助理級：
系統管理員
開發者
系統架構師助理

專家級：
系統架構師
運維開發工程師

涉及方面：
從計算，網絡，存儲，負載均衡，到安全，大數據，CDN，DNS，部署，中間件，不僅僅是AWS的相關服務，還涉及全面的架構設計經驗和理解，需要很多平時的積累。

掌握：
包括IAM, STS, VPC, EC2, EBS, ELB, S3, Storage Gateway, RDS, DynamoDB, CloudFront, Route53, CloudFormation, OpsWorks, Kinesis。

了解：
包括Glacier, CloudWatch, CloudTrail, Direct Connect, Elastic Beanstalk, ElastiCache, EMR, Redshift, Data Pipeline, SWF, SNS, SES。

AWS系統架構助理技術要求：
AWS知識

• 熟練使用計算機、網絡、存儲和數據庫AWS服務
• 構建大型分布式系統的專業經驗：理解彈性和可擴展性概念
• 了解AWS全球基礎設施
• 了解與AWS相關的網絡技術
• 很好地理解AWS提供的所有安全特性和工具以及它們與傳統服務的關系。
• 對AWS平臺的客戶界面有很強的理解能力，具有AWS部署和管理服務的實踐經驗

基礎IT知識

• 對典型的多層體系結構有很好的理解：Web服務器、緩存、應用服務器、負載平衡器和存儲
• 了解關系數據庫管理系統（RDBMS）和NoSQL
• 消息隊列和企業服務總線（ESB）的知識
• 熟悉松耦合和無狀態系統
• 了解分布式系統中的不同一致性模型
• 了解內容分發網絡（CDN）
• 具有核心LAN/WAN網絡技術的動手經驗
• 具有路由表、訪問控制列表、防火墻、NAT、HTTP、DNS、IP和OSI網絡的經驗：REST Web服務、XML、JSON的知識
• 熟悉軟件開發生命周期
• 具有信息和應用安全概念、機制和工具的工作經驗
• 了解終端用戶計算和協作技術

二、實戰

1：設計高可用、低成本、容錯、可擴展的系統

1.1識別和識別雲架構考慮，如基本組件和有效設計。
內容可包括以下內容：

• 如何設計雲服務
• 規劃設計
• 監測和記錄

熟悉：

• AWS體系結構的最佳實踐
• 開發客戶規範，包括定價/成本（例如，按需與保留對現貨；RTO和RPO DR設計）
• 架構權衡決策（例如，高可用性與成本）、亞馬遜關系數據庫服務（RDS）與在亞馬遜彈性計算雲（EC2）上安裝自己的數據庫混合IT架構（例如，直接連接、存儲網關、VPC、目錄服務）
• 彈性和可伸縮性（例如，自動縮放、SQL、ELB、CyrdFrand）

2 2：實現/部署
2.1使用Amazon EC2、Amazon S3、AWS彈性豆莖、AWS CuldFug、AWS OPSWorkWork、Amazon虛擬私有雲（VPC）和AWS身份和訪問管理（IAM）來編碼和實現雲解決方案來識別適當的技術和方法。內容可包括以下內容：

• 配置亞馬遜機器映像（AMI）
• 在混合IT體系結構中操作和擴展服務管理
• 配置服務以支持雲中的合規要求
• 在AWS全球基礎設施上啟動實例：配置IAM策略和最佳實踐

3 3：數據安全
3.1識別和實施最佳雲部署和維護的安全實踐。內容可包括以下內容：

• AWS共擔責任模型
• AWS平臺符合性
• AWS安全屬性（客戶工作負載到物理層）
• ·AWS管理和安全服務
• AWS身份和訪問管理（IAM）
• Amazon虛擬私有雲（VPC）
• AWS CyrdTr蹤跡
• 入口與出口過濾，以及AWS服務和特征擬合
• “核心”Amazon EC2和S3安全特征集
• 結合常用的常規安全產品（防火墻、×××）
• 設計模式
• DOS緩解
• 加密解決方案（例如，關鍵服務）
• 復雜的訪問控制（建立復雜的安全組、ACL等）
• Amazon CuldWa手表為安全架構師
• 值得信賴的顧問
• 雲表日誌

3.2識別關鍵災難恢復技術及其實現。內容可包括以下內容：

• 災難恢復
• 恢復時間目標
• 恢復點目標
• 亞馬遜彈性街區店
• AWS進出口
• AWS存儲網關
• Amazon Rout53
• 數據恢復方法的驗證

4 4：故障排除
內容可包括以下內容：

• 信息和問題的一般故障排除

AWS Knowledge

? Hands-on experience using compute, networking, storage, and database AWS services
? Professional experience architecting large-scale distributed systems ? Understanding of elasticity and scalability concepts
? Understanding of the AWS global infrastructure
? Understanding of network technologies as they relate to AWS
? A good understanding of all security features and tools that AWS provides and how they relate to traditional services
? A strong understanding of client interfaces to the AWS platform ? Hands-on experience with AWS deployment and management services

General IT Knowledge
? Excellent understanding of typical multi-tier architectures: web servers, caching, application servers, load balancers, and storage
? Understanding of Relational Database Management System (RDBMS) and NoSQL
? Knowledge of message queuing and Enterprise Service Bus (ESB)
? Familiarity with loose coupling and stateless systems
? Understanding of different consistency models in distributed systems
? Knowledge of Content Delivery Networks (CDN)
? Hands-on experience with core LAN/WAN network technologies
? Experience with route tables, access control lists, firewalls, NAT, HTTP, DNS, IP and OSI Network ? Knowledge of RESTful Web Services, XML, JSON
? Familiarity with the software development lifecycle
? Work experience with information and application security concepts, mechanisms, and tools
? Awareness of end-user computing and collaborative technologies

1 Domain
1.0: Designing highly available, cost-efficient, fault-tolerant, scalable systems
1.1 Identify and recognize cloud architecture considerations, such as fundamental components and effective designs.
Content may include the following:
? How to design cloud services
? Planning and design
? Monitoring and logging
? Familiarity with:
o Best practices for AWS architecture
o Developing to client specifications, including pricing/cost (e.g., on Demand vs. Reserved vs. Spot; RTO and RPO DR Design)
o Architectural trade-off decisions (e.g., high availability vs. cost, Amazon Relational Database Service (RDS) vs. installing your own database on Amazon Elastic Compute Cloud (EC2))
o Hybrid IT architectures (e.g., Direct Connect, Storage Gateway, VPC, Directory Services)
o Elasticity and scalability (e.g., Auto Scaling, SQS, ELB, CloudFront)

2 Domain
2.0: Implementation/Deployment
2.1 Identify the appropriate techniques and methods using Amazon EC2, Amazon S3, AWS Elastic Beanstalk, AWS CloudFormation, AWS OpsWorks, Amazon Virtual Private Cloud (VPC), and AWS Identity and Access Management (IAM) to code and implement a cloud solution. Content may include the following:
? Configure an Amazon Machine Image (AMI)
? Operate and extend service management in a hybrid IT architecture
? Configure services to support compliance requirements in the cloud
? Launch instances across the AWS global infrastructure ? Configure IAM policies and best practices

3 Domain
3.0: Data Security
3.1 Recognize and implement secure practices for optimum cloud deployment and maintenance. Content may include the following:
? AWS shared responsibility model
? AWS platform compliance
? AWS security attributes (customer workloads down to physical layer)
? AWS administration and security services
? AWS Identity and Access Management (IAM)
? Amazon Virtual Private Cloud (VPC)
? AWS CloudTrail
? Ingress vs. egress filtering, and which AWS services and features fit
? “Core” Amazon EC2 and S3 security feature sets
? Incorporating common conventional security products (Firewall, ×××)
? Design patterns
? DoS mitigation
? Encryption solutions (e.g., key services)
? Complex access controls (building sophisticated security groups, ACLs, etc.)
? Amazon CloudWatch for the security architect
? Trusted Advisor
? CloudWatch Logs

3.2 Recognize critical disaster recovery techniques and their implementation. Content may include the following:
? Disaster recovery
o Recovery time objective
o Recovery point objective
o Amazon Elastic Block Store
? AWS Import/Export
? AWS Storage Gateway
? Amazon Route53
? Validation of data recovery method

4 Domain
4.0: Troubleshooting
Content may include the following:
? General troubleshooting information and questions

AWS考證方向技術知識