Detailed Course Outline
Day 1
Module 1: Reviewing Architecting Concepts
- Group Exercise: Review Architecting on AWS core best practices
- Lab 1: Securing Amazon S3 VPC Endpoint Communications
Module 2: Single to Multiple Accounts
- AWS Organizations for multi-account access and permissions
- AWS SSO to simplify access and authentication across AWS accounts and third-party services
- AWS Control Tower
- Permissions, access, and authentication
Module 3: Hybrid Connectivity
- AWS Client VPN authentication and control
- AWS Site-to-Site VPN
- AWS Direct Connect for hybrid public and private connections
- Increasing bandwidth and reducing cost
- Basic, high, and maximum resiliency
- Amazon Route 53 Resolver DNS resolution
Module 4: Specialized Infrastructure
- AWS Storage Gateway solutions
- On-demand VMware Cloud on AWS
- Extending cloud infrastructure services with AWS Outposts
- AWS Local Zones for latency-sensitive workloads
- Your 5G network with and without AWS Wavelength
Module 5: Connecting Networks
- Simplifying private subnet connections
- VPC isolation with a shared services VPC
- Transit Gateway Network Manager and VPC Reachability Analyzer
- AWS Resource Access Manager
- AWS PrivateLink and endpoint services
- Lab 2: Configuring Transit Gateways
Day 2
Module 6: Containers
- Container solutions compared to virtual machines
- Docker benefits, components, solutions architecture, and versioning
- Container hosting on AWS to reduce cost
- Managed container services: Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS)
- AWS Fargate
- Lab 3: Deploying an Application with Amazon ECS on Fargate
Module 7: Continuous Integration/Continuous Delivery (CI/CD)
- CI/CD solutions and impact
- CI/CD automation with AWS CodePipeline
- Deployment models
- AWS CloudFormation StackSets to improve deployment management
Module 8: High Availability and DDoS Protection
- Common DDoS attacks layers
- AWS WAF
- AWS WAF web access control lists (ACLs), real-time metrics, logs, and security automation
- AWS Shield Advanced services and AWS DDoS Response Team (DRT) services
- AWS Network Firewall and AWS Firewall Manager to protect accounts at scale
Module 9: Securing Data
- What cryptography is, why you would use it, and how to use it
- AWS KMS
- AWS CloudHSM architecture
- FIPS 140-2 Level 2 and Level 3 encryption
- Secrets Manager
Module 10: Large-Scale Data Stores
- Amazon S3 data storage management including storage class, inventory, metrics, and policies
- Data lake vs. data warehouse: Differences, benefits, and examples
- AWS Lake Formation solutions, security, and control
- Lab 4: Setting Up a Data Lake with Lake Formation
Day 3
Module 11: Large-Scale Applications
- What edge services are and why you would use them
- Improve performance and mitigate risk with Amazon CloudFront
- Lambda@Edge
- AWS Global Accelerator: IP addresses, intelligent traffic distribution, and health checks
- Lab 5: Migrating an On-Premises NFS Share Using AWS DataSync and Storage Gateway
Module 12: Optimizing Cost
- On-premises and cloud acquisition/deprecation cycles
- Cloud cost management tools including reporting, control, and tagging
- Examples and analysis of the five pillars of cost optimization
Module 13: Migrating Workloads
- Business drivers and the process for migration
- Successful customer practices
- The 7 Rs to migrate and modernize
- Migration tools and services from AWS
- Migrating databases and large data stores
- AWS Schema Conversion Tool (AWS SCT)
Module 14: Capstone Project
- Use the Online Course Supplement (OCS) to review use cases, investigate data, and answer architecting design questions about Transit Gateway, hybrid connectivity, migration, and cost optimization