Advanced Architecting on AWS (AWSAA) – Outline

Outline detalhado do curso

Day 1

Module 1: Reviewing Architecting Concepts
  • Group Exercise: Review Architecting on AWS core best practices
  • Lab 1: Securing Amazon S3 VPC Endpoint Communications
Module 2: Single to Multiple Accounts
  • AWS Organizations for multi-account access and permissions
  • AWS SSO to simplify access and authentication across AWS accounts and third-party services
  • AWS Control Tower
  • Permissions, access, and authentication
Module 3: Hybrid Connectivity
  • AWS Client VPN authentication and control
  • AWS Site-to-Site VPN
  • AWS Direct Connect for hybrid public and private connections
  • Increasing bandwidth and reducing cost
  • Basic, high, and maximum resiliency
  • Amazon Route 53 Resolver DNS resolution
Module 4: Specialized Infrastructure
  • AWS Storage Gateway solutions
  • On-demand VMware Cloud on AWS
  • Extending cloud infrastructure services with AWS Outposts
  • AWS Local Zones for latency-sensitive workloads
  • Your 5G network with and without AWS Wavelength
Module 5: Connecting Networks
  • Simplifying private subnet connections
  • VPC isolation with a shared services VPC
  • Transit Gateway Network Manager and VPC Reachability Analyzer
  • AWS Resource Access Manager
  • AWS PrivateLink and endpoint services
  • Lab 2: Configuring Transit Gateways

Day 2

Module 6: Containers
  • Container solutions compared to virtual machines
  • Docker benefits, components, solutions architecture, and versioning
  • Container hosting on AWS to reduce cost
  • Managed container services: Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS)
  • AWS Fargate
  • Lab 3: Deploying an Application with Amazon ECS on Fargate
Module 7: Continuous Integration/Continuous Delivery (CI/CD)
  • CI/CD solutions and impact
  • CI/CD automation with AWS CodePipeline
  • Deployment models
  • AWS CloudFormation StackSets to improve deployment management
Module 8: High Availability and DDoS Protection
  • Common DDoS attacks layers
  • AWS WAF
  • AWS WAF web access control lists (ACLs), real-time metrics, logs, and security automation
  • AWS Shield Advanced services and AWS DDoS Response Team (DRT) services
  • AWS Network Firewall and AWS Firewall Manager to protect accounts at scale
Module 9: Securing Data
  • What cryptography is, why you would use it, and how to use it
  • AWS KMS
  • AWS CloudHSM architecture
  • FIPS 140-2 Level 2 and Level 3 encryption
  • Secrets Manager
Module 10: Large-Scale Data Stores
  • Amazon S3 data storage management including storage class, inventory, metrics, and policies
  • Data lake vs. data warehouse: Differences, benefits, and examples
  • AWS Lake Formation solutions, security, and control
  • Lab 4: Setting Up a Data Lake with Lake Formation

Day 3

Module 11: Large-Scale Applications
  • What edge services are and why you would use them
  • Improve performance and mitigate risk with Amazon CloudFront
  • Lambda@Edge
  • AWS Global Accelerator: IP addresses, intelligent traffic distribution, and health checks
  • Lab 5: Migrating an On-Premises NFS Share Using AWS DataSync and Storage Gateway
Module 12: Optimizing Cost
  • On-premises and cloud acquisition/deprecation cycles
  • Cloud cost management tools including reporting, control, and tagging
  • Examples and analysis of the five pillars of cost optimization
Module 13: Migrating Workloads
  • Business drivers and the process for migration
  • Successful customer practices
  • The 7 Rs to migrate and modernize
  • Migration tools and services from AWS
  • Migrating databases and large data stores
  • AWS Schema Conversion Tool (AWS SCT)
Module 14: Capstone Project
  • Use the Online Course Supplement (OCS) to review use cases, investigate data, and answer architecting design questions about Transit Gateway, hybrid connectivity, migration, and cost optimization