Course Overview
In this course, each module presents a scenario with an architectural challenge to be solved. You will examine available AWS services and features as solutions to the problem. You will gain insights by participating in problem-based discussions and learning about the AWS services that you could apply to meet the challenges. Over 3 days, the course goes beyond the basics of a cloud infrastructure and covers topics to meet a variety of needs for AWS customers. Course modules focus on managing multiple AWS accounts, hybrid connectivity and devices, networking with a focus on AWS Transit Gateway connectivity, container services, automation tools for continuous integration/continuous delivery (CI/CD), security and distributed denial of service (DDoS) protection, data lakes and data stores, edge services, migration options, and managing costs. The course concludes by presenting you with scenarios and challenging you to identify the best solutions. The final day is an AWS Jam, a gamified event, with teams competing to score points by completing a series of challenges according to established best practices based on concepts covered in the course. You get to experience a wide range of AWS services in a series of real-world scenarios that represent common operational and troubleshooting tasks. The end result is developing, enhancing, and validating your skillsets in the AWS Cloud through real-world problem solving, exploring new services, features, and understanding how they interoperate.
Course Content
- Introductions & Course Map review
- Architecting Fundamentals Review
- Account Security
- Networking, Part 1
- Compute
- Storage
- Database Services
- Monitoring and Scaling
- Automation
- Containers
- Networking Part 2
- Serverless Architecture
- Edge Services
- Backup and Recovery
- Capstone Lab: Build an AWS Multi-Tier Architecture
- AWS Jam
Who should attend
This course is intended for cloud architects, solutions architects, and anyone who designs solutions for cloud infrastructures.
Prerequisites
We recommend that attendees of this course have the following prerequisites:
- Knowledge and experience with core AWS services from the Compute, Storage, Networking, and AWS Identity and Access Management (IAM) categories
- At least one of the following:
- Achieved the AWS Cloud Practitioner Essentials (CP-ESS), OR
- Attended the Architecting on AWS (AWSA) classroom training
- Have at least 1 year of experience operating AWS workloads
Course Objectives
- Identify AWS architecting basic practices.
- Explore using the AWS management tools: The AWS Console, Command Line Interface (CLI), and CloudFormation in a lab environment.
- Examine the enforcement of accounts security using policies.
- Identify the elements that build an elastic, secure, virtual network that includes private and public subnets.
- Practice building an AWS core networking infrastructure.
- Determine strategies for a layered security approach to Virtual Private Cloud (VPC) subnets.
- Identify strategies to select the appropriate compute resources based on business use-cases.
- Practice building a VPC and adding an Elastic Cloud Compute (EC2) instance in a lab environment.
- Practice installing an Amazon Relational Database Service (RDS) instance and an Application Load Balancer (ALB) in the VPC you created.
- Compare and contrast AWS storage products and services, based on business scenarios.
- Compare and contrast the different types of AWS database services based on business needs.
- Practice building a highly available, auto-scaling database layer in a lab.
- Explore the business value of AWS monitoring solutions.
- Identify and discuss AWS automation tools that will help you build, maintain and evolve your infrastructure.
- Discuss network peering, VPC endpoints, gateway and routing solutions based on use-cases.
- Discuss hybrid networking configurations to extend and secure your infrastructure.
- Discuss the benefits of microservices as an effective decoupling strategy to power highly available applications at scale.
- Explore AWS container services for the rapid implementation of an infrastructure-agnostic, portable application environment.
- Identify the business and security benefits of AWS serverless services based on business examples.
- Practice building a serverless infrastructure in a lab environment.
- Discuss the ways in which AWS edge services address latency and security.
- Practice building a CloudFront deployment with an S3 backend in a lab environment.
- Explore AWS backup, recovery solutions, and best practices to ensure resiliency and business continuity.
- Build a highly available and secure cloud architecture based on a business problem, in a project-based facilitator-guided lab.
- Work in a team environment to solve real AWS use-case challenges in an AWS Jam.
Outline: Architecting on AWS with AWS Jam (AWSA-AWS-JAM)
Module 0: Introductions & Course Map review
- Welcome and course outcomes
Module 1: Architecting Fundamentals Review
- AWS Services and Infrastructure
- Infrastructure Models
- AWS API Tools
- Securing your infrastructure
- The Well-Architected Framework
- Hands-on lab: Explore Using the AWS API Tools to Deploy an EC2 Instance
Module 2: Account Security
- Security Principals
- Identity and Resource-Based Policies
- Account Federation
- Introduction to Managing Multiple Accounts
Module 3: Networking, Part 1
- IP Addressing
- Amazon Virtual Private Cloud (VPC), Patterns and Quotas
- Routing
- Internet Access
- Network Access Control Lists (NACLs)
- Security Groups
Module 4: Compute
- Amazon Elastic Cloud Compute (EC2)
- EC2 Instances and Instance Selection
- High Performance Computing on AWS
- Lambda and EC2, When to Use Which
- Hands-On Lab: Build Your Amazon VPC Infrastructure
Module 5: Storage
- Shared File Systems
- Shared EBS Volumes
- Amazon S3, Security, Versioning and Storage Classes
- Data Migration Tools
Module 6: Database Services
- AWS Database Solutions
- Amazon Relational Database Services (RDS)
- DynamoDB, Features and Use Cases
- Redshift, Features, Use Cases and Comparison with RDS
- Scaling
- Caching and Migrating Data
- Hands-on Lab: Create a Database Layer in Your Amazon VPC Infrastructure
Module 7: Monitoring and Scaling
- Monitoring: CloudWatch, CloudTrail, and VPC Flow Logs
- Invoking Events
- Elastic Load Balancing
- Auto Scaling Options and Monitoring Cost
- Hands-on Lab: Configure High Availability in Your Amazon VPC
Module 8: Automation
- CloudFormation
- AWS Systems Manager
Module 9: Containers
- Microservices
- Monitoring Microservices with X-Ray
- Containers
Module 10: Networking Part 2
- VPC Peering & Endpoints
- Transit Gateway
- Hybrid Networking
- Route 53
Module 11: Serverless Architecture
- Amazon API Gateway
- Amazon SQS, Amazon SNS
- Amazon Kinesis Data Streams & Kinesis Firehose
- Step Functions
- Compare Amazon SQS to Amazon MQ
- Hands-on Lab: Build a Serverless Architecture
Module 12: Edge Services
- Amazon CloudFront
- AWS Web Application Firewall (WAF), DDoS and Firewall Manager
- Compare AWS Global Accelerator and Amazon CloudFront
- AWS Outposts
- Hands-On Lab: Configure an Amazon CloudFront Distribution with an Amazon S3 Origin
Module 13: Backup and Recovery
- Planning for Disaster Recovery
- AWS Backup
- Recovery Strategies
Capstone Lab: Build an AWS Multi-Tier Architecture
Participants review the concepts and services learned in class and build a solution based on a scenario. The lab environment provides partial solutions to promote analysis and reflection. Participants deploy a highly available architecture. The instructor is available for consultation.
Use the Online Course Supplement (OCS) to review use cases, investigate data, and answer architecting design questions.
AWS Jam
- Participate in team based challenges in a real AWS environment
- Compete with your colleagues in a gamified, hands-on learning experience
- Apply your learning from the course on various AWS services