Advanced Architecting on AWS
← Back to Courses
Category: Cloud & Devops - AWS
Duration: 40 Hrs
Prerequisites:
✅ Recommended Prior Training/Certifications:
- Completion of Architecting on AWS (foundational architect course).
- AWS Certified Solutions Architect – Associate level (recommended, not mandatory).
✅ Practical Experience:
- At least 1+ years of hands-on experience designing and implementing AWS solutions in a real or lab environment.
The Advanced Architecting on AWS course is designed for experienced cloud architects who want to deepen their expertise in designing, implementing, and optimizing complex solutions on the AWS platform. It builds on foundational architecting knowledge and explores advanced concepts, including multi-account strategies, hybrid connectivity, containerized workloads, large-scale applications, and cost optimization.
Course Modules
This module revisits the AWS Well-Architected Framework and best practices, ensuring learners understand the foundation of cloud architecture. It also emphasizes secure communications between Amazon S3 and VPC endpoints.
- Apply AWS Well-Architected best practices.
- Secure S3 communications using VPC endpoints.
- Analyze architectural trade-offs for security, performance, and reliability.
Learn how to manage multiple AWS accounts using Organizations, Control Tower, and AWS SSO. This module focuses on governance, centralized management, and scaling permissions across environments.
- Configure AWS Organizations for governance.
- Implement AWS SSO for simplified authentication.
- Manage permissions and access at scale.
- Use Control Tower for centralized account provisioning.
This module introduces hybrid network solutions, enabling secure, resilient connections between on-premises and AWS. It explores VPNs, Direct Connect, and DNS resolution strategies.
- Configure Client VPN and Site-to-Site VPN.
- Use Direct Connect for high-performance hybrid workloads.
- Design resilient connectivity patterns.
- Implement Route 53 Resolver for hybrid DNS.
Explore AWS’s specialized infrastructure offerings to support unique workloads. This includes hybrid storage, VMware on AWS, edge computing with Outposts, and 5G applications with Wavelength.
- Integrate VMware Cloud on AWS.
- Extend infrastructure with AWS Outposts and Local Zones.
- Implement Storage Gateway for hybrid storage.
- Explore AWS Wavelength for 5G-enabled workloads.
This module focuses on advanced VPC connectivity and inter-network communication using services like Transit Gateway, PrivateLink, and Resource Access Manager.
Design isolated VPC and shared services patterns.
Use Transit Gateway Network Manager and Reachability Analyzer.
Enable private connectivity with AWS PrivateLink.
Share resources securely across accounts.
Hands-on: Configure AWS Transit Gateway.
Understand container technologies, their advantages over VMs, and how AWS supports them with ECS, EKS, and Fargate for scalable, cost-efficient deployments.
- Differentiate VMs vs. containers.
- Deploy workloads using ECS and EKS.
- Run containers without servers using Fargate.
- Hands-on: Deploy an application on ECS with Fargate.
Learn how to build automated CI/CD pipelines with AWS CodePipeline, manage deployments across accounts, and improve efficiency with CloudFormation StackSets.
- Implement CI/CD pipelines with AWS CodePipeline.
- Compare deployment models (blue/green, canary, rolling).
- Use CloudFormation StackSets for multi-account deployments.
Explore AWS’s defense mechanisms against availability threats like DDoS. This module covers WAF, Shield, and Firewall Manager for large-scale security management.
- Identify DDoS attack layers.
- Protect workloads with AWS WAF and ACLs.
- Implement AWS Shield Advanced and DRT services.
- Use AWS Network Firewall and Firewall Manager.
Learn how AWS services ensure data protection through cryptography, secure key management, and secret handling. Compliance requirements like FIPS encryption are also covered.
- Apply cryptographic techniques.
- Use AWS KMS for encryption key management.
- Understand AWS CloudHSM for compliance-driven workloads.
- Store and rotate secrets securely with Secrets Manager.
This module covers how to manage massive datasets on AWS, optimize S3 storage, and differentiate between data lakes and warehouses. Learners also implement Lake Formation for secure governance.
- Manage S3 storage policies and lifecycle rules.
- Compare data lakes vs. warehouses.
- Build secure data lakes with AWS Lake Formation.
- Hands-on: Set up a Lake Formation-based data lake.
Explore edge services for performance improvement, including CloudFront, Lambda@Edge, and AWS Global Accelerator. Hands-on migration labs provide real-world application.
- Improve performance with CloudFront.
- Deploy code closer to users with Lambda@Edge.
- Optimize global traffic distribution with AWS Global Accelerator.
- Hands-on: Migrate NFS shares with DataSync & Storage Gateway.
Learn AWS cost management tools and best practices to reduce cloud spending. This includes acquisition cycles, tagging, and the five pillars of cost optimization.
Apply AWS cost optimization pillars.
Use reporting and tagging for cost visibility.
Align cloud spending with business goals.
This module provides strategies for migrating workloads, databases, and large datasets to AWS. It introduces the 7 Rs framework and migration tools like AWS SCT.
- Apply the 7 Rs migration framework.
- Use AWS SCT for database migration.
- Plan migration strategies with AWS services.
- Leverage customer migration best practices.
Learners work on a comprehensive case study, applying their knowledge to real-world scenarios. They design architectures covering Transit Gateway, hybrid connectivity, migration, and cost optimization.
- Design enterprise AWS architectures.
- Apply best practices in networking, migration, and cost optimization.
- Collaborate and present architecture solutions.