Module 1: Reviewing Architecting Concepts.
Group Exercise: Review Architecting on AWS core best practices.
• Lab: Securing Amazon S3 VPC Endpoint Communications.
Module 2: Single to Multiple Accounts.
• AWS Organizations for multi-account access and permissions.
• AWS SSO to simplify access and authentication across AWS accounts and third-party services.
• AWS Control Tower.
• Permissions, access, and authentication.
Module 3: Hybrid Connectivity.
• AWS Client VPN authentication and control.
• AWS Site-to-Site VPN.
• AWS Direct Connect for hybrid public and private connections.
• Increasing bandwidth and reducing cost.
• Basic, high, and maximum resiliency.
• Amazon Route 53 Resolver DNS resolution.
Module 4: Specialized Infrastructure.
• AWS Storage Gateway solutions.
• On-demand VMware Cloud on AWS.
• Extending cloud infrastructure services with AWS Outposts.
• AWS Local Zones for latency-sensitive workloads.
• Your 5G network with and without AWS Wavelength.
Module 5: Connecting Networks.
• Simplifying private subnet connections.
• VPC isolation with a shared services VPC.
• Transit Gateway Network Manager and VPC Reachability Analyzer.
• AWS Resource Access Manager.
• AWS PrivateLink and endpoint services.
• Lab: Configuring Transit Gateways.
Module 6: Containers.
• Container solutions compared to virtual machines.
• Docker benefits, components, solutions architecture, and versioning.
• Container hosting on AWS to reduce cost.
• Managed container services: Amazon Elastic Container Service (Amazon ECS) and Amazon.
• Elastic Kubernetes Service (Amazon EKS).
• AWS Fargate.
• Lab: Deploying an Application with Amazon EKS on Fargate.
Module 7: Continuous Integration/Continuous Delivery (CI/CD).
• CI/CD solutions and impact.
• CI/CD automation with AWS CodePipeline.
• Deployment models.
• AWS CloudFormation StackSets to improve deployment management.
Module 8: High Availability and DDoS Protection.
• Common DDoS attacks layers.
• AWS WAF.
• AWS WAF web access control lists (ACLs), real-time metrics, logs, and security automation.
• AWS Shield Advanced services and AWS DDoS Response Team (DRT) services.
• AWS Network Firewall and AWS Firewall Manager to protect accounts at scale.
Module 9: Securing Data.
• What cryptography is, why you would use it, and how to use it.
• AWS KMS.
• AWS CloudHSM architecture.
• FIPS 140-2 Level 2 and Level 3 encryption.
• Secrets Manager.
Module 10: Large-Scale Data Stores.
• Amazon S3 data storage management including storage class, inventory, metrics, and policies.
• Data lake vs. data warehouse: Differences, benefits, and examples.
• AWS Lake Formation solutions, security, and control.
• Lab: Setting Up a Data Lake with Lake Formation.
Module 11: Large-Scale Applications.
• What edge services are and why you would use them.
• Improve performance and mitigate risk with Amazon CloudFront.
• Lambda@Edge.
• AWS Global Accelerator: IP addresses, intelligent traffic distribution, and health checks.
• Lab: Migrating an On-Premises NFS Share Using AWS DataSync and Storage Gateway.
Module 12: Optimizing Cost.
• On-premises and cloud acquisition/deprecation cycles.
• Cloud cost management tools including reporting, control, and tagging.
• Examples and analysis of the five pillars of cost optimization.
Module 13: Migrating Workloads.
• Business drivers and the process for migration.
• Successful customer practices.
• The 7 Rs to migrate and modernize.
• Migration tools and services from AWS.
• Migrating databases and large data stores.
• AWS Schema Conversion Tool (AWS SCT).
Module 14: Capstone Project.
Use the Online Course Supplement (OCS) to review use cases, investigate data, and answer architecting design questions about Transit Gateway, hybrid connectivity, migration, and cost optimization.
|