Cloud Architecture Lab
Design patterns, multi-cloud strategies, and high availability architectures
Lab Progress
0 / 6 exercises
1
Well-Architected Framework
30 minutes
Objective: Understand the six pillars of the AWS Well-Architected Framework and how they apply across cloud providers.
The Six Pillars
1. Operational Excellence
Run and monitor systems to deliver business value. Automate changes, respond to events, define standards.
2. Security
Protect information, systems, and assets. Identity, detection, infrastructure protection, data protection.
3. Reliability
Recover from failures, meet demand. Foundations, change management, failure management.
4. Performance Efficiency
Use computing resources efficiently. Selection, review, monitoring, trade-offs.
5. Cost Optimization
Avoid unnecessary costs. Expenditure awareness, cost-effective resources, matching supply and demand.
6. Sustainability
Minimize environmental impact. Region selection, efficient workloads, data lifecycle.
Tasks
- Review each pillar and identify which applies to your current projects
- List 3 best practices from the Security pillar
- Compare AWS Well-Architected to Azure's framework (similar concepts)
- Identify potential cost optimization opportunities in a sample architecture
2
High Availability Architectures
40 minutes
Objective: Design fault-tolerant architectures using multiple availability zones and regions.
Multi-AZ Architecture
┌─────────────────────────────────────────────────────────────────┐
│ AWS Region │
│ ┌─────────────────────────┐ ┌─────────────────────────┐ │
│ │ Availability Zone A │ │ Availability Zone B │ │
│ │ ┌─────────────────┐ │ │ ┌─────────────────┐ │ │
│ │ │ Public Subnet │ │ │ │ Public Subnet │ │ │
│ │ │ ┌───────────┐ │ │ │ │ ┌───────────┐ │ │ │
│ │ │ │ ALB │◄─┼────┼────┼──┼─►│ ALB │ │ │ │
│ │ │ └───────────┘ │ │ │ │ └───────────┘ │ │ │
│ │ └─────────────────┘ │ │ └─────────────────┘ │ │
│ │ ┌─────────────────┐ │ │ ┌─────────────────┐ │ │
│ │ │ Private Subnet │ │ │ │ Private Subnet │ │ │
│ │ │ ┌───────────┐ │ │ │ │ ┌───────────┐ │ │ │
│ │ │ │ EC2 │ │ │ │ │ │ EC2 │ │ │ │
│ │ │ └───────────┘ │ │ │ │ └───────────┘ │ │ │
│ │ │ ┌───────────┐ │ │ │ │ ┌───────────┐ │ │ │
│ │ │ │ RDS Pri │◄─┼────┼────┼──┼─►│ RDS Stby │ │ │ │
│ │ │ └───────────┘ │ │ │ │ └───────────┘ │ │ │
│ │ └─────────────────┘ │ │ └─────────────────┘ │ │
│ └─────────────────────────┘ └─────────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
Key Concepts: Multi-AZ deployments provide automatic failover.
RDS Multi-AZ maintains a synchronous standby replica in a different AZ.
Multi-Region Architecture
┌─────────────────────────────────────────────────────────────────┐
│ Route 53 (DNS) │
│ Latency-based / Failover Routing │
└──────────────────────────┬──────────────────────────────────────┘
│
┌──────────────────────────┴──────────────────────────┐
│ │ │
▼ ▼ ▼
┌───────────────┐ ┌───────────────┐ ┌───────────────┐
│ US-EAST-1 │ │ EU-WEST-1 │ │ AP-SOUTH-1 │
│ (Primary) │ │ (Secondary) │ │ (Secondary) │
│ ┌───────────┐ │ │ ┌───────────┐ │ │ ┌───────────┐ │
│ │ ALB │ │ │ │ ALB │ │ │ │ ALB │ │
│ └───────────┘ │ │ └───────────┘ │ │ └───────────┘ │
│ ┌───────────┐ │ │ ┌───────────┐ │ │ ┌───────────┐ │
│ │ Aurora │◄┼────────┼─│ Replica │ │ │ │ Replica │ │
│ │ Primary │ │ │ └───────────┘ │ │ └───────────┘ │
│ └───────────┘ │ └───────────────┘ └───────────────┘
└───────────────┘
Tasks
- Identify single points of failure in a given architecture
- Calculate RPO (Recovery Point Objective) and RTO (Recovery Time Objective)
- Design a Multi-AZ web application architecture
- Explain Active-Active vs Active-Passive multi-region strategies
3
Microservices & Serverless Patterns
35 minutes
Objective: Understand microservices decomposition and serverless event-driven architectures.
Microservices Pattern
┌─────────────────────────────────────────────────────────────┐
│ API Gateway │
└───────────────────────────┬─────────────────────────────────┘
│
┌───────────────────────────┼───────────────────────────┐
│ │ │
▼ ▼ ▼
┌───────────────┐ ┌───────────────┐ ┌───────────────┐
│ User Service │ │ Order Service │ │Product Service│
│ ┌───────────┐ │ │ ┌───────────┐ │ │ ┌───────────┐ │
│ │ Lambda │ │ │ │ ECS │ │ │ │ Lambda │ │
│ └───────────┘ │ │ └───────────┘ │ │ └───────────┘ │
│ ┌───────────┐ │ │ ┌───────────┐ │ │ ┌───────────┐ │
│ │ DynamoDB │ │ │ │ Aurora │ │ │ │ DynamoDB │ │
│ └───────────┘ │ │ └───────────┘ │ │ └───────────┘ │
└───────────────┘ └───────────────┘ └───────────────┘
│ │ │
└─────────────────────────┼─────────────────────────┘
▼
┌───────────────┐
│ Event Bus │
│ (EventBridge)│
└───────────────┘
Serverless Event-Driven Architecture
User Request
│
▼
┌─────────┐ ┌─────────┐ ┌─────────┐
│ API │───►│ Lambda │───►│ SQS │
│ Gateway │ │ Process │ │ Queue │
└─────────┘ └─────────┘ └────┬────┘
│
▼
┌─────────┐ ┌─────────┐ ┌─────────┐
│ SNS │◄───│ Lambda │◄───│ Lambda │
│ Topic │ │ Notify │ │ Worker │
└────┬────┘ └─────────┘ └─────────┘
│
┌──────────┼──────────┐
▼ ▼ ▼
┌────────┐ ┌────────┐ ┌────────┐
│ Email │ │ SMS │ │ Slack │
└────────┘ └────────┘ └────────┘
Monolith vs Microservices
| Aspect | Monolith | Microservices |
|---|---|---|
| Deployment | Single unit | Independent services |
| Scaling | Scale entire app | Scale individual services |
| Technology | Single stack | Polyglot (multiple stacks) |
| Complexity | Simpler initially | Higher operational complexity |
| Team Structure | Centralized | Decentralized (teams own services) |
Tasks
- Identify service boundaries for an e-commerce application
- Design an event-driven order processing workflow
- Compare Lambda functions vs containerized services (ECS/EKS)
- Document inter-service communication patterns (sync vs async)
4
Multi-Cloud & Hybrid Architectures
35 minutes
Objective: Understand strategies for deploying across multiple cloud providers and hybrid environments.
Cloud Provider Comparison
AWS
Market leader, broadest services
Azure
Enterprise, hybrid strength
GCP
Data/ML, Kubernetes native
| Service Type | AWS | Azure | GCP |
|---|---|---|---|
| Compute | EC2 | Virtual Machines | Compute Engine |
| Serverless | Lambda | Functions | Cloud Functions |
| Containers | ECS/EKS | AKS | GKE |
| Object Storage | S3 | Blob Storage | Cloud Storage |
| SQL Database | RDS/Aurora | SQL Database | Cloud SQL |
| NoSQL | DynamoDB | Cosmos DB | Firestore/Bigtable |
Hybrid Architecture
┌──────────────────────────────────────────────────────────────┐
│ On-Premises Data Center │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Legacy │ │ Database │ │ AD/LDAP │ │
│ │ Apps │ │ Server │ │ Server │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
└──────────────────────────┬───────────────────────────────────┘
│
┌────────────────┴────────────────┐
│ VPN / Direct Connect / ExpressRoute
└────────────────┬────────────────┘
│
┌──────────────────────────┴───────────────────────────────────┐
│ Cloud │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Modern Web │ │ API │ │ Data │ │
│ │ Apps │ │ Gateway │ │ Lake │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
└──────────────────────────────────────────────────────────────┘
Hybrid Use Cases: Data sovereignty requirements, gradual migration,
latency-sensitive workloads, regulatory compliance, and cost optimization for predictable workloads.
Tasks
- Identify equivalent services across AWS, Azure, and GCP
- List advantages and risks of multi-cloud strategy
- Design a hybrid architecture connecting on-premises to cloud
- Evaluate tools for multi-cloud management (Terraform, Kubernetes)
5
Infrastructure as Code (IaC)
40 minutes
Objective: Understand IaC principles and tools for reproducible cloud infrastructure.
Terraform Example
# AWS VPC with Terraform
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
enable_dns_hostnames = true
enable_dns_support = true
tags = {
Name = "production-vpc"
Environment = "prod"
ManagedBy = "terraform"
}
}
resource "aws_subnet" "public" {
count = 2
vpc_id = aws_vpc.main.id
cidr_block = cidrsubnet(aws_vpc.main.cidr_block, 8, count.index)
availability_zone = data.aws_availability_zones.available.names[count.index]
map_public_ip_on_launch = true
}
CloudFormation Example
# AWS CloudFormation YAML
AWSTemplateFormatVersion: '2010-09-09'
Description: 'Production VPC Stack'
Resources:
ProductionVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: '10.0.0.0/16'
EnableDnsHostnames: true
EnableDnsSupport: true
Tags:
- Key: Name
Value: production-vpc
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref ProductionVPC
CidrBlock: '10.0.1.0/24'
MapPublicIpOnLaunch: true
IaC Tools Comparison
| Tool | Provider | Language | Best For |
|---|---|---|---|
| Terraform | HashiCorp | HCL | Multi-cloud |
| CloudFormation | AWS | JSON/YAML | AWS-native |
| ARM Templates | Microsoft | JSON | Azure-native |
| Pulumi | Pulumi | Python/TS/Go | Developer-friendly |
| CDK | AWS | Python/TS/Java | AWS programmatic |
Tasks
- Write a Terraform config for a VPC with 2 subnets
- Explain the terraform plan/apply/destroy workflow
- Compare declarative vs imperative IaC approaches
- Document state management best practices
6
Cost Optimization & FinOps
30 minutes
Objective: Apply cloud financial operations (FinOps) principles to optimize cloud spending.
Cost Optimization Strategies
Right-Sizing
Analyze utilization and resize instances. Many workloads are over-provisioned by 50%+.
Reserved Capacity
1-3 year commitments for predictable workloads save 30-72% vs on-demand.
Spot/Preemptible Instances
Use spare capacity for fault-tolerant workloads. Save up to 90%.
Auto-Scaling
Scale down during off-peak. Schedule non-production shutdowns.
Storage Tiering
Move infrequently accessed data to cheaper storage classes (Glacier, Cool Blob).
Cost Analysis Example
Monthly Cloud Bill Breakdown
════════════════════════════════════════════════════════════
Compute (EC2/VMs) ████████████████████████ $4,200 (42%)
Database (RDS/SQL) ██████████████ $2,800 (28%)
Storage (S3/Blob) ████████ $1,600 (16%)
Network (Data Transfer) ████ $800 (8%)
Other Services ███ $600 (6%)
───────────
Total: $10,000/mo
════════════════════════════════════════════════════════════
Optimization Opportunities:
┌───────────────────────────────────────────────────────────┐
│ ✓ Right-size 5 over-provisioned instances → -$840/mo │
│ ✓ Reserve 3 production databases → -$980/mo │
│ ✓ Archive cold data to Glacier → -$640/mo │
│ ✓ Use Spot for dev/test workloads → -$420/mo │
└───────────────────────────────────────────────────────────┘
Potential Savings: $2,880/mo (29%)
Tasks
- Calculate potential savings from reserved vs on-demand pricing
- Identify 3 resources that could be right-sized in a sample architecture
- Design an auto-scaling policy for a web application
- Create a storage lifecycle policy for data archival
Architecture Reflection
Consider the following as you complete this lab:
- How would you design a disaster recovery strategy for a critical application?
- What factors would influence your choice between serverless and containers?
- How do you balance cost optimization with performance requirements?
- What governance controls would you implement for a multi-cloud environment?