Master generative AI fundamentals with Amazon Bedrock, learning how Bedrock works, multimodal pipelines, and model fine-tuning with LoRa. Build production Rag systems using retrieval, vector stores, guardrails, and effective prompts.

Discover Amazon Bedrock as a serverless, unified API for foundation models, enabling model swapping, embedding generation, retrieval augmented generation with knowledge bases, and agent deployment with SageMaker integration.

Master bedrock’s playground to interact with foundation models via chat or single prompts, tune reasoning, randomness, and guardrails, and explore multimodal image generation with nova canvas.

Fine-tune foundation models in Bedrock by training on your data to create custom models, reducing prompt engineering, and enabling domain-specific chat, ads, or classifications.

Explore how low-rank adaptation (LoRA) fine-tunes the base model by adding small low-rank matrices to attention layers, keeping the base model intact and boosting training and inference efficiency.

Explore retrieval-augmented generation and knowledge bases, using a vector database with embeddings to augment prompts with external data and reduce hallucinations.

Vector stores power semantic search for retrieval augmented generation by storing embedding vectors that encode meaning in high-dimensional space, enabling cosine metric k-nearest-neighbor retrieval across a knowledge base.

Explore bedrock rag knowledge bases by uploading documents to S3, embedding into vector stores, and retrieving with semantic search to power chat with your documents and language model agents.

Build and query a Bedrock knowledge base with a vector store, ingest S3 data, and generate embeddings to enable retrieval, testing, and integration into agentic systems.

Explore pre retrieval and chunking strategies for retrieval augmented generation, balancing data granularity, context, and relevance in a vector store, then refine with post retrieval rerank and augmentation.

Explore bedrock chunking options for knowledge bases, including fixed size with overlap, the 300-token default, no chunking, hierarchical and semantic chunking, plus buffer size and breakpoint threshold considerations.

Tune vector store embeddings by adjusting chunk sizes and dimensions to balance cost and retrieval quality, using metadata and cosine similarity to rerank results, with batch updates.

Evaluate retrieval augmented generation by measuring context relevance, groundedness, and answer quality from a knowledge base using prompts, reference responses, and judge models in bedrock.

Use multimodal models and pipelines in Bedrock to encode text and images into comparable embedding vectors, enabling retrieval augmented generation with diverse media.

Explore Amazon Bedrock guardrails and their role in AI safety and governance through content filtering of prompts and responses, profanity and PII masking, and contextual grounding checks for relevance.

Enforce policies with bedrock guardrails automated reasoning checks by turning policy PDFs into rules and boolean outputs for guardrail stage, enabling detection of hallucinations via create automated reasoning policy API.

Learn to configure guardrails in bedrock, creating filters for harmful content, prompt attacks, personally identifiable information masking, and political topics; test, deploy, and monitor with traces.

Apply token level redaction to filter input and output around your inference endpoints with pre- or post-processing lambda handlers, guarding against sensitive data before it reaches users.

Explore bedrock prompt management to reuse prompts across apps, with versioning and rollback. Create prompts with variables in double curly braces, test them, and deploy versions and variants.

Master bedrock flows, a visual tool to chain prompts and models into agentic AI applications using nodes, connections, and conditional routing, with flow builder and saved prompts from prompt management.

learn to enforce structured data in outputs by requesting structured JSON with an explicit JSON schema in prompts, and use a response format template to guide tool calls.

Master prompt engineering to guide generative AI by detailing what you want and how you ask, boosting accuracy and safety while leveraging external tools and domain knowledge, without fine tuning.

Explore the anatomy of a good prompt by detailing four core components: instructions, context, input data, and output indicator, and learn how to guide a generative AI with structured prompts.

Learn prompt engineering practices from Amazon recommendations: be clear and concise, specify context and output format, break complex tasks into subtasks, use step-by-step prompts, provide examples, and experiment creatively.

Explore zero-shot, few-shot, and chain-of-thought prompts, with sentiment analysis examples, and learn how explicit guidance improves model reasoning and output quality.

Explore prompt misuse risks, guardrails, and bias mitigation for generative models; learn to prevent prompt injection and leakage, apply system prompts and final-output filters, and improve training data diversity.

Understand bedrock knowledge bases that ingest data from S3, SharePoint, and more, enabling enterprise semantic search with OpenSearch across accounts via a remote inference connector while addressing cross-account IAM roles.

Explore the AWS well-architected generative AI lens, a set of best practices aligned with the six pillars, guiding the generative AI lifecycle from scoping to improvement.

Learn to manage the data pipeline for generative AI—from ingestion and transformation to indexing, retrieval, and vector storage—using AWS tools like Bedrock's data manipulation features, Glue, SageMaker, and Amazon OpenSearch.

Format inputs and outputs as JSON for Bedrock and SageMaker AI, structure chat history for Bedrock Converse API, and convert unstructured data to HTML for reliable retrieval augmented generation.

Explore Bedrock data automation, a multi-modal system that automatically extracts structured data from documents, images, video, and audio, using standard or custom blueprints for scalable intelligent document processing.

Explore SageMaker Data Wrangler as a code-generating ETL tool in SageMaker Studio, enabling data import, one-hot encoding, 300+ transformations, and Python code for a Jupyter notebook.

Explore SageMaker studio and canvas to wrangle data with Data Wrangler, import absenteeism data from S3, and build and predict with automatic machine learning.

AWS Glue, a serverless metadata repository that discovers schemas from unstructured data in S3, publishes table definitions for Athena, Redshift, and EMR, and uses a crawler for partitioned data.

Explore how AWS Glue Studio provides a visual ETL interface to design DAG workflows, integrate sources, apply transforms, and output to S3 or the AWS Glue Data Catalog with partitioning.

Integrate AWS Glue Data Quality into your Glue jobs to automatically evaluate data, trigger failures or log results in CloudWatch, and generate dcdl rules via automatic recommendations or manual setup.

Explore Amazon CloudWatch metrics, including namespaces, dimensions, and custom metrics, and stream near real-time data to Kinesis Data Firehose or third-party providers for analysis with S3, Redshift, and OpenSearch.

Amazon Transcribe converts speech to text with ASR, enabling automatic PII redaction and language identification. Improve accuracy with custom vocabularies and language models, plus toxicity detection for safe content.

Explore amazon transcribe by streaming audio into text with english us transcription. Identify and redact personal data and enable automatic language identification for english and french.

Explore Amazon Comprehend, a fully managed serverless nlp service that uses machine learning to extract key phrases, entities, sentiment, and topics from text, with custom classification and custom entity recognition.

Explore Amazon Comprehend, a natural language processing tool that extracts entities, key phrases, language, PII, and sentiment. Build custom classifications with training data and a custom endpoint for real-time analysis.

Use lambda with comprehend to enforce data quality before bedrock, filtering, redacting PII, detecting language, and classifying data as it flows from S3 to bedrock.

Explore amazon comprehend medical, a HIPAA certified service that extracts PHI from documents, supports medical ontologies, and offers VPC endpoints and Privatelink to protect privacy in AI workflows.

Explore OpenSearch service, a scalable, fast analytics engine built on Lucene, forked from Elasticsearch and Kibana, with dashboards for visualizing and analyzing data from Kinesis or Kafka.

Discover how the fully managed Amazon OpenSearch service differs from Elasticsearch, including domain concepts, master nodes, zone awareness, security integrations with IAM, Cognito, VPC, and key AWS services.

Explore OpenSearch storage tiers from hot to ultrawarm to cold, ISM automations, data rollups and transforms, cross-cluster replication, and stability best practices for scalable, cost-efficient indexing.

Improve Amazon OpenSearch performance by mitigating JVM memory pressure with balanced shards and fewer shards, deleting older unused indices or archiving data to Glacier to reduce memory usage.

Explore Amazon OpenSearch serverless, with on demand auto scaling, search and time series collections, encryption at rest with a KMS key, and collection security policies with ACUs based capacity limits.

Explore how OpenSearch serves as a vector store for generative AI, including semantic and hybrid searches, vector engines, and serverless deployment with a bedrock knowledge base.

Discover how Amazon S3 vectors stores vector embeddings in a dedicated bucket and index, enabling cost-effective semantic search with Bedrock and SageMaker via put and query APIs.

Learn to create S3 vector buckets and indexes in the AWS console, configure encryption and metadata, and use Bedrock knowledge bases to index and retrieve data with cosine similarity.

Discover AWS RDS, a managed relational database service with engines such as PostgreSQL, MySQL, and Aurora, offering automated provisioning, backups, point-in-time restore, monitoring, read replicas, multi-AZ, and storage auto scaling.

Create and configure an Amazon RDS MySQL database in the free tier, including choosing a single database instance, security groups, public access, endpoint connection, basic tables, backups, and monitoring.

Demonstrate using RDS as a vector store for embedding values and structured data, with S3 document repositories housing unstructured data and pointers returned to S3 content for a Rag system.

Discover Amazon Aurora, a proprietary AWS database compatible with PostgreSQL and MySQL, offering cloud-optimized performance, auto-scaling storage to 256 TB, and rapid failover with writer and reader endpoints.

Learn to set up an Amazon Aurora database (MySQL-compatible), configure instance type and replicas, manage endpoints for writer and reader, enable read replica auto-scaling, and perform safe deletion.

Aurora with the pgvector extension turns it into a vector store for Rag systems, enabling cosine, L2, and inner product similarity, and IVF for NSW search.

Explore dynamodb, a fully managed nosql serverless database that scales horizontally; learn primary key design, items and attributes, and diverse data types for scalable modeling.

Create DynamoDB tables with a partition key user_ID and an optional sort key, configure provisioned or on-demand capacity, and understand adding attributes over time and querying with secondary indexes.

Discover DynamoDB read and write capacity modes, provisioned and on-demand, covering RCU and WCU calculations, auto-scaling, burst capacity, strongly versus eventually consistent reads, exponential backoff, and DAX for hot partitions.

Explore DynamoDB capacity modes and read/write consistency options, define rcu and wcu for a users table, use on-demand and provisioned, with a capacity calculator, auto scaling, and cost estimates.

Master DynamoDB basic APIs including PutItem, UpdateItem, GetItem, Query, Scan, BatchWriteItem, BatchGetItem, and PartiQL, with primary keys, consistency modes, projection expressions, and conditional writes.

Practice DynamoDB basic APIs hands on: scan, put item, update item, get_item, batch write/delete, and query with hash and sort keys, noting client-side filtering for content.

Explore DynamoDB Accelerator DAX, a fully managed in-memory cache that delivers microsecond reads for hot data; configure a DAX cluster with a five-minute TTL and multi-AZ resilience.

Create a DynamoDB DAX cluster by selecting node family and size, configuring VPC subnets, security, an IAM role, encryption, and time-to-live settings; use the cluster endpoint for access.

Learn how DynamoDB time to live (ttl) automatically deletes expired items using a unix epoch timestamp, with zero wcu cost, delayed deletion, and ttl previews.

DynamoDB provides near real time data for AI systems, storing chat history and memory. It supports context awareness and can connect to OpenSearch as a zero ETL vector store.

Keep your vector store up to date by implementing real-time change detection and incremental updates with event-driven pipelines using EventBridge, Lambda, and AWS Batch to ingest new data into bedrock.

Explore how Bedrock reranking models improve retrieval augmented generation by reordering vector-store chunks based on query relevance and semantic search results.

Explore Amazon S3 storage classes, from standard and infrequent access to Glacier and Intelligent-Tiering, and learn how durability, availability, and lifecycle configurations shape object storage.

Explore Amazon S3 storage classes, including standard, intelligent-tiering, standard-IA, one-zone-IA, Glacier Instant Retrieval, Glacier Flexible Retrieval, and Glacier Deep Archive, and learn to automate transitions with lifecycle rules.

Automate Amazon S3 lifecycles to transition objects between storage classes and expire data. Leverage lifecycle rules with prefixes, tags, and versioning, including archiving to Glacier or Deep Archive.

Create a lifecycle rule to automate moving current and non-current object versions between storage classes. Configure expirations and deletions, including delete markers and incomplete uploads.

Explore Amazon S3 replication, including cross-region replication (CRR) and same-region replication (SRR), to asynchronously copy between source and target buckets across accounts by enabling versioning and granting IAM permissions.

Enable s3 replication for new objects; batch replicate existing or failed items, replicate delete markers from source to target, deletions with a version id are not replicated, no bucket chaining.

Set up and test cross-region replication in Amazon S3 by creating origin and replica buckets, enabling versioning, configuring a replication rule, and noting delete marker behavior and version IDs.

Explore Amazon S3 object encryption methods, including SSE-S3, SSE-KMS, SSE-C, and client-side encryption. Understand encryption in transit with TLS/SSL and how to enforce HTTPS via bucket policy.

Learn to implement server-side encryption in S3 by creating a bucket with default encryption, applying SSE-S3 or SSE-KMS, and managing KMS keys, including object versioning and per-object encryption options.

By default, S3 applies encryption to new objects; you can switch to Sse-kms, and bucket policies can enforce encryption by requiring headers like Xkms or zshrc.

Enable S3 access logs to record all requests to your S3 bucket, stored in a logging bucket in the same region for analysis with Amazon Athena, and avoid logging loops.

Enable S3 server access logging by selecting a destination bucket and region. Verify the bucket policy allows the logging service to write objects and review the access logs.

Learn how S3 access points simplify security by attaching policies to each point, granting read/write to finance and sales prefixes, while analytics remains read-only via VPC endpoints.

Build and deploy agentic AI systems using Bedrock LM agents to reason, plan, and act. Explore Strands, Agent Squad, MCP, and Amazon Q to orchestrate workflows with tools and oversight.

Explore lm agents and agentic ai in Bedrock, learn how to extend a foundation model with tools, action groups, lambda functions, planning, memory, and knowledge bases to access external data.

Build and deploy an Amazon Bedrock agent that uses a knowledge base, guardrails, and an action group to fetch weather data, with optional memory and production deployment.

Delve into multi-agent systems and the orchestrator pattern, where specialized agents work in parallel or in sequence and a synthesizer delivers the final output.

Explore how AI agents use short-term memory for the current session and long-term memory through persistent storage, summaries of past interactions, and insights such as DynamoDB, SQLite, RDS, mem zero.

Build multi-agent systems with strands agents, leveraging tight aws integration, bedrock models, lambda, and multimodal inputs; follow the agent loop from tool selection to final output.

Explore AWS Agent Squad’s orchestration and intelligent intent classification to route prompts to the best specialized agent, track memory with conversation history, and integrate with Bedrock flows.

Explore how the Bedrock Agent Core enables serverless, scalable deployment of AI agents across any framework. It includes memory, gateways, and a starter toolkit with observability via CloudWatch.

Explore Agent Core memory and tools, including short term session memory, long term memory with summaries and preferences, memory records, and built-in browser and code interpreter for scalable agents.

Import bedrock agents into agent core to extend and deploy, then use the gateway to standardize external tools and securely manage credentials with agent core identity.

Leverage cedar-based policies to control AI agent tool calls through gateways, with deny-by-default rules, enforcement options, and natural-language policy generation.

Learn how agent core evaluations automatically measure agent performance with built-in metrics like correctness, helpfulness, conciseness, and harmfulness and stereotyping, and view results in CloudWatch with cross-region inference.

Explore strands agents, Amazon Bedrock AgentCore, and Agent Squad by building a local strands agent with calculator, clock, and keyword-count tools, then deploy and clean up in Bedrock.

Leverage the model context protocol (MCP) to enable AI agents to access external tools via a standardized interface, with examples from GitHub, Jira, PostgreSQL, and Slack.

Explore OpenAPI definitions, formerly swagger, and their role in standardizing tool interfaces for foundation models and agents, enabling reliable tool usage with bedrock action groups.

Extend AI systems with humans in the loop to escalate complex or uncertain cases, route to human operators, and collect feedback to refine models and compare performance.

Leverage amazon q business, a fully managed gen-ai assistant trained on your internal data to answer questions, summarize documents, and generate content using data connectors and plugins, with guardrails.

Create an Amazon Q Business demo app, select a region, and enable anonymous access. Add a data source, create a starter index, connect an S3 knowledge base, and sync.

Explore Amazon q apps to build gen ai powered apps without coding using natural language, based on company data, via a web creator with plugin support, document uploads, and prompts.

Explore Amazon Q Apps by creating and customizing an app, uploading a customer feedback file, generating a high-level summary by product categories, and publishing to your library.

Clean up Amazon Q Business by unsubscribing users and removing subscriptions in the demo application, then delete the app and the Amazon Q Business to prevent future costs.

Improve production-ready generative AI by optimizing token efficiency, context management, and model selection, then implement caching, latency optimization, and resilient, scalable pipelines.

Measure token usage with bedrock's Count Tokens API and CloudWatch, then reduce costs by limiting input tokens, controlling response length, and using knowledge bases.

Minimize costs by selecting the right model and token counts, using dynamic or intelligent prompt routing to match complexity with an appropriate foundation model, and measure price-to-performance with Bedrock Evaluations.

Learn to maximize resource utilization by batching embedding requests and batch inference with Bedrock, plan capacity with tokens per minute and quotas, and monitor costs with CloudWatch and Cost Explorer.

Explore semantic caching using embedding vectors to map varied prompts to cached responses, reducing foundation model calls and latency with tools like ElastiCache, MemoryDB, or OpenSearch.

Improve end-user responsiveness by parallelizing heavy tasks with multi-agent workflows and an orchestrator synthesizer, caching answers, streaming responses, and routing prompts to simpler models when appropriate.

Optimize retrieval augmented generation by tuning vector store indices, implementing hybrid search with keyword and semantic scores, and preprocessing queries to match content style and reduce ambiguity.

Optimize a foundation model for specific use cases by tuning max tokens, temperature, top p, and top K, and measure results with Bedrock evaluations, CloudWatch, or SageMaker B testing.

Profile api calls to identify caching, batching, and retrieval augmented generation opportunities, use json/xml templates and chain-of-thought patterns, and enable deployment with SageMaker, ultra servers, and lambda endpoint lifecycle management.

Learn exponential backoff and connection pooling to manage failed API calls and shared HTTP connections; implement retry policies, jitter, and 10–20 connections per instance with 60–300 seconds TTL.

Bedrock cross-region inference distributes workloads across AWS regions to maintain throughput and resilience during interruptions and quotas. Monitor SCPs, geographic vs global modes, and cost implications.

Learn to manage foundation models at scale with AWS SageMaker, covering training, deployment, monitoring, and governance. Build production-grade generative AI systems with safeguards, observability, edge deployment, and data lifecycle governance.

Explore SageMaker AI's end-to-end machine learning lifecycle—from data preparation and training to deployment and drift monitoring—using notebooks or console workflows, S3 data, and hosted endpoints.

Master SageMaker deployment safeguards, including blue/green, canary, linear deployments, and auto rollbacks for real-time inference endpoints. Compare shadow tests and use SageMaker Studio and Jumpstart for streamlined model launches.

Optimize foundation model deployments on SageMaker AI by using multi-model endpoints, cross-region inference, and Bedrock serverless integration.

Learn how SageMaker Ground Truth labels data with human labelers and builds a model as labels arrive, sending only ambiguous cases to humans and cutting labeling costs up to 70%.

Learn to monitor deployed ml models with SageMaker model monitor, detect data drift, anomalies, and bias with Clarify, trigger CloudWatch alerts, and visualize results in SageMaker Studio or dashboards.

Centralize models in the SageMaker model registry to manage versions, approval status, and metadata, enabling shared, auditable deployment pipelines and model card integrations.

Explore SageMaker lineage tracking to govern machine learning pipelines by recording data, processing, training, and deployment artifacts, enabling auditing, cross-account lineage, and end-to-end visualization.

Trace data lineage across organizational boundaries using the SageMaker AD Association API, with the necessary IAM roles and permissions for cross-account access.

Deploy trained SageMaker models to edge devices with Neo, compiling inference code for ARM, Intel, and Nvidia to run locally with low latency.

SageMaker unified studio provides an interface for data processing, analytics, AI, ML, deployment, and monitoring across the ML lifecycle, with notebooks, workflows, MLflow integration, and VS Code or JupyterLab support.

Orchestrate machine learning workflows with SageMaker Pipelines, a directed acyclic graph that trains, evaluates, registers, creates, and deploys models via the pipeline designer or JSON.

Explore SageMaker JumpStart foundation models and Falcon 40B instruct BF16 in a SageMaker Studio workflow. Set up a SageMaker domain, launch notebooks, and manage resources to avoid unexpected costs.

Learn to transform foundation models into production apps using AWS services like Lambda, Bedrock, API Gateway, Step Functions, and AppSync, with secure, scalable integration and DevOps practices.

Explore how AWS Lambda, a serverless data processing tool, runs code snippets in the cloud, auto-scales, and acts as glue between services like Kinesis, DynamoDB, Cognito, and API Gateway.

Explore serverless lambda integration patterns, showing how lambda runs code without server management, scales cost-effectively, and triggers real-time file processing, streams, cron jobs, and cross-service data flows.

Learn how Lambda connects S3 to Amazon OpenSearch for near real-time analytics, and leverage on-demand data pipelines, Redshift copy, and DynamoDB for stateful processing.

Use Lambda as the glue between Bedrock agents and tools, handling request validation and error handling, while interfacing with foundation models and aggregating multi-model results for higher quality.

Explore how API gateway proxies lambda functions into REST and HTTP endpoints, with features like authentication, usage plans, versioning, development stages, security options, and SDK generation.

Create a rest api in api gateway, configure regional endpoint, and connect a get method to a lambda function with proxy integration. Deploy to dev and test with invoke URL.

Amazon API Gateway powers generative AI apps by routing to Bedrock, enabling user feedback collection, applying usage plans with throttling, token limits, validation, and transformation-based routing.

Explore AWS AppConfig to manage dynamic configurations outside your app, enabling feature flags, real-time config changes, and safe rollbacks across EC2, Lambda, and other services.

Use app.config with feature flags and configuration profiles to dynamically switch foundation models via S3 without redeploying code, enabling A/B testing and rollbacks.

Design and orchestrate workflows with AWS Step Functions, visualize execution graphs, and manage errors with external retry mechanisms, audit history, and optional delays between steps.

Explore AWS Step Functions and state machines, mastering task, choice, wait, parallel, map, and path states for data engineering orchestration. Learn how succeed, fail, and pass determine the workflow’s end.

Master the circuit breaker pattern for Step Functions using DynamoDB and Lambda to route to fallback foundation models, detect failures, and orchestrate model reviews and guardrails.

Explore how to build a chat API with Step Functions and Bedrock by performing prompt chaining, adapting models, and handling real-world fragility in generative AI development.

Orchestrate AWS ci/cd workflows with CodePipeline, connecting sources like CodeCommit or GitHub to build, test, and deploy stages. Manage artifacts in S3 and apply manual approvals and monitoring.

Set up two AWS Beanstalk web server environments using nodejs and a simple application, then prepare Code Pipeline deployments to both environments.

Learn to build a custom AWS CodePipeline that deploys from GitHub to Elastic Beanstalk, including creating a service role, a GitHub connection, and multi-stage deploy with manual approval.

CodeBuild uses buildspec.yml at repo root to build from CodeCommit, S3, Bitbucket, or GitHub, running in prebuilt or custom Docker images and sending logs and artifacts to CloudWatch and S3.

Create a CodeBuild project named MyFirstBuild, connect to GitHub, and enable push builds to test that the Congratulations message appears on deployment, while noting failure due to missing Buildspec.yaml.

Learn to create a buildspec.yaml for AWS CodeBuild, run a test that greps index.html for congratulations, and trigger builds via GitHub webhook and CodePipeline.

Master AWS CodeDeploy to automate safe application deployments across EC2, on-premises, Lambda, and ECS with in-place or blue/green strategies, rollbacks, and configurable deployment speeds.

Configure IAM roles for CodeDeploy on EC2 and install the CodeDeploy agent. Create a deployment group using environment tags and deploy a sample app from S3 with an appspec.yml.

Explore MLflow, an open source platform for ML and AI workflows, and its full integration with SageMaker AI for observability, tracking, model management, and deployment.

Learn how AWS AppSync uses GraphQL to connect apps and services to data across multiple sources with serverless resolvers, lambda functions, and VTL mapping.

Explore AWS Outposts, a hybrid cloud that brings AWS infrastructure to on-premises racks, enabling low latency and data residency with EC2, S3, EBS, EKS, ECS, RDS, and EMR.

Discover how AWS outposts enable GenAI with on-prem data, meeting compliance laws, providing foundation model inference with sufficient compute and storage, and using local caching to minimize data movement.

Launch EC2 instances, EBS volumes, and VPCs at AWS Wavelength edge zones inside 5G networks to achieve ultra-low latency for smart cities, connected vehicles, and AR/VR applications.

Discover how AWS Wavelength enables edge deployments on 5G networks to deliver ultra-low latency mobile apps, secure cloud-to-on-premises routing, and efficient GenAI workload distribution between edge and the parent region.

Explore Amazon SQS standard queues, where producers send messages with SendMessage via an SDK to a queue and consumers pull, process, and delete them, decoupling applications.

Learn to create and manage Amazon SQS queues, choose standard vs FIFO, configure encryption and access policies, and practice sending, receiving, and deleting messages.

Explore AWS Amplify as a one-stop web and mobile development tool that configures backend services (S3, Cognito, AppSync, DynamoDB) and connects frontend libraries to deploy via Amplify Console and CloudFront.

Explore Amazon EventBridge, from cron scheduling to reacting to events with rules and destinations like Lambda, SNS, SQS, and schema registry. Leverage default, partner, and custom buses with archive replay.

Set up and explore Amazon EventBridge rules, event patterns, and targets like SNS or SQS, then configure schedules, event buses, and partner sources, and explore the schema registry.

Publish messages to an Amazon SNS topic and deliver to many subscribers in a pub/sub pattern, with emails, SMS, HTTP endpoints, and integrations with SQS, Lambda, and Kinesis Data Firehose.

Create a standard SNS topic named MyFirstTopic, set an email subscription, confirm it, then publish a hello world message to see the AWS notification.

Amazon AppFlow enables data transfers between SaaS apps and AWS, with sources like Salesforce, SAP, Zendesk, Slack, and ServiceNow, destinations like S3 and Redshift, plus data transformation, encryption, and PrivateLink.

Learn governance, quality assurance, and continuous evaluation for real-world generative ai deployments via Bedrock tools like prompt management, agent tracing, rag pipelines, and observability with CloudWatch.

Leverage bedrock agent tracing for governance and QA to see action groups, knowledge bases, and guardrails, including pre-processing, orchestration, and post-processing traces and potential errors.

Evaluate foundation models with benchmark prompts and ideal responses to measure accuracy, speed, scalability, and retrieval augmented generation relevance, while avoiding training-data leakage.

Evaluate large language model responses using rouge, blue, and Bert score metrics that compare generated output to ground truth via n-grams, precision, and embedding-based semantic similarity.

Bedrock model evaluations enable automatic and human-based comparisons across text classification, summarization, and question and answer, using built-in datasets, evaluator models, and Rag end-to-end evaluation.

Learn to validate generative AI deployments with synthetic user workflows, using CloudWatch synthetic monitoring and canaries to detect non-determinism, hallucinations, and semantic drift before rolling out.

Learn to design responsible AI by applying fairness, explainability, privacy, safety, controllability, veracity, governance, and transparency using AWS Bedrock, SageMaker Clarify, and model monitoring tools.

Learn how CloudWatch Logs stores application logs with log groups and streams, sets retention, exports to Amazon S3, Kinesis Data Streams, Firehose, Lambda, or OpenSearch, and uses CloudWatch Logs Insights.

Configure CloudWatch alarms for EC2 metrics with thresholds and composite alarms to reduce noise. Trigger auto-scaling, stop, reboot, recover, and SNS notifications, plus EC2 status checks and log-based alerts.

Launch an EC2 instance and configure a CloudWatch CPU utilization alarm that terminates the instance after 15 minutes of 95% or higher, with verification via set alarm states.

Learn how cloudwatch rum provides real user monitoring for mobile apps on iOS or Android, measuring page load times, errors, and app launch times from real user sessions.

Leverage CloudWatch to monitor generative AI apps by logging prompt inputs, model responses, latency, prompt effectiveness, and error rates for troubleshooting and optimization.

CloudTrail enables governance, compliance, and audit by recording all API calls across AWS accounts, with logs stored in CloudTrail and exportable to CloudWatch Logs or S3, plus CloudTrail Insights.

Explore how CloudTrail logs API calls to Amazon Bedrock, capturing which prompts were used and who issued them to create an audit trail for governance and compliance in generative ai.

Explore AWS X-Ray for visual tracing of distributed apps, debug production, identify bottlenecks, map service dependencies, and enable tracing via code modifications and the X-Ray daemon.

Explore X-Ray in the CloudWatch console, deploy a simplified CloudFormation stack, and examine the service map, traces, and latency to diagnose errors.

Learn how AWS Lake Formation, built on Glue, helps you set up a secure data lake with loading, transforming, and access control, integrating with Athena, Redshift, and EMR.

Harden generative AI systems by applying least privilege, data masking, encryption, and IAM controls across identities, data, and access, using Macie, Secrets Manager, Cognito, VPC, and PrivateLink.

Apply the principle of least privilege by granting only the permissions needed to perform tasks. Use IAM Access Analyzer to derive and test least-privileged policies from observed activity.

Learn data masking and anonymization techniques for protecting personally identifiable information, including masking credit cards and SSNs, anonymization, encryption, hashing, and safe ETL deletion in Redshift and Glue DataBrew.

Learn how identity and access management (IAM) governs users, groups, and policies, including creating users, organizing groups, and applying least privilege in AWS.

Create and manage IAM users and groups in AWS, assign administrator access via a group, and practice sign-in using an IAM user and account alias.

Enable multi-session support in the AWS console to sign into multiple accounts in the same browser, demonstrating cross-account access with EC2 and creating an EBS volume.

Explore iam policies attached to groups and users, including inline policies. Learn the policy structure: version, id, and statements with sid, effect, principle, action, resource, and optional condition.

Explore how IAM policies control access in AWS by managing users, groups, and permissions, from admin access and read-only policies to creating and attaching policies via JSON or visual editors.

Learn to secure AWS identities by enforcing password policies and implementing multi-factor authentication with virtual MFA apps, U2F keys, hardware fobs, and GovCloud options.

Learn how to set IAM password policies and enable multi-factor authentication for the root account using an authenticator app, QR codes, and time-based codes.

Learn how IAM roles grant permissions to AWS services such as EC2, Lambda, and CloudFormation, enabling resources to act on your behalf with proper access.

Create an IAM role for an EC2 instance, attach the IAM read only access policy, and verify the role's permissions and trusted entities.

Explore how AWS IAM Identity Center provides one login for all AWS accounts and business apps via SAML 2.0, with built-in or external identity stores and permission sets.

Explore how AWS control tower automates secure multi-account setup with AWS Organizations, provides governance through preventive and detective guardrails, and monitors compliance with Config dashboards and automated remediations.

Explore encryption in flight with tls/ssl, certificates, and https to secure client–server data and prevent man-in-the-middle access, then review server-side and client-side encryption with data keys.

Discover AWS KMS, the key management service that encrypts data across services, integrates with IAM and CloudTrail for auditing, and supports symmetric and asymmetric keys with cross-account policies.

Explore AWS KMS keys, including AWS managed and customer managed keys, and learn how key policies, rotation, and encrypt and decrypt operations work via the CLI.

Macie uses machine learning and pattern matching to discover and protect PII in AWS S3 buckets, alerting via EventBridge and enabling integrations to SNS and Lambda with one click.

Discover AWS Secrets Manager for securely storing and rotating credentials for databases like RDS, automating secret generation via Lambda, and encrypting with KMS, with multi-region replication for disaster recovery.

Explore AWS Secrets Manager to rotate, manage, and retrieve secrets with tight database integrations (RDS, Aurora, MySQL, PostgreSQL), encryption with KMS, regional replication, and Lambda-driven rotation.

Amazon Cognito enables web and mobile identity with components: user pools for sign-in and social login, and identity pools for temporary AWS credentials, with API Gateway and ALB integration.

Explore how AWS WAF protects web application at layer 7 with web ACLs and rules, including IP sets, SQL injection, XSS, and geo/rate-based controls, plus fixed IP via Global Accelerator.

Learn how a VPC hosts public and private subnets, routes traffic via route tables and internet gateway, and use NAT gateways or NAT instances to give private subnets internet access.

Explore how network ACLs and security groups defend a VPC, with subnet-level ACLs and security group rules, and how VPC flow logs monitor traffic and stream to S3.

Learn how to connect virtual private clouds and on-premises networks with VPC peering, endpoints, site-to-site VPN, and direct connect, including non-transitive peering and private access to S3, DynamoDB, and CloudWatch.

Clarify core VPC concepts like default VPC, subnets, internet gateway, NAT gateways, private subnets, VPC peering, endpoints, flow logs, and site-to-site VPN and Direct Connect for exam readiness.

Explore AWS PrivateLink to privately connect a vendor's service in their VPC to your VPC, using a Network Load Balancer and Elastic Network Interface for scalable, secure, private access.

Explore the broader AWS ecosystem around your generative AI applications, including compute and container services, databases, ML services, and networking, and design secure, cost-efficient production AI solutions for the exam.

Explore Amazon Athena, a serverless SQL interface for S3 data that queries in place. It supports CSV, JSON, ORC, Parquet, and Avro, enabling ad hoc web log analysis.

Explore emr, a managed hadoop framework on ec2 that uses master, core, and task nodes to run spark, hive, presto, or flink with notebooks and s3 storage.

Discover Amazon QuickSight, a fast, cloud-powered AWS visualization tool for big data that enables dashboards, ad hoc analysis, and real-time visualizations from diverse data sources with Spice acceleration.

Discover how Amazon Kinesis data streams collect real-time data from producers and feed real-time consumers such as Lambda. Learn about retention up to 365 days, partition-based ordering, and encryption.

Practice creating a Kinesis data stream, DemoStream, and sending data with put-record. Explore on-demand vs provision mode, shard basics, and producers and consumers such as SDK and KPL.

Learn how Amazon MSK, a fully managed Apache Kafka service on AWS, offers serverless options, scalable clusters, long data retention, and seamless producer and consumer pipelines with diverse integrations.