7-Day AWS Refresher Series

Day 1: Ground Zero for Architects & Cloud Builders

Welcome to Day 1 of the 7-Day AWS Refresher Series - a tactical reset for cloud professionals who want to get back to fundamentals without wading through dense documentation.

Whether you're designing systems, deploying workloads, or returning to AWS after a break — this series is for you.

Day 1 Theme

Foundation + Strategy + Playground Setup

Objective: Re-establish core understanding, set up your environment, and build a practical sandbox to test and validate concepts.

Core AWS Services to Revisit

Compute

• EC2: Virtual machines on demand. Know instance types, pricing models, placement groups, and how to bootstrap using user data.
• Lambda: Serverless event-driven compute. Best for automations and short-lived workflows.
• ECS / EKS: Container orchestration. ECS for managed Docker; EKS for Kubernetes-native workloads.

Storage

• S3: Object storage with lifecycle policies, versioning, and multiple storage classes.
• EBS: Block storage volumes attached to EC2. Snapshots help with backup and recovery.
• EFS: Shared, elastic file storage for Linux-based EC2s.

Networking

• VPC: Your isolated cloud network. CIDR planning matters.
• Subnets: Separate public and private tiers.
• Route Tables: Control how traffic moves within and outside the VPC.
• Internet Gateway vs NAT Gateway: Define internet access strategy per subnet.
• VPC Peering / Transit Gateway: Enable communication across VPCs or accounts.

Databases

• RDS: Managed SQL engines with Multi-AZ for high availability.
• DynamoDB: NoSQL database for low-latency, high-throughput applications.
• Aurora: Performance-optimized SQL engine compatible with MySQL and PostgreSQL.

Security

• IAM: Identity and Access Management with users, groups, roles, and policies.
• KMS: Centralized encryption key management.
• AWS Organizations: Multi-account management with Service Control Policies (SCPs) for governance.

Hands-On Lab: Initial AWS Environment Setup

Steps

• Create a new AWS account under Free Tier
• Secure the root user with MFA
• Install AWS CLI and configure credentials

pip install awscli --upgrade --user
aws configure        

• Set up IAM:

1. Create an IAM user and group

2. Attach managed policies

3. Create a role with a trust policy (for EC2 or cross-account access)

• Set up AWS Organizations:

1. Create an IAM user and group

2. Attach managed policies

3. Create a role with a trust policy (for EC2 or cross-account access)

Mini Lab: VPC with Public and Private Subnets

Goal: Build a minimal but realistic VPC network with SSH jump-box routing.

Lab Components

• VPC: CIDR block 10.0.0.0/16
• Subnets:

Public: 10.0.1.0/24

Private: 10.0.2.0/24

• Internet Gateway: Enables internet access for public subnet
• NAT Gateway: Enables outbound traffic for private subnet
• Route Tables: Ensure correct routing to IGW and NAT
• EC2 Instances: One in public and one in private subnet
• SSH Routing: Local → public EC2 → private EC2

This foundational setup is extendable for container orchestration, databases, or multi-tier applications.

Well-Architected Framework (The 5 Pillars)

Every production workload should align with these five principles:

• Operational Excellence: Can your system evolve and recover gracefully?
• Security: Build with least privilege, MFA, encryption, and monitoring by default.
• Reliability: Use failover patterns, multi-AZ, and design for auto healing.
• Performance Efficiency: Choose the right services and scaling strategies.
• Cost Optimization: Eliminate waste and match resources to demand.

5 Questions to Reflect On

• IAM Users vs IAM Roles: What's the difference in usage?
• NAT Gateway vs Internet Gateway: When is each applicable?
• S3 Standard vs S3 Glacier: Which should be used for what scenarios?
• Why is Multi-AZ configuration important in RDS?
• How do Service Control Policies enforce guardrails across AWS accounts?

Day 1 Completion Checklist

• AWS account created and root secured with MFA
• AWS CLI installed and configured locally
• IAM user, group, and role created
• Dev and Prod accounts set up using AWS Organizations
• Sample SCP applied and verified
• Basic VPC architecture deployed and tested via SSH jump

Up Next in Day 2

Load Balancing, Auto Scaling, and Real-World High Availability Patterns.

Follow or share this with peers gearing up for AWS certifications, project ramp-ups, or production ownership.

#AWS #CloudArchitecture #AWSRefresher #WellArchitected #AWSHandsOn #AWSNetworking #CloudFoundations #AWSCommunity