WARNING: Before reading this doc 🙂 🙂
1: As everyone needs to sign NDA with AWS, I can’t tell you the exact question asked during the exam neither I have GB of memory, but I can give you the pointer what to expect in the exam
2: As we all know AWS infrastructure updates everyday, so some of the stuff might not be relevant after a few days/weeks/months…
3: Please don’t ask for any exam dumps or question, that defeats the whole purpose of the exam.
Finally, after waiting for 5 years(Journey started at way back in 2014 when I first logged into AWS Console) yesterday, I cleared my AWS Certified Solution Architect Exam.
Why it took me so long to write my First AWS Exam?
- Let me first start with trying to introduce myself; I am an X-RedHat Certified Architect(yes that’s true, I cleared all the 5 RedHat Exams). RedHat exams are mostly hand’s on which are based on the scenario you need to deploy or create some server/application
- My initial assumption regarding AWS exam was it’s mostly theoretical, i.e. they will give you a series of questions(single/multiple choice), and you need to select one/multiple options, so basically you are not implementing anything. On the top of that to answer these question you need to memorize a bunch of stuff.
So how everything changed?
- Initially, when I started preparing, I realized there is a lot of stuff which I completely miss/not paid attention. But later on, I paid special attention to those, e.g., S3 seems to the pretty straightforward concept, but when I start exploring it(mentioned below some of the different S3 services), I came to know its one of the amazing services.
- If you don’t have any experience with AWS service, I will recommend first start with acloudguru. Please don’t miss AWS — 10,000 Foot Overview, this will give you a good overview of all the AWS Services
- The second, one of the most useful resource is Linux Academy. One of the advantages of using Linux Academy is its hands-on lab. This will give you enough hand’s on experience required for the certification.
- AWS Re: Invent Videos: I highly recommend going through these videos, as they will give you enough in-depth knowledge about each service.
- AWS Documentation: Best documentation ever provided by any service provider. Don’t miss the FAQ regarding each service(especially for EC2, S3, VPC)
- Exam Readiness
- Last but not the least, hands-on experience, there is no substitute for that. As per certification pre-requisite
You must know these three services in order to clear this EXAM
Some services which I under-estimate and I saw at least 2–4 question related to those services
- Kinesis Firehouse
I am not using any of these services in my day to day operation, and that’s why I didn’t pay much attention. Also, it’s time for AcloudGuru and Linux Academy to add some more in-depth content related to these services
Some surprise packages
- AWS Inspector
My Idea about the exam
- As this is an associate level exam, my initial perception about this exam that I don’t need to go in-depth of all of the services but this exam surprises me with some in-depth questions. So please make sure to read/implement as much as possible about (EC2/VPC/S3).
Let’s talk about different Services and what concept you should know in order to clear this exam
- This table is the key to understand different S3 storage classes. Make sure you understand
* Durability and Availibility of each class* In which situation you are going to use specific class
- Understand S3 Object Lifecycle Management and when to move an object to S3-Standard-IA/S3 One Zone IA vs Glacier
- Difference between Server access logging vs Object Access logging
- Understand how encryption(both Server/Client) works for S3
- Cross region replication in S3
- Surprise package Amazon S3 inventory
Key takeaways* It provides CSV and Apache Optimized Row Columnar(ORC) outputs files that lists objects and corresponding metadata
* You can query AWS Inventory using standard SQL by using Amazon Athena, Amazon Redshift Spectrum
AWS Storage Gateway
- Difference between different storage gateway and which one to use under which situation(Especially when they ask migrating services from on-premises data center to AWS cloud and how to keep data in sync)
- Whenever they ask about Petabyte(even terabyte) this is the best bet(Again migrating on-premises data center to AWS)
- Understand the difference between different purchasing options(On-demand, Reserved, Spot and Dedicated)
- Pay special emphasis to Dedicated Hosts(Look for Keyword like compliance requirements /server-bound software licenses)
- Understand the difference between Instance Store Volumes vs EBS(Look for Keyword shutdown as in case of Instance Store Volumes your data will be Wiped)
- Security Group(They are not going to ask you this question directly but mostly scenario based questions like multi-tier environment where you have web frontend vs MySQL as database and which port you are going to open in your backend DB(MySQL), As you only need a connection from the web frontend, you only need to specify Mysql DB security group)
- Difference between Application vs Network Load Balancer and in which scenario you are going to use which one
- Create VPC from scratch(At least 2 Private Subnet and 2 public Subnet)
- What is the use of Internet Gateway and what changes you need to make in your routing table to route the traffic to the internet(0.0.0.0/0 to IGW)
- How Private Instance is going to talk to the Internet(NAT Gateway)(again create it from scratch)
- VPC Endpoints(understand the difference between Gateway Endpoint vs Interface Endpoint)
- Difference between NACL vs Security Group
- Remember Cloudwatch now is not only to display metrics but you can also push application logs via Cloudwatch agents
- Placement Group: Justbrief idea about EC2 Placement group and what is the purpose of it(keyword low latency between ec2 instances)
- Elastic File System(EFS): Look for a key term like the instance need to be simultaneously mounted on the bunch of EC2 instances(Choice between S3/EBS/EFS)
- Lambda: Whenever they talk about cost optimization then lambda is your go-to choice(But please read the scenario carefully)
- Understand the difference between different routing policy
- Pay special emphasis to a latency based(key word user in specific region facing latency, so key choice is between Route53 vs CloudFront)and failover routing policy
Autoscaling: Just a brief idea about how auto-scaling works
- For RDS MySQL understand the difference between read-only replication(performance gain) vs HA(in case of failover)
- AWS is paying special emphasis on Aurora, so in case if they ask migrating on-premises MySql/Postgres to AWS Cloud then Aurora is the best bet
- Make sure you understand the purpose of roles and use roles to communicate to different AWS Service, rather than using Public Internet Route
BONUS: AWS goodies during re-invent 2018 🙂