Study Guide: AWS Certified Solutions Architect - Professional exam: resources and tips

Cloudreach have been working with Amazon Web Services (AWS) for 9 years, and during this time we’ve grown to over 600 people and have more than 500 AWS certs between us.

"Promote personal growth" is one of Cloudreach’s core values and as such we strongly encourage everyone in the business, from Project Managers to Sales, to take certifications and courses to improve themselves. As such, I recently took the AWS Solutions Architect Professional Exam to attempt to fill a few gaps in my AWS knowledge.

Whilst studying for the exam I found a number of useful online resources and received some valuable advice from fellow Cloudreachers that I thought might be worth sharing - hence writing this blog post.

What does the exam cover?

Where the SA Associate exam gives you a basic understanding of AWS and ensures you have the prerequisite knowledge to use AWS on a daily basis, the Professional exam assumes you are architecting large enterprise scale solutions on AWS.

For the Solutions Architect Professional exam, experience delivering projects on AWS is a must. It is not possible to just memorise lots of AWS specific facts as you could for the Associate exam - a true, deep understanding of good practices on the platform is required.

Learning Resources

Read the Security Whitepaper to understand security best practices on AWS.

Exam Tips

Topics worth reviewing for "easy marks": Elastic Beanstalk (always 2 or three questions on the exam) Opsworks (rarely used it in production but gets you some easy marks) Cloudfront (there are always 4+ questions relating to Cloudfront).

Useful Things to remember in the exam: For IAM - Always pick an IAM Role to assign rights over creating multiple users (think about the scalability to hundreds or thousands of accounts) Mobile app IAM - always use Web Federation to make your application assume a role On premise use your SAML compliant LDAP/AD. SQS to reduce write throughput on database or decouple application services. Learn what IDS/IPS do and how these functionalities can be implemented in AWS. Think about DDOS mitigation - how would you reduce the attack surface area or build your own WAF? Datastores: understand which is the right service to use to store and access data from multiple point of view: performance, cost, availability - cheap doesn’t necessarily mean wrong. Cost efficient workloads: when can SPOT instances be used to deliver a cost efficient infrastructure - think about EC2 Autoscaling Groups and EMR clusters. In the current exam - post-2014 AWS technologies aren’t included. Bear this in mind when answering questions and revising.



Exam Technique

Remove incorrect answers first: All questions are multiple choice, some with multiple answers, often it is easier to discount a couple of answers first - and the pick from the ones left.

All questions are multiple choice, some with multiple answers, often it is easier to discount a couple of answers first - and the pick from the ones left. Draw an answer grid - In a similar vein, a fellow Cloudreacher recommends "draw up an answer grid to help you cross off bad answers. This helps rule out obviously wrong answers, and makes reviewing questions quicker at the end. Some questions don't need this, so just use it when it's helpful."

My key was:

✓ This is the (an) answer

X This is definitely wrong

L Seems legit - need to read the rest

? Not sure

Marking questions for review - only mark items for review if you’re stuck on picking between two possible answers - if you’re pretty certain, certain or just guessing it’s highly unlikely that a review will help.

- only mark items for review if you’re stuck on picking between two possible answers - if you’re pretty certain, certain or just guessing it’s highly unlikely that a review will help. Break down the question: If it's a pick 2 or 3 answers type question there'll probably be 2 or 3 requirement statements in the question - so break them down and it'll be much easier and less overwhelming.

Are you ready?

Can you describe how to migrate applications to AWS from on premise?

Can you design IAM access for on premise or Web Federated user access?

How would you mitigate a DDOS attack against your AWS environment?

In an enterprise environment - when and how would Direct connect be used?

How would you design a new application to be used at scale on AWS?

I hope this helps you prepare for your AWS Solutions Architect Professional Exam, if you found this guide useful you might like to take a look at our other exam resources on the cloudreach blog.