Four Domains
- design solutions for organizational complexity
- architect network connectivity strategies
- AWS global infrastructure
- AWS networking concepts
- VPC
- DX
- VPN
- transitive routing
- ECS
- Hybrid DNS concepts
- Route53 Resolver
- on-premise DNS integration
- Network segmentation
- subnetting
- IP addressing
- connectivity among VPCs
- Network traffic monitoring
- prescribe security controls
- AWS IAM and IAM Identity Center (SSO)
- Route tables, security groups, network ACLs
- Encryption keys and certificate management
- AWS security, identity, and compliance tools
- CloudTrail
- IAM access analyzer
- Security Hub
- Amazon Inspector
- design reliable and resilient architectures
- RTOs and RPOs
- DR strategies
- AWS Elastic Disaster Recovery
- pilot light
- warm standby
- multi-site
- Data backup and restoration
- design a multi-account AWS environment
- AWS Organization and AWS Control Tower
- Multi-account event notifications
- AWS resource sharing across environments
- determine cost optimization and visibility strategies
- AWS cost and usage monitoring tools
- AWS trusted advisor
- AWS pricing calculator
- AWS cost explorer
- AWS budgets
- AWS purchasing options
- reversed instances
- savings plans
- spot instances
- AWS rightsizing visibility tools
- AWS compute optimizer
- AWS S3 Storage lens
- design for new solutions
- design a deployment strategy to meet business requirements
- infrastructure as code (CodeFormation)
- continuous integration and CI/CD
- change management processes
- configuration management tools (AWS Systems Manager)
- design a solution to ensure business continuity
- AWS networking concepts
- RTOs RPOs
- disaster recovery scenarios
- disaster recovery solutions
- determine security controls based on requirements
- IAM
- route tables, security groups, network ACLs
- Encryption options for data at rest and data in transit
- AWS service endpoints
- Credential Management services
- AWS management security services
- AWS Shield
- WAF
- GuardDuty
- SecurityHub
- design a strategy to meet reliability requirements
- storage services and replication strategies
- multi-az and multi-region arch
- auto scaling policies and events
- application integration
- service quotas and limits
- design a solution to meet performance objectives
- performance monitoring technologies
- storage options on AWS
- instance families and use cases
- purpose-built databases
- determine a cost optimization strategy to meet solution goals and objectives
- AWS cost and usage monitoring tools
- Cost Explorer
- Trusted Advisor
- Pricing Calculator
- pricing models
- Reserved Instances
- savings plans
- storage tiering
- data transfer costs
- aws managed service offerings
- continuous improvement for existing solutions
- determine a strategy to improve overall operational excellence
- alerting and automatic remediation strategies
- disaster recovery planning
- monitoring and logging solutions
- CI/CD pipelines and deployment strategies
- configuration management tools
- determine a strategy to improve security
- data retention, data sensitivity, and data regulatory requirements
- automated monitoring and remediation strategies
- secrets managment
- principle of least privilege access
- security-specific AWS solutions
- patching practices
- backup practices and methods
- determine a strategy to improve reliability
- AWS Global infrastructure
- data replication methods
- scaling methodologies
- HA and resilient
- DR
- service quotas and limits
- identify opportunities for cost optimizations
- cost-conscious architecture choices
- price model adoptions
- networking and data transfer costs
- cost management, alerting and reporting
- accelerate workload migration and modernization
- select existing workloads and processes for potential migration
- migration assessment and tracking tools
- portfolio assessment
- asset planning
- prioritization and migration of workloads (wave planning)
- determine the optimal migration approach for existing workloads
- data migration options and tools
- DataSync
- Transfer Family
- Snow Family
- S3 Transfer Acceleration
- Application migration tools
- application discovery service
- application migration service
- networking services and DNS
- DX
- SitetoSite VPN
- Route53
- Identity services
- IAM identity Center
- AWS Directory Service
- Database migration tools
- Governance tools
- AWS control tower
- Organization
- determine a new architecture for existing workloads
- compute services
- containers
- AWS storage services
- EBS
- EFS
- FSx
- S3
- File/Volume Gateway
- Databases
- DynamoDB
- OpenSearch
- RDS
- self-managed databases on EC2
- determine opportunities for modernization and enhancements
- serverless compute offering
- containers
- storages
- purpose-built databases
- DynamoDB
- Aurora Serverless
- ElastiCache
- Integration services
- SNS
- SQS
- StepFunctions
- EventBridge
In-Scope Services
- analytics
- Athena
- Data Exchange
- Data Pipeline
- EMR
- Glue
- Kinesis Data Analytics
- Kinesis Data Firehose
- Kinesis Data Stream
- Lake Formation
- MSK
- OpenSearch
- QuickSight
- application integration
- AppFlow
- AppSync
- EventBridge
- SNS
- SQS
- StepFunctions
- Blockchain
- Amazon Managed Blockchain
- Business applications
- Alexa for Biz
- Amazon simple Email service
- cloud financial management
- Budget
- Cost and Usage Report
- Cost Explorer
- Savings Plans
- Compute
- App Runner
- Auto Scaling
- Batch
- EC2 (with auto scaling)
- Beanstalk
- Fargate
- Lambda
- Lightsail
- Outposts
- Wavelength
- Containers
- ECR
- ECS (anywhere)
- EKS (anywhere)
- EKS distro
- databases
- Aurora (serverless)
- DocumentDB
- DynamoDB
- ElastiCache
- Keyspaces (Cassandra)
- Neptune
- RDS
- Redshift
- Timestream
- developer tool
- cloud9
- code artifact
- code build
- code commit
- code deploy
- codeGuru
- code pipeline
- code star
- x-ray
- end user computing
- frontend web and mobile
- amplify
- API gateway
- device farm
- pinpoint
- IOT
- analytics
- core
- device defender
- devide management
- events
- greengrass
- sitewise
- things graph
- 1-click
- machine learning
- comprehend
- forecast
- fraud detector
- kendra
- lex
- personalize
- polly
- rekognition
- sagemaker
- textract
- transcribe
- translate
- management and governance
- CLI
- CloudFormation
- CloudWatch (logs)
- Compute Optimizer
- Config
- Control Tower
- Health Dashboard
- licence manager
- managed Grafana
- managed service for prometheus
- management console
- organizations
- proton
- service catalog
- service quotas
- systems manager
- trusted advisor
- well-architected tool
- media services
- elastic transcoder
- kinesis video streams
- migration and transfer
- application discovery service
- application migration sergice
- DMS
- DataSync
- migration hub
- SCT
- Snow Family
- transfer family
- Network and content delivery
- CloudFront
- Direct Connect
- ELB
- Global Accelerator
- Private Link
- Route53
- Transit Gateway
- VPC
- VPN
- security, identity, compliance
- artifact
- audit manager
- ACM
- CloudHSM
- Cognito
- Detective
- directory service
- firewall manager
- GuardDuty
- IAM identity center (SSO)
- IAM
- Inspector
- KMS
- Macie
- Network Firewall
- RAM
- Secrets Manager
- Security Hub
- STS
- Shield
- WAF
- storage
- Backup
- EBs
- Elastic DR
- EFS
- FSx
- S3
- S3 Glacier
- Storage Gateway
FocusON
- AWS Organizations
- Server Migration Services
- DMS + SCT
- Serverless Application
- System Manager
- AWS CI/CD
- Service Catalog
- Direct Connect
- CloudFormation
- VPC
- ECS
- LB
- Beanstalk
- Workspaces / Appstream
- Workdocs
- Snowball Edge / DX / S3 Acceleration
- Resource Tags with IAM