Advanced Architecting on AWS

1. Architecture Concepts Review
2. Managing Multiple Accounts

   – Utilizing AWS Organizations for multi-account access and permissions

   – Simplifying access and authentication across AWS accounts and third-party services with AWS SSO

   – Implementing AWS Control Tower for streamlined permissions, access, and authentication

3. Hybrid Connectivity Solutions

   – Utilizing AWS Client VPN for authentication and control

   – Implementing AWS Site-to-Site VPN and AWS Direct Connect for hybrid public and private connections

   – Enhancing bandwidth and reducing costs with options for basic, high, and maximum resiliency

   – Leveraging Amazon Route 53 Resolver for DNS resolution

4. Specialized Infrastructure Services

   – Exploring AWS Storage Gateway solutions

   – On-demand access to VMware Cloud on AWS

   – Extending cloud infrastructure services using AWS Outposts

   – Implementing AWS Local Zones for latency-sensitive workloads

   – Leveraging AWS Wavelength for 5G networks

5. Network Connectivity

   – Simplifying private subnet connections

   – Implementing VPC isolation with a shared services VPC

   – Leveraging Transit Gateway Network Manager and VPC Reachability Analyzer

   – Utilizing AWS Resource Access Manager, AWS PrivateLink, and endpoint services

6. Containerization

   – Comparing container solutions to virtual machines

   – Exploring Docker benefits, components, solutions architecture, and versioning

   – Host containers on AWS to reduce costs

   – Managed container services: Amazon Elastic Container Service (Amazon ECS), Amazon Elastic Kubernetes Service (Amazon EKS), and AWS Fargate

7. Continuous Integration/Continuous Delivery (CI/CD)

   – Understanding the impact and benefits of CI/CD solutions

   – Automating CI/CD with AWS CodePipeline

   – Exploring deployment models and utilizing AWS CloudFormation StackSets for improved deployment management

8. High Availability and DDoS Protection

   – Understanding common DDoS attack layers

   – Implementing AWS WAF, web access control lists (ACLs), real-time metrics, logs, and security automation

   – Leveraging AWS Shield Advanced services and AWS DDoS Response Team (DRT) services

   – Utilizing AWS Network Firewall and AWS Firewall Manager for scalable account protection

9. Data Security

   – Understanding cryptography and its applications

   – Utilizing AWS KMS and AWS CloudHSM architecture

   – Exploring FIPS 140-2 Level 2 and Level 3 encryption standards

   – Managing secrets securely

10. Large-Scale Data Storage

    – Managing Amazon S3 data storage including storage class, inventory, metrics, and policies

    – Understanding the differences between data lakes and data warehouses

    – Implementing AWS Lake Formation solutions for secure data management

11. Large-Scale Applications

    – Utilizing edge services to improve performance and mitigate risks

    – Leveraging Amazon CloudFront, Lambda@Edge, and AWS Global Accelerator for intelligent traffic distribution and health checks

12. Cost Optimization

    – Understanding on-premises and cloud acquisition/deprecation cycles

    – Utilizing cloud cost management tools for reporting, control, and tagging

    – Analyzing the five pillars of cost optimization with examples

13. Workload Migration

    – Understanding business drivers and migration processes

    – Exploring successful customer practices and the 7 Rs for migration and modernization

    – Leveraging migration tools and services from AWS, including database and large data store migration with AWS Schema Conversion Tool (AWS SCT)

14. Capstone Project

    – Using the Online Course Supplement (OCS) to review use cases and investigate data for architecting design questions related to Transit Gateway, hybrid connectivity, migration, and cost optimization.