Course #:WA2391

AWS for Solution Architects Training

Courseware: Available for sale

This course prepares solutions architects for the Amazon Web Services platform. AWS is the hottest technology on the planet today. This course is architected in such a way that the AWS Certified Solutions Architect – Associate examination test may be taken when the student graduates.

Web Age AWS Training can be delivered in traditional classroom style format. Web Age AWS Training can also be delivered in a synchronous instructor led format.

This is a 3-day course. This course is deep, and covers all areas of AWS, currently numbering over 70 services. Compute services include virtual cloud servers (EC2) complete with Docker coverage. Amazon isolated cloud resources (VPC) and batch management, including the new Lambda, which does auto-scaling as responses to events.

Scalable cloud-based storage (S3) will introduce Amazon’s older and newer options, including Glacier, Snowmobile, and the elastic file system. Relational databases will be covered, and how we deal with them. This is all subject to users being allocated security via Identity and Access Management (IAM).

Global content delivery will be covered, including Cloudfront, and elastic load balancing over Route 53, Amazon’s scalable DNS. Cloudwatch and other management tools are covered in-depth as well. And application services, including messaging queues and notification services are covered.

This training course is supplemented by a variety of hands-on labs that help attendees reinforce their theoretical knowledge of the learned material.


  • WS Overview
  • Interfacing with AWS
  • AWS Core Services
  • Designing Solutions for the Cloud
  • AWS Solutions Patterns
  • Best Practices


Enterprise Architects, Solution Architects, Developers, Technical Managers


Foundational knowledge in distributed computing and Web-based architecture


3 days

Outline of AWS for Solution Architects Training

Chapter 1. Defining the Cloud

  • A Bit of History
  • Wikipedia Entry
  • Cloud Computing at a Glance
  • Gartner Research on Cloud
  • Electrical Power Grid Service Analogy
  • The NIST Perspective
  • Five Characteristics
  • On-demand Self-Service (NIST Characteristic)
  • Broad Network Access (NIST Characteristic)
  • Resource Pooling (NIST Characteristic)
  • Rapid Elasticity (NIST Characteristic)
  • Measured Service (NIST Characteristic)
  • The Three Cloud Service Models (NIST)
  • The Cloud Computing Spectrum: IaaS, PaaS and SaaS
  • The Four Cloud Deployment Models (NIST)
  • The NIST Cloud Definition Framework
  • A Hybrid Cloud Diagram
  • Cloud Deployment Model Dynamics
  • Summary

Chapter 2. The Cloud Enablers

  • The Origin of the Cloud Computing
  • Virtualization
  • Hypervisors
  • Hypervisor Types
  • Type 1 hypervisors
  • Type 2 hypervisors
  • Type 1 vs Type 2 Processing
  • Paravirtualization
  • Applying Virtualization to the Cloud
  • Virtualization Qualities (1/2)
  • Virtualization Qualities (2/2)
  • Grid Computing vs Cloud Computing
  • Myth: Cloud is SaaS
  • SOA and the Cloud
  • Summary

Chapter 3. Cloud Reference Model

  • The Need for a Cloud Reference Model
  • Cloud Reference Model
  • Cloud Infrastructure
  • Cloud Infrastructure - Virtual Machines
  • A Bootable OS Image
  • Defining a "Compute Unit"
  • Block Storage for Instances
  • Cloud Infrastructure - Cloud Object Storage
  • Cloud Multi-Tenancy Model
  • Common Characteristics of Multi-tenant Applications (1/2)
  • Common Characteristics of Multi-tenant Applications (2/2)
  • The PaaS Platform
  • AWS Elastic Beanstalk Service (AEBS)
  • Working with AWS Elastic Beanstalk Service (AEBS)
  • The SaaS Platform
  • Cloud Service Model Implementations
  • Summary

Chapter 4. Overview of the Amazon Web Services (AWS)

  • Amazon Web Services
  • The History of AWS
  • The Initial Iteration of Moving to AWS
  • The AWS (Simplified) Service Stack
  • Accessing AWS
  • Direct Connect
  • Shared Responsibility Model
  • Trusted Advisor
  • The AWS Distributed Architecture
  • AWS Services
  • Managed vs Unmanaged Amazon Services
  • Amazon Resource Name (ARN)
  • Compute and Networking Services
  • Elastic Compute Cloud (EC2)
  • AWS Lambda
  • Auto Scaling
  • Elastic Load Balancing (ELB)
  • Virtual Private Cloud (VPC)
  • Route53 Domain Name System
  • Elastic Beanstalk
  • Security and Identity Services
  • Identity and Access Management (IAM)
  • AWS Directory Service
  • AWS Certificate Manager
  • AWS Key Management Service (KMS)
  • Storage and Content Delivery
  • Elastic Block Storage (EBS)
  • Simple Storage Service (S3)
  • Glacier
  • CloudFront Content Delivery Service
  • Database Services
  • Relational Database Service (RDS)
  • DynamoDB
  • Amazon ElastiCache
  • Redshift
  • Messaging Services
  • Simple Queue Service (SQS)
  • Simple Notifications Service (SNS)
  • Simple Email Service (SES)
  • AWS Monitoring with CloudWatch
  • Other Services Example
  • Summary

Chapter 5. AWS Simple Storage Service

  • What is AWS Simple Storage Service (S3)
  • AWS Storage
  • Regions
  • S3 Regions
  • Getting started with S3
  • Using BitTorrent
  • More on Buckets
  • Bucket Configurable Properties
  • Advanced S3 Bucket Properties
  • The Bucket Creation Dialog in the Management Console
  • Bucket Permissions
  • Bucket-level Operations
  • Authorization of REST Requests
  • Adding Cross-Origin Resource Sharing Configuration
  • Event Notifications
  • The Requester Pays Option
  • The Object Key
  • Object Versioning
  • Example of Object Properties
  • Object Storage Class Levels
  • Object-level Operations
  • Object Lifecycle Configuration
  • Amazon S3 Data Consistency Model
  • Observable Data Consistency Behaviors
  • Eventually Consistent Reads vs Consistent Reads
  • Amazon S3 Security
  • S3 Use Case: Backup and Archiving
  • Another S3 Use Case: Static Web Hosting
  • More on Static Web Hosting
  • S3 Static Website Hosting Dialog in Management Console
  • S3 Use Case: Disaster Recovery
  • AWS S3 Pricing
  • Storage Pricing
  • Request Pricing
  • Data Transfer Pricing
  • Amazon S3 Transfer Acceleration
  • How to Enable Transfer Acceleration
  • Enabling Transfer Acceleration in the Management Console
  • Amazon S3 SLA Definitions
  • Amazon S3 SLA Service Commitment
  • S3 CLI
  • Summary

Chapter 6. AWS Identity and Access Management

  • AWS Identity and Access Management (IAM)
  • IAM Groups
  • Working with IAM
  • The IAM Dashboard
  • IAM Principals
  • Root Account Access vs. IAM User Access
  • Roles
  • Creating a Role in AWS Management Console
  • Accessing AWS
  • Identity Providers
  • Need Identity Management for Mobile Apps?
  • AWS Key Management Service (KMS)
  • User Management
  • Password Policies
  • Using Multi-Factor Authentication Devices
  • Hardware-based and Virtual MFA Devices
  • Summary

Chapter 7. Amazon Virtual Private Cloud (VPC)

  • Amazon Virtual Private Cloud (VPC)
  • VPCs, AZs, and Regions
  • What can You do with VPC ? (Part 1 of 2)
  • What can You do with VPC ? (Part 2 of 2)
  • VPC Core Components
  • VPC In or Out
  • When You Create a VPC …
  • The Create VPC Dialog
  • The VPC Dashboard
  • When You Delete a VPC …
  • Subnets
  • Private and Public Subnets
  • Route Tables
  • Routes in a Route Table Example
  • Internet Gateways
  • An Elastic IP Address
  • Associating the Elastic IP Address With An Instance
  • Elastic Network Interfaces (ENIs)
  • Security Groups
  • Security Group Rules
  • Example of A Security Group's Rules
  • Putting It All Together
  • Network Access Control Lists
  • VPC Caps
  • Good VPC Design Recommendation
  • Where Do I Put My Web Servers?
  • VPC Resources
  • Summary

Chapter 8. Amazon Elastic Compute Cloud (EC2)

  • Amazon Elastic Compute Cloud (EC2)
  • AWS Marketplace for OSes
  • AWS Marketplace for Tools and Applications
  • Shop Around for Cheaper EC2 Instances ...
  • Spot Instance Pricing History
  • Instances Default Quotas
  • Bootstrapping
  • Instance Tagging
  • Newer Tag Features
  • EC2 Instance Types
  • The Instance Types Matrix
  • The T2 Instance Type (Example of a Low-end Type)
  • The I2 Instance Type (Example of a High-end Type)
  • X1 Instance
  • Modifying an Instance
  • The EC2 Dashboard
  • EC2 Pricing
  • Cluster Networking
  • Dedicated Instances
  • VM Import / Export to/from AWS
  • Running 3
  • rd
  • Party SAML providers in EC2
  • Elastic IP Address
  • EC2 Service Level Agreement
  • Summary

Chapter 9. Amazon Elastic Block Store

  • Amazon Elastic Block Store (EBS) Overview
  • EBS Store Details
  • Accessing the ESB Service
  • EBS Volume Supported Operations
  • Types of EBS
  • More on EBS Types
  • EBS Volume Encryption
  • Instance Types Supported by EBS Encryption
  • The Create Volume Dialog
  • Use Cases for Volume Types
  • EBS Volume Type Prices
  • ESB Volume RAID Configuration
  • EBS Snapshots
  • Public Snapshot Repository
  • EBS Snapshot Common Use Cases
  • EBS Snapshot Operations
  • The EBS Snapshot Dialog
  • The EBS Service Level Agreement (SLA)
  • Service Credits
  • Summary

Chapter 10. The AWS Command Line Interface

  • Understanding the AWS Command Line Interface (CLI)
  • Getting Started With the AWS CLI
  • Available Commands
  • Options
  • Sample Commands
  • Summary

Chapter 11. The AWS Shared Responsibility Model

  • The AWS Shared Responsibility Model
  • In a Nutshell...
  • Areas of Responsibility of AWS
  • Your Areas of Responsibility
  • AWS Compliance Program
  • Cloud Security Domains
  • The CIAs of Security
  • AWS Network Security
  • AWS Network Security (Cont'd)
  • The Heartbleed OpenSSL Bug
  • Authentication & Authorization: AWS Identity and Access Management Service
  • AWS Account Security Features
  • Controlling Programs: Mandatory Access Control (MAC)
  • Access Control: Physical Security
  • Access Control: Auditing
  • Security Best Practices
  • Be Aware of Spear-Phishing Attacks
  • Summary

Chapter 12. Designing Cloud Solutions

  • Getting Started …
  • Implications of Vendor Lock-In
  • Dealing with Vendor-specific Service API
  • Know Your Cloud Application's Needs
  • Data Physics
  • Cloud Design Strategies
  • Designing for Failure
  • Designing for Cloud Availability
  • Designing for Cloud Scalability
  • UI Considerations
  • Analyzing Cloud Requirements
  • "Good/Not-so-Good" Use Cases for the Cloud
  • Design the Cloud Service Interface
  • Designing for Cloud Non-Functional Requirements
  • Practical Observations and Rules
  • Selecting the Right Object Storage
  • Analysis and Design (A&D) Best Practices
  • A&D Best Practices - Prototyping
  • A&D Best Practices – System Partitioning
  • A&D Best Practices - Leveraging Cloud Platform Services
  • A&D Best Practices -
  • Using Asynchronous Communication Patterns
  • MOM to the Rescue
  • A&D Best Practices - Preempt Possible Data Corruption
  • A&D Best Practices -
  • Caching
  • A&D Best Practices - Staying Hands-On
  • Be Aware of the CAP Theorem Constraints
  • The CAP Triangle
  • Cloud Layering
  • Cloud Layering Overview
  • Content Services
  • Separate Static Content from Dynamic Content
  • Logic Services
  • Orchestration in the Cloud
  • Designing for Cloud Security - OWASP 10
  • Designing for Cloud Security - OWASP 10 (Cont'd)
  • Designing for Cloud Security – Multi-Factor Security
  • Stepping Across Site Silos
  • Stepping Across Site Silos – the SAML Protocol
  • Stepping Across Site Silos – t
  • he OpenID Protocol
  • SAML vs OpenID
  • Stepping Across Site Silos – OAuth
  • Utility - Security Services
  • Out-of-the-Box Security Service Example
  • Simple Layering Example
  • Layering Example with Dedicated IaaS
  • Amazon Web Services Integration Diagram
  • Handling Error Messages in the Cloud
  • Designing for Cloud Maintainability
  • Summary

Chapter 13. AWS Lambda

  • What is AWS Lambda?
  • Supported Languages
  • Getting Your Code Up And Running in Lambda
  • Examples of the Base Lambda Function
  • Use Cases
  • How It Works
  • Example: Processing S3 Source Events with Lambda
  • The Programming Model
  • Configuring Lambda Functions
  • Configure Triggers Page
  • Lambda Function Blueprints
  • How Do I Troubleshoot and Monitor My Lambda Functions?
  • Developing Lambda in Java
  • Summary

Chapter 14. AWS Solution Architecture Patterns

  • AWS Architecture Center
  • List of Reference Architectures
  • High Availability Solution Architecture Blueprint
  • Log Analysis Solution Architecture Blueprint Summary
  • Scalable Web App Solution Architecture Blueprint Summary
  • Simplified Web App Solution Architecture Blueprint
  • Architecting for AWS: Design for Failure - Take 1
  • Architecting for AWS: Design for Failure - Take 2
  • Go with SOA and Asynchronous Communication Patterns
  • Batch Processing with SQS
  • Secure Your Applications
  • Securing your Web Application Example
  • Other Security Considerations
  • Operational Checklists for AWS
  • Excerpts from Operational Checklists
  • Summary

Chapter 15. AWS Cloud Governance

  • IT Governance
  • IT Governance (Cont'd)
  • CloudTrail
  • How CloudTrail Works
  • Agile IT in the Cloud
  • DevOps Security Concerns
  • Governance: Common Activities
  • Governance: Common Activities (Cont'd)
  • Governance Gotchas
  • AWS Shared Responsibility Model
  • Shared Responsponsibility in a Nutshell
  • Shared Controls
  • Cloud Risks to Consider
  • Risk Management
  • AWS: Risk And Compliance
  • Summary

Chapter 16. AWS Capabilities, Comparison Charts, and Use Cases

  • Data is the Reason for the System
  • State is Maintained by Data, not Programs
  • Storage
  • Storage Use Cases - Ranking Services
  • Database Management Systems
  • Transactional Database Management Systems
  • Relational Database Service (RDS)
  • RDS Capabilities Chart
  • NoSQL Databases
  • Databases Use Cases
  • Compute
  • Compute Use Cases
  • Summary

Lab Exercises

Lab 1. Learning the AWS Management Console
Lab 2. Managing Keys for Secure Connection
Lab 3. Using S3 Through Management Console
Lab 4. Managing IAM Users
Lab 5. Getting Started with the EC2 Service
Lab 6. Understanding the Virtual Private Cloud and the Internet Gateway
Lab 7. Elastic Block Store
Lab 8. Getting Started with AWS Command-line Interface
Lab 9. Using Amazon Simple Queue Service
Lab 10. Using AWS Lambda
Lab 11. Creating Highly Available Apps on AWS
Lab 12. Architectural Requirements Exercise (Optional)
Lab 13. Lab Environment Clean-Up

We regularly offer classes in these and other cities. Atlanta, Austin, Baltimore, Calgary, Chicago, Cleveland, Dallas, Denver, Detroit, Houston, Jacksonville, Miami, Montreal, New York City, Orlando, Ottawa, Philadelphia, Phoenix, Pittsburgh, Seattle, Toronto, Vancouver, Washington DC.