This advanced course develops strategic architectural capabilities through scenario-based challenges using core AWS services and real-world case studies. Participants explore hybrid connectivity, multi-account management, transit networking, containerisation, CI/CD automation, and large-scale data solutions. Hands-on labs reinforce architectural decision-making under operational constraints.
Learning Outcomes:
Evaluate advanced AWS architectural patterns across hybrid and multi-account environments.
Design container-based solutions and scalable application deployments.
Implement automation for CI/CD pipelines and infrastructure management.
Assess DDoS protection, data encryption, and edge service optimisation strategies.
Analyse cost models, migration strategies, and operational trade-offs.
Key Topics:
AWS Well-Architected Framework and architectural governance
Hybrid cloud connectivity, AWS Transit Gateway, and Control Tower
Container services: ECS, EKS, and AWS Fargate
CI/CD toolchain: AWS CodePipeline, CodeBuild, and CloudFormation
DDoS mitigation, data security with AWS KMS, Secrets Manager
Lake Formation and large-scale data design
Edge services and latency optimisation
Cost management tools and migration best practices
Certification preparation for AWS Certified Solutions Architect – Professional certification
Exam Details
This course is designed to build participants’ understanding of key concepts and domains covered in the AWS Certified Solutions Architect - Professional certification.
The AWS Professional/Specialty Level exam is bundled with the course fee. Participants will receive a certification voucher.
| Exam duration | 180 minutes |
| Number of questions | 75 (multiple choice or multiple response) |
| Pass mark | 750 |
| Open book | No |
| Delivery format | Pearson VUE testing centre |
To maximise success, participants are strongly encouraged to complement the course with additional self-study, revision of course materials, and dedicated practice before attempting the exam.
Day 1
Module 1: Reviewing Architecting Concepts
- Group Exercise: Review Architecting on AWS core best practices
- Hands-On Lab: Securing Amazon S3 VPC Endpoint Communications
Module 2: Single to Multiple Accounts
- AWS Organizations for multi-account access and permissions
- AWS SSO to simplify access and authentication across AWS accounts and third-party services
- AWS Control Tower
- Permissions, access, and authentication
Module 3: Hybrid Connectivity
- AWS Client VPN authentication and control
- AWS Site-to-Site VPN
- AWS Direct Connect for hybrid public and private connections
- Increasing bandwidth and reducing cost
- Basic, high, and maximum resiliency
- Amazon Route 53 Resolver DNS resolution
Module 4: Specialized Infrastructure
- AWS Storage Gateway solutions
- On-demand VMware Cloud on AWS
- Extending cloud infrastructure services with AWS Outposts
- AWS Local Zones for latency-sensitive workloads
- Your 5G network with and without AWS Wavelength
Module 5: Connecting Networks
- Simplifying private subnet connections
- VPC isolation with a shared services VPC
- Transit Gateway Network Manager and VPC Reachability Analyzer
- AWS Resource Access Manager
- AWS PrivateLink and endpoint services
- Hands-On Lab: Configuring Transit Gateways
Day 2
Module 6: Containers
- Container solutions compared to virtual machines
- Docker benefits, components, solutions architecture, and versioning
- Container hosting on AWS to reduce cost
- Managed container services: Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS)
- AWS Fargate
- Hands-On Lab: Deploying an Application with Amazon EKS on Fargate
Module 7: Continuous Integration/Continuous Delivery (CI/CD)
- CI/CD solutions and impact
- CI/CD automation with AWS CodePipeline
- Deployment models
- AWS CloudFormation StackSets to improve deployment management
Module 8: High Availability and DDoS Protection
- Common DDoS attacks layers
- AWS WAF
- AWS WAF web access control lists (ACLs), real-time metrics, logs, and security automation
- AWS Shield Advanced services and AWS DDoS Response Team (DRT) services
- AWS Network Firewall and AWS Firewall Manager to protect accounts at scale
Module 9: Securing Data
- What cryptography is, why you would use it, and how to use it
- AWS KMS
- AWS CloudHSM architecture
- FIPS 140-2 Level 2 and Level 3 encryption
- Secrets Manager
Module 10: Large-Scale Data Stores
- Amazon S3 data storage management including storage class, inventory, metrics, and policies
- <span style="font-famil
