Idioma

Advanced Architecting on AWS.

AWS-ARCH2
 
Fecha de publicación KeD: 30 Abril 2024
Duración: 3 Días.
Certificaciones Asociadas: AWS Certified Solutions Architect – Professional
 
 
 

In this course, each module presents a scenario with an architectural challenge to be solved. You will examine available AWS services and features as solutions to the problem. You will gain insights by participating in problem-based discussions and learning about the AWS services that you could apply to meet the challenges. Over 3 days, the course goes beyond the basics of a cloud infrastructure and covers topics to meet a variety of needs for AWS customers. Course modules focus on managing multiple AWS accounts, hybrid connectivity and devices, networking with a focus on AWS Transit Gateway connectivity, container services, automation tools for continuous integration/continuous delivery (CI/CD), security and distributed denial of service (DDoS) protection, data lakes and data stores, edge services, migration options, and managing costs. The course concludes by presenting you with scenarios and challenging you to identify the best solutions.

 
•  Course level: Advanced.
 

Activities.

This course includes presentations, group discussions, use cases, videos, assessments, and hands-on labs.

 

Course objectives.

In this course, you will:

 
•  Review the AWS Well-Architected Framework to ensure understanding of best cloud design practices by responding to poll questions while following a graphic presentation.

•  Demonstrate the ability to secure Amazon S3 virtual private cloud (VPC) endpoint connections in a lab environment.
•  Identify how to implement centralized permissions management and reduce risk using AWS Organizations organizational units (OUs) and service control policies (SCPs) with AWS Single Sign-On.
•  Compare the permissions management capabilities of OUs, SCPs, and AWS SSO with and without AWS Control Tower to determine best practices based on use cases.
•  Discuss AWS hybrid network designs to address traffic increases and streamline remote work while ensuring FIPS 140-2 Level 2, or Level 3 security compliance.
•  Explore the solutions and products available to design a hybrid infrastructure, including access to 5G networks, to optimize service and reduce latency while maintaining high security for critical on-premises applications.
•  Explore ways to simplify the connection configurations between applications and high-performance workloads across global networks.
•  Demonstrate the ability to configure a transit gateway in a lab environment.
•  Identify and discuss container solutions and define container management options.
•  Build and test a container in a lab environment.
•  Examine how the AWS developer tools optimize the CI/CD pipeline with updates based on near-real-time data.
•  Identify the anomaly detection and protection services that AWS offers to defend against DDoS attacks.
•  Identify ways to secure data in transit, at rest, and in use with AWS Key Management Service (AWS KMS) and AWS Secrets Manager.
•  Determine the best data management solution based on frequency of access, and data query and analysis needs.
•  Set up a data lake and examine the advantages of this type of storage configuration to crawl and query data in a lab environment.
•  Identify solutions to optimize edge services to eliminate latency, reduce inefficiencies, and mitigate risks.
•  Identify the components used to automate the scaling of global applications using geolocation and traffic control.
•  Deploy and activate an AWS Storage Gateway file gateway and AWS DataSync in a lab environment.
•  Review AWS cost management tools to optimize costs while ensuring speed and performance.
•  Review migration tools, services, and processes that AWS provides to implement effective cloud operation models based on use cases and business needs.
•  Provide evidence of your ability to apply the technical knowledge and experience gained in the course to improve business practices by completing a Capstone Project.
 

Intended audience.

This course is intended for cloud architects, solutions architects, and anyone who designs solutions for cloud infrastructures.

 

Prerequisites.

We recommend that attendees of this course have:

 
•  Knowledge and experience with core AWS services from the Compute, Storage, Networking, and AWS Identity and Access Management (IAM) categories.
•  Attended the Architecting on AWS classroom training.Achieved the AWS Certified Solutions Architect – Associate certification.
•  Have at least 1 year of experience operating AWS workloads.
 

Course outline.

Module 1: Reviewing Architecting Concepts.

Group Exercise: Review Architecting on AWS core best practices.

Lab: Securing Amazon S3 VPC Endpoint Communications.


Module 2: Single to Multiple Accounts.


AWS Organizations for multi-account access and permissions.
AWS SSO to simplify access and authentication across AWS accounts and third-party services.
AWS Control Tower.
Permissions, access, and authentication.


Module 3: Hybrid Connectivity.


AWS Client VPN authentication and control.
AWS Site-to-Site VPN.
AWS Direct Connect for hybrid public and private connections.
Increasing bandwidth and reducing cost.
Basic, high, and maximum resiliency.
Amazon Route 53 Resolver DNS resolution.


Module 4: Specialized Infrastructure.


AWS Storage Gateway solutions.
On-demand VMware Cloud on AWS.
Extending cloud infrastructure services with AWS Outposts.
AWS Local Zones for latency-sensitive workloads.
Your 5G network with and without AWS Wavelength.


Module 5: Connecting Networks.


Simplifying private subnet connections.
VPC isolation with a shared services VPC.
Transit Gateway Network Manager and VPC Reachability Analyzer.
AWS Resource Access Manager.
AWS PrivateLink and endpoint services.
Lab: Configuring Transit Gateways.


Module 6: Containers.


Container solutions compared to virtual machines.
Docker benefits, components, solutions architecture, and versioning.
Container hosting on AWS to reduce cost.
Managed container services: Amazon Elastic Container Service (Amazon ECS) and Amazon.
Elastic Kubernetes Service (Amazon EKS).
AWS Fargate.
Lab: Deploying an Application with Amazon EKS on Fargate.


Module 7: Continuous Integration/Continuous Delivery (CI/CD).


CI/CD solutions and impact.
CI/CD automation with AWS CodePipeline.
Deployment models.
AWS CloudFormation StackSets to improve deployment management.


Module 8: High Availability and DDoS Protection.


Common DDoS attacks layers.
AWS WAF.
AWS WAF web access control lists (ACLs), real-time metrics, logs, and security automation.
AWS Shield Advanced services and AWS DDoS Response Team (DRT) services.
AWS Network Firewall and AWS Firewall Manager to protect accounts at scale.


Module 9: Securing Data.


What cryptography is, why you would use it, and how to use it.
AWS KMS.
AWS CloudHSM architecture.
FIPS 140-2 Level 2 and Level 3 encryption.
Secrets Manager.


Module 10: Large-Scale Data Stores.


Amazon S3 data storage management including storage class, inventory, metrics, and policies.
Data lake vs. data warehouse: Differences, benefits, and examples.
AWS Lake Formation solutions, security, and control.
Lab: Setting Up a Data Lake with Lake Formation.


Module 11: Large-Scale Applications.


What edge services are and why you would use them.
Improve performance and mitigate risk with Amazon CloudFront.
Lambda@Edge.
AWS Global Accelerator: IP addresses, intelligent traffic distribution, and health checks.
Lab: Migrating an On-Premises NFS Share Using AWS DataSync and Storage Gateway.


Module 12: Optimizing Cost.


On-premises and cloud acquisition/deprecation cycles.
Cloud cost management tools including reporting, control, and tagging.
Examples and analysis of the five pillars of cost optimization.


Module 13: Migrating Workloads.


Business drivers and the process for migration.
Successful customer practices.
The 7 Rs to migrate and modernize.
Migration tools and services from AWS.
Migrating databases and large data stores.
AWS Schema Conversion Tool (AWS SCT).


Module 14: Capstone Project.

Use the Online Course Supplement (OCS) to review use cases, investigate data, and answer architecting design questions about Transit Gateway, hybrid connectivity, migration, and cost optimization.

 
Garantia Ofrecemos la garantía 100% de satisfacción
Si no te gusta el resultado de tu curso, puedes volver a tomarlo en cualquier otra fecha calendario.
 
Regresa a la página anterior
 
Cursos relacionados
 
 
Cursos Nuevo
 
   
 
Cursos bajo Requerimiento Especial
Es aquel que se puede impartir siempre y cuando cumpla con un mínimo de participantes para su confirmación de fechas depende de la disponibilidad de KeD. Contacte a su Representante de Ventas
 
     
Basic - Core
AWS AWS Technical Essentials
AWS AWS Cloud Practitioner Essentials
Associate
AWS Architecting on AWS
AWS Developing on AWS
AWS Cloud Operations on AWS
AWS Advanced Developing on AWS
Professional
AWS Advanced Architecting on AWS
AWS DevOps Engineering on AWS
AWS Running Containers on Amazon Elastic Kubernetes Service (Amazon EKS)
Specialty
AWS Security Engineering on AWS
AWS Data Warehousing on AWS
AWS Planning and Designing Databases on AWS
AWS MLOps Engineering on AWS
AWS The Machine Learning Pipeline
     
  Horarios Online  
  Horario Matutino:
Lunes a Viernes de 8:00 a 15:00 hrs.
 
     
  Horario Vespertino:
Lunes a Viernes de 15:00 a 21:00 hrs.
 
     
  Horario de Fin de Semana:
Sábado 8:00 a 15:00
 
 
 
Logo KeD