Skip to content

Instantly share code, notes, and snippets.

@liginv
Created May 11, 2019 15:45
Show Gist options
  • Save liginv/84f8bcf59bab97ddf6af39867e4ba180 to your computer and use it in GitHub Desktop.
Save liginv/84f8bcf59bab97ddf6af39867e4ba180 to your computer and use it in GitHub Desktop.

AWS Solutions Architect - Associate

A curated list of resources to prepare for the AWS Solutions Architect: Assoicate Certification. This document will include: open source repos, blogs & blogposts, ebooks, PDF, whitepapers, video courses, free lecture, slides, sample test(s) and many other resources.


Table of Contents:

  1. Passing the AWS Solutions Architect - Associate Exam
    • Exam Overview
    • Prerequisites
    • General Learning Material
    • Blueprints Exam
    • Direct Experience from AWS Certified Members
    • The Exam

Passing the AWS solutions architect - Associate exam > Exam Overview

Tip: You will find you make less errors when you are not feeling rushed on time to complete the exam. Be Prepared!

The AWS Certified Solutions Architect – Associate exam is intended for individuals with experience designing distributed applications and systems on the AWS platform.

Exam concepts you should understand for this exam include:

  1. Designing and deploying scalable, highly available, and fault tolerant systems on AWS
  2. Lift and shift of an existing on-premises application to AWS
  3. Ingress and egress of data to and from AWS
  4. Selecting the appropriate AWS service based on data, compute, database, or security requirements
  5. Identifying appropriate use of AWS architectural best practices
  6. Estimating AWS costs and identifying cost control mechanisms

Passing the AWS solutions architect - Associate exam > Prerequisites & Requirements

Candidate Overview description provided by the AWS documentation

Eligible candidates for this exam have:

  • One or more years of hands-on experience designing available, cost efficient, fault tolerant, and scalable distributed systems on AWS
  • In-depth knowledge of at least one high-level programming language
  • Ability to identify and define requirements for an AWS-based application
  • Experience with deploying hybrid systems with on-premises and AWS components
  • Capability to provide best practices for building secure and reliable applications on the AWS platform

AWS Knowledge required for the Exam:

  • Hands-on experience using compute, networking, storage, and database AWS services
  • Professional experience architecting large-scale distributed systems
  • Understanding of elasticity and scalability concepts
  • Understanding of the AWS global infrastructure
  • Understanding of network technologies as they relate to AWS
  • A good understanding of all security features and tools that AWS provides and how they relate to traditional services
  • A strong understanding of client interfaces to the AWS platform
  • Hands-on experience with AWS deployment and management services

Key items you should know before you take the exam:

  1. How to configure and troubleshoot a VPC inside and out, including basic IP subnetting. VPC is arguably one of the more complex components of AWS and you cannot pass this exam without a thorough understanding of it.
  2. The difference in use cases between Simple Workflow (SWF), Simple Queue Services (SQS), and Simple Notification Services (SNS).
  3. How an Elastic Load Balancer (ELB) interacts with auto-scaling groups in a high-availability deployment.
  4. How to properly secure a S3 bucket in different usage scenarios
  5. When it would be appropriate to use either EBS-backed or ephemeral instances.
  6. A basic understanding of CloudFormation.
  7. How to properly use various EBS volume configurations and snapshots to optimize I/O performance and data durability.

General IT Knowledge preferred for the Exam:

  • Excellent understanding of typical multi-tier architectures: web servers, caching, application servers, load balancers, and storage
  • Understanding of Relational Database Management System (RDBMS) and NoSQL
  • Knowledge of message queuing and Enterprise Service Bus (ESB)
  • Familiarity with loose coupling and stateless systems
  • Understanding of different consistency models in distributed systems
  • Knowledge of Content Delivery Networks (CDN)
  • Hands-on experience with core LAN/WAN network technologies
  • Experience with route tables, access control lists, firewalls, NAT, HTTP, DNS, IP and OSI Network
  • Knowledge of RESTful Web Services, XML, JSON
  • Familiarity with the software development lifecycle
  • Work experience with information and application security concepts, mechanisms, and tools
  • Awareness of end-user computing and collaborative technologies

Passing the AWS solutions architect - Associate exam > General Learning Material

  1. Solutions Architect – Associate Certification Preparation for AWS
  2. A Guide to AWS Certification Exams (eBook)
  3. AWS Solutions Architect Certification (eBook)
  4. AWS Certified Solutions Architect Associate Exam Blueprint
  5. AWS Certification Exams: What to Expect
  6. 7-Day Free Trial to Hands-On Labs, Learning Paths, Courses and Quizzes
  7. AWS CLI: 10 Useful Commands You May Not Know
  8. Q&A: Ccontinuous Learning with AWS
  9. Amazon AWS Certified Solutions Architect: What to Study, Tips and Resources
  10. AWS re:Invent 2015 | (ARC301) Scaling Up to Your First 10 Million Users
  11. AWS re:Invent 2015 | (CMP302) Amazon ECS: Distributed Applications at Scale
  12. AWS re:Invent 2014 | (SDD413) Amazon S3 Deep Dive and Best Practices
  13. AWS re:Invent 2015 | (DVO203) A Day in the Life of a Netflix Engineer
  14. AWS Whitepapers - You can never be "too" prepared!
  15. Prepare for AWS Certifications - Webinar
  16. AWS Certifications for Teams - Webinar
  17. AWS Secure Initial Account Setup
  18. Enterprise AWS Account Setup Best Practices
  19. Architecting for the Cloud (PDF)
  20. Exam Readiness Workshop: AWS Certified Solutions Architect - Associate
  21. AWS Certification Training Videos by Edureka
  22. AWS Certified Solutions Architect - Associate Training Course by PluralSight
  23. AWS Certified Solutions Architect - Associate 2018 Online Course by Udemy
  24. AWS Well-Architected: Learn, measure, and build using architectural best practices

Passing the AWS Solutions Architect - Associate Exam > Blueprints Exam

In this AWS whitepaper you'll find a sample exam. Here's a preview:


Amazon Glacier is designed for: (Choose 2 answers)

  1. Active Database Storage
  2. Infrequently Accessed Data
  3. Data Archives
  4. Frequently Accessed Data
  5. Cached Session Data

[Answer: B. Infrequently Accessed Data & C. Data Archives]


Your web application front end consists of multiple EC2 instances behind an Elastic Load Balancer. You configured ELB to perform health checks on these EC2 instances. If an instance fails to pass health checks,which statement will be true?

  1. The instance is replaced automatically by the ELB.
  2. The instance gets terminated automatically by the ELB.
  3. The ELB stops sending traffic to the instance that failed its health check.
  4. The instance gets quarantined by the ELB for root cause analysis.

[Answer: C. The ELB stops sending traffic to the instance that failed its health check.]


You are building a system to distribute confidential training videos to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publically accessible from S3 directly?

  1. Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.**
  2. Add the CloudFront account security group “amazon-cf/amazon-cf-sg” to the appropriate S3 bucket policy.
  3. Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM User.
  4. Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN).

[Answer: A. Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.]

In this amazing post Markos Rendell gave a deep explanation to every single AWS question.


Passing the AWS Solutions Architect - Associate Exam: Direct Experience from AWS Certified Members

Here are some general observations by Miha Kralj in this great post.

  • There were several questions related to DR solutions with specified RPO/RTO times. Modern cloud-born solutions use completely different BCP approach, but hey, someone in AWS really likes traditional disaster recovery scenarios and is making sure that you love them too. I know it is 2016, but you need to learn the old skool BCP techniques for this exam.

  • Questions about the AWS Storage Gateway appear at least 3 times. Yeah. Storage Gateway. The stuff that cloud-native architects never saw in action - nor do we want to. You have to learn the difference between Cached Volumes, Stored Volumes and understand how VTL works.

  • Lots and lots and lots of questions on deployment management. CloudFormation. Elastic Beanstalk. OpsWorks. Learn these three technologies well - not well for an architect, but well for a 2nd-tier escalation operations engineer. One of the examiners really really really liked cloud deployment automation. And now you will like it too. Who cares if you use SaltStack, Terraform or Ansible - learn CF, Beanstalk and OpsWorks!

  • Networking questions were everywhere, like 30% of the test or even more: VPN/DirectConnect/VPC peering. For me, DDOS protection, WAF, Cloudfront, and SSL/TLS stuff is networking too, although AWS treats them as security issues. Anyway, the examiners love networking. Learn networking. I mean, learn it like this is a Cisco exam, not a cloud architecture exam.

  • Federated access, SAML, IAM roles and all possible AuthZ/AuthN scenarios - learn them all. Learn how IAM policies work. How cross-account trust works. And specifically how they don't work. Think like troubleshooting support personnel and what they need to know about identity flows; that's what you need to know for this exam.

  • Whenever you see the need for high-performing scalable solution, the answer is always DynamoDB. Even if you think that architecturally there might be a better choice (Cassandra, or CouchDB anyone?), the correct answer will be DynamoDB. People that wrote the test were clearly in love with DynamoDB, Elasticache and Kinesis. Just pick the answer that includes all three of them and you'll be right.

  • If a scenario is asking for something cheap (cost-effective), the answer must include spot instances, SQS for throttling and perhaps S3 RRS or Glacier.

  • There were at least two questions where I was simply forced to propose the AWS Data Pipeline. Yeah, the obscure and rarely-seen Data Pipeline service, in the age when Lambda solves the same problem way more efficiently. No, Lambda was not an option at all and it didn't appear anywhere in the test.


Helpful Pointers

Focus on classic test taking strategies. Nobody really talks about this... they generally only focus on content.

  1. Eliminate wrong answers then guess. If you guess and aren't sure, mark it for review then revisit ONLY if you have time.
  2. Read the answers first to understand what to focus on in the question.
  3. Focus on the "kicker". This is the part that's after the fluff which tells you exactly what they want. e.g. "Which option provides the MOST COST EFFECTIVE solution.
  4. If you have no clue at first, totally skip the question and mark it for review. Don't waste time.
  5. Every service can be tweaked for Cost, Quality, and Performance. You need to understand how. How can you make S3 cheaper? How can you make it more redundant/secure? How can you make it more performant? What about EMR or Redshift? EC2? etc.
  6. You might get lucky and stumble across a question or answer that clarifies a previous question, only then should you go back and review a question that you've answered.

Logistically here's some things you should do:

  1. Don't pile up on caffeine. Just eat a good breakfast and drink plenty of water.
  2. Bring a hand full of peppermints. Studies show it improves cognitive function.
  3. If you find that you are re-reading a question, stop, close your eyes and count to 30/meditate/pray. Wait till you've regained your mental footing before proceeding.
  4. Get a good solid 8 hours of sleep the night before.

Passing the AWS Solutions Architect - Associate Exam > The Exam

Practice Exam Fee: $20 USD Exam Registration Fee: $150 USD

You have 130 minutes to complete a 65 question exam. Most of the questions can be 3-4 lines long in the multiple choice and multiple answer format. You should consider no more than 1.5/2 minutes per question if you want to read each question carefully and answer to all of them correctly.

It's possible to set a question for review and skip, the you can refer back to what you marked to answer or modify your answer.


Now that you're ready to go, head on over to WebAssessor.com to purchase and book a time for your exam.


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment