Practical Training

on

“AWS Academy Cloud Architecting”

Submitted by

GAURAV KUMAR
22052206

School of Computer Engineering

KIIT Deemed to be University

Bhubaneswar,Odisha - 751024
Practical Training Certificate
 Abstract

The report “AWS Academy Cloud Architecting” provides a comprehensive

account of the theoretical foundations and practical training undertaken as part of
the AWS Academy program. The curriculum emphasized the principles of cloud
computing and introduced participants to the architectural frameworks required for
building secure, scalable, and cost-efficient solutions in the AWS environment.

Through structured modules and laboratory sessions, learners engaged with core
AWS services, including compute, storage, networking, databases, and security.
The program also highlighted essential architectural considerations such as high
availability, fault tolerance, elasticity, automation, cost optimization, and
compliance. These components collectively enhanced the participants’ ability to
address practical challenges in modern cloud-based infrastructures.

The successful completion of the training led to the award of the AWS Academy
Graduate – Cloud Architecting certification, which formally acknowledges the
skills and knowledge attained. This accomplishment positions learners for
professional opportunities in cloud architecture and consulting, while contributing
to their preparedness for advanced certification pathways and industry-oriented
roles in cloud computing.
Table of Contents
Abstract

Acknowledgement

1. Introduction
1.1 Overview of the Program
1.2 Objectives of the Training
1.3 Duration and Certification Details
2. Fundamentals of Cloud Computing
2.1 Definition and Importance
2.2 Cloud Service Models (IaaS, PaaS, SaaS)
2.3 Benefits and Use Cases
3. AWS Cloud Overview
3.1 AWS Global Infrastructure
3.2 Key AWS Services
3.3 AWS Shared Responsibility Model
4. Architecting on AWS
4.1 Principles of Cloud Architecture
4.2 High Availability and Fault Tolerance
4.3 Scalability and Elasticity
5. Core AWS Services
5.1 Compute
5.2 Storage
5.3 Networking
5.4 Databases
6. Security and Identity Management
6.1 AWS IAM and Access Control
6.2 Encryption and Key Management
6.3 Monitoring and Compliance
7. Cost Optimization and Billing
7.1 AWS Pricing Models
7.2 Cost Management Tools
7.3 Best Practices for Cost Efficiency
8. Cloud Governance and Compliance
8.1 Shared Responsibility in Practice
8.2 Auditing and Monitoring with AWS Tools
9. Challenges and Limitations of Cloud Computing
9.1 Security and Privacy Concerns
9.2 Vendor Lock-in Risks
9.3 Performance and Cost Management Issues
10. Conclusion
1. Introduction

1.1 Overview of the Program

The AWS Academy Cloud Architecting program is an industry-recognized training initiative

designed to equip learners with the skills required to design, build, and deploy scalable
applications on the AWS Cloud. The program covers fundamental and advanced cloud concepts,
including computing, storage, networking, databases, and security, while emphasizing
architectural best practices. Delivered through structured modules and hands-on labs, it provides
both theoretical knowledge and practical experience to prepare learners for real-world cloud
solutions.

1.2 Objectives of the Training

The primary objectives of the AWS Academy Cloud Architecting program are:

 To introduce learners to the foundational principles of cloud computing and the AWS
ecosystem.
 To build competency in designing resilient, secure, and highly available architectures.
 To develop skills in deploying and managing cloud-based applications using AWS
services.
 To encourage problem-solving through case studies and practical labs that simulate
industry challenges.
 To prepare participants for AWS certification pathways such as AWS Certified
Solutions Architect – Associate.

1.3 Duration and Certification Details

The program required approximately 60 hours of guided learning, including interactive

modules, assignments, and lab activities. Upon successful completion, the learner received the
AWS Academy Graduate – Cloud Architecting certification, issued through Credly, which
serves as a digital verification of skills and achievements. This certification highlights
proficiency in AWS architecture and enhances employability in cloud-focused roles.
2. Fundamentals of Cloud Computing

2.1 Definition and Importance

Cloud computing is the on-demand delivery of IT resources over the internet on a pay-as-you-go
basis. By eliminating the need for physical infrastructure, it provides access to computing power,
storage, databases, and networking through providers such as AWS. Its significance lies in
enabling scalability, flexibility, cost efficiency, and innovation, helping organizations adapt
quickly to dynamic business requirements.

2.2 Cloud Service Models (IaaS, PaaS, SaaS)

Cloud computing is structured around three primary service models:

 Infrastructure as a Service (IaaS): Provides fundamental computing resources such as

virtual machines, storage, and networking. Example: AWS EC2, Amazon S3.
 Platform as a Service (PaaS): Offers a complete development and deployment
environment in the cloud, eliminating the need to manage underlying infrastructure.
Example: AWS Elastic Beanstalk.
 Software as a Service (SaaS): Delivers ready-to-use applications accessible via the
internet, reducing the need for installation and maintenance. Example: Amazon
WorkSpaces.

2.3 Benefits

Cloud computing provides a wide range of benefits to individuals and organizations:

 Scalability and Efficiency: Cloud computing enables automatic adjustment of resources

based on demand while ensuring cost optimization through a pay-as-you-go model.
 Reliability and Security: It provides high availability, global reach, and strong
compliance-driven security, ensuring business continuity and trust.
3. AWS Cloud Overview

3.1 AWS Global Infrastructure

Amazon Web Services (AWS) is the world’s most widely adopted cloud platform, with a global
infrastructure designed to provide high availability, low latency, and resilience. Its
infrastructure is organized into:

 Regions: Geographically separated areas where AWS data centers are located.
 Availability Zones (AZs): Independent data centers within each region that provide
redundancy and fault tolerance.
 Edge Locations: Content delivery network (CDN) endpoints that ensure faster data
delivery through services like Amazon CloudFront.

This global footprint allows organizations to deploy applications closer to their end users,
ensuring speed, reliability, and compliance with local regulations.

3.2 Key AWS Services

AWS provides a vast range of services across different domains. The most essential include:

 Compute: Services such as Amazon EC2, AWS Lambda, and Amazon ECS to power
applications of varying sizes.
 Storage: Scalable options like Amazon S3, Amazon EBS, and Amazon Glacier for
secure data storage and backup.
 Networking: Services like Amazon VPC, Route 53, and Elastic Load Balancing
(ELB) that ensure secure and efficient connectivity.
 Security: Tools such as AWS Identity and Access Management (IAM), AWS Shield,
and AWS KMS to manage permissions, protect resources, and maintain compliance.
4. Architecting on AWS

4.1 Principles of Cloud Architecture

Architecting on AWS follows a set of design principles that guide organizations in building
secure, high-performing, resilient, and efficient cloud infrastructures:

 Design for Failure and Recovery: Build systems that continue to operate even when
components fail.
 Implement Elasticity: Scale resources up or down based on demand.
 Automate Wherever Possible: Use services like AWS CloudFormation and AWS
Auto Scaling to reduce manual effort.
 Use Managed Services: Leverage fully managed offerings (e.g., Amazon RDS,
DynamoDB) to minimize operational overhead.
 Secure by Design: Integrate security at every layer of the architecture.

4.2 High Availability and Fault Tolerance

AWS enables high availability through multiple Availability Zones and Regions, ensuring
applications can withstand failures without service disruption.

4.3 Scalability and Elasticity

Scalability is the ability of a system to handle growth in workload, while elasticity allows
systems to automatically adjust to fluctuating demand. AWS supports both through:

 Auto Scaling Groups (ASG): Automatically add or remove EC2 instances based on
demand.
 Elastic Load Balancing (ELB): Dynamically route traffic to available resources.
 Serverless Computing (AWS Lambda): Instantly scale to meet request volumes
without managing infrastructure.
 Amazon S3: Scales seamlessly for virtually unlimited data storage.
5. Core AWS Services

5.1 Compute

 Amazon EC2 (Elastic Compute Cloud): Provides scalable virtual servers with flexible
configurations.
 AWS Lambda: Offers serverless compute to run code in response to events without
managing servers.

5.2 Storage

 Amazon S3 (Simple Storage Service): Object storage for data backup, archiving, and
content distribution.
 Amazon EBS (Elastic Block Store): High-performance block storage for EC2 instances.

5.3 Networking

 Amazon VPC (Virtual Private Cloud): Enables secure and isolated networking for
cloud resources.
 Elastic Load Balancing (ELB): Distributes traffic across multiple resources for high
availability.

5.4 Databases

 Amazon RDS (Relational Database Service): Managed relational databases supporting

MySQL, PostgreSQL, Oracle, and SQL Server.
 Amazon DynamoDB: Fully managed NoSQL database with fast and predictable
performance.
6. Security and Identity Management

6.1 AWS IAM and Access Control

AWS Identity and Access Management (IAM) enables secure control over access to AWS
resources. It allows organizations to:

 Create and manage users, groups, and roles.

 Assign granular permissions through IAM policies.
 Implement Multi-Factor Authentication (MFA) for enhanced security.

IAM ensures that only authorized individuals and applications can interact with cloud resources,
minimizing security risks.

6.2 Encryption and Key Management

AWS provides multiple layers of data protection through encryption and key management
services:

 AWS Key Management Service (KMS): Manages encryption keys for securing data.
 AWS CloudHSM: Hardware-based key storage for compliance-sensitive workloads.
 Default Encryption in S3, EBS, and RDS: Ensures sensitive data is always protected.
 TLS/SSL Protocols: Encrypt data in transit between clients and AWS resources.

These services ensure compliance with standards such as GDPR, HIPAA, and ISO
certifications.

6.3 Monitoring and Compliance

Maintaining security requires continuous monitoring and adherence to compliance requirements.

AWS offers:

 Amazon CloudWatch: Monitors resource utilization, logs, and performance metrics.

 AWS Config: Evaluates compliance with internal and external policies.
7. Cost Optimization and Billing

7.1 AWS Pricing Models

AWS follows a pay-as-you-go pricing model, allowing organizations to pay only for the
resources they consume. Key pricing options include:

 On-Demand Instances: Pay for compute capacity by the hour or second, with no long-
term commitment.
 Spot Instances: Purchase unused EC2 capacity at reduced prices, ideal for flexible
workloads.
 Free Tier: Limited usage of certain AWS services at no cost for beginners and
experimentation.

7.2 Cost Management Tools

AWS provides several tools to help monitor and control spending:

 AWS Cost Explorer: Visualizes and analyzes usage trends and costs.
 AWS Pricing Calculator: Estimates costs before deploying resources.

7.3 Best Practices for Cost Efficiency

To ensure optimal use of resources and reduce unnecessary costs, AWS recommends:

 Right-Sizing Resources: Continuously monitor workloads and scale resources

appropriately.
 Use Auto Scaling: Automatically adjust compute capacity based on demand.
 Optimize Storage: Use lifecycle policies in Amazon S3 to transition infrequently
accessed data to cheaper storage classes.
 Monitor Continuously: Employ CloudWatch and Cost Explorer dashboards for
proactive management.
8. Cloud Governance and Compliance

8.1 Shared Responsibility in Practice

AWS operates under a Shared Responsibility Model, which clearly defines the division of
security and governance tasks between AWS and its customers.

 AWS is responsible for the security of the cloud, including the physical infrastructure,
networking, hardware, and global data centres.
 Customers are responsible for security in the cloud, covering application
configurations, access management, data encryption, and compliance with regulatory
requirements.

In practice, this requires organizations to establish strong governance frameworks to ensure that
their use of AWS services aligns with internal policies, industry standards, and legal obligations.

These certifications demonstrate AWS’s commitment to data security, privacy, and

compliance across multiple industries.

8.3 Auditing and Monitoring with AWS Tools

To maintain governance and compliance, AWS offers a suite of monitoring and auditing tools:

 AWS Config: Continuously evaluates resource configurations against compliance

policies.
 Amazon GuardDuty: Detects threats and suspicious activities through intelligent
monitoring.
9. Challenges and Limitations of Cloud Computing

9.1 Security and Privacy Concerns

Although cloud providers like AWS implement strong security measures, organizations remain
responsible for securing their applications and data. Misconfigurations, weak access controls, or
lack of encryption can expose sensitive information to unauthorized access. Additionally,
industries such as healthcare and finance face strict regulatory requirements, making data
privacy and compliance an ongoing challenge.

9.2 Vendor Lock-in Risks

Cloud adoption often involves the extensive use of provider-specific services. While this enables
innovation and scalability, it can also lead to vendor lock-in, where migrating workloads or
switching providers becomes complex and costly. Dependence on a single cloud vendor may
reduce flexibility and increase long-term risks if pricing models or service availability change.

9.3 Performance and Cost Management Issues

Cloud services operate on shared infrastructure, meaning network latency and performance
variations can occur, especially in geographically distributed applications. Cost management is
another challenge—while the pay-as-you-go model provides flexibility, unmonitored usage or
poorly optimized architectures can result in unexpected expenses. Effective governance and
continuous monitoring are required to strike a balance between performance, scalability, and
cost-efficiency.
10. Conclusion

The AWS Academy Cloud Architecting program provided a structured pathway to understand the
foundations of cloud computing and its practical application using AWS services. Throughout
the training, participants gained exposure to essential architectural principles, including
scalability, elasticity, high availability, and security, while also learning to apply cost
optimization and governance frameworks in real-world scenarios.

The inclusion of cloud governance and compliance considerations emphasized the need for
organizations to balance innovation with regulatory obligations, ensuring accountability and
transparency in their operations. Similarly, an exploration of the challenges and limitations of
cloud computing highlighted practical concerns such as security risks, vendor lock-in, and cost
management, reinforcing the importance of adopting a responsible and well-structured cloud
strategy.

Overall, the program not only equipped learners with technical knowledge but also instilled an
awareness of broader industry challenges and best practices. The certification as an AWS
Academy Graduate – Cloud Architecting stands as recognition of these competencies and
positions participants to contribute effectively to the design and management of cloud-based
solutions in professional environments.