AWS Architecture Design Associate covers the fundamentals of building IT infrastructure on AWS. The course is designed to teach solutions architects how to optimize the use of the AWS Cloud by understanding AWS services and how these services fit into cloud-based solutions. This course emphasizes AWS cloud best practices and recommended design patterns to help students think through the process of architecting optimal IT solutions on AWS. Case studies throughout the course showcase how some AWS customers have designed their infrastructures and the strategies and services they implemented.
Course Prerequisite
CTE recommends the following prerequisites:
- Courses taken: AWS Cloud Foundation
- Working knowledge of distributed systems
- Familiarity with general networking concepts
- Working knowledge of multi-tier architectures
- Familiarity with cloud computing concepts
Course Objectives
This course teaches you how to:
- Make architectural decisions based on the AWS-recommended architectural principles and best practices.
- Leverage AWS services to make your infrastructure scalable, reliable, and highly available.
- Leverage AWS managed services to enable greater flexibility and resiliency in an infrastructure.
- Make an AWS-based infrastructure more efficient in order to increase performance and reduce costs.
- Use the Well-Architected Framework to improve architectures with AWS solutions.
Intended Audience
This course is intended for:
- Solutions Architects
- Solution Design Engineers
This course is delivered through self paced training.
Hands-On Activity
This course allows you to test new skills and apply knowledge to your working environment through a variety of practical exercises.
Course Outline
1 Domain 1.0: Designing highly available, cost-efficient, fault-tolerant, scalable systems
1.1 Identify and recognize cloud architecture considerations, such as fundamental components and effective designs.
Content may include the following:
- How to design cloud services
- Planning and design
- Monitoring and logging
- Familiarity with:
- Best practices for AWS architecture
- Developing to client specifications, including pricing/cost (e.g., on Demand vs. Reserved vs.Spot; RTO and RPO DR Design)
- Architectural trade-off decisions (e.g., high availability vs. cost, Amazon Relational Database
- Service (RDS) vs. installing your own database on AmazonElastic Compute Cloud (EC2))
- Hybrid IT architectures (e.g., Direct Connect, Storage Gateway, VPC, Directory Services)
- Elasticity and scalability (e.g., Auto Scaling, SQS, ELB, CloudFront)
2 Domain 2.0: Implementation/Deployment
2.1 Identify the appropriate techniques and methods using Amazon EC2, Amazon S3, AWS Elastic Beanstalk, AWS CloudFormation, AWS OpsWorks, Amazon Virtual Private Cloud (VPC), and AWS Identity and Access Management (IAM) to code and implement a cloud solution.
Content may include the following:
- Configure an Amazon Machine Image (AMI)
- Operate and extend service management in a hybrid IT architecture
- Configure services to support compliance requirements in the cloud
- Launch instances across the AWS global infrastructure
- Configure IAM policies and best practices
Domain 3.0: Data Security
3.1 Recognize and implement secure practices for optimum cloud deployment and maintenance. Content may include the following:
- AWS shared responsibility model
- AWS platform compliance
- AWS security attributes (customer workloads down to physical layer)
- AWS administration and security services
- AWS Identity and Access Management (IAM)
- Amazon Virtual Private Cloud (VPC)
- AWS CloudTrail
- Ingress vs. egress filtering, and which AWS services and features fit
- “Core” Amazon EC2 and S3 security feature sets
- Incorporating common conventional security products (Firewall, VPN)
- Design patterns
- DoS mitigation
- Encryption solutions (e.g., key services)
- Complex access controls (building sophisticated security groups, ACLs, etc.)
- Amazon CloudWatch for the security architect
- Trusted Advisor
- CloudW atch Logs
3.2 Recognize critical disaster recovery techniques and their implementation. Content may include the following:
- Disaster recovery
- Recovery time objective
- Recovery point objective
- Amazon Elastic Block Store
- AWS Import/Export
- AWS Storage Gateway
- Amazon Route53
- Validation of data recovery method
4 Domain
4.0: Troubleshooting
Content may include the following:
- General troubleshooting information and questions