Duration: 3 Days
Overview:
Building on concepts introduced in Architecting on AWS, this advanced course is designed for individuals who are experienced with designing scalable and elastic applications on the AWS platform. In this course, you will cover building more complex solutions that incorporate data services, infrastructure configuration management, and security on AWS. You will get an introduction to more specialized AWS services, including Amazon Elastic MapReduce, AWS OpsWorks, and AWS Elastic Beanstalk. You will also learn about design components for building scalable, elastic, secure, and highly available applications on AWS.
What You Will Learn
- Build more complex solutions with Amazon Virtual Private Cloud (Amazon VPC)
- Leverage bootstrapping and auto configuration in your designs
- Architect solutions with multiple regions, plus learn when and how to use Availability Zones for high availability and fault tolerance
- Employ Auto Scaling design patterns
- Become familiar with Amazon CloudFront for caching
- Become familiar with big data services including AWS Data Pipeline, Amazon Redshift, and Amazon Elastic MapReduce
- Plan for application management services including AWS Elastic Beanstalk and AWS OpsWorks
- Improve security with AWS Identity and Access Management (IAM)
Audience
- Individuals who are responsible for designing cloud infrastructure and reference architectures
- Individuals who have attended Architecting on AWS
- Systems engineers and developers who are responsible for designing and implementing advanced architectures on AWS
Prerequistes
- Working knowledge of architectural design
- Familiarity with cloud computing concepts
- Experience with core AWS products and services, such as Amazon EC2, Amazon S3, and Amazon RDS
Course Outline
1. Architecting with Amazon VPC
- What is Amazon VPC
- Corporate Data Center and VPC
- Basic configuration of Amazon VPC
2. High Availability and Amazon VPC
- Availability zones best practices
- Region definition
- Multi-region architectures
- Multiple regions
- VPN with multiple connections
3. From Diagrams to CloudFormation
- Challenges of manual configurations
- CloudFormation overview
- AWS CloudFormation template for Amazon VPC
- Validating CloudFormation templates
4. Bootstrapping and Auto Configuration
- Benefits of auto configuration
- Applying auto configuration to EC2
- Using configuration tools together
5. Introducing AWS Command Line Tools
- Command line tools overview
- Command line tools capabilities
6. Auto Scaling
- Overview of auto scaling
- Auto scaling patterns
- Scaling down
7. Data Analysis
- Definitions and overview
- Data sources
- Categorizing your data
- Tools for ingesting and storing data
- Tools for processing data
- Scenarios
8. Introduction to Application Management Services
- Overview
- Amazon Elastic Beanstalk
- AWS OpsWorks
9. Group Discussion: Applied Architecture
- HA services & solutions
- Data Tier
- Common patterns
- Group architectures
10. Identity and Access Management (IAM)
- Overview
- Temporary credentials
- Policies
11. Leveraging CloudSearch
- Introduction
- Why CloudSearch?
- Putting CloudSearch to work
12. Incorporating Amazon CloudFront
- Overview
- Distribution process
- Components
- CloudSearch or S3?
- Creating download distributions
- Creating streaming distributions
13. Example Walkthrough: Microsoft SharePoint
- Benefits of Microsoft Services on AWS
- Example architecture
Course Labs
Lab 1: Adding High Availability to NAT Instances
- Create an EC2 role for your NAT instances
- Launch two NAT instances into each public subnet in your Amazon VPCs
- Configure elastic IP addresses so the NAT instances can be reached from the Internet
- Configure the route tables for your private subnets so Internet traffic goes through the NAT instances
- Download and configure the nat_monitor.sh script to each NAT instance
- Launch instances in your private subnets and test that they can connect to the Internet
- Test the monitoring script to see how a NAT instance takes over for a failed NAT instance
Lab 2: Extending your network with Amazon VPC
- Create an instance of Amazon VPC in a region of your choosing
- Create an instance of Amazon VPC in a different region
- Connect the two regions together using two IPSec VPN servers
Lab 3: From Diagrams to CloudFormation
- Define a parameter to ensure that the template only launches resources that fit within your network plan
- Define the acceptable IP address ranges for your subnets
- Define the acceptable values for two public subnets within the template
- Define the acceptable values for two private subnets within the template
- Create an instance of Amazon VPC
- Create two public subnets
- Create two private subnets
- Create an Internet gateway
- Create a public route table to allow traffic between the public subnets and the Internet
- Create a private route table to allow traffic between the public and private subnets
- Specify the Network ACL for the public and private subnets
- Define the DHCP options for assigning IP addresses to resources within the VPC
- Launch the CloudFormation in a new region
Lab 4: Bootstrapping and Network Architectures
- Launch a web application which uses a database (RDS) using the UserData field in the AWS Management Console
- Observe and identify where this script accesses AWS resources directly (such as from an S3 bucket)
- Manipulate the bootstrap script to configure database access for itself
Lab 5: Exploring Auto Scaling
- Review a CloudFormation template that contains two Auto Scaling groups
- Launch the CloudFormation template and observe the number of EC2 instances created
- Launch an EC2 instance that you can use to create additional auto scaling groups
- Create an auto scaling policy that uses spot instances to expand the number of frontend and backend Servers
- Create an auto scaling policy that uses on-demand instances to increase capacity on a specific date
Lab 6: Incorporating Amazon Elastic MapReduce (EMR) and Amazon Redshift
- Provision an EMR cluster to launch within an Amazon VPC instance
- Protect the cluster from termination
- Test the cluster to verify that it's protected
- Remove the protection and delete the cluster
- Launch a RedShift cluster in a VPC.
Lab 7: Introducing Amazon Elastic Beanstalk and AWS OpsWorks
- Deploy a sample application in an Amazon Elastic Beanstalk environment
- View an existing application running inside a VPC
- Verify the configuration of Elastic Beanstalk resources inside in the VPC
- Create a stack using AWS OpsWorks
- Add a layer and an instance to the stack
- Add and deploy an OpsWorks app.
Lab 8: Working with Amazon Identity and Access Management
- Create and test a user that only has full access to Amazon S3
- Create and test a user that only has full access to Amazon EC2
- Create a role that allows only describe permissions to EC2 instances