How I cracked AWS Solutions Architect Professional

If you have been told that AWS Solutions Architect Professional exam is really hard and needs years of experience to clear, then let me help you out a bit. I had a total industry experience of 1.5 years when I acquired this certification. It took just one attempt and I cleared with flying colours. All I needed to do was careful planning, diligent training, continuous practising and some extra hard work. So let me take you through my journey of becoming AWS Solutions Architect Professional certified.

Planning

This is a step which is mostly overlooked but if done right, it will keep you on track and help you clear the exam fast. I started by setting a deadline of two weeks: the first week I would spend completely on a guided online course (refer coming sections for the course) and in the second week I would focus on practice tests, both timed and self-paced. The deadline doesn’t have to be a fixed final date, it can be tentative just to maintain your pace.

Training

There are plenty of resources available online for training and each one of them is good in its own ways. I first shortlisted a few courses including ones from A Cloud Guru, Stephane Maarek and Adrian Cantrill.

Then I asked around and read some reviews on Reddit and decided to go for Stephane Maarek’s course on Udemy. If you ask my opinion on it, I would say that he has done an amazing job in explaining the services and the relevant details as per the exam while keeping the lessons brief. You might miss some practical labs but an amusing French accent comes as a bonus.

Please do note that when you are going for a Professional AWS certification, then you need to understand that it won’t be all theoretical knowledge. You will need some experience in that field. I had some experience but I did fell short of the recommended experience as per Amazon. To overcome these shortcomings, I started reading about multiple use-cases where companies have moved onto AWS and flourished in their fields.

A bonus point to note here is that it is also one of the most favourite questions for interviewers to ask candidate that “How would you have designed the architecture of so-and-so product on so-and-so platform?” so the use-cases would also come in handy if you find yourself in such a situation.

Practice Tests

Again, just like training materials, you will find that there are many free as well as paid practice tests all over the internet including TutorialDojo, Whizlabs and Amazon itself.

I tried out many of them and my suggestion here would be the paid practice exams by Jon-Bonso on TutorialsDojo. He also provides some free samplers if you want to try them out before buying the full version. As part of the complete package, you get section based exams, self-paced exams and full scale (75 questions in 3 hours, just like the original exam) timed exams. These tests helped me build both confidence and speed. I have to give credit to him for the 40 minutes I had left after completing the exam which I used for reviewing.

TutorialsDojo also offers cheat sheets containing service comparisons which is the golden source for nailing the process of elimination in MCQs.

Some important points to revisit

Following are some important topics that you should make yourself aware of before going for the exam. They may or may not appear in the exam but I think are a must to know for a solutions architect working on AWS.

1. Know the different types of standard access for IAM users, like Power User and Admin Access
2. Understand how to access resources within and outside Zone of trust using STS
3. Remember the different STS APIs and how to use them for federation, single sign-on and with identity brokers
4. Understand Active Directory forest trusts and management on AWS
5. Some basic VPC concepts: Peering, Transit VPC and Gateway, VPC Endpoint (interface and gateway)
6. Know how to connect on-premise with AWS using Direct Connect (BGP, public and private VAF) and VPN
7. Managing multiple accounts using AWS Organizations, SCPs and AWS RAM
8. SSM Parameters Store and Secrets Manager and when to prefer one over the other
9. Cloud Hardware Security Module (CloudHSM) and when to use it
10. Understanding security for data storage services like S3 (SSE), RDS (TDE, SSL, encrypted volumes and snapshots), etc. at rest and in transit
11. Understanding performance in data storage services like S3 (multipart upload, transfer acceleration), RDS (read-replicas, Aurora serverless, multi-master), etc.
12. Understanding durability in data storage services like S3 (lifecycle, CRR), RDS (multi-az, global Aurora Db, snapshots), etc.
13. Security and DDoS protection options using Shield, WAF, CloudFront, Route53, Autoscaling and deciding which one is best for you
14. Monitoring and automation using AWS Config and Systems Manager (Automation, Patch Manager, State Manager, Run)
15. CloudTrail limitations and customisation like CloudTrail cannot record RDS queries and need to enable “global services" to track IAM usage
16. EC2 types, placement groups, launch types, metric (CloudWatch), security (Inspector) and autoscaling
17. You can install CloudWatch and X-Ray agents on EC2 instances/on-premise servers to use AWS Services for visualization of logs and stats
18. Serverless Application Model and its limitations
19. LoadBalancer types and which provides the most optimized solution in which scenarios
20. Use SQS as buffer to reduce load on application or database
21. Types of Route53 routing policies and health checks
22. EBS volume (types, limits, sizes, RAID), Instance store (limits, use-cases) and EFS (performance and throughput modes, storage tiers)
23. Type of ElastiCache engine appropriate for you, Memcached (multi-threaded, multi-node, simple) or Redis (multi-az, read replicas, cluster modes)
24. Four parts of Kinesis: Stream (latency, limit, sharding, retention, sources), Video Stream (producers, consumers), Analysis (latency, SQL) and Firehose (targets, serverless, buffer)
25. Data warehousing options: Elastic MapReduce, Redshift and Redshift Spectrum
26. Storage Gateway types: File, Volume (stored and cached) and Tape
27. Migration over the network takes more than 1 week, use Snowball. Need to do computing during migration, use Snowball edge. Data sources is over 10PB, use Snowmobile
28. Migrating databases using DMS (with SCT, sources, targets) and servers using SMS (Application Discovery: agentless and agent-based, features)
29. ElasticSearch and managed counterpart CloudSearch
30. VDI solution using AWS Workspace and Workspace Application Manager
31. Delivering apps through a browser using Appstream 2.0
32. Amazon Mechanical Turk use cases and service integrations (Works with SWF but not with Step Functions)

I know there are more services to cover apart from these, but these are some core concepts which are essential while architecting a solution on AWS.

Additional Content

Amazon has a lot to offer to promote and upskill people into using AWS. So always keep an eye on their blogs and whitepapers. My must-read recommendation is the storage service whitepaper, do go through it.

Also, at least once go through their well-architected framework. This will help you understand the best practices and why they are called so.

Parting Note

I tried to cover as many details as I could through this blog. So follow these steps, be thorough about it and trust the process.

And of course, best of luck future solutions architects!