AW300: Advanced Architecting on AWS™

Training: AWS™ - Cloud - Certification

AWS ATP Select Tier Logo

Participants receive a practical introduction to advanced architectures on AWS™. The course covers multi-account management, hybrid connectivity, network design with AWS™ Transit Gateway, container services, and CI/CD automation. The training is complemented by scenarios on security, DDoS protection, data lakes, edge services, migration, and cost management, as well as hands-on labs and group discussions.

Unfortunately there are currently no available appointments.
Would you like to request an appointment? Then click on 'No matching appointment?'

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Reviewing Architecting Concepts
    • Group Exercise: Review Architecting on AWS™ core best practices
    • Lab 1: Securing Amazon S3 VPC Endpoint Communications

  • Single to Multiple Accounts
    • AWS™ Organizations for multi-account access and permissions
    • AWS™ SSO to simplify access and authentication across AWS™ accounts and third-party services
    • AWS™ Control Tower
    • Permissions, access, and authentication

  • Hybrid Connectivity
    • AWS™ Client VPN authentication and control
    • AWS™ Site-to-Site VPN
    • AWS™ Direct Connect for hybrid public and private connections
    • Increasing bandwidth and reducing cost
    • Basic, high, and maximum resiliency
    • Amazon Route 53 Resolver DNS resolution

  • Specialized Infrastructure
    • AWS™ Storage Gateway solutions
    • On-demand VMware™ Cloud on AWS™
    • Extending cloud infrastructure services with AWS™ Outposts
    • AWS™ Local Zones for latency-sensitive workloads
    • Your 5G network with and without AWS™ Wavelength

  • Connecting Networks
    • Simplifying private subnet connections
    • VPC isolation with a shared services VPC
    • Transit Gateway Network Manager and VPC Reachability Analyzer
    • AWS™ Resource Access Manager
    • AWS™ PrivateLink and endpoint services
    • Lab 2: Configuring Transit Gateways

  • Containers
    • Container solutions compared to virtual machines
    • Docker benefits, components, solutions architecture, and versioning
    • Container hosting on AWS™ to reduce cost
    • Managed container services: Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS)
    • AWS™ Fargate
    • Lab 3: Deploying an Application with Amazon EKS on Fargate

  • Continuous Integration/Continuous Delivery (CI/CD)
    • CI/CD solutions and impact
    • CI/CD automation with AWS™ CodePipeline
    • Deployment models
    • AWS™ CloudFormation StackSets to improve deployment management

  • Common DDoS attacks layers
    • AWS™ WAF
    • AWS™ WAF web access control lists (ACLs), real-time metrics, logs, and security automation
    • AWS™ Shield Advanced services and AWS™ DDoS Response Team (DRT) services
    • AWS™ Network Firewall and AWS™ Firewall Manager to protect accounts at scale

  • Securing Data
    • What cryptography is, why you would use it, and how to use it
    • AWS™ KMS
    • AWS™ CloudHSM architecture
    • FIPS 140-2 Level 2 and Level 3 encryption
    • Secrets Manager

  • Large-Scale Data Stores
    • Amazon S3 data storage management including storage class, inventory, metrics, and policies
    • Data lake vs. data warehouse: Differences, benefits, and examples
    • AWS™ Lake Formation solutions, security, and control
    • Lab 4: Setting Up a Data Lake with Lake Formation

  • Large-Scale Applications
    • What edge services are and why you would use them
    • Improve performance and mitigate risk with Amazon CloudFront
    • Lambda@Edge
    • AWS™ Global Accelerator: IP addresses, intelligent traffic distribution, and health checks
    • Lab 5: Migrating an On-Premises NFS Share Using AWS™ DataSync and Storage Gateway

  • Optimizing Cost
    • On-premises and cloud acquisition/deprecation cycles
    • Cloud cost management tools including reporting, control, and tagging
    • Examples and analysis of the five pillars of cost optimization

  • Migrating Workloads
    • Business drivers and the process for migration
    • Successful customer practices
    • The 7 Rs to migrate and modernize
    • Migration tools and services from AWS™
    • Migrating databases and large data stores
    • AWS™ Schema Conversion Tool (AWS™ SCT)

  • Capstone Project
    • Use the Online Course Supplement (OCS) to review use cases, investigate data, and answer architecting design questions about Transit Gateway, hybrid connectivity, migration, and cost optimization

Objectives:

In this course AW300 Advanced Architecting on AWS™, you will:
  • Review the AWS™ Well-Architected Framework to ensure understanding of best cloud design
    practices by responding to poll questions while following a graphic presentation
  • Demonstrate the ability to secure Amazon Simple Storage Service (Amazon S3) virtual private
    cloud (VPC) endpoint connections in a lab environment
  • Identify how to implement centralized permissions management and reduce risk using AWS™
    Organizations organizational units (OUs) and service control policies (SCPs) with AWS™ Single Sign-On
  • Compare the permissions management capabilities of OUs, SCPs, and AWS™ SSO with and without AWS™ Control Tower to determine best practices based on use cases
  • Discuss AWS™ hybrid network designs to address traffic increases and streamline remote work while ensuring FIPS 140-2 Level 2, or Level 3 security compliance
  • Explore the solutions and products available to design a hybrid infrastructure, including access to 5G networks, to optimize service and reduce latency while maintaining high security for critical on-premises applications
  • Explore ways to simplify the connection configurations between applications and high-performance workloads across global networks
  • Demonstrate the ability to configure a transit gateway in a lab environment
  • Identify and discuss container solutions and define container management options
  • Build and test a container in a lab environment
  • Examine how the AWS™ developer tools optimize the CI/CD pipeline with updates based on near-real-time data
  • Identify the anomaly detection and protection services that AWS™ offers to defend against DDoS attacks
  • Identify ways to secure data in transit, at rest, and in use with AWS™ Key Management Service (AWS™ KMS) and AWS™ Secrets Manager
  • Determine the best data management solution based on frequency of access, and data query and analysis needs
  • Set up a data lake and examine the advantages of this type of storage configuration to crawl and query data in a lab environment
  • Identify solutions to optimize edge services to eliminate latency, reduce inefficiencies, and mitigate risks
  • Identify the components used to automate the scaling of global applications using geolocation and traffic control
  • Deploy and activate an AWS™ Storage Gateway file gateway and AWS™ DataSync in a lab environment
  • Review AWS™ cost management tools to optimize costs while ensuring speed and performance
  • Review migration tools, services, and processes that AWS™ provides to implement effective cloud operation models based on use cases and business
    needs
  • Provide evidence of your ability to apply the technical knowledge and experience gained in the course to improve business practices by completing a Capstone Project

Target audience:

This course AW300 Advanced Architecting on AWS™ is intended for
  • Cloud Architects
  • Solutions Architects
  • Anyone who designs solutions for cloud infrastructures

Prerequisites:

To participate in the course AW300 Advanced Architecting on AWS™ at qSkills™, you should have attended the following AWS™ training:

In addition, you should meet the following prerequisites:

  • The certification "AWS™ Certified Solutions Architect – Associate"
  • Knowledge and experience with core AWS™ services in the areas of Compute, Storage, Networking and AWS™ Identity and Access Management (IAM)
  • At least 1 year of experience in operating AWS™ workloads


Description:

In this course AW300 Advanced Architecting on AWS™, each module presents a scenario with an architectural challenge to be solved. You will examine available AWS™ services and features as solutions to the problem. You will gain insights by participating in problem-based discussions and learning about the AWS™ services that you could apply to meet the challenges.
Over 3 days, the course AW300 Advanced Architecting on AWS™ goes beyond the basics of a cloud infrastructure and covers topics to meet a variety of needs for AWS™ customers. Course modules focus on managing multiple AWS™ accounts, hybrid connectivity and devices, networking with a focus on AWS™ Transit Gateway connectivity, container services, automation tools for continuous integration/continuous delivery (CI/CD), security and distributed denial of service (DDoS) protection, data lakes and data stores, edge services, migration options, and managing costs.
The course AW300 Advanced Architecting on AWS™ concludes by presenting you with scenarios and challenging you to identify the best solutions.

This course AW300 Advanced Architecting on AWS™ includes presentations, group discussions, use cases, videos, assessments, and hands-on labs.

Other Info:

The course materials (e-book) are in English, the course language is German.


This course is also available as a 4-day workshop with AWS™ Jam.
AW300 Advanced Architecting on AWS™ with AWS™ Jam

Real-world problem solving, exploration of new services, and understanding the interaction of individual components are the focus of this hands-on day.

check-icon

Guaranteed implementation:

from 2 Attendees

Booking information

Price:

1.995,00 € plus VAT.

(including lunch & drinks)

Exam:

The examination fee is not included in the price. However, it can be booked at PearsonVue.

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.