theme switcher

Home About Me Experience Education Projects Skills Services

Content

Blog Cheatsheets Code Snippets DevTips Flashcards Glossary Quizzes Roadmaps Series Bookmarks

theme switcher

Contact Me

Home About Me Experience Education Projects Skills Services

Content

Blog Cheatsheets Code Snippets DevTips Flashcards Glossary Quizzes Roadmaps Series Bookmarks

Contact Me

Home › Roadmaps › All Categories › Cloud

Roadmaps

Solutions Architect Beginner to Expert

Prev in Cloud Site Reliability Engineer Beginner to Expert

Roadmap

Solutions Architect Beginner to Expert

A comprehensive roadmap to master Solutions Architecture from cloud fundamentals to advanced AWS design patterns, security, compliance, and scalable distributed systems.

Published: 19 Apr, 2026

28 Stages

All Levels

Cloud Architecture #aws #solutions-architect #cloud #infrastructure #security #networking

Facebook Twitter LinkedIn WhatsApp Telegram Reddit Hacker News Pinterest Email

This roadmap guides you from cloud fundamentals through to professional-level AWS solutions architecture. Each stage builds on the last master the foundations before tackling advanced networking, security, and architectural patterns. Use the AWS Well-Architected Framework as your guiding compass throughout, and complement your learning with hands-on labs and real-world design exercises.

Solutions Architect Beginner to Expert

Contents

Cloud Computing Fundamentals AWS Global Infrastructure AWS Identity & Access Management (IAM)Compute EC2 & Auto Scaling Compute Serverless & Containers Storage S3 & Object Storage Storage Block, File & Hybrid Databases Relational Databases NoSQL & Caching Networking VPC Fundamentals Networking Advanced Connectivity Load Balancing & Traffic Management Content Delivery & Edge Architecture Design Principles High Availability & Disaster Recovery Microservices & Decoupled Architecture Serverless Architecture Security Data Protection Security Threat Detection & Response Security Network Protection Compliance & Governance Observability & Monitoring Infrastructure as Code Cost Optimisation Data & Analytics Architecture Migration Strategies Well-Architected Reviews & Trade-offs AWS Certification Path

Legend Required Recommended Optional

0 / 117 complete

1 Cloud Computing Fundamentals 2 AWS Global Infrastructure 3 AWS Identity & Access Management (IAM) 4 Compute EC2 & Auto Scaling 5 Compute Serverless & Containers 6 Storage S3 & Object Storage 7 Storage Block, File & Hybrid 8 Databases Relational 9 Databases NoSQL & Caching 10 Networking VPC Fundamentals 11 Networking Advanced Connectivity 12 Load Balancing & Traffic Management 13 Content Delivery & Edge 14 Architecture Design Principles 15 High Availability & Disaster Recovery 16 Microservices & Decoupled Architecture 17 Serverless Architecture 18 Security Data Protection 19 Security Threat Detection & Response 20 Security Network Protection 21 Compliance & Governance 22 Observability & Monitoring 23 Infrastructure as Code 24 Cost Optimisation 25 Data & Analytics Architecture 26 Migration Strategies 27 Well-Architected Reviews & Trade-offs 28 AWS Certification Path

01

1

Cloud Computing Fundamentals

4 topics · 4 required

Understand the core concepts and service models that underpin every cloud platform.

Cloud Service Models

Required

IaaS, PaaS, and SaaS what each model provides and who manages what.

AWS: What is Cloud Computing?

Cloud Deployment Models

Required

Public, private, hybrid, and multi-cloud deployment strategies.

CapEx vs OpEx

Required

Understand the financial model shift from capital expenditure to operational expenditure.

Economies of Scale

Required

How cloud providers pass cost savings to customers through massive infrastructure scale.

02

2

AWS Global Infrastructure

4 topics · 3 required · 1 recommended

Understand how AWS distributes its infrastructure globally for performance and resilience.

Regions & Availability Zones

Required

How AWS Regions are composed of isolated AZs and why this matters for HA design.

AWS Global Infrastructure

Edge Locations & CloudFront PoPs

Required

How AWS delivers low-latency content globally via its edge network.

AWS Local Zones & Wavelength

Recommended

Extend AWS infrastructure to metro areas and telecom networks for ultra-low latency.

Choosing a Region

Required

Criteria for region selection: latency, compliance, service availability, and cost.

03

3

AWS Identity & Access Management (IAM)

5 topics · 4 required · 1 recommended

Control who can access what in your AWS environment with fine-grained policies.

IAM Core Concepts

Required

Users, groups, roles, and policies the four building blocks of AWS IAM.

AWS IAM Docs

Principle of Least Privilege

Required

Grant only the permissions required nothing more. Apply to every identity.

IAM Roles & Assume Role

Required

Cross-account access, EC2 instance profiles, and service-to-service permissions.

IAM Policies

Required

Identity-based, resource-based, permission boundaries, SCPs, and session policies.

AWS Organizations & SCPs

Recommended

Manage multiple accounts with AWS Organizations and restrict permissions with Service Control Policies.

04

4

Compute EC2 & Auto Scaling

5 topics · 4 required · 1 recommended

Provision and automatically scale virtual machines on AWS.

EC2 Instance Types & Families

Required

General purpose, compute-optimised, memory-optimised, storage-optimised, and accelerated computing.

EC2 Instance Types

AMIs & Launch Templates

Required

Create golden images with AMIs and standardise instance config with Launch Templates.

Auto Scaling Groups

Required

Dynamic and predictive scaling policies, cooldown periods, and lifecycle hooks.

EC2 Pricing Models

Required

On-Demand, Reserved Instances, Savings Plans, Spot, and Dedicated Hosts.

Placement Groups

Recommended

Cluster, spread, and partition placement strategies for performance and fault tolerance.

05

5

Compute Serverless & Containers

4 topics · 3 required · 1 recommended

Run workloads without managing servers using Lambda, ECS, and EKS.

AWS Lambda

Required

Function lifecycle, triggers, concurrency, layers, and cold start optimisation.

AWS Lambda Docs

Amazon ECS

Required

Task definitions, services, Fargate vs EC2 launch types, and cluster management.

Amazon EKS

Recommended

Managed Kubernetes on AWS node groups, Fargate profiles, and add-ons.

AWS Fargate

Required

Serverless container execution no cluster infrastructure to manage.

06

6

Storage S3 & Object Storage

5 topics · 4 required · 1 recommended

Design durable, scalable object storage solutions with Amazon S3.

S3 Core Concepts

Required

Buckets, objects, keys, versioning, and the S3 consistency model.

Amazon S3 Docs

S3 Storage Classes

Required

Standard, Intelligent-Tiering, Standard-IA, Glacier, and Glacier Deep Archive.

S3 Lifecycle Policies

Required

Automatically transition objects between storage classes or expire them.

S3 Security

Required

Bucket policies, ACLs, Block Public Access, pre-signed URLs, and SSE options.

S3 Replication

Recommended

Cross-Region Replication (CRR) and Same-Region Replication (SRR) for DR and compliance.

07

7

Storage Block, File & Hybrid

4 topics · 2 required · 2 recommended

Choose the right storage type for databases, shared file systems, and on-premises integration.

Amazon EBS

Required

Volume types (gp3, io2, st1, sc1), snapshots, encryption, and multi-attach.

Amazon EBS Docs

Amazon EFS

Required

Fully managed NFS file system performance modes, throughput modes, and access points.

AWS Storage Gateway

Recommended

Bridge on-premises environments to cloud storage with File, Volume, and Tape Gateway.

AWS Snow Family

Recommended

Snowcone, Snowball Edge, and Snowmobile for offline data transfer at petabyte scale.

08

8

Databases Relational

4 topics · 2 required · 2 recommended

Design managed relational database solutions on AWS for transactional workloads.

Amazon RDS

Required

Supported engines, Multi-AZ deployments, read replicas, and automated backups.

Amazon RDS Docs

Amazon Aurora

Required

Aurora architecture, Aurora Serverless v2, global databases, and cluster endpoints.

RDS Proxy

Recommended

Manage database connection pooling for Lambda and highly concurrent applications.

Database Migration Service (DMS)

Recommended

Migrate databases to AWS with minimal downtime using DMS and SCT.

09

9

Databases NoSQL & Caching

4 topics · 2 required · 2 recommended

Use purpose-built non-relational databases and in-memory caches for modern workloads.

Amazon DynamoDB

Required

Partition keys, sort keys, GSIs, LSIs, DynamoDB Streams, and capacity modes.

Amazon DynamoDB Docs

DynamoDB Design Patterns

Recommended

Single-table design, access pattern modelling, and avoiding hot partitions.

Amazon ElastiCache

Required

Redis vs Memcached, caching strategies (lazy loading, write-through), and cluster modes.

Amazon OpenSearch Service

Recommended

Full-text search, log analytics, and OpenSearch Serverless for unpredictable workloads.

10

Networking VPC Fundamentals

5 topics · 5 required

Design isolated, secure network environments in the cloud using Amazon VPC.

VPC Core Components

Required

Subnets (public/private), route tables, internet gateways, and the default VPC.

Amazon VPC Docs

NAT Gateways & Instances

Required

Enable outbound internet access for private subnets without exposing them inbound.

Security Groups & NACLs

Required

Stateful security groups vs stateless Network ACLs layered network defence.

VPC Flow Logs

Required

Capture and analyse IP traffic for security auditing and troubleshooting.

CIDR Planning

Required

Design non-overlapping IP address ranges for future VPC peering and Transit Gateway.

11

Networking Advanced Connectivity

5 topics · 4 required · 1 recommended

Connect VPCs, on-premises environments, and third-party networks securely.

VPC Peering

Required

Direct routing between VPCs limitations, transitive routing, and use cases.

VPC Peering Docs

AWS Transit Gateway

Required

Hub-and-spoke network topology for connecting many VPCs and on-premises networks.

AWS Direct Connect

Required

Dedicated private connectivity from on-premises to AWS use cases and resilience.

AWS Site-to-Site VPN

Required

IPSec VPN tunnels over the internet as a cost-effective hybrid connectivity option.

AWS PrivateLink

Recommended

Expose services privately across VPCs and accounts without traversing the internet.

12

Load Balancing & Traffic Management

4 topics · 3 required · 1 recommended

Distribute traffic across compute resources for availability, performance, and resilience.

Application Load Balancer (ALB)

Required

Layer 7 routing, host/path-based rules, weighted target groups, and WAF integration.

ALB Docs

Network Load Balancer (NLB)

Required

Layer 4 ultra-low latency load balancing, static IPs, and TLS termination.

Gateway Load Balancer (GWLB)

Recommended

Deploy, scale, and manage third-party virtual network appliances.

Amazon Route 53

Required

DNS routing policies: simple, weighted, latency, failover, geolocation, and multivalue.

13

Content Delivery & Edge

3 topics · 1 required · 2 recommended

Deliver content globally with low latency using AWS edge services.

Amazon CloudFront

Required

Distributions, origins, cache behaviours, TTL, signed URLs, and OAC.

Amazon CloudFront Docs

CloudFront Functions & Lambda@Edge

Recommended

Run lightweight logic at edge locations for request/response manipulation.

AWS Global Accelerator

Recommended

Improve global application availability and performance using the AWS backbone network.

14

Architecture Design Principles

4 topics · 4 required

Apply foundational principles to design systems that are reliable, efficient, and maintainable.

AWS Well-Architected Framework

Required

The six pillars: Operational Excellence, Security, Reliability, Performance, Cost, and Sustainability.

AWS Well-Architected Docs

Design for Failure

Required

Assume components will fail. Build redundancy, retries, and fallback paths into every design.

Loose Coupling

Required

Reduce dependencies between components to allow independent scaling and failure isolation.

Design for Scale

Required

Horizontal vs vertical scaling, stateless design, and avoiding single points of failure.

15

High Availability & Disaster Recovery

4 topics · 4 required

Architect systems that remain operational through failures and recover rapidly from disasters.

RTO & RPO

Required

Define Recovery Time Objective and Recovery Point Objective to guide DR architecture.

AWS Disaster Recovery

DR Strategies

Required

Backup & Restore, Pilot Light, Warm Standby, and Multi-Site Active-Active patterns.

Multi-AZ vs Multi-Region

Required

When to use AZ redundancy vs full region failover cost vs resilience trade-offs.

AWS Backup

Required

Centralise and automate backups across EC2, RDS, DynamoDB, EFS, and more.

16

Microservices & Decoupled Architecture

4 topics · 4 required

Design systems composed of small, independently deployable services connected asynchronously.

Microservices Principles

Required

Single responsibility, independent deployability, bounded contexts, and API contracts.

AWS Microservices

Amazon SQS

Required

Standard vs FIFO queues, visibility timeout, DLQs, and long polling for async decoupling.

Amazon SNS

Required

Pub/sub messaging, fan-out patterns, and SNS filtering for event-driven architectures.

Amazon EventBridge

Required

Serverless event bus rules, event patterns, pipes, and cross-account event routing.

17

Serverless Architecture

4 topics · 2 required · 2 recommended

Build and operate applications without provisioning or managing servers.

Serverless Design Patterns

Required

Event-driven, fan-out, saga, and async request-response patterns with Lambda.

Serverless Land

Amazon API Gateway

Required

REST, HTTP, and WebSocket APIs throttling, caching, auth, and usage plans.

AWS Step Functions

Recommended

Orchestrate multi-step workflows with Standard and Express state machines.

AWS SAM & Serverless Framework

Recommended

Infrastructure as code for serverless applications with local testing support.

18

Security Data Protection

5 topics · 5 required

Protect data at rest and in transit using AWS encryption and key management services.

AWS KMS

Required

Customer-managed keys, key policies, grants, and envelope encryption.

AWS KMS Docs

Encryption at Rest

Required

Enable server-side encryption for S3, EBS, RDS, DynamoDB, and EFS with KMS.

Encryption in Transit

Required

Enforce TLS for all service endpoints, use ACM for certificate management.

AWS Secrets Manager

Required

Store, rotate, and retrieve database credentials and API keys without hardcoding.

AWS Certificate Manager (ACM)

Required

Provision and manage TLS/SSL certificates for CloudFront, ALB, and API Gateway.

19

Security Threat Detection & Response

4 topics · 1 required · 3 recommended

Detect threats, analyse findings, and automate responses across your AWS environment.

Amazon GuardDuty

Required

Intelligent threat detection using ML identifies compromised instances, credential abuse, and more.

Amazon GuardDuty Docs

AWS Security Hub

Recommended

Aggregate and prioritise security findings from GuardDuty, Inspector, Macie, and partners.

Amazon Macie

Recommended

Discover and protect sensitive data in S3 using ML-driven classification.

AWS Inspector

Recommended

Automated vulnerability assessments for EC2, Lambda, and container images.

20

Security Network Protection

4 topics · 2 required · 2 recommended

Protect your network perimeter and application layer from malicious traffic.

AWS WAF

Required

Web ACLs, managed rule groups, rate limiting, and bot control for HTTP workloads.

AWS WAF Docs

AWS Shield

Required

Shield Standard (free DDoS protection) vs Shield Advanced for layer 3/4/7 attacks.

AWS Network Firewall

Recommended

Stateful, managed network firewall for VPC-level traffic inspection and filtering.

AWS Firewall Manager

Recommended

Centrally manage WAF, Shield Advanced, and Network Firewall rules across accounts.

21

Compliance & Governance

4 topics · 2 required · 2 recommended

Enforce standards, audit configurations, and meet regulatory compliance requirements on AWS.

AWS Config

Required

Track resource configuration changes, evaluate rules, and trigger auto-remediation.

AWS Config Docs

AWS CloudTrail

Required

Audit API calls across your account who did what, when, and from where.

AWS Audit Manager

Recommended

Continuously collect evidence for PCI DSS, HIPAA, SOC 2, and custom frameworks.

AWS Control Tower

Recommended

Set up and govern a secure, multi-account AWS environment using landing zones.

22

Observability & Monitoring

4 topics · 2 required · 1 recommended · 1 optional

Gain full visibility into the health and performance of your AWS workloads.

Amazon CloudWatch

Required

Metrics, alarms, dashboards, Logs Insights, and Contributor Insights.

Amazon CloudWatch Docs

CloudWatch Logs & Log Groups

Required

Centralise logs from EC2, Lambda, ECS, and VPC Flow Logs with structured querying.

AWS X-Ray

Recommended

Distributed tracing for Lambda, API Gateway, and ECS visualise service maps.

Amazon Managed Grafana & Prometheus

Optional

Fully managed observability stack for Kubernetes and container workloads.

23

Infrastructure as Code

4 topics · 2 required · 2 recommended

Define and provision AWS infrastructure in a declarative, repeatable, version-controlled way.

AWS CloudFormation

Required

Stacks, templates (YAML/JSON), change sets, nested stacks, and drift detection.

AWS CloudFormation Docs

AWS CDK

Recommended

Define infrastructure using TypeScript, Python, or Java with the AWS CDK.

AWS CDK Docs

Terraform on AWS

Recommended

Manage AWS resources with the HashiCorp Terraform AWS provider and remote state in S3.

IaC Best Practices

Required

Modularisation, stack separation by lifecycle, tagging strategies, and drift prevention.

24

Cost Optimisation

5 topics · 4 required · 1 recommended

Architect solutions that deliver business value at the lowest sustainable cost.

AWS Pricing Model

Required

Pay-as-you-go, pay less with more, and pay less as AWS grows pricing fundamentals.

AWS Pricing

AWS Cost Explorer & Budgets

Required

Analyse spending trends, forecast costs, and set budget alerts per service or tag.

Savings Plans & Reserved Instances

Required

Commit to usage for 1 or 3 years to save up to 72% vs On-Demand pricing.

AWS Trusted Advisor

Recommended

Automated recommendations for cost, performance, security, and fault tolerance.

Right-Sizing & Spot Instances

Required

Match instance types to actual workload needs and use Spot for fault-tolerant jobs.

25

Data & Analytics Architecture

4 topics · 3 recommended · 1 optional

Design scalable data pipelines, data lakes, and analytics platforms on AWS.

Amazon Redshift

Recommended

Columnar data warehousing, Redshift Spectrum for S3 queries, and RA3 nodes.

Amazon Redshift Docs

AWS Glue

Recommended

Serverless ETL, the Glue Data Catalog, crawlers, and Glue Studio.

Amazon Kinesis

Recommended

Real-time data streaming with Kinesis Data Streams, Firehose, and Data Analytics.

AWS Lake Formation

Optional

Build, secure, and manage data lakes on S3 with centralised access control.

26

Migration Strategies

4 topics · 2 required · 2 recommended

Plan and execute the migration of existing workloads to AWS with proven strategies.

The 7 Rs of Migration

Required

Retire, Retain, Rehost, Relocate, Repurchase, Replatform, and Refactor strategies.

AWS Migration Strategies

AWS Migration Hub

Recommended

Track migrations from on-premises to AWS across multiple tools in a single console.

AWS Application Migration Service

Recommended

Lift-and-shift server migrations with minimal downtime using continuous replication.

Migration Readiness Assessment

Required

Evaluate people, process, and technology readiness before beginning large migrations.

27

Well-Architected Reviews & Trade-offs

4 topics · 2 required · 2 recommended

Conduct architecture reviews, articulate trade-offs, and continuously improve designs.

AWS Well-Architected Tool

Required

Run workload reviews against the Well-Architected Framework and track improvements.

AWS Well-Architected Tool

Architecture Trade-off Analysis

Required

Consistency vs availability (CAP theorem), cost vs reliability, and latency vs throughput.

Architecture Decision Records (ADRs)

Recommended

Document architecture decisions, context, and consequences for future reference.

AWS Solutions Library

Recommended

Reference architectures and vetted solutions from AWS for common use cases.

AWS Solutions Library

28

AWS Certification Path

3 topics · 1 required · 1 recommended · 1 optional

Validate your knowledge and skills with official AWS certifications.

AWS Solutions Architect Associate (SAA-C03)

Required

The core certification for architects design resilient, high-performing, and cost-optimised solutions.

SAA-C03 Exam Guide

AWS Solutions Architect Professional (SAP-C02)

Recommended

Advanced multi-account, hybrid, and complex architecture design for experienced practitioners.

SAP-C02 Exam Guide

AWS Specialty Certifications

Optional

Advanced Networking, Security, Database, Data Analytics, and Machine Learning specialties.

Reset Progress?

This will clear all your checked topics in this roadmap. This action cannot be undone.

Comments

You might also enjoy

Check out some of our other posts on similar topics

Site Reliability Engineer Beginner to Expert

Mohammad Abu Mattar
Sre
Cloud
Devops

This roadmap takes you from the fundamentals of Linux and systems thinking through to advanced observability, chaos engineering, and SRE organisational culture. Each stage builds on the last master re

#Sre #Aws #Observability +3 tags

Release Engineer Beginner to Expert

Mohammad Abu Mattar
Devops
Cloud
Release engineering

This roadmap takes you from release engineering principles and version control mastery through to advanced GitOps patterns and multi-account AWS delivery at scale. Each stage builds on the last treat

#Aws #Ci cd #Terraform +4 tags

DevOps Engineer Beginner to Expert

Mohammad Abu Mattar
Devops
Cloud

This roadmap guides you from Linux fundamentals through to advanced platform engineering and MLOps. Each stage builds on the last work through them sequentially to develop a deep, well-rounded DevOps

#Devops #Linux #Docker +4 tags

JavaScript Beginner to Expert

Mohammad Abu Mattar
Web development

This roadmap guides you through the complete JavaScript journey from writing your first variable to architecting production-grade applications on the frontend and backend. Work through each stage sequ

#Javascript #Frontend #Nodejs +2 tags