AWS Certified Advanced Networking - Specialty (ANS-C01) Domain 2
Network Implementation
Official Exam Guide: Domain 2: Network Implementation
Skill Builder: AWS Certified Advanced Networking - Specialty Exam Prep
Domain Overview
Domain 2 (26%) focuses on implementing hybrid connectivity, multi-account/Region/VPC connectivity, DNS architectures, and network automation.
Task 2.1: Implement hybrid connectivity (on-premises to AWS)
Essential Documentation:
- Direct Connect Virtual Interfaces
- Site-to-Site VPN Connections
- Accelerated Site-to-Site VPN
- Transit Gateway Connect for SD-WAN
Task 2.2: Implement multi-account/Region/VPC connectivity
Essential Documentation:
- Getting Started with Transit Gateway
- Working with VPC Peering
- Create VPC Endpoint Services
- AWS Resource Access Manager
Task 2.3: Implement complex DNS architectures
Essential Documentation:
- Route 53 Private Hosted Zones
- Route 53 Resolver Outbound Endpoints
- Route 53 Resolver Inbound Endpoints
- Managing Resolver Rules
Task 2.4: Automate network infrastructure
Essential Documentation:
- AWS CloudFormation User Guide
- AWS CDK Developer Guide
- AWS CLI User Guide
- Boto3 (AWS SDK for Python) Documentation
AWS Service FAQs
Study Tips
-
Master Transit Gateway configuration - Route tables, associations, propagations, attachments (VPC, VPN, Direct Connect, peering, Connect).
-
Learn VIF configuration - Public VIFs for AWS public services, private VIFs for VPCs, transit VIFs for Transit Gateway.
-
Understand DNS forwarding - Outbound endpoints for on-premises DNS queries, inbound endpoints for on-premises to AWS queries, conditional forwarding rules.
-
Practice IaC - CloudFormation for network resources, CDK for programmable infrastructure, event-driven automation with Lambda.
-
Study hub-and-spoke - Transit Gateway as hub, VPCs as spokes, route table segmentation, inspection VPC patterns.
Note: This is Domain 2 of 4, representing 26% of exam content.