O'Reilly logo
live online training icon Live Online training

AWS core architecture concepts

Prepare for the Amazon Web Services Solutions Architect - Associate certification

Topic: System Administration
Mark Wilkins

Understanding the fundamentals of properly architecting solutions in the AWS cloud empowers you to design effective, scalable, and secure solutions. Join Mark Wilkins for a thorough review of AWS cloud best practices and recommended design patterns. You’ll learn how to design, administer, and support the core AWS components of compute, storage, and networking services following AWS recommended architectural principles and best practices.

This is the first in a series of three courses designed to help you prepare for the AWS Solutions Architect - Associate certification exam.

What you'll learn-and how you can apply it

By the end of this live, online course, you’ll understand:

  • AWS cloud infrastructure concepts and terminology
  • Regions, availability zones, and edge locations
  • VPC networking services at AWS
  • Instance types, AMIs, and EBS storage
  • Cloud storage options, including S3 and Glacier

And you’ll be able to:

  • Design cloud solutions utilizing AWS best practices
  • Deploy effective solutions using the core components of compute, storage, and networking services
  • Prepare for the AWS Solutions Architect - Associate certification exam

This training course is for you because...

  • You’re a system administrator moving to AWS.
  • You’re a cloud architect who wants to know more about AWS design.
  • You’re an IT professional who needs to develop AWS technical knowledge and skills for daily management and operation in the AWS cloud.
  • You’re working toward the AWS Solutions Architect - Associate certification.


  • A basic understanding of general networking concepts, cloud computing, and multitier architectural design

Recommended preparation:

Recommended follow-up:

About your instructor

  • Mark Wilkins has more than 20 years’ experience designing, deploying, and supporting software and hardware technology in the corporate and small business world. Currently, Mark provides training and consulting services to corporate customers throughout North America. Previously, as course director for Global Knowledge, Mark developed and taught technical seminars and developed courseware for the 2008 Microsoft official curriculum stream.

    Since 2010, Mark has focused on cloud services, including Amazon Web Services, Microsoft Azure, and IBM SoftLayer. Mark holds Amazon Web Services Architect - Associate and AWS Sys-Ops - Associate as well as certifications in MCSA (2012) He is the author of Learning AWS which has been published in 2019 by Pearson Education.


The timeframes are only estimates and may vary according to how the class is progressing

Day 1

Introduction (XX minutes)

  • Lecture: Introduce Terra Firma case study; using the study guide; certification concepts

Regions, availability zones, and edge locations (XX minutes)

  • Lecture: AWS architecture design concepts; managed versus unmanaged service; regions and availability zones; understanding costs; edge locations
  • Hands-on demonstrations: Using the management console; reviewing regions and availability zones; using edge location services
  • Break (10 minutes)

Accessing AWS Services (XX minutes)

  • Lecture: Accessing AWS Cloud Services—APIs, the CLI, and the SDK
  • Hands-on demonstrations: Using the CLI

Virtual Private Cloud (VPC) (XX minutes)

  • Lecture: What's a VPC?; design decisions; the default VPC; subnets (private and public)
  • Hands-on demonstrations: Creating a custom VPC; creating subnets
  • Break (10 minutes)

Internet gateways, route tables, elastic IPs, security groups, and network ACLs (60 minutes)

  • Lecture: Internet gateways; route tables; elastic IPs; security groups; network ACLs
  • Hands-on demonstrations: Adding an internet gateway; creating a custom route table; adding an elastic IP; creating security groups; creating a network ACL

Day 2

VPC options, flow logs, and the NAT gateway service (XX minutes)

  • Lecture: VPC options—endpoints, peering VPCs; flow logs; the NAT gateway service
  • Hands-on demonstrations: Adding a gateway endpoint; enabling flow logs; ordering a NAT gateway service

EC2 instances (XX minutes)

  • Lecture: EC2 instance families; Amazon Machine Images (AMIs); pricing—on-demand, spot, reserved, scheduled, spot fleets; EC2 tenancy options; golden image maintenance
  • Hands-on demonstrations: Creating an AMI; using the Simple Monthly Pricing Calculator
  • Break (10 minutes)

EC2 instance stores, administration, storage, and snapshots (50 minutes)

  • Lecture: EC2 instance stores; EC2 administration; elastic network interfaces; elastic block storage; volume types and features; storage options; snapshots
  • Hands-on demonstrations: Ordering an EC2 instance; performing EC2 admin tasks; adding ENIs; creating EBS volumes; managing snapshots
  • Break (10 minutes)

S3 (50 minutes)

  • Lecture: S3 cloud storage—definitions, durability, consistency, storage classes; S3 security; access control; bucket policies; encryption; key management services; lifecycle policies; S3 notifications and alerts; Glacier storage—archives, vaults, vault policy
  • Hands-on demonstrations: Creating S3 bucket and upload content; enabling versioning; applying a bucket policy; encrypting a bucket; planning lifecycle management; enabling notifications and alerts; creating a vault lock policy

Wrap-up and Q&A (10 minutes)