Content Domain 2: Configuration Management and IaC

Task Statement 2.1: Define cloud infrastructure and reusable components to provision and manage systems throughout their lifecycle.

Composing and deploying IaC templates (for example, AWS Serverless Application Model [AWS SAM], AWS CloudFormation, AWS Cloud Development Kit [AWS CDK])
Applying CloudFormation stack sets across multiple accounts and AWS Regions
Determining optimal configuration management services (for example, AWS OpsWorks, AWS Systems Manager, AWS Config, AWS AppConfig)
Implementing infrastructure patterns, governance controls, and security standards into reusable IaC templates (for example, AWS Service Catalog, CloudFormation modules, AWS CDK)

Standardizing and automating account provisioning and configuration
Creating, consolidating, and centrally managing accounts (for example, AWS Organizations, AWS Control Tower)
Applying IAM solutions for multi-account and complex organization structures (for example, SCPs, assuming roles)
Implementing and developing governance and security controls at scale (AWS Config, AWS Control Tower, AWS Security Hub, Amazon Detective, Amazon GuardDuty, Service Catalog, SCPs)

Automating system inventory, configuration, and patch management (for example, Systems Manager, AWS Config)
Developing AWS Lambda function automations for complex scenarios (for example, AWS SDKs, Lambda, AWS Step Functions)
Automating the configuration of software applications to the desired state (for example, OpsWorks, Systems Manager State Manager)
Maintaining software compliance (for example, Systems Manager)

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Content Domain 1: SDLC Automation

Content Domain 3: Resilient Cloud Solutions