Advanced Architecting on AWS with AWS Jam

Advanced Architecting on AWS with AWS JamASWAA-AWS-JAMAWAmazon Web ServicesAW-ASWAA-AWS-JAM1.0<p>In this course, you will: </p> <ul> <li>Review the AWS Well-Architected Framework to ensure understanding of best cloud design practices by responding to poll questions while following a graphic presentation</li><li>Demonstrate the ability to secure Amazon Simple Storage Service (Amazon S3) virtual private cloud (VPC) endpoint connections in a lab environment</li><li>Identify how to implement centralized permissions management and reduce risk using AWS Organizations organizational units (OUs) and service control policies (SCPs) with AWS Single Sign-On</li><li>Compare the permissions management capabilities of OUs, SCPs, and AWS SSO with and without AWS Control Tower to determine best practices based on use cases</li><li>Discuss AWS hybrid network designs to address traffic increases and streamline remote work while ensuring FIPS 140-2 Level 2, or Level 3 security compliance</li><li>Explore the solutions and products available to design a hybrid infrastructure, including access to 5G networks, to optimize service and reduce latency while maintaining high security for critical on-premises applications</li><li>Explore ways to simplify the connection configurations between applications and high-performance workloads across global networks</li><li>Demonstrate the ability to configure a transit gateway in a lab environment</li><li>Identify and discuss container solutions and define container management options</li><li>Build and test a container in a lab environment</li><li>Examine how the AWS developer tools optimize the CI/CD pipeline with updates based on near-real-time data</li><li>Identify the anomaly detection and protection services that AWS offers to defend against DDoS attacks</li><li>Identify ways to secure data in transit, at rest, and in use with AWS Key Management Service (AWS KMS) and AWS Secrets Manager</li><li>Determine the best data management solution based on frequency of access, and data query and analysis needs</li><li>Set up a data lake and examine the advantages of this type of storage configuration to crawl and query data in a lab environment</li><li>Identify solutions to optimize edge services to eliminate latency, reduce inefficiencies, and mitigate risks</li><li>Identify the components used to automate the scaling of global applications using geolocation and traffic control</li><li>Deploy and activate an AWS Storage Gateway file gateway and AWS DataSync in a lab environment</li><li>Review AWS cost management tools to optimize costs while ensuring speed and performance</li><li>Review migration tools, services, and processes that AWS provides to implement effective cloud operation models based on use cases and business needs</li><li>Provide evidence of your ability to apply the technical knowledge and experience gained in the course to improve business practices by completing Review Projects</li><li>Work in a team environment to solve real AWS use-case challenges in an AWS Jam</li></ul><p>We recommend that attendees of this course have:</p> <ul> <li>Knowledge and experience with core AWS services from the Compute, Storage, Networking, and AWS Identity and Access Management (IAM) categories</li><li>Attended the <span class="cms-link-marked"><a class="fl-href-prod" href="/swisscom/fr/course/amazon-awsa"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Architecting on AWS <span class="fl-prod-pcode">(AWSA)</span></a></span> classroom training OR</li><li>Achieved the AWS Certified Solutions Architect – Associate certification OR</li><li>Have at least 1 year of experience operating AWS workloads</li></ul><p>This course is intended for cloud architects, solutions architects, and anyone who designs solutions for cloud infrastructures.</p><ul> <li>Reviewing Architecting Concepts</li><li>Single to Multiple Accounts</li><li>Hybrid Connectivity</li><li>Specialized Infrastructure</li><li>Connecting Networks</li><li>Containers</li><li>Continuous Integration/Continuous Delivery (CI/CD)</li><li>High Availability and DDoS Protection</li><li>Securing Data</li><li>Large-Scale Data Stores</li><li>Large-Scale Applications</li><li>Optimizing Cost</li><li>Migrating Workloads</li><li>Review Projects</li><li>AWS Jam</li></ul><p><strong>Day 1</strong> </p> <h5>Module 1: Reviewing Architecting Concepts</h5><ul> <li>Group Exercise: Review Architecting on AWS core best practices</li><li>Hands-On Lab: Securing Amazon S3 VPC Endpoint Communications</li></ul><h5>Module 2: Single to Multiple Accounts</h5><ul> <li>AWS Organizations for multi-account access and permissions</li><li>AWS SSO to simplify access and authentication across AWS accounts and third-party services</li><li>AWS Control Tower</li><li>Permissions, access, and authentication</li></ul><h5>Module 3: Hybrid Connectivity</h5><ul> <li>AWS Client VPN authentication and control</li><li>AWS Site-to-Site VPN</li><li>AWS Direct Connect for hybrid public and private connections</li><li>Increasing bandwidth and reducing cost</li><li>Basic, high, and maximum resiliency</li><li>Amazon Route 53 Resolver DNS resolution</li></ul><h5>Module 4: Specialized Infrastructure</h5><ul> <li>AWS Storage Gateway solutions</li><li>On-demand VMware Cloud on AWS</li><li>Extending cloud infrastructure services with AWS Outposts</li><li>AWS Local Zones for latency-sensitive workloads</li><li>Your 5G network with and without AWS Wavelength</li></ul><h5>Module 5: Connecting Networks</h5><ul> <li>Simplifying private subnet connections</li><li>VPC isolation with a shared services VPC</li><li>Transit Gateway Network Manager and VPC Reachability Analyzer</li><li>AWS Resource Access Manager</li><li>AWS PrivateLink and endpoint services</li><li>Hands-On Lab: Configuring Transit Gateways</li></ul><p><strong>Day 2</strong> </p> <h5>Module 6: Containers</h5><ul> <li>Container solutions compared to virtual machines</li><li>Docker benefits, components, solutions architecture, and versioning</li><li>Container hosting on AWS to reduce cost</li><li>Managed container services: Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS)</li><li>AWS Fargate</li><li>Hands-On Lab: Deploying an Application with Amazon EKS on Fargate</li></ul><h5>Module 7: Continuous Integration/Continuous Delivery (CI/CD)</h5><ul> <li>CI/CD solutions and impact</li><li>CI/CD automation with AWS CodePipeline</li><li>Deployment models</li><li>AWS CloudFormation StackSets to improve deployment management</li></ul><h5>Module 8: High Availability and DDoS Protection</h5><ul> <li>Common DDoS attacks layers</li><li>AWS WAF</li><li>AWS WAF web access control lists (ACLs), real-time metrics, logs, and security automation</li><li>AWS Shield Advanced services and AWS DDoS Response Team (DRT) services</li><li>AWS Network Firewall and AWS Firewall Manager to protect accounts at scale</li></ul><h5>Module 9: Securing Data</h5><ul> <li>What cryptography is, why you would use it, and how to use it</li><li>AWS KMS</li><li>AWS CloudHSM architecture</li><li>FIPS 140-2 Level 2 and Level 3 encryption</li><li>Secrets Manager</li></ul><h5>Module 10: Large-Scale Data Stores</h5><ul> <li>Amazon S3 data storage management including storage class, inventory, metrics, and policies</li><li>Data lake vs. data warehouse: Differences, benefits, and examples</li><li>AWS Lake Formation solutions, security, and control</li><li>Hands-On Lab: Setting Up a Data Lake with Lake Formation</li></ul><p><strong>Day 3</strong> </p> <h5>Module 11: Large-Scale Applications</h5><ul> <li>What edge services are and why you would use them</li><li>Improve performance and mitigate risk with Amazon CloudFront</li><li>Lambda@Edge</li><li>AWS Global Accelerator: IP addresses, intelligent traffic distribution, and health checks</li><li>Hands-On Lab: Migrating an On-Premises NFS Share Using AWS DataSync and Storage Gateway</li></ul><h5>Module 12: Optimizing Cost</h5><ul> <li>On-premises and cloud acquisition/deprecation cycles</li><li>Cloud cost management tools including reporting, control, and tagging</li><li>Examples and analysis of the five pillars of cost optimization</li></ul><h5>Module 13: Migrating Workloads</h5><ul> <li>Business drivers and the process for migration</li><li>Successful customer practices</li><li>The 7 Rs to migrate and modernize</li><li>Migration tools and services from AWS</li><li>Migrating databases and large data stores</li><li>AWS Schema Conversion Tool (AWS SCT)</li></ul><h5>Module 14: Review Projects</h5><ul> <li>Use the Online Course Supplement (OCS) to review use cases, investigate data, and answer architecting design questions about Transit Gateway, hybrid connectivity, migration, and cost optimization</li></ul><p><strong>Day 4</strong> </p> <h5>AWS Jam</h5><ul> <li>Participate in team based challenges in a real AWS environment</li><li>Compete with your colleagues in a gamified, hands-on learning experience</li><li>Apply your learning from the course on various AWS services</li></ul>In this course, you will: - Review the AWS Well-Architected Framework to ensure understanding of best cloud design practices by responding to poll questions while following a graphic presentation - Demonstrate the ability to secure Amazon Simple Storage Service (Amazon S3) virtual private cloud (VPC) endpoint connections in a lab environment - Identify how to implement centralized permissions management and reduce risk using AWS Organizations organizational units (OUs) and service control policies (SCPs) with AWS Single Sign-On - Compare the permissions management capabilities of OUs, SCPs, and AWS SSO with and without AWS Control Tower to determine best practices based on use cases - Discuss AWS hybrid network designs to address traffic increases and streamline remote work while ensuring FIPS 140-2 Level 2, or Level 3 security compliance - Explore the solutions and products available to design a hybrid infrastructure, including access to 5G networks, to optimize service and reduce latency while maintaining high security for critical on-premises applications - Explore ways to simplify the connection configurations between applications and high-performance workloads across global networks - Demonstrate the ability to configure a transit gateway in a lab environment - Identify and discuss container solutions and define container management options - Build and test a container in a lab environment - Examine how the AWS developer tools optimize the CI/CD pipeline with updates based on near-real-time data - Identify the anomaly detection and protection services that AWS offers to defend against DDoS attacks - Identify ways to secure data in transit, at rest, and in use with AWS Key Management Service (AWS KMS) and AWS Secrets Manager - Determine the best data management solution based on frequency of access, and data query and analysis needs - Set up a data lake and examine the advantages of this type of storage configuration to crawl and query data in a lab environment - Identify solutions to optimize edge services to eliminate latency, reduce inefficiencies, and mitigate risks - Identify the components used to automate the scaling of global applications using geolocation and traffic control - Deploy and activate an AWS Storage Gateway file gateway and AWS DataSync in a lab environment - Review AWS cost management tools to optimize costs while ensuring speed and performance - Review migration tools, services, and processes that AWS provides to implement effective cloud operation models based on use cases and business needs - Provide evidence of your ability to apply the technical knowledge and experience gained in the course to improve business practices by completing Review Projects - Work in a team environment to solve real AWS use-case challenges in an AWS JamWe recommend that attendees of this course have: - Knowledge and experience with core AWS services from the Compute, Storage, Networking, and AWS Identity and Access Management (IAM) categories - Attended the Architecting on AWS (AWSA) classroom training OR - Achieved the AWS Certified Solutions Architect – Associate certification OR - Have at least 1 year of experience operating AWS workloadsThis course is intended for cloud architects, solutions architects, and anyone who designs solutions for cloud infrastructures.- Reviewing Architecting Concepts - Single to Multiple Accounts - Hybrid Connectivity - Specialized Infrastructure - Connecting Networks - Containers - Continuous Integration/Continuous Delivery (CI/CD) - High Availability and DDoS Protection - Securing Data - Large-Scale Data Stores - Large-Scale Applications - Optimizing Cost - Migrating Workloads - Review Projects - AWS JamDay 1 Module 1: Reviewing Architecting Concepts - Group Exercise: Review Architecting on AWS core best practices - Hands-On Lab: Securing Amazon S3 VPC Endpoint Communications Module 2: Single to Multiple Accounts - AWS Organizations for multi-account access and permissions - AWS SSO to simplify access and authentication across AWS accounts and third-party services - AWS Control Tower - Permissions, access, and authentication Module 3: Hybrid Connectivity - AWS Client VPN authentication and control - AWS Site-to-Site VPN - AWS Direct Connect for hybrid public and private connections - Increasing bandwidth and reducing cost - Basic, high, and maximum resiliency - Amazon Route 53 Resolver DNS resolution Module 4: Specialized Infrastructure - AWS Storage Gateway solutions - On-demand VMware Cloud on AWS - Extending cloud infrastructure services with AWS Outposts - AWS Local Zones for latency-sensitive workloads - Your 5G network with and without AWS Wavelength Module 5: Connecting Networks - Simplifying private subnet connections - VPC isolation with a shared services VPC - Transit Gateway Network Manager and VPC Reachability Analyzer - AWS Resource Access Manager - AWS PrivateLink and endpoint services - Hands-On Lab: Configuring Transit Gateways Day 2 Module 6: Containers - Container solutions compared to virtual machines - Docker benefits, components, solutions architecture, and versioning - Container hosting on AWS to reduce cost - Managed container services: Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS) - AWS Fargate - Hands-On Lab: Deploying an Application with Amazon EKS on Fargate Module 7: Continuous Integration/Continuous Delivery (CI/CD) - CI/CD solutions and impact - CI/CD automation with AWS CodePipeline - Deployment models - AWS CloudFormation StackSets to improve deployment management Module 8: High Availability and DDoS Protection - Common DDoS attacks layers - AWS WAF - AWS WAF web access control lists (ACLs), real-time metrics, logs, and security automation - AWS Shield Advanced services and AWS DDoS Response Team (DRT) services - AWS Network Firewall and AWS Firewall Manager to protect accounts at scale Module 9: Securing Data - What cryptography is, why you would use it, and how to use it - AWS KMS - AWS CloudHSM architecture - FIPS 140-2 Level 2 and Level 3 encryption - Secrets Manager Module 10: Large-Scale Data Stores - Amazon S3 data storage management including storage class, inventory, metrics, and policies - Data lake vs. data warehouse: Differences, benefits, and examples - AWS Lake Formation solutions, security, and control - Hands-On Lab: Setting Up a Data Lake with Lake Formation Day 3 Module 11: Large-Scale Applications - What edge services are and why you would use them - Improve performance and mitigate risk with Amazon CloudFront - Lambda@Edge - AWS Global Accelerator: IP addresses, intelligent traffic distribution, and health checks - Hands-On Lab: Migrating an On-Premises NFS Share Using AWS DataSync and Storage Gateway Module 12: Optimizing Cost - On-premises and cloud acquisition/deprecation cycles - Cloud cost management tools including reporting, control, and tagging - Examples and analysis of the five pillars of cost optimization Module 13: Migrating Workloads - Business drivers and the process for migration - Successful customer practices - The 7 Rs to migrate and modernize - Migration tools and services from AWS - Migrating databases and large data stores - AWS Schema Conversion Tool (AWS SCT) Module 14: Review Projects - Use the Online Course Supplement (OCS) to review use cases, investigate data, and answer architecting design questions about Transit Gateway, hybrid connectivity, migration, and cost optimization Day 4 AWS Jam - Participate in team based challenges in a real AWS environment - Compete with your colleagues in a gamified, hands-on learning experience - Apply your learning from the course on various AWS services4 jours1990.002250.003690.002485.002485.007000.002485.003575.002995.002995.002870.003960.00