AMAZON CLOUD ACADEMY - CURRICULUM

Experience a new approach to learning - Learning experiences that help you attain technical knowledge ordinarily gained from years of experience

Reference Architecture

AWS Hosting Magento® eCommerce Software on AWS Reference Architecture

Extensions

  • Amazon Personalize for Magento 2

  • In-house developed extension that monitors various events that occur in the store (sales, reviews, code errors, etc.) and sends out a notification via Slack, email and summary provided via an Alexa Skill.

Projects

Students additionally work on projects source from black-owned startups and entrepreneurs in underserved communities that are looking to leverage technology to deliver a true competitive advantage.

Learning Method

  • Inquiry based learning

  • Game based learning

  • Collaboration

Recipe To Build & Launch An E-commerce Platform

An exploratory look into what’s required to build and launch an e-commerce site  to provide context as you begin your journey to becoming a Amazon AWS SysOps Administrator.

Topics

  • Services ( Compute, Storage

    , Database, Network, Security, etc)

  • Technology Organization (Developer, QA Analyst, Test Engineer, Security Auditor,, Data Engineer, Data Analyst, System Administrator, Site Reliability Engineers, Product Manager, etc)

  • Business Units (Marketing, Finance, Corporate Security, Sales, Legal, etc)

Activities

Guess What AWS Service

  • Utilize the description on the different integration points of the E-commerce application architectural diagram to guess what AWS Service makes the most sense and present your findings.

Architect An Application

  • Brainstorm the architecture of an application of your choice and present the AWS service that you used in your application.

AWS Services exploration via an E-Commerce Platform Reference Architecture

Learning by seeing and exploring a fully functioning e-commerce application to gain full insight into the different AWS services involved in the provisioning, building, deploying, managing and monitoring an application running in the AWS cloud.

An initial top down approach to teaching with labs, case studies, examples, FAQs, real-world problems, and solutions to help students obtain the needed context to what they will learn in future modules.

Exploration of the relevant AWS services and tools focusing on best practices and FAQ.

Via immersion learning be able answer the following question for each explored AWS service. '

  • What it is used for

  • How it is used

  • What are the related AWS services

  • Alternatives

  • High level best practices

Topics

  • Networking & Content Delivery

  • Security, Identity, Compliance

  • Compute, Containers, Storage, Database

  • Analytics, Application Integration, Cost Management

  • Machine Learning,

  • Build & Deploy Tools

  • Management & Monitoring

  • Networking, Content Delivery

Activities

Trailheads

A series of scavenger hunts for each explored AWS Service. Each scavenger hunt incorporates the following

  • The fully functioning e-commerce application.

  • AWS documentation, FAQ

  • Google Search

Group discussions of the different AWS services through the lens of real-word use cases and problem statements. Group discussion followed by a team project of AWS solutions to real-word problem statements.

Out in the wild simulation of frequently asked questions, best practices, cookbooks from people working as AWS Cloud SysOps administrator on a daily basis.

AWS Well Architecture Framework Deep Dive

AWS Definition: The AWS Well-Architected Framework describes the key concepts, design principles, and architectural best practices for designing and running workloads in the cloud. By answering a set of foundational questions, you learn how well your architecture aligns with cloud best practices and are provided guidance for making improvements.

Topics

  • Operational Excellence

  • Security

  • Reliability

  • Performance Efficiency

  • Cost Optimization

Activities

Students follow a series of study guides with activities to grasp the key principles of each pillar.

Student utilize the AWS Well Architected Tool to review the E-commerce application architecture to grasp best practices.

Student utilize the AWS Well Architected Tool to review the architecture of their own brainstormed application architecture to grasp best practices.

AWS Cloud SysOps Administrator Roles & Responsibilities

The AWS Cloud SysOps Administrators are responsible for managing and operating systems on the AWS platform and cost optimization.

Provide students an understanding of

  • The environment in which they will be working.

  • The technical and professional skills required to be successful,

  • Dynamics of the different technology teams to equip them with the tools to optimize working relationships.

Topics

  • Working with the Technology Teams

  • Working with Business Units

  • Daily Activities

  • Monthly Activities

  • Quarterly Activities

  • Yearly Activities

  • Professional development skills required to excel

  • How to become indispensable to the business.

Activities

  • A day in the life of a AWS Cloud SysOps Administrator provided by different guest speakers.

  • Expert panel discussion of AWS Cloud SysOps Administrators, Solutions Architect, Developers and Data Engineer.

  • Student are assigned tasks in Jira (Issue and Project Tracking Software) reflective of actual activities that they are expected to complete based on knowledge gained so far.

AWS Identity and Access Management(IAM) - A SysOps Administrator, DevOps Engineer & Security Specialist Perspective

How to implement a scalable AWS Identity and Access Management architecture and how to monitor, track and alert on user changes & events for compliance, change management and security governance.

Deep dive into essential Identity and Access Management concepts required to implement a Multi-Account strategy and implementation of a scalable AWS Identity and Access Management architecture.

Topics

  • IAM Introductory Concepts

    • Users

    • Groups

    • Roles

    • Policies

  • IAM Best Practices

  • Federation

  • AWS SSO

  • IAM Administrative Tasks

  • Troubleshooting IAM

  • Monitoring and Reporting for compliance, change management and security governance.

Activities

Implement solutions to a series of business use cases for AWS Identity and Access Management(IAM) that our fictional company requires to build and launch an e-commerce site on the AWS cloud.

The business use case for IAM to help students understand the ways to control and monitor access to AWS services including access by a partner organization.

Infrastructure As Code - Provisioning & Deployment

Managing AWS environments manually is complex and fault-prone but describing an infrastructure in code helps improve quality and save costs. Students will learn how to use AWS CloudFormation to automate the Infrastructure provisioning and application deployments.

Students will learn best practices to help them utilize AWS CloudFormation more effectively and securely.

  • Learn how to plan, organize and manage the stacks and their resources.

  • Develop reusable, configurable and composable templates that create and manage the AWS resources and the software application that runs on them.

  • Learn how to leverage AWS CloudFormation to capture environmental changes succinctly and perform version control.

Topics

  • Infrastructure as Code -Managing AWS infrastructure in an automated way.

  • Cloudformation alternatives

  • Introduction to JSON & YAML

  • Cloudformation concepts

  • Templates

  • Stacks and StackSet

  • Chang Sets

  • Organizing Stacks by Lifecycle and Ownership

  • Limiting Access to CloudFormation Stacks with IAM.

  • Use of Stack Policies and AWS CloudTrail to Log AWS CloudFormation Calls

Activities

Students will learn by practically implementing all the CloudFormation concepts by provisioning the stack required to build and launch the e-commerce site.

Designing & Implementing a Continuous Integration and Continuous Deployment Pipeline (CI/CD)

Students will learn how to design and implement two separate continuous integration and continuous delivery (CI/CD) pipeline with AWS CodePipeline and Jenkins .

Students with learn how to use a CI/CD pipeline to build, analyze, test, and deploy code every time there is a code change and defined release process.

A pipeline helps automate steps in a software delivery process, such as initiating automatic builds and then deploying.

CI/CD is much more than the automation of tasks to reduce the risks in each build. It’s a model and mindset that helps businesses get new solutions into the hands of their users as quickly, efficiently and cheaply as possible.

Topics

  • Fundamentals of Continuous Integration, Continuous Delivery and Continuous Deployment.

  • AWS CodeCommit

  • AWS CodeBuild

  • AWS CodeDeploy

  • AWS CodePipeline

  • Introduction to Jenkins

  • Jenkins Master / Slave Setup with AWS EC2 and AWS ECS Fargate.

  • CI/CD Pipeline with Jenkins

Activities

Students with learn how to use a CI/CD pipeline to build, analyze, test, and deploy code for the In-house developed extension that monitors various events that occur in the store.

System Management & Analysis

Leveraging AWS System Manager as the backdrop, students will learn how to safely manage and operate AWS resources at scale.

Prepare students for the day to day responsibility of managing and operating a platform built on AWS.

  • Foundational understanding of the factors involved in system management that looks beyond a chosen technology solution.

  • Situational training that improve their troubleshooting proficiency and their ability to adapt as a platform evolves.

  • Engage to encourage inventiveness on ways to continuously improve the management of a platform.

  • Understanding of how to optimize the environment to ensure maximum performance.

  • Understanding of how to Identify performance bottlenecks and implement remedies.

Topics

  • AWS CloudTrail

  • AWS Config

  • AWS CloudWatch

  • AWS System Manager

    • OpsCenter

    • Explorer

    • AWS AppConfig

    • Insights Dashboard

    • Run Command

    • Session Manager

    • Patch Manager

    • IT Service Management (ITSM) tools integration

  • AWS Service Catalog

  • AWS Cost Management Tools

Activities

Students will learn by practically managing and operating all the resources created to launch the e-commerce platform.

Simulation of potential error conditions and performance bottlenecks that students are expected to diagnose and resolve.

Conversation and execution of Jira support tickets created to reflect real-world support cases.

Perform day-to-day operational administration including user management, audits, patches, and upgrades.

Track and manage system certificates, privileged accounts, and database passwords.

Estimate AWS costs and implement cost-saving mechanisms and measures.

Monitoring and Reporting

Students will learn how to implement Logging, Monitoring, Alert/Notification at scale utilizing native AWS services and tools and their integration with third-party solutions to facilitate security governance, compliance, change management, troubleshooting and responding to security incidents.

  • Infrastructure monitoring and troubleshooting

  • Mean-time-to-resolution improvement

  • Proactive resource optimization

  • Application monitoring

  • Log analytics

Topics

Amazon CloudWatch

AWS Lambda

Amazon Simple Notification Service(SNS)

Activities

Students will learn by practically managing and operating all the resources created to launch the e-commerce platform.

Simulation of potential error conditions and performance bottlenecks that students are expected to diagnose and resolve.

Conversation and execution of Jira support tickets created to reflect real-world support cases.

Perform daily monitoring of the network, servers, cloud and applications to ensure full availability and optimum performance. Utilize software tools and logs to monitor network and system health.

AWS Logs Visualization with Kibana

Students will learn how to effectively analyze log data to gain visibility Into the e-commerce application and AWS Infrastructure that includes networking services, load balancer, database, cache, Docker containers, Lambda functions, etc.

Objectives

  • Learn how to ship and analyze logs of applications running on Docker containers, AWS Lambda functions, etc.

  • How to ship and analyze and infrastructure log from ELB, CloudTrail, VPC, S3 and CloudFront access logs, AWS WAF logs, API Gateway Access Logs, Amazon GuardDuty findings, etc

  • Create Kibana visualizations and dashboards to monitor the state of the AWS infrastructure

  • Stream CloudWatch log events to Elasticsearch

  • Explore capabilities provided by third-party solutions such as Datadog and logz.io

Topics

  • AWS CloudWatch Logs

  • AWS Cloud Trail

  • ElasticSearch

  • Kibana

  • Datadog

  • logz.io

Activities

Students will learn how to ingest data from the different layer of an AWS infrastructure including the application logs and how to visualize and correlate these events with Kibana to obtain a clear picture of one’s AWS infrastructure.

 

Storage, Data Backup, Recovery & Retention

Students will learn how to implement backup processes that offer the appropriate level of granularity to meet the Recovery Time Objective (RTO) and Recovery Point Objective (RPO). of a business. The focus will be on backup, recovery, and archive approaches for a cloud native infrastructure.

In addition students will study different data retention policies and learn how to implement archival processes to preserve data for compliance or corporate reasons.

Objectives

  • Foundational understanding of the different AWS Storage services that includes usage pattern, performance, durability & availability, scalability & elasticity, security and cost model.

  • Explore the AWS products that can be used to build out a. backup and recovery solution.

  • Create and manage data retention for different AWS services.

Topics

  • AWS S3

  • AWS Glazier

  • AWS EBS

  • AWS EFS

  • AWS Storage Gateway

  • AWS Snowball

Activities

Students will learn by practically implementing a storage, data backup, recovery & retention process for the the e-commerce platform.

  • implementing data retention policies with Amazon RDS snapshot export to Amazon S3

  • Creating EBS Snapshots

  • Restoring from an EBS Snapshot

  • Creating Consistent or Hot Backups

  • Performing Multivolume Backups

  • Database Backup Approaches

  • Using Database Replica Backups

  • Using Amazon RDS for Backups

  • Using AMI to Back Up EC2 Instances

  • In addition backup processes which are performed to keep a copy of the production data for a short duration to recover from data corruption or data loss.

Security & Compliance

Students will be exposed to AWS security products and native security logging facilities via the e-commerce platform that includes networking services, load balancer, database, cache, Docker containers, monitoring, alerting, etc.

Students will be responsible for configuring and integrating AWS security products and native logging security facilities into the reference architecture and application. As a result, they will have the following opportunities.

  • Discuss best practices and FAQ

  • Study and observe the type of information produced

  • Interpret the data and utilize the information provided.

  • How the information produced integrates with third-party solutions and facilitate security governance, compliance and respond to security incidents.

Topics

  • AWS GuardDuty

  • AWS Inspector

  • AWS Macie

  • AWS Security Hub

  • AWS CloudTrail

  • AWS Config

  • AWS Secrets Manager

  • AWS Shield

  • AWS WAF

  • AWS S3 Elastic Load Balancing, Amazon CloudFront Access Logs, Amazon Relational Database Service (RDS) Logs, Amazon VPC Flow Logs

Activities

Team challenges on early detection of security threats and a security incident response simulation.