guide, you will learn how to visualize the web traffic generated through EC2 Instances using the Kinesis data stream.

Activity Guide XXX: Amazon Athena

Amazon Athena is an interactive query service offered by AWS that makes it easy to analyze the data in S3 using standard SQL. hence, the Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.

Athena is easy to use which points to your data in S3, defines the schema, and starts querying using SQL. Mostly the results are delivered within seconds which makes it easy for everyone with SQL skills to quickly analyze large-scale datasets.

In this activity guide, you will learn about how to analyze data sets through an Amazon Athena.

Activity Guide XXXI: Send An E-mail Through AWS SES

Amazon Simple Email Service (SES) is a service offered by AWS which is a flexible, scalable, and cost-effective email service that enables you to send mail from within any application. You can configure Amazon SES quickly to support various email use cases, including transactional, marketing, or mass email communications.

The Amazon SES also provides flexible IP deployment and email authentication options that help drive higher deliverability and protect the sender’s reputation while sending analytics to measure the impact of each email. With an Amazon SES service, you can send emails securely, globally, and at any scale.

In this activity guide, you will learn how to trigger an E-mail through an SES.

Activity Guide XXXII: Event-Driven Architectures Using AWS Lambda, SES, SNS, and SQS

AWS Lambda is a service by AWS that lets you run your code without managing the servers, you pay only for the compute time you consume. With Lambda service, you can run code for virtually any type of app or backend services, all with zero administration. here you just have to upload your code and Lambda takes care of everything required to run and scale your code with high availability and durability. Also, you can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile application.

Amazon SQS is a fully configured message queue service that enables you to decouple and scale multiple microservices, distributed systems, and serverless applications. Using the SQS, you can send, receive, and store messages between the software components at any volume, without losing messages or requiring other services to be available.

Amazon SNS is a fully managed messaging service for both types of communication application-to-application (A2A) and application-to-person (A2P).

An event-driven architecture uses events to trigger and communicate between decoupled services and it acts as common modern applications built with microservices. An event is a change in state, like an item being placed in a shopping cart on an e-commerce website. Events can either carry a state or events can be identifiers.

It has three key components: event producers, event routers, and event consumers. A producer publishes an event to the router, which filters and pushes the events to users. Producer services and consumer services are decoupled, which allows users to scale, update, and deploy independently.

In this activity guide, you will learn about Event-driven architecture.

Activity Guide XXXIII: Create and Update Stacks Using CloudFormation

AWS CloudFormation is a service that gives you an easy way to model a collection of related AWS and third-party resources, provision them quickly and consistently, and manage them throughout their lifecycles, by treating infrastructure as code and it allows you to model your entire cloud environment in text files. You can use open-source declarative languages, such as JSON or YAML, to describe what AWS resources you want to create and configure. If you prefer to design visually, you can use AWS CloudFormation Designer to help you get started with AWS CloudFormation templates.

In this activity guide, you will learn how to create and update the CloudFormation stacks.

Activity Guide XXXIV: Deploy a Web Application Using Elastic Beanstalk

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS. Using Elastic Beanstalk simply upload your code and Elastic Beanstalk will automatically handle the deployment from capacity provisioning, load balancing, and auto-scaling to application health monitoring. At the same time, users retain full control over the AWS resources powering their application and they can access the underlying resources at any time. There will be no additional charge for using the Elastic Beanstalk you pay only for the AWS resources needed to store and run your applications.

In this activity guide, you will learn about how to deploy a website using Elastic Beanstalk.

Real-Time Projects: These consist of various projects

1. Build WordPress Website Using AWS Console: This project involves building a WordPress website using the AWS Console. WordPress is a popular content management system that powers millions of websites, and AWS provides a scalable and reliable platform for hosting WordPress sites. This project is useful for bloggers, small businesses, and anyone who wants to learn how to build and host a WordPress site on AWS.

2. Deploy a Web Application and Add Interactivity With an API and a Database: This project involves deploying a web application on a cloud platform like AWS. The web application is built using a programming language like Python, PHP, or Node.js and interacts with a backend API and a database to provide dynamic content and functionality. This project is useful for developers who want to learn how to build and deploy scalable web applications on the cloud.

3. Provisioning SSL/TLS Certificates using AWS Certificate Manager: This project involves setting up and configuring SSL/TLS certificates using AWS Certificate Manager. SSL/TLS certificates are used to secure websites and ensure that all data transmitted between the website and its users is encrypted and secure. This project is useful for website owners who want to ensure that their website is secure and protects the privacy of their users.

4. Create a Continuous Delivery Pipeline: This project involves creating a continuous delivery pipeline for an application that automates the entire software delivery process, from code changes to production deployment. It involves setting up a version control system, continuous integration tools, and a deployment pipeline that automates the process of deploying new versions of the application. This project is useful for software development teams that want to streamline their delivery process and increase the speed and reliability of their software releases.

What is a CI/CD Pipeline?

5. Host your Portfolio via S3 Bucket: In this project, the goal is to host your portfolio website using an Amazon S3 bucket. Amazon S3 (Simple Storage Service) is a scalable and reliable cloud storage service offered by Amazon Web Services (AWS). By utilizing S3 to host your portfolio, you can ensure high availability, durability, and cost-effectiveness.

Introduction to Amazon S3 AWS, Amazon Web Services, Cloud, cloud computing, Amazon S3, cloud storage, object storage, Amazon Web Service, Amazon storage, Amazon cloud storage, simple storage service, introduction to S3, introduction to cloud storage, what is s3 GIF

Next Task For You

Begin your journey towards an AWS Cloud by joining our FREE Informative Class on Amazon Cloud Free Class by clicking on the below image.

The post AWS Certified Solution Architect Associate SAA-C03 Step By Step Activity Guides (Hands-On Labs) appeared first on Cloud Training Program.