1. Domain 4: Cost Control
1.1. 4.1 Select a cost-effective pricing model for a solution.
1.1.1. Purchase resources based on usage requirements
1.1.2. Identify when to use different storage tiers
1.2. 4.2 Determine which controls to design and implement that will ensure cost optimization.
1.2.1. Determine an AWS-generated cost allocation tags strategy that allows mapping cost to business units
1.2.2. Determine a mechanism to monitor when underutilized resources are present
1.2.3. Determine a way to manage commonly deployed resources to achieve governance
1.2.4. Define a way to plan costs that do not exceed the budget amount
1.3. 4.3 Identify opportunities to reduce cost in an existing architecture.
1.3.1. Distinguish opportunities to use AWS Managed Services
1.3.2. Determine which services are most cost-effective in meeting business objectives
2. Domain 5: Continuous Improvement for Existing Solutions
2.1. 5.1 Troubleshoot solutions architectures.
2.1.1. Assess an existing application architecture for deficiencies
2.1.2. Analyze application and infrastructure logs
2.1.3. Test possible solutions in non-production environment
2.2. 5.2 Determine a strategy to improve an existing solution for operational excellence.
2.2.1. Determine the most appropriate logging and monitoring strategy
2.2.2. Recommend the appropriate AWS offering(s) to enable configuration management automation
2.3. 5.3 Determine a strategy to improve the reliability of an existing solution.
2.3.1. Evaluate existing architecture to determine areas that are not sufficiently reliable
2.3.2. Remediate single points of failure
2.3.3. Enable data replication, self-healing, and elastic features and services
2.3.4. Test the reliability of the new solution
2.4. 5.4 Determine a strategy to improve the performance of an existing solution.
2.4.1. Reconcile current performance metrics against performance targets
2.4.2. Identify and examine performance bottlenecks
2.4.3. Recommend and test potential remediation solutions
2.5. 5.5 Determine a strategy to improve the security of an existing solution.
2.5.1. Evaluate AWS Secrets Manager strategy
2.5.2. Audit the environment for security vulnerabilities
2.5.3. Enable manual and/or automated responses to the detection of vulnerabilities
2.6. 5.6 Determine how to improve the deployment of an existing solution.
2.6.1. Evaluate appropriate tooling to enable infrastructure as code
2.6.2. Evaluate current deployment processes for improvement opportunities
2.6.3. Test automated deployment and rollback strategies
3. Key tools, technologies, and concepts
3.1. Compute
3.2. Cost management
3.3. Database
3.4. Disaster recovery
3.5. High availability
3.6. Management and governance
3.7. Microservices and component decoupling
3.8. Migration and data transfer
3.9. Networking, connectivity, and content delivery
3.10. Security
3.11. Serverless design principles
3.12. Storage
4. AWS services and features
4.1. Analytics
4.1.1. Amazon Athena
4.1.2. Amazon Elasticsearch Service
4.1.3. Amazon EMR
4.1.4. AWS Glue
4.1.5. Amazon Kinesis
4.1.6. Amazon QuickSight
4.2. AWS Billing and Cost Management
4.2.1. AWS Budgets
4.2.2. Cost Explorer
4.3. Application integration
4.3.1. Amazon MQ
4.3.2. Amazon Simple Notification Service (Amazon SNS)
4.3.3. Amazon Simple Queue Service (Amazon SQS)
4.3.4. AWS Step Functions
4.4. Business applications
4.4.1. Amazon Alexa
4.4.2. Amazon Alexa for Business
4.4.3. Amazon Simple Email Service (Amazon SES)
4.5. Blockchain
4.5.1. Amazon Managed Blockchain
4.6. Compute
4.6.1. AWS Batch
4.6.2. Amazon EC2
4.6.3. AWS Elastic Beanstalk
4.6.4. Amazon Elastic Container Service (Amazon ECS)
4.6.5. Amazon Elastic Kubernetes Service (Amazon EKS)
4.6.6. Elastic Load Balancing
4.6.7. AWS Fargate
4.6.8. AWS Lambda
4.6.9. Amazon Lightsail
4.6.10. AWS Outposts
4.7. Containers
4.7.1. Amazon Elastic Container Registry (Amazon ECR)
4.8. Database
4.8.1. Amazon Aurora
4.8.2. Amazon DynamoDB
4.8.3. Amazon ElastiCache
4.8.4. Amazon Neptune
4.8.5. Amazon RDS
4.8.6. Amazon Redshift
4.9. Developer tools
4.9.1. AWS Cloud9
4.9.2. AWS CodeBuild
4.9.3. AWS CodeCommit
4.9.4. AWS CodeDeploy
4.9.5. AWS CodePipeline
4.10. End user computing
4.10.1. Amazon AppStream 2.0
4.10.2. Amazon WorkSpaces
4.11. Front-end web and mobile
4.11.1. AWS AppSync
4.12. Machine learning
4.12.1. Amazon Comprehend
4.12.2. Amazon Forecast
4.12.3. Amazon Lex
4.12.4. Amazon Rekognition
4.12.5. Amazon SageMaker
4.12.6. Amazon Transcribe
4.12.7. Amazon Translate
4.13. Management and governance
4.13.1. AWS Auto Scaling
4.13.2. AWS Backup
4.13.3. AWS CloudFormation
4.13.4. AWS CloudTrail
4.13.5. Amazon CloudWatch
4.13.6. AWS Compute Optimizer
4.13.7. AWS Config
4.13.8. AWS Control Tower
4.13.9. Amazon EventBridge
4.13.10. AWS License Manager
4.13.11. AWS Organizations
4.13.12. AWS Resource Access Manager
4.13.13. AWS Service Catalog
4.13.14. AWS Systems Manager
4.13.15. AWS Trusted Advisor
4.13.16. AWS Well-Architected Tool
4.14. Media services
4.14.1. Amazon Elastic Transcoder
4.15. Migration and transfer
4.15.1. AWS Database Migration Service (AWS DMS)
4.15.2. AWS DataSync
4.15.3. AWS Migration Hub
4.15.4. AWS Server Migration Service (AWS SMS)
4.15.5. AWS Snowball
4.15.6. AWS Transfer Family
4.16. Networking and content delivery
4.16.1. Amazon API Gateway
4.16.2. Amazon CloudFront
4.16.3. AWS Direct Connect
4.16.4. AWS Global Accelerator
4.16.5. Amazon Route 53
4.16.6. AWS Transit Gateway
4.16.7. Amazon VPC
4.17. Security, identity, and compliance
4.17.1. AWS Artifact
4.17.2. AWS Certificate Manager (ACM)
4.17.3. Amazon Cognito
4.17.4. AWS Directory Service
4.17.5. Amazon GuardDuty
4.17.6. AWS Identity and Access Management (IAM)
4.17.7. Amazon Inspector
4.17.8. AWS Key Management Service (AWS KMS)
4.17.9. Amazon Macie
4.17.10. AWS Resource Access Manager
4.17.11. AWS Secrets Manager
4.17.12. AWS Security Hub
4.17.13. AWS Shield
4.17.14. AWS Single Sign-On
4.17.15. AWS WAF
4.18. Storage
4.18.1. Amazon Elastic Block Store (Amazon EBS)
4.18.2. Amazon Elastic File System (Amazon EFS)
4.18.3. Amazon FSx
4.18.4. Amazon S3
4.18.5. Amazon S3 Glacier
4.18.6. AWS Storage Gateway
5. Domain 1: Design for Organizational Complexity
5.1. 1.1 Determine cross-account authentication and access strategy for complex organizations.
5.1.1. Analyze the organizational structure
5.1.2. Evaluate the current authentication infrastructure
5.1.3. Analyze the AWS resources at an account level
5.1.4. Determine an auditing strategy for authentication and access
5.2. 1.2 Determine how to design networks for complex organizations.
5.2.1. Outline an IP addressing strategy for VPCs
5.2.2. Determine DNS strategy
5.2.3. Classify network traffic and security
5.2.4. Determine connectivity needs for hybrid environments
5.2.5. Determine a way to audit network traffic
5.3. 1.3 Determine how to design a multi-account AWS environment for complex organizations.
5.3.1. Determine how to use AWS Organizations
5.3.2. Implement the most appropriate account structure for proper cost allocation, agility, and security
5.3.3. Recommend a central audit and event notification strategy
5.3.4. Decide on an access strategy
6. Domain 2: Design for New Solutions
6.1. 2.1 Determine security requirements and controls when designing and implementing a solution.
6.1.1. Implement infrastructure as code
6.1.2. Determine prevention controls for large-scale web applications
6.1.3. Determine roles and responsibilities of applications
6.1.4. Determine a secure method to manage credentials for the solutions/applications
6.1.5. Enable detection controls and security services for large-scale applications
6.1.6. Enforce host and network security boundaries
6.1.7. Enable encryption in transit and at rest
6.2. 2.2 Determine a solution design and implementation strategy to meet reliability requirements.
6.2.1. Design a highly available application environment
6.2.2. Determine advanced techniques to detect for failure and service recoverability
6.2.3. Determine processes and components to monitor and recover from regional service disruptions with regional failover
6.3. 2.3 Determine a solution design to ensure business continuity.
6.3.1. Architect an automated, cost-effective back-up solution that supports business continuity across multiple AWS Regions
6.3.2. Determine an architecture that provides application and infrastructure availability in the event of a service disruption
6.4. 2.4 Determine a solution design to meet performance objectives.
6.4.1. Design internet-scale application architectures
6.4.2. Design an architecture for performance according to business objectives
6.4.3. Apply design patterns to meet business objectives with caches, buffering, and replicas
6.5. 2.5 Determine a deployment strategy to meet business requirements when designing and implementing a solution.
6.5.1. Determine resource provisioning strategy to meet business objectives
6.5.2. Determine a migration process to change the version of a service
6.5.3. Determine services to meet deployment strategy
6.5.4. Determine patch management strategy
7. Domain 3: Migration Planning
7.1. 3.1 Select existing workloads and processes for potential migration to the cloud.
7.1.1. Complete an application migration assessment
7.1.2. Classify applications according to the six Rs (re-host, re-platform, re-purchase, refactor, retire, and retain)
7.2. 3.2 Select migration tools and/or services for new and migrated solutions based on detailed AWS knowledge.
7.2.1. Select an appropriate database transfer mechanism
7.2.2. Select an appropriate data transfer service
7.2.3. Select an appropriate data transfer target
7.2.4. Select an appropriate server migration mechanism
7.2.5. Apply the appropriate security methods to the migration tools
7.3. 3.3 Determine a new cloud architecture for an existing solution.
7.3.1. Evaluate business applications and determine the target cloud architecture
7.3.2. Break down the functionality of applications into services
7.3.3. Determine target database platforms
7.4. 3.4 Determine a strategy for migrating existing on-premises workloads to the cloud.
7.4.1. Determine the desired prioritization strategy of the organization
7.4.2. Analyze data volume and rate of change to determine a data transfer strategy
7.4.3. Evaluate cutover strategies
7.4.4. Assess internal and external compliance requirements for a successful migration