Skip to main content

AWS Certified Solutions Architect – Professional

Course

Intro Video

Photo of Adrian Cantrill

Adrian Cantrill

Training Architect

Length

51:45:03

Difficulty

Advanced

Videos

155

Hands-on Labs

18

Quizzes/Exams

1

Course Details

AWS is one of the fastest growing cloud service platforms offered today. It is used worldwide by millions of users!

Being able to achieve the CSA Pro level certification is one of the top achievements for any cloud engineer. With that being understood, it is also one of the most challenging exams offered by any cloud vendor today. You will need to dedicate a numerous amount of hours studying, taking practice exams, and getting hands-on experience within AWS.

Luckily, we're here to help you out! This course is designed to guide you through learning the knowledge and services that are required to pass the CSA Professional exam successfully.

So let's get started!

Links

https://interactive.linuxacademy.com/diagrams/OrionPapersPro.html

https://github.com/linuxacademy/aws-csa-pro-2019

Syllabus

Course Introduction

Getting Started

Course Introduction

00:03:21

Lesson Description:

This video introduces the AWS Solutions Architect Professional Course designed for the newest revision of the SA Pro exam released in 2019.

About the Training Architect

00:01:29

Lesson Description:

Get to know your Training Architect.

CSA Pro Exam Overview

00:11:23

Lesson Description:

This lesson steps through the important things you need to know about the Solutions Architect Professional exam, including the differences between it and the associate solutions architect. Lesson Links SA Associate Exam Questions SA Professional Exam Questions

AWS Essentials

AWS Accounts

00:07:56

Lesson Description:

This video briefly explains the importance of AWS accounts from authentication, authorization, and billing perspectives.

Regions, AZs, and Edge Infrastructure

00:10:25

Lesson Description:

This video explains Regions, Availability Zones (AZs), and Edge locations from a Solutions Architect perspective.

High Availability, Fault Tolerance, and Disaster Recovery

00:10:13

Lesson Description:

This video explains the differences between High Availability, Fault Tolerance, and Disaster Recovery.

Disaster Recovery: RPO and RTO

00:08:16

Lesson Description:

This video covers two critical disaster recovery concepts: Recovery Point Objective (RPO), and Recovery Time Objective (RTO).

Data Persistence

00:09:00

Lesson Description:

This video compares the three types of storage architecture: persistent, ephemeral and transient. Correction: Stopping or terminating an instance resets the ephemeral instance store, but restarting retains data on instance store volumes. Ephemeral data store volumes are now much less common, with EBS backed instances now the norm.

The OSI 7-Layer Networking Model

00:13:37

Lesson Description:

This video explores the 7-layer OSI Network, and shows why it's relevant as part of AWS deployments. Lesson Links Wikipedia OSI Model article

Accounts

Section Introduction

Accounts Introduction

00:03:27

Lesson Description:

This video will introduce the topics covered in this section of the course

AWS Identity Basics

IAM Overview

00:13:25

Lesson Description:

This lesson provides a refresher on the Identity and Access management (IAM) service within AWS.

IAM Roles and Temporary Security Credentials: Part 1

00:15:11

Lesson Description:

This video demonstrates the IAM role architecture. It details TRUST and PERMISSIONS policies, how role assumption operates and how temporary security credentials can be utilized within AWS. Lesson Links https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html

IAM Roles and Temporary Security Credentials: Part 2

00:10:27

Lesson Description:

This video continues detailing role architecture in AWS

Cross-Account Access: Resource Permissions vs. Cross-Account Roles

00:14:26

Lesson Description:

This lesson evaluates a few alternative ways of accessing a resource in an external account, with a focus on the security and architecture differences. Lesson Links https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-8 https://aws.amazon.com/blogs/security/iam-policies-and-bucket-policies-and-acls-oh-my-controlling-access-to-s3-resources/

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Account Management

AWS Accounts and AWS Organizations

00:15:49

Lesson Description:

This video steps through the features and benefits provided by AWS Organizations in either Consolidated Billing mode, or running with All Features enabled. Links https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/useconsolidatedbilling-discounts.html

Service Control Policies

00:14:07

Lesson Description:

THis video examines the features provided by Service Control Policies (SCP's) - looking at how they can be used to restrict member accounts.

AWS Account Limits

00:06:30

Lesson Description:

This lesson briefly reviews AWS service limits, specifically focussing on why they are important to understand for the exam Links https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html

AWS Support Tiers

00:07:31

Lesson Description:

This video runs through the important differences between the AWS support tiers - and why this matters from a solutions architecture perspective. LINKS https://aws.amazon.com/premiumsupport/plans/

AWS Config

00:18:51

Lesson Description:

This video evaluates the functionality of the AWS config product from a solutions architecture perspective.

AWS Service Catalog

00:18:49

Lesson Description:

This video introduces the concept of a service catalog and steps through the AWS implementation within the Service Catalog Product. Links https://docs.aws.amazon.com/servicecatalog/latest/adminguide/getstarted-iamenduser.html

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:15:00

Cost and Cost Optimization

Resource Billing Modes: On-Demand, Reserved, and Spot

00:15:14

Advanced Identity in AWS

Identity Federation

00:19:36

Lesson Description:

This video steps through the architecture of identity federation, looking at AWS federation, Web Identity Federation and SAML federation. Lesson Links https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_cognito.html

IAM Permissions Boundaries

00:05:51

Lesson Description:

This lesson introduces the concepts of IAM permissions Boundaries a way of restricting effective permissions. Lesson Links https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html

Policy Evaluation Logic

00:09:12

Lesson Description:

This lesson steps through the process AWS follow to evaluate effective permissions for a given Identity accessing a given resource. Further Reading https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Networking in AWS: Virtual Private Clouds (VPCs)

VPC Essentials

VPC Basics

00:20:03

Lesson Description:

This video steps through the technical and architectural basics of Virtual Private Cloud (VPC). Lesson Links IP Subnetting the Easy Way Lesson Files vpc_us_east_1_cfn.json vpc_anotherregion_cfn.json

AWS Resource Access Manager (RAM)

00:16:52

Lesson Description:

This lesson looks at the AWS Resource Access Manager (RAM), a service that allows the sharing of AWS resources between accounts. This lesson focuses on using it to share VPC subnets between accounts in an organization. Lessons Links Enabling RAM - https://console.aws.amazon.com/ram/home#Setting Working with AZ IDs - https://docs.aws.amazon.com/ram/latest/userguide/working-with-az-ids.html What Is AWS RAM? - https://docs.aws.amazon.com/ram/latest/userguide/what-is.html VPC Sharing - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html

VPC Routing

00:09:12

Lesson Description:

This lesson explores the features provided by the VPC router, and explains how they are influenced by route tables, route priority, and route propegation.

Network Access Control Lists (NACLs)

00:13:30

Lesson Description:

This video details the architecture of Network Access Control Lists (NACLs). Lesson Links Wikipedia Ephemeral Port article

Security Groups (SGs)

00:10:06

Lesson Description:

This lesson steps throught he architecture of VPC Security Groups (SG), focusing on the benefits, and compares their features to Network Access Control lists (NACLs).

Public vs. Private Subnets, Internet Gateways, and IP Addressing: Part 1

00:16:08

Lesson Description:

This video looks at public and private subnets. It also delves into a number of gateway entities available within a VPC, such as Internet Gateways, NAT Gateways, and Bastion Hosts. Lesson Files Lesson Links Connect to Amazon EC2 Using Putty Private Key on Windows

Public vs. Private Subnets, Internet Gateways, and IP Addressing: Part 2

00:15:35

Lesson Description:

This video looks at public and private subnets. It also delves into a number of gateway entities available within a VPC, such as Internet Gateways, NAT Gateways, and Bastion Hosts. Lesson Files Lesson Links Connect to Amazon EC2 Using Putty Private Key on Windows

Egress-Only Gateways

00:14:02

Lesson Description:

This video explores the use case for egress-only Internet Gateways when using IPv6 in a AWS environment. Lesson Links IPv6 Subnet Cheat Sheet and IPv6 Cheat Sheet Reference IPv6 Subnetting - Overview and Case Study

DNS in a VPC

00:15:18

Lesson Description:

This lesson evaluates the functionality provided by the VPC DNS servers, including the new Route 53 VPC endpoints. Lesson Links https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver.html

VPC Flow Logs

00:10:16

Lesson Description:

This video introduces VPC FLow Logs architecture and product features, looking at what information is recorded, which filters can be applied, and how it integrates with other AWS services.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Advanced and Hybrid VPC Networking

Using VPC Endpoints

00:20:45

Lesson Description:

This lesson details the architecture of interface and gateway endpoints. Lesson Files aws-csa-pro-2019

Peering VPCs: Part 1

00:15:06

Lesson Description:

VPC peering provides a number of critical architectural features to solutions architects. This video steps through the features and limitations of VPC Peering.

Peering VPCs: Part 2

00:12:14

Lesson Description:

VPC peering provides a number of critical architectural features to solutions architects. This video steps through the features and limitations of VPC Peering.

AWS Site-to-Site VPN

00:17:40

Lesson Description:

This lesson details the architecture of AWS VPN, which is a hardware site-to-site VPN service that connects VPCs to on-premises networks.

AWS Direct Connect Architecture

00:19:57

Lesson Description:

This lesson details the architecture of AWS Direct Connect (DX), and how it can be used effectivly within AWS Deployments. Lesson Links Getting started Multiple Data Center HA Network Connectivity

AWS Transit Gateway

00:18:49

Lesson Description:

This lesson steps through the architecture of the AWS Transit Gateway, detailing how it can significantly improve complex VPC and on-premises networks by allowing hub-and-spoke network archiectures.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Security

Account and Service Security

AWS Key Management Service (KMS): Part 1

00:13:11

Lesson Description:

This lesson looks at AWS Key Management Service (KMS), a part of IAM which provides key management services in addition to associated generation, encryption, and decryption operations. Lesson Files KMS commands Lesson Links Wikipedia FIPS_140-2 article Importing keys Enveloping Protecting Encrypted Data Integrity Grants Compliance Note: Small correction, kb in the video should be KB.

AWS Key Management Service (KMS): Part 2

00:09:27

Lesson Description:

This lesson looks at AWS Key Management Service (KMS), a part of IAM which provides key management services in addition to associated generation, encryption, and decryption operations. Lesson Files KMS commands Lesson Links Wikipedia FIPS_140-2 article Importing keys Enveloping Protecting Encrypted Data Integrity Grants Compliance Note: Small correction, kb in the video should be KB.

AWS CloudHSM

00:09:47

Lesson Description:

This lesson talks about HSM architecture and AWS's implementation of HSM: CloudHSM. Lesson Links Initialize the Cluster

AWS Certificate Manager (ACM)

00:14:34

Lesson Description:

This lesson looks at the architecture and operations of the AWS certificate Manager (ACM) Lesson Links ACM concepts

AWS Directory Service

00:19:18

Lesson Description:

This lesson evaluates the architecture and features of Directory Service, and how it can be used to integrate with AWS services.

Network Security

AWS WAF and Shield

00:17:22

Lesson Description:

This lesson reviews the architecture of AWS WAF together with Shield Standard and Shield Advanced, three network attack mitigation products available within AWS. Lesson Links Features Use case Getting started

AWS GuardDuty

00:06:46

Lesson Description:

This lesson introduces GuardDuty architecture at a very high level, just covering basic exam requirements. Lesson Links What is GuardDuty?

Compute

Elastic Compute Cloud (EC2)

EC2 Concepts

00:17:43

Lesson Description:

This lesson introduces EC2 at a conceptual level, as a refresher from the associate level training or confirming some practical experience.

Creating and Using AMIs

00:14:52

Lesson Description:

In this lesson we delve into Amazon Machine Images. We'll look at theory architecture, how they are used, and how EBS-backed and instance store-backed AMI's differ.

Virtualization and EC2 Instance Type: Deep Dive

00:20:22

Lesson Description:

This lesson steps through how Virtualization technology has changed over time, and looks at the architectural differences between the families and types of EC2 instances. Lesson Links EC2 Virtualization 2017 EC2 types Intel virtualization technology EC2 instance history EC2 instance types Burstable performance instances

EC2 Storage and Snapshots: Part 1

00:13:24

Lesson Description:

This lesson evaluates instance store volumes, EBS volumes, and EBS snapshots. It shows their features, patterns, anti patterns, and differences. Lesson Links Instance storageEC2 and EBS Performance EBS Volume Types and Performance Information

EC2 Storage and Snapshots: Part 2

00:10:55

Lesson Description:

This lesson evaluates instance store volumes, EBS volumes, and EBS snapshots. We'll see their features, patterns, anti patterns, and differences. Lesson Links Instance storage

EC2 Instance Profiles and Roles

00:13:05

Lesson Description:

This lesson looks at Instance profiles, the method of attaching IAM roles to EC2 instance.

HPC and Placement Groups

00:12:49

Lesson Description:

This lesson looks at the architecture of placement groups, focusing on the different types of placement groups, and the situations when you would use each. Lesson Links Placement groups

Custom Logging to CloudWatch

00:17:07

Lesson Description:

This lesson looks at the additional logging metrics and capabilities that the CWAgent adds to cloudwatch monitoring on EC2. Lesson Links Installing ConfiguringJSON Configuration For Agent

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Containers

Containers 101

00:09:53

Lesson Description:

Containers offer a balance of isolation and portability. This lesson reintroduces key container concepts and, compares them to virtualisation from an architectural perspective.

ECS Architecture

00:20:07

Lesson Description:

This lesson looks at the ECS architecture and components at a high level. It includes tasks, task definitions, services, containers, and clusters. Lesson Links ecs-refarch-cloudformation Additional Information Example task definitions Linux Academy ECS Deep Dive course

ECS Security

00:18:16

Lesson Description:

This lesson evaluates how to filter traffic to and from containers using the AWS VPC and other networking modes. Additionally, the lesson steps throuhg how to provide permissions to tasks and containers using IAM roles. Lesson Links Using AWS logs IAM roles for tasks

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Serverless

Serverless and Event-Driven Architectures

00:16:39

Lesson Description:

This lesson explains the concepts behind serverless architecture. It uses the example of Linuxacademytube, a serverless video uploading website which is in no way similar to YouTube.

Lambda Architecture: Part 1

00:13:15

Lesson Description:

This lesson goes into depth on the architecture of AWS Lambda - looking at how it can be used as part of a serverless architecture. Lesson Files Lambda Lesson Links AWS Lambda Under the Hood

Lambda Architecture: Part 2

00:14:31

Lesson Description:

This lesson goes into depth on the architecture of AWS Lambda, looking at how it can be used as part of a serverless architecture. Lesson Files Lambda Lesson Links AWS Lambda Under the Hood

Lambda Layers

00:06:33

Lesson Description:

This lesson looks at the architecture and architectural implication of Lambda layers. Lesson Links Custom runtimes Creating a custom runtime AWS Lambda cpp Including library dependencies in a layer

API Gateway

00:18:15

Lesson Description:

This lesson looks at how API Gateway can be used in AWS architectures for a serverless API implementation. Lesson Links Operating Your Serverless API API gateway caching HTTP integrations Proxy

Scaling and Resilience

Scaling Architectures

AWS Service Resilience

00:16:27

Lesson Description:

This lesson steps through the resilience architecture of a number of common AWS products.

Stateless Architectures

00:10:06

Lesson Description:

This lesson details stateless architecture and explains the differences between horizonal and vertical scaling.

Deciding between Spot and Reserved Instances

00:11:47

Lesson Description:

This lesson focused on when and where to use the different types of billing for EC2 instances. It looks at:-On DemandReservedSpotSpotfleetOn Demand Capacity ReservationScheduled Reservation Lesson Links EC2 capacity reservations EC2 scheduled instances Spot fleet

Implementing Auto Scaling Groups (ASGs): Part 1

00:07:49

Lesson Description:

This lesson details the architecture of Auto Scaling groups. It covers AMI Baking and Bootstrapping, Launch Configurations and Templates, and steps through the workings of Auto Scaling groups.

Implementing Auto Scaling Groups (ASGs): Part 2

00:13:59

Lesson Description:

This lesson details the architecture of Auto Scaling groups. It covers AMI Baking and Bootstrapping, Launch Configurations and Templates, and steps through the workings of Auto Scaling groups

Implementing Auto Scaling Groups (ASGs): Part 3

00:10:36

Lesson Description:

This lesson details the architecture of Auto Scaling groups. It covers AMI Baking and Bootstrapping, Launch Configurations and Templates, and steps through the workings of Auto Scaling groups. Lesson Links Termnination Policies

Multi-AZ Implementations

00:07:11

Lesson Description:

This lesson looks at some key things to consider when selecting the number of AZs in an architecture, and the numbmer of resources per AZ.

Elastic Load Balancers: Part 1 - Essentials

00:11:18

Lesson Description:

This four lesson set steps through the architecture of Elastic Load Balancers (ELBs) within AWS. We'll step through the features of CLB, ALB, and NLB. We'll focus on situations where each one is ideal, and when it's not. Lesson Files ELB Lesson Links Compare Network introduction Authenticate users Application introduction Classic introduction

Elastic Load Balancers: Part 2 - Classic Load Balancers

00:16:27

Lesson Description:

This four lesson set steps through the architecture of Elastic Load Balancers (ELBs) within AWS. We'll step through the features of CLB, ALB, and NLB. We'll focus on situations where each one is ideal, and when it's not. Lesson Files ELB Lesson Links Compare Network introduction Authenticate users Application introduction Classic introduction

Elastic Load Balancers: Part3 - Application Load Balancers

00:16:24

Lesson Description:

This four lesson set steps through the architecture of Elastic Load Balancers (ELBs) within AWS. We'll step through the features of CLB, ALB, and NLB. We'll focus on situations where each one is ideal, and when it's not. Lesson Files ELB Lesson Links Compare Network introduction Authenticate users Application introduction Classic introduction

Elastic Load Balancers: Part4 - Network Load Balancers

00:07:09

Lesson Description:

This four lesson set steps through the architecture of Elastic Load Balancers (ELBs) within AWS. We'll step through the features of CLB, ALB, and NLB. We'll focus on situations where each one is ideal, and when it's not. Note: TLS (Transport Layer Security) connections can now terminate at a Network Load Balancer. Lesson Files ELB Lesson Links Compare Network introduction Authenticate users Application introduction Classic introduction

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:15:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

CloudFront Essentials

CloudFront Architecture: Part1

00:12:40

Lesson Description:

CloudFront is a Content Delivery Network (CDN) and an important product to understand when building solutions that involve international distribution of content. CloudFront is especially beneficial when storing content on S3, offering security, performance and cost benefits. This lesson looks at the end-to-end architecture of CloudFront.

CloudFront Architecture: Part 2

00:09:59

Lesson Description:

CloudFront is a Content Delivery Network (CDN) and an important product to understand when building solutions that involve international distribution of content. CloudFront is especially beneficial when storing content on S3, offering security, performance and cost benefits. This lesson looks at the end-to-end architecture of CloudFront.

Creating and Working with Distributions

00:14:56

Lesson Description:

Distributions are the core configuration elements within CloudFront. This lesson steps through them in detail, looking at the key architectural elements. Lesson Links Optimizing high availability Supported protocols and ciphers

Working with Custom Origins

00:05:57

Lesson Description:

CloudFront allows objects to be delivered from EC2 instances and any on-premises servers with public IP addressing. These are known as custom origins, and this lesson looks at how they compare to using S3 or other AWS services as origins.

CloudFront and Security: Part 1

00:12:08

Lesson Description:

This lesson steps through a number of security-related architecture capabilities of CloudFront, including:-SSLS3 Bucket RestrictionSignedURLCookiesOAIGeo RestrictionPrivate Distributions Lesson Links Requirements for using SSL/TLS certificates Restricting Access to Amazon S3 Content Using signed URLs Using CloudFront geo restrictions Using a third-party geolocation service Using field-level encryption

CloudFront and Security: Part 2

00:12:42

Lesson Description:

This lesson steps through a number of security-related architecture capabilities of CloudFront, including:-SSLS3 Bucket RestrictionSignedURLCookiesOAIGeo RestrictionPrivate Distributions Lesson Links Requirements for using SSL/TLS certificates Restricting Access to Amazon S3 Content Using signed URLs Using CloudFront geo restrictions Using a third-party geolocation service Using field-level encryption

Optimizing Caching

00:15:23

Lesson Description:

Cloudfront is a global Content Delivery Network (CDN) which provides efficient delivery of content. There are advanced settings available to tweak how Cloudfront caches objects, and that is what's covered in this lesson:TTL ValuesQuery String ProcessingCookies and Request Headers Lesson Links Configuring caching

Lambda@Edge

00:08:30

Lesson Description:

Lambda functions can be associated with CloudFront behaviors, allowing compute to occur as part of viewer requests or responses, or origin requests or responses. We'll explore this functionality from an architectural perspective in this lesson; Lesson Links Example Event structure Requirements and restrictions

Logging, Reporting, and Monitoring

00:07:51

Lesson Description:

CloudFront integrates with other logging and monitoring products within AWS. We can store access logs on S3, then inject metrics into Cloudwatch. We can use Cloudtrail to monitor API calls, and AWS Config can detect any changes over time. This lesson evaluates how these features work, and how to build them out. Lesson Links Access logs

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Amazon Route 53 (R53)

Route 53 Architecture

00:17:24

Lesson Description:

Route53 provides advanced DNS capability for public servives and private VPC based deployments. This lesson steps through the architecture of route 53 and demos failover routing.

Advanced Route 53 Concepts

00:07:47

Lesson Description:

Route53 provides a number of advanced routing architectures including Geo routing/latency routing/weighted and multi-value. This lesson steps through the architectures at a high level. Lesson Links https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/traffic-flow.html https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/traffic-policies.html https://aws.amazon.com/premiumsupport/knowledge-center/multivalue-versus-simple-policies/

Storage

Object Storage: Amazon Simple Storage Service (S3)

Introduction

00:01:18

Lesson Description:

This lesson introduces the topics covered in this section of the course.

S3 Architecture: Part 1

00:14:59

Lesson Description:

This video refreshes some of the core S3 concepts and architectures and explains the features that will be covered in the detailed lessons throughout this section of the course. Lesson LinksAmazon S3 Data Consistency ModelHosting a Static Website on Amazon S3Listing Keys Hierarchically Using a Prefix and DelimiterBucket Restrictions and Limitations

S3 Architecture: Part 2

00:11:29

Lesson Description:

This video refreshes some of the core S3 concepts and architectures and explains the features that will be covered in the detailed lessons throughout this section of the course. Lesson LinksAmazon S3 Data Consistency ModelHosting a Static Website on Amazon S3Listing Keys Hierarchically Using a Prefix and DelimiterBucket Restrictions and Limitations

S3 Storage Tiers, Intelligent-Tiering, and Lifecycle Policies

00:17:25

Lesson Description:

This lesson walks through the storage tiers available in S3 in addition to evaluating Intelligent-Tiering and Lifecycle policies. Lesson LinksAmazon S3 Storage Classes

Versioning and Locking

00:09:58

Lesson Description:

This lesson explores the architecture of S3 versioning and object locking.

Controlling Access to S3 Buckets

00:16:52

Lesson Description:

This lesson evaluates the various ways to control access to an S3 bucket: ACLs, identity policies, and bucket policies. It also looks at how presigned URLs can be used to grant time-limited access to resources using the creator's permissions. Lesson LinksBucket Policy ExamplesUploading Objects Using Presigned URLs

Cross-Region Replication

00:09:21

Lesson Description:

This lesson looks at the replication architecture in S3 provided by cross-region replication (CRR). Its features and limitations are evaluated from a solutions architecture perspective.

Object Encryption

00:11:01

Lesson Description:

This lesson looks at the various object-level encryption options available within S3: SSE-S3, SSE-C, and SSE-KMS. Additionally, we'll evaluate bucket default encryption options and how a bucket policy can be used to insist on certain object encryption settings.

Optimizing S3 Performance

00:13:39

Lesson Description:

Simple Storage Service (S3) is an object storage system capable of an extreme level of performance with its default configuration. This lesson looks at some of the ways to enhance and improve performance even further, including: Multipart uploadTransfer AccelerationObject naming Lesson Links Amazon S3 Transfer Acceleration — Speed ComparisonRequest Rate and Performance GuidelinesHow Do I Enable Transfer Acceleration for an S3 Bucket?Requirements for Using Amazon S3 Transfer Acceleration

Glacier Architecture

00:11:26

Lesson Description:

S3 Glacier is an isolated product most commonly understood to be a type of S3 storage tier. In reality, Glacier is used to support these S3 tiers but can also be used as its own product with a valuable set of features. This lesson details the architecture of the product when used in isolation. Lesson Links Amazon S3 Glacier Data Retrieval PoliciesRetrieving Vault Metadata in Amazon S3 GlacierDownloading a Vault Inventory in Amazon S3 GlacierAmazon S3 Glacier Vault LockWorking with Archives in Amazon S3 Glacier

Amazon Elastic File System (EFS)

EFS Architecture: Part 1

00:12:26

Lesson Description:

This lesson looks at the architecture and ideal scenarios for Elastic File System (EFS) in AWS. EFS is a shared file system based on NFS v4/4.1, allowing access to a single POSIX-style file system from EC2 instances and on-premises resources at scale. Lesson LinksAmazon EFS PerformanceAmazon EFS Performance TipsUsing the amazon-efs-utils Tools

EFS Architecture: Part 2

00:14:31

Lesson Description:

This lesson looks at the architecture and ideal scenarios for Elastic File System (EFS) in AWS. EFS is a shared file system based on NFS v4/4.1, allowing access to a single POSIX-style file system from EC2 instances and on-premises resources at scale. Lesson LinksAmazon EFS PerformanceAmazon EFS Performance TipsUsing the amazon-efs-utils Tools

Amazon FSx

FSx Architecture

00:07:38

Lesson Description:

FSx is a storage product that allows third-party file systems to be presented as a service within AWS. Currently, the service supports a version allowing managed SMB storage for Windows networks and Lustre, a file system designed for temporary high performance shared access for big data/analytics workloads. Lesson LinksUsing Microsoft Windows File SharesMulti-AZ File System DeploymentsGrouping Multiple File Systems into a Common NamespaceLimits

AWS Storage Gateway

File Gateways vs. Volume Gateways vs. Tape Gateway

00:11:12

Lesson Description:

Storage Gateway is a hybrid storage product within AWS providing file, block, and virtual tape storage backed by S3 storage in AWS. It provides a great migration path into AWS or allows an on-premises storage or backup platform to be extended into the cloud. Lesson LinksUsing the AWS Storage Gateway Hardware ApplianceHow AWS Storage Gateway Works (Architecture)

Databases in AWS

Databases Introduction

EC2 Self-Managed Databases

00:08:23

Lesson Description:

This lesson looks at the reasons for using self-managed databases running on EC2 instances rather than Database as a Service products available from AWS.

Database Data Models and Engines

00:20:23

Lesson Description:

Various database models exist, catering to different scenarios and data types. At a high level, two broad categories exist: SQL and NoSQL. NoSQL contains a range of models: key-value, document, column, and graph. This lesson reviews each and explains the architectural differences. Lesson LinksGraph Databases for Beginners: ACID vs. BASE ExplainedA Comparison of NoSQL Database Management Systems and Models

SQL Databases

Amazon Relational Database Service (RDS): Part 1

00:16:34

Lesson Description:

Amazon Relational Database System (RDS) is a Database as a Service product that provides managed MySQL, PostgreSQL, Oracle, MSSQL, and other databases engine types. This lesson looks at the architecture, covering high availability, security, backups, replication, and performance. Lesson LinksIAM Database Authentication for MySQL and PostgreSQLEnabling and Disabling IAM Database AuthenticationHow do I allow users to connect to Amazon RDS with IAM credentials?

Amazon Relational Database Service (RDS): Part 2

00:10:54

Lesson Description:

Amazon Relational Database System (RDS) is a Database as a Service product that provides managed MySQL, PostgreSQL, Oracle, MSSQL, and other databases engine types. This lesson looks at the architecture, covering high availability, security, backups, replication, and performance. Lesson LinksIAM Database Authentication for MySQL and PostgreSQLEnabling and Disabling IAM Database AuthenticationHow do I allow users to connect to Amazon RDS with IAM credentials?

Amazon Aurora Architecture: Part 1

00:16:12

Lesson Description:

Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud. It combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open-source databases. This lesson looks at the architectural differences between Aurora and standard RDS in addition to some of the key beneficial features. Lesson Links AWS re:Invent 2018: Deep Dive on Amazon Aurora with MySQL Compatibility

Amazon Aurora Architecture: Part 2

00:14:53

Lesson Description:

Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud. It combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open-source databases. This lesson looks at the architectural differences between Aurora and standard RDS in addition to some of the key beneficial features. Lesson LinksAWS re:Invent 2018: Deep Dive on Amazon Aurora with MySQL Compatibility

Aurora Global Database

00:03:44

Lesson Description:

Aurora Global Database is a method of providing global-level read scaling/resilience for an Aurora cluster. This lesson briefly introduces the architecture and features.

Aurora Serverless

00:14:05

Lesson Description:

This lesson reviews the architecture, features, and limitations of the Aurora Serverless product available as part of RDS. Aurora Serverless enhances the already feature-rich Aurora product with true autoscaling, Database as a Service architecture, and a new access method: the Data API, which allows its usage from within Lambda. Lesson LinksHow Aurora Serverless WorksAWS re:Invent 2018: Aurora Serverless: Scalable, Cost-Effective Application DeploymentUsing the Data API for Aurora Serverless

Amazon Athena

00:12:55

Lesson Description:

Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries you run. This lesson reviews the architecture, why it matters for the exam and production usage, and walks through two examples. Lesson LinksQuerying AWS Service LogsSample OSM Athena queriesPlanet OSMOpenStreetMap's planet dataset

NoSQL Databases

DynamoDB Architecture: Part 1

00:14:54

Lesson Description:

DynamoDB is a Database as a Service product that's accessible within a VPC (using a VPC endpoint or internet gateway) and using public endpoints. DynamoDB is a key-value database with extensions to that feature set. It's capable of operating at huge scale and integrating with many other services. Lesson LinksGeneral Guidelines for Secondary Indexes in DynamoDBRead Consistency

DynamoDB Architecture: Part 2

00:15:33

Lesson Description:

DynamoDB is a Database as a Service product that's accessible within a VPC (using a VPC endpoint or internet gateway) and using public endpoints. DynamoDB is a key-value database with extensions to that feature set. It's capable of operating at huge scale and integrating with many other services. Lesson LinksGeneral Guidelines for Secondary Indexes in DynamoDBRead Consistency

Advanced DynamoDB: Part 1

00:09:43

Lesson Description:

This lesson walks through some of the more advanced architectural concepts within DynamoDB, including global tables, partitions, on-demand performance, and more. Lesson LinksConceptsTime To Live: How It WorksUsing IAM Policy Conditions for Fine-Grained Access Control

Advanced DynamoDB: Part 2

00:10:38

Lesson Description:

This lesson walks through some of the more advanced architectural concepts within DynamoDB, including global tables, partitions, on-demand performance, and more. Lesson LinksConceptsTime To Live: How It WorksUsing IAM Policy Conditions for Fine-Grained Access Control

Amazon Neptune

00:05:23

Lesson Description:

Neptune is a Database as a Service product from AWS providing graph data management. This lesson briefly looks at the scenarios where Neptune would be selected. Lesson LinksAmazon NeptuneWhat Is Amazon Neptune?AWS re:Invent 2018: Deep Dive on Amazon Neptune

Amazon Quantum Ledger Database (QLDB)

00:13:31

Lesson Description:

Quantum Ledger Database provides cryptographically verifiable transactions with an append-only ledger. This lesson walks through the architecture and some example scenarios. Lesson LinksAWS re:Invent 2018: Do I need a ledger database? An intro to Amazon QLDB

Amazon DocumentDB (with MongoDB Compatibility)

00:19:27

Lesson Description:

DocumentDB is a managed database service that is part of the RDS family, providing DocumentDB features and full MongoDB compatability. Lesson LinksUnderstanding DocumentsAccess Your Amazon DocumentDB Cluster Using the mongo Shell

Amazon ElastiCache

ElastiCache Architecture

00:11:43

Lesson Description:

This lesson reviews the architecture of ElastiCache — what it does, how it functions, and its ideal scenarios. Additionally, we walk through the differences between the caching engines available: Memcached and Redis.

Analytics, IoT, and Streaming

Amazon EMR

MapReduce Essentials

00:13:06

Lesson Description:

MapReduce is a process used to analyze data at scale. This lesson walks through the process used by MapReduce platforms.

EMR Architecture: Part 1

00:12:43

Lesson Description:

EMR is an AWS managed implementation of the Hadoop suite of products. It allows for big data analytics that can be quickly and easily provisioned into an existing AWS environment. This lesson walks through the architecture needed for the exam. Lesson Links About Amazon EMR Releases

EMR Architecture: Part 2

00:06:47

Lesson Description:

EMR is an AWS managed implementation of the Hadoop suite of products. It allows for big data analytics that can be quickly and easily provisioned into an existing AWS environment. This lesson walks through the architecture needed for the exam. Lesson Links About Amazon EMR Releases

EMR Cost and Performance Optimization

00:13:31

Lesson Description:

This lesson looks at ways to improve performance and cost optimize EMR clusters. Lesson Links Cluster Configuration Guidelines and Best Practices

Amazon Kinesis

What Is Kinesis?

00:16:59

Lesson Description:

Kinesis is a product within AWS designed to ingest a huge amount of real-time streaming data. It's capable of scaling from low loads to an infinite amount due to its shard architecture. This lesson details the architectural components of Kinesis.

Data Firehose

00:08:49

Lesson Description:

Amazon Kinesis Data Firehose is the easiest way to reliably load streaming data into data stores and analytics tools. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk. This lesson walks through this architecture and discusses some of the features from an architectural perspective.

Data Analytics in Kinesis

00:09:25

Lesson Description:

Kinesis Data Analytics allow SQL queries to be executed against streaming real-time data passing through Kinesis streams or Kinesis Data Firehose. Lesson LinksConfiguring Application Input Continuous Queries Windowed Queries Example Applications

AWS Redshift

Redshift Architecture

00:18:02

Lesson Description:

Redshift is a petabyte scale data warehousing and data analysis solution available within AWS. Historically, provisioning a data warehousing solution was expensive and took time. Redshift data warehouses can be created for long-running analysis workloads, or they could be provisioned for one-off projects that can consequently be torn down after completion. This lesson walks through the architecture of Redshift. Lesson LinksAWS re:Invent 2018: Deep Dive and Best Practices for Amazon RedshiftDistribution Styles

Disaster Recovery in Redshift

00:06:56

Lesson Description:

This lesson focusses on the specific features of Redshift related to disaster recovery and resilience.

AWS IoT Platform

AWS IoT Architecture

00:09:19

Lesson Description:

This lesson walks through the various aspects of the AWS IoT architecture. Lesson LinksRules for AWS IoTBasic Ingest

Amazon QuickSight

QuickSight Basics

00:04:15

Lesson Description:

QuickSight is a BI and data visualization tool available in AWS. This lesson introduces the product essentials, as much as is required for the Certified Solutions Architect - Professional exam.

Search and Analytics Engines

Elasticsearch

00:19:27

Lesson Description:

Elasticsearch is an AWS implementation of the ELK stack (Elasticsearch, Logstash, and Kibana) as a service. This lesson walks through the architecture of Elasticsearch and highlights the important architectural considerations around high availability, cost, performance, and scaling. Lesson Links Elasticsearch CoursesElastic Stack EssentialsElasticsearch Deep Dive

Deployment and Operations

Monitoring Your AWS Account

AWS CloudWatch

00:14:56

Lesson Description:

This lesson acts as a refresher, walking through the basic architecture of CloudWatch when used for monitoring. Lesson Links AWS Services That Publish CloudWatch Metrics

CloudWatch Logs

00:11:03

Lesson Description:

This lesson acts as a refresher on CloudWatch Logs, covering its architecture and fundamental components.

AWS CloudTrail: Part 1

00:16:25

Lesson Description:

This lesson walks through the architecture of and features provided by CloudTrail and how it can be integrated with CloudWatch logs. Lesson Links Prepare for Creating a Trail for Your Organization

AWS CloudTrail: Part 2

00:08:14

Lesson Description:

This lesson walks through the architecture of and features provided by CloudTrail and how it can be integrated with CloudWatch logs. Lesson Links AWS Services That Publish CloudWatch Metrics

Route 53 Logging

00:08:12

Lesson Description:

This lesson evaluates the logging capabilities of Route 53. Queries are logged by the Route 53 edge locations into CloudWatch Logs, and this lesson evaluates how that's architected and configured.

S3 Logging

00:04:40

Lesson Description:

This lesson briefly looks at S3 access logging from an architectural perspective. Lesson Links Amazon S3 Server Access Log Format

AWS Systems Manager

Systems Management with AWS Systems Manager

00:20:14

Lesson Description:

This lesson walks through the architecture and features of Systems Manager, an AWS EC2/on-premises physical or virtual servers management platform.

Parameter Store

00:11:01

Lesson Description:

This lesson reviews the architecture and features of the AWS Systems Manager Parameter Store.

AWS CloudFormation

CloudFormation Overview

00:07:57

Lesson Description:

This lesson provides a brief architectural refresher on CloudFormation. Lesson FilesDownload the necesssary file from the course GitHub repository. Related CoursesAWS CloudFormation Deep Dive

Stack Updates

00:12:54

Lesson Description:

This lesson evaluates the update behavior of CloudFormation for changes to logical resources. Lesson FilesDownload the necessary file from the course GitHub repository. Lesson LinksUpdate Behaviors of Stack Resources AWS Resource and Property Types Reference Related CoursesAWS CloudFormation Deep Dive

Template Portability and Reuse

00:13:52

Lesson Description:

This lesson looks at methods to improve the portability and reuse of CloudFormation templates. Lesson FilesDownload the necessary files from the course GitHub repository. Lesson LinksPseudo Parameters ReferenceIntrinsic Function Reference Related CoursesAWS CloudFormation Deep Dive

Stack References and Nested Stacks

00:15:18

Lesson Description:

This lesson demonstrates the cross-stack and stack nesting functionality of CloudFormation. Lesson FilesDownload the necessary files from the course GitHub repository. Related CoursesAWS CloudFormation Deep Dive

Stack Roles

00:06:15

Lesson Description:

This lesson introduces the architecture and benefits of CloudFormation stack roles. Related CoursesAWS CloudFormation Deep Dive

StackSets

00:04:36

Lesson Description:

This lesson looks briefly at the architecture of CloudFormation StackSets. Lesson Links Working with AWS CloudFormation StackSets Related Courses AWS CloudFormation Deep Dive

Using CloudFormation for Disaster Recovery

00:06:31

Lesson Description:

This lesson introduces various ways CloudFormation can assist with disaster recovery. Lesson Links Using Amazon Web Services for Disaster Recovery

Custom Resources

00:08:05

Lesson Description:

Custom resources are a way to extend the functionality of CloudFormation or integrate it with other systems. This lesson introduces the architectural basics of custom resources.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:30:00

AWS Elastic Beanstalk

Elastic Beanstalk Architecture

00:16:23

Lesson Description:

This lesson walks through the important architectural elements of Elastic Beanstalk, a Platform as a Service (PaaS) product from AWS. Lesson LinksAdding a Database to Your Elastic Beanstalk EnvironmentUsing Elastic Beanstalk with Amazon Relational Database Service Advanced Environment Customization with Configuration Files (.ebextensions)Environment Manifest (env.yaml)

AWS OpsWorks

OpsWorks Architecture

00:15:13

Lesson Description:

OpsWorks is a deployment and infrastructure management system based on Chef available in AWS. This lesson walks through the architecture, as much as is relevant for the exam. Lesson LinksAWS OpsWorks for Puppet EnterpriseAWS OpsWorks for Chef AutomateUsing Auto Healing to Replace Failed InstancesManaging AWS OpsWorks Stacks User Permissions RecipesStacksLayersInstancesApps

Migrations and Hybrid Architectures

AWS Data Pipeline

Data Pipeline Essentials

00:14:22

Lesson Description:

Data Pipeline is a service that allows you to architect serverless pipelines to move and optionally transform data. This lesson details the high-level architecture of the service and provides a quick and simple demo. Lesson LinksPipeline DefinitionData NodesActivities

AWS Migration Services
Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

AWS Snow*

Migrating Data to AWS with Snowball and Snowmobile

00:11:40

Lesson Description:

Snowball, Snowball Edge, and Snowmobile are three products designed to migrate huge amounts of data into AWS. This lesson details the key features and use cases of each. Lesson LinksWhat Is an AWS Snowball Device?How AWS Snowball Works with the Snowball EdgeBest Practices for the AWS Snowball Edge DeviceAWS Snowball Device Differences

Application Integration

Simple Queue Service (SQS)

SQS Architecture

00:18:32

Lesson Description:

This lesson looks at the architecture of SQS, restablishes some of the key concepts, and discusses at a high level the differences between SQS and Kinesis from an architectural perspective.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Simple Notification Service (SNS)

Using SNS within AWS Architectures

00:12:40

Lesson Description:

This lesson evaluates SNS and how it can be used with other services, such as SQS, to implement more complex architectures.

Amazon MQ

Amazon MQ Essentials

00:08:49

Lesson Description:

This lesson explores AmazonMQ, a managed messaging broker by AWS, and compares its architecture to SQS and SNS. Lessons LinksAmazon MQ Network of BrokersAmazon MQ FeaturesGetting Started with Amazon MQ

Workflow Orchestration

Step Functions and Simple Workflow Service

00:20:04

Lesson Description:

This lesson evaluates and compares Simple Workflow Service and Step Functions — products designed to implement workflow orchestration within AWS. Simple Workflow Service has been depreciated, so this lesson evaluates how Step Functions delivers the same functionality in a serverless way.

Course Conclusion

Final Steps

How to Prepare for the Exam

00:19:04

Lesson Description:

What do you need to do to prepare for the CSA Pro exam? In this video, we'll discuss the steps you should take to ready yourself for this lengthy exam! Lesson Links & Further Watching/Reading AWS SA Pro Sample Questions https://d0.awsstatic.com/training-and-certification/docs/AWS_certified_solutions_architect_professional_examsample.pdf White Papers http://d0.awsstatic.com/whitepapers/AWS_Securing_Data_at_Rest_with_Encryption.pdfhttps://d0.awsstatic.com/whitepapers/aws-web-hosting-best-practices.pdf?refid=em_http://d0.awsstatic.com/whitepapers/aws-migrate-resources-to-new-region.pdf?refid=70138000001adyuhttps://aws.amazon.com/ec2/faqs/https://aws.amazon.com/elasticloadbalancing/faqs/https://aws.amazon.com/elasticbeanstalk/faqs/ Identity IAM: https://www.youtube.com/watch?v=YQsK4MtsELU Compute ELB: https://www.youtube.com/watch?v=VIgAT7vjol8Lambda: https://www.youtube.com/watch?v=QdzV04T_kecEKS: https://www.youtube.com/watch?v=EDaGpxZ6Qi0VMware: https://www.youtube.com/watch?v=RStQrGmHqy0 Storage S3 & Glacier: https://www.youtube.com/watch?v=rHeTn9pHNKoS3, EFS, & SBS: https://www.youtube.com/watch?v=gidUa4lJd9Y Database RDS: https://www.youtube.com/watch?v=HuvUD7-RyoUDynamoDB: https://www.youtube.com/watch?v=HaEPXoXVf2k https://www.youtube.com/watch?v=eTbBdXJq8ssAurora: https://www.youtube.com/watch?v=2WG01wJIGSQ Networking VPC: https://www.youtube.com/watch?v=fnxXNZdf6ewTransit Gateway: https://www.youtube.com/watch?v=yQGxPEGt_-w https://www.youtube.com/watch?v=ar6sLmJ45xsVPN: https://www.youtube.com/watch?v=qmKkbuS9gRsDNS: https://www.youtube.com/watch?v=D1n5kDTWidQ Analytics, Streaming, IOT Redshift: https://www.youtube.com/watch?v=TJDtQom7SAA

Final Exam

AWS Certified Solutions Architect - Professional (SAP-C01)

04:00:00

Take this course and learn a new skill today.

Transform your learning with our all access plan.

Start 7-Day Free Trial