Content Domain 2: Design for New Solutions

Infrastructure as code (IaC) (for example, AWS CloudFormation)

Continuous integration and continuous delivery (CI/CD)

Change management processes

Configuration management tools (for example, AWS Systems Manager)

Determining an application or upgrade path for new services and features

Selecting services to develop deployment strategies and implement appropriate rollback mechanisms

Adopting managed services as needed to reduce infrastructure provisioning and patching overhead

Making advanced technologies accessible by delegating complex development and deployment tasks to AWS

AWS Global Infrastructure

AWS networking concepts (for example, Amazon Route 53, routing methods)

RTOs and RPOs

Disaster recovery scenarios (for example, backup and restore, pilot light, warm standby, multi-site)

Disaster recovery solutions on AWS

Configuring disaster recovery solutions

Configuring data and database replication

Performing disaster recovery testing

Architecting a backup solution that is automated, is cost-effective, and supports business continuity across multiple Availability Zones or AWS Regions

Designing an architecture that provides application and infrastructure availability in the event of a disruption

Using processes and components for centralized monitoring to proactively recover from system failures

IAM

Route tables, security groups, and network ACLs

Encryption options for data at rest and data in transit

AWS service endpoints

Credential management services

AWS managed security services (for example, AWS Shield, AWS WAF, Amazon GuardDuty, AWS Security Hub)

Specifying IAM users and IAM roles that adhere to the principle of least privilege access

Specifying inbound and outbound network flows by using security group rules and network ACL rules

Developing attack mitigation strategies for large-scale web applications

Developing encryption strategies for data at rest and data in transit

Specifying service endpoints for service integrations

Developing strategies for patch management to remain compliant with organizational standards

AWS Global Infrastructure

AWS storage services and replication strategies (for example Amazon S3, Amazon RDS, Amazon ElastiCache)

Multi-AZ and multi-Region architectures

Auto scaling policies and events

Application integration (for example, Amazon SNS, Amazon SQS, AWS Step Functions)

Service quotas and limits

Designing highly available application environments based on business requirements

Using advanced techniques to design for failure and ensure seamless system recoverability

Implementing loosely coupled dependencies

Operating and maintaining high-availability architectures (for example, application failovers, database failovers)

Using AWS managed services for high availability

Implementing DNS routing policies (for example, Route 53 latency-based routing, geolocation routing, simple routing)

Performance monitoring technologies

Storage options on AWS

Instance families and use cases

Purpose-built databases

Designing large-scale application architectures for a variety of access patterns

Designing an elastic architecture based on business objectives

Applying design patterns to meet performance objectives with caching, buffering, and replicas

Developing a process methodology for selecting purpose-built services for required tasks

Designing a rightsizing strategy

AWS cost and usage monitoring tools (for example, AWS Cost Explorer, AWS Trusted Advisor, AWS Pricing Calculator)

Pricing models (for example, Reserved Instances, AWS Savings Plans)

Storage tiering

Data transfer costs

AWS managed service offerings

Identifying opportunities to select and rightsize infrastructure for cost-effective resources

Identifying appropriate pricing models

Performing data transfer modeling and selecting services to reduce data transfer costs

Developing a strategy and implementing controls for expenditure and usage awareness