A Quick Guide to DynamoDB Secondary Indexes

When you create tables in DynamoDB, you must specify primary key attributes. These primary key attributes can then be used to retrieve data from your tables.

To more efficiently find your data, DynamoDB creates indexes for those attributes. Sometimes, however, you may need to query data using an attribute that’s not in one of your primary keys. This is where secondary indexes can help.

DynamoDB Table to illustrate primary keys (partition keys and sort keys) and secondary indexes
DynamoDB and primary keys (partition keys and sort keys) and secondary indexes

In the example above, we have a Reply table for our forums. The Id is our partition key, ReplyDateTime our sort key, and these two attributes make up our primary key. This primary key can be used to query data.

Say we want all of the Amazon DynamoDB#DynamoDB Thread 2 threads. We can query for that, and DynamoDB, in turn, gives us 3 items that match this query. Since we have ReplyDateTime as a sort key, we could also ask for replies after a specified date.

But what if we wanted to query by users who posted replies? We can’t use the PostedBy attribute to pull up all of User A’s messages because it is not a key attribute.

This is where secondary indexes come into play. Depending on the secondary index that we use, we could set PostedBy as another sort key (in addition to the ReplyDateTime sort key) or even set PostedBy as a partition key! Both of these options give us the ability to filter messages by user. (more…)

Linux Academy Weekly Roundup #6

Big news this week from the Linux Academy! Not only do we have our usual round of updates and successes, but we’ve released our first-ever iOS app (with Android coming soon)! Now you can get your favorite Linux learning platform on the go!

iOS App Release

We know you’ve wanted a way to watch Linux Academy videos on mobile and off-line, so we’re proud to release the Linux Academy iOS app. Featuring downloadable videos, mobile quiz-taking, and more (with more features to come), learning with Linux Academy has never been easier. Want to know more? Check out our blog post!


Our instructor, Terry, has been working on something you’ve wanted for some time now: The RHCE course! Terry will be posting batches of videos as he makes them, so you can start studying as soon as possible. Watch for it!

Student Success


Red Hat


The Linux Academy iOS App Has Arrived!

You asked for it, and the Linux Academy has delivered!

We are pleased to announce the release of our iOS for all of our users, available now on the App Store.  This app is free for all members, but does require your membership with the Linux Academy to use.


Once logged into the app, students will be linked with their normal account.  Your course progress will be linked across any device that you log in from.  You will also have the ability to begin new courses straight from the app!



All modules are available on the app
All modules are available on the app



Don’t have the ability to stream videos?  Not a problem!  Download and save videos directly to your device for offline viewing!


In addition to regular courses, you can access nuggets and quizzes as well.  Note: labs are not available on the mobile app.




The mobile app is just another tool that Linux Academy provides for you to have the BEST learning experience on the web for Linux and Cloud training.  Enjoy!

Cloud Cadet #4: AD and LDAP services within AWS

Welcome to episode four of Cloud Cadet. Today we are joined by instructor Stephen, and our co-hosts Anthony and Christophe. Stephen will be showing us some content for his course Active Directory and AWS.

This course stems from the need many enterprises have for Active Directory, which allows for credential management. Active Directory is stored on-site, but many need to extend their Active Directory environment to AWS. Today, you will discover the what, why, and how of Active Directory on AWS.

Topics include:

  • Setting up and managing services for AD with AWS solutions
  • Gaining fine-grain control by getting rid of permissions
  • Spinning up VPN instances
  • Looking inside site to site VPN
  • Binding Windows and Linux servers

Stephen first shows us an existing environment he has created by building two separate AWS accounts with separate VPCs. In them, he has spun up VPNs. For more details on how to perform these actions, please see the course itself.

He then uses an already existing AD domain controller located in one of these environments and shows us how to bind a Linux server using an AD credential to the AD environment. Additionally, both AWS accounts are tied together with an openswan VPN.

He walks us through a variety of options for these accounts and on-premise networks. The idea is that regardless of whether it is between various AWS accounts and regions, or an AWS account and on-premise servers, you can certainly have a site to site VPN connection set up. Stephen also explains how to work between various VPCs in different regions.

Stephen moves on to bind a Linux instance into his AD domain. This is done through an EC2 instance setup in AWS, where he sets up a user to use as a Linux credential, versus using local instance authentication. A step-by-step narration of this is also provided within the course.

Stephen then jumps into a Linux instance that he first had to bind with the domain. He joins this particular instance to the domain using a realm command.

We also learn that we have the opportunity only to allow certain users to bind through AD to our server, and have the chance to allow only serving groups in AD to log onto the domain.

This is where some of the power of managing Linux servers comes in, using existing enterprise solutions such as AD.

Thanks for tuning in for this week’s edition of Cloud Cadet. Be sure to stay tuned for all-new episodes coming soon.

Announcing the Linux Foundation Certified System Administrator Course – v2.16 for 2016

As many of you already know, on February 2nd of 2016, the Linux Foundation updated their Linux Foundation Certified System Administrator Exam to version 2.16 of their core domains and competencies. Keeping with our close association and partnership with the Linux Foundation, we launched our updated certification preparation course reflecting the new version’s requirement on the same day. Let’s talk a bit about the differences.

Big Changes from Version 1

There are a number of big changes in the core competencies for exam v2.16 as compared to version 1. This exam now covers a wider array of topics at a greater depth than the original. Here are the new sections and their associated weighting in the new test:

  • Essential Commands – 25%
  • Operation of Running Systems – 20%
  • User and Group Management – 15%
  • Networking – 15%
  • Service Configuration – 10%
  • Storage Management – 10%
  • Virtualization – 5%


Serverless Architecture

When people aren’t talking about Docker and containers, they’re usually talking about serverless architecture — code that runs without servers. How is that possible? Well, technically, the code still runs on servers, but you’re not the one in charge of managing them. It’s kind of like the cloud, where people just accept that data goes in the cloud and comes back out just the way you requested it. Of course, we know it’s not that easy. There’s a lot that goes on behind the scene. The same holds true for “serverless” code execution… and it’s really cool.

How exactly does it work? To explain and illustrate, I’ll be talking about AWS Lambda. AWS Lambda allows you to focus on code by completely removing the need to think about servers. You write a function with a specific goal (i.e. insert a value in DynamoDB), you set the correct permissions (i.e. Lambda can write to DynamoDB), and all you have left to do is tell the function when to execute. How does it know when to run? Events. When an event occurs, it automatically triggers your function. Events can be things like user signups, user uploads, updating view counts, and more. These events can come from your applications, like mobile and web applications, or even from Amazon’s own services. Available services include Amazon S3, DynamoDB, Kinesis, SNS, Simple Email Service, Cognito, CloudWatch Logs & Events, CloudFormation, and Scheduled Events. As long as you properly configure Lambda and the appropriate service, you can have them working together automatically. That’s pretty powerful.

Let’s take a look at an example: (more…)

New Course: Active Directory and AWS

With a new month upon us, we’re happy to announce our newest AWS course: Active Directory and Amazon Web Services. Taught by Stephen (Linux Essentials, Advanced AWS Security, and more), the course covers the initial setup and integration between AWS and Active Directory, using Active Directory in conjunction with AWS, and more advanced options.