Solution Architect handbook
One of a the best book about Solution Architecture AWS oriented.
AWS Solution Architect Handbook
1. Core Concepts
-
Global Infrastructure: Regions, Availability Zones (AZs), Edge Locations.
-
Shared Responsibility Model:
-
AWS → Security of the cloud (infra, services).
-
Customer → Security in the cloud (data, IAM, configs).
-
-
Well-Architected Framework → 6 Pillars:
-
Operational Excellence
-
Security
-
Reliability
-
Performance Efficiency
-
Cost Optimization
-
Sustainability
-
2. Compute
-
EC2: On-demand, reserved, spot, savings plans.
-
Scaling: ASG (Auto Scaling Group).
-
Containers: ECS (EC2/Fargate), EKS (K8s).
-
Serverless: Lambda (event-driven).
-
Elastic Beanstalk: PaaS deployment.
3. Networking & Connectivity
-
VPC: Subnets (public/private), Route Tables, IGW, NACL, SG.
-
Endpoints:
-
Gateway (S3/DynamoDB, free).
-
Interface (ENI-based, paid).
-
-
Connectivity: VPN (site-to-site, client), Direct Connect, Transit Gateway, PrivateLink, VPC Peering.
-
Load Balancers: ALB (L7), NLB (L4), GWLB.
-
Global: CloudFront (CDN), Route 53 (DNS), Global Accelerator.
4. Storage
-
S3: Object storage, storage classes, versioning, replication.
-
EBS: Block storage for EC2.
-
EFS: Shared POSIX file system.
-
FSx: Windows, NetApp, Lustre.
-
Snow Family: Snowcone, Snowball, Snowmobile.
-
Storage Gateway / DataSync: Hybrid storage.
5. Databases
-
RDS: Managed relational DB (Aurora, MySQL, PostgreSQL, Oracle, SQL Server).
-
DynamoDB: Serverless NoSQL, DAX for caching.
-
DocumentDB: Mongo-compatible.
-
Neptune: Graph DB.
-
Keyspaces: Cassandra-compatible.
-
Redshift: Data warehouse, Enhanced VPC Routing.
-
Athena: SQL queries on S3.
-
ElastiCache: Redis / Memcached.
6. Analytics & Big Data
-
EMR: Hadoop/Spark.
-
Glue: ETL, DataBrew (no-code), Catalog.
-
Kinesis: Streams, Firehose, Analytics.
-
MSK: Managed Kafka.
-
QuickSight: BI dashboards.
7. Security & Identity
-
IAM: Roles, Policies, Federation.
-
Organizations: Multi-account governance.
-
Control Tower: Landing zone setup.
-
GuardDuty: Threat detection.
-
Macie: Sensitive data discovery.
-
Inspector: Vulnerability scanning.
-
KMS: Key management.
-
Secrets Manager / Parameter Store: Secret storage.
-
WAF / Shield: Protection against attacks.
8. Monitoring & Ops
-
CloudWatch: Metrics, Logs, Alarms.
-
CloudTrail: API call auditing.
-
Config: Compliance tracking.
-
Systems Manager (SSM): Automation, Session Manager.
-
Trusted Advisor: Best practices recommendations.
9. Migration & DR
-
DMS: Database migration service.
-
SMS / Application Migration Service: Lift & shift apps.
-
Backup: Centralized backups.
-
Disaster Recovery Models: Backup/restore, Pilot Light, Warm Standby, Multi-site.
-
Region Selection Criteria: Cost, latency, compliance.
10. AI / ML & Extra Services
-
Lex: Chatbots.
-
Polly: Text-to-speech.
-
Transcribe / Translate: Speech-to-text / Text translation.
-
Rekognition: Image/video analysis.
-
Kendra: Search in unstructured data.
⚡ In short:
The handbook covers all major AWS services, the Well-Architected Framework pillars, and design strategies (scalability, HA, DR, cost optimization). It’s essentially the cheat sheet for architecting solutions on AWS.