Tips & Techniques to re-cerity for AWS Solution Architect Professional Exam

Check GitHUB URL for my detailed notes

Focus on Keywords :

There could be multiple correct options , but you need to figure out the “keyword” in question to see which one fits the scenario requirement.

Keywords could be :

• least expensive
• cost-effective
• near real-time
• least performance impact
• reduce down-time
• loosely coupled
• achieve resiliency, high availability
• reduce operational overhead

KeyWords Examples:

Technical Tips:

1. Understand which service AWS recommends for what usecase, i.e. Kinesis Data streams can be used for log ingestion and analytics etc., To confuse; question might give you cloud watch logs + insights as option too. If log ingestion + real time analytics go for Kinesis brand of services.
2. Learn to differentitate within Kinesis services i.e. If question speaks about real-time streaming, pickup Kinesis Data Streams. If you can tolerate delay of ~60 seconds, go for Kinesis Firehose
3. Know the limitations on each service, they are very important to elimiate wrong answers for a given question. Like CloudFront supports 100000 RPS, ALB 10000 RPS etc., DynamoDB RCU/WCU 4KB/1KB, SQS/SNS Max Message Size limit 256KB, Lambda memory allocation can go from 128MB to 10,240MB (10GB) , per execution limit upto 15 minutes , S3 single object can be upto 5TB in size etc.
4. Understand different DR strategies and carefully evaluate given RPO/RTO requirements vs. cost considerations for all types Backup & Restore, Pilot Light, Warm Standby and Multi-Site/Active-Active
5. Understand when to use migration services like DMS, SCT, SMS,VM Import/Export,Application Discovery Service and their limitations. Can you migrate non-VM servers using SMS ?
6. If there is no mention of any performance or cost , just asks for the best option. In order to eliminate wrong answers, stick with AWS recommendations.
7. Understand difference between Private VIF and Public VIF for DX i.e. to access AWS services, use Private VIF , to establish secure VPN tunnel over DX, use Public VIF etc.
8. Understand Purpose of a given security service i.e. Shield (DoS etc.), Inspector(CVE assessment etc.) , WAF(SQL/injector attacks etc.), X-RAY(debug etc) , Trusted Advisor(recommendations) , Security Hub(centralize security alerts etc.), AWS Config(audit,remediation etc.), Amazon Macie (Sensitive information,PII etc.), AWS Artifact (Compliance-related reports etc.)
9. Understand when to use SCP vs IAM Policy
10. Almost always, if you see option to choose between static long term credentails (IAM User) or short-term temporary credentials(IAM role), go for latter option
11. What are alternative Options to SSH i.e. Systems Manager etc.
12. Understand purpose of different System Manager services (i.e. Automation, Run Command, Session Manager, State Manager, Patch Manager, Maintenance Window)
13. When to use AWS Serverless Application Model (SAM) vs CloudFormation in deploying Lambda with DynamoDB
14. AWS CI/CD Services (CodeCommit, CodeBuild, CodeDeploy, CodePipeline) and 3rd party alternatives so, to understand code repository change from lets say GitHub to CodeCommit
15. AWS WAF rules and which products it applies on i.e. ELB (ALB), CloudFront, Amazon API Gateway and EC2
16. AWS Shield Standard vs AWS Shield Advanced (Cost Factor vs Business Continuity)
17. Amazon ES (Elasticsearch?) – Kibana Endpoint
18. Providing access to data and visualization tool: QuickSight vs Kibana
19. Querying data from S3 : Athena or ?
20. Lambda accessing a database from outside your VPC
21. Private Hosted Zone in Route 53 to connect the routing of your multiple VPCs..
22. Lambda@edge vs Lambda Functions
23. Improving CloudFront performance (Cache Hit Rate?, Origin ?)
24. Systems Manager Run command vs User Data Scripts vs ?
25. S3 Standard Access vs Infrequent Access vs Intelligent Tiering vs Glacier vs Glacier Deep Archive
26. Use cases for Provisioned IOPS vs Throughput Optimized IOPS vs General Purpose GP2
27. DynamoDB , DynamoDB Accelerator (DAX) , DynamoDB StreamsStreams
28. ElastiCache cluster (Redis vs. Memcached) based on criteria : performance vs cost etc.
29. Lambda vs Simple Workflow (SWF) vs Step Functions
30. AWS Storage Gateway and its offerings (Cached Volume vs Stored Volume vs File vs Tape Gateway)
31. 6 R’s of Migration and their use cases i.e. Rehosting  (lift-and-shift), Replatforming , Repurchasing, Refactoring / Re-architecting,Retire , Retain
32. SCP vs IAM Policy vs Resource Policy vs Bucket Policy etc.

Study Resources:

Make sure you go through whitepapers and FAQs:

WHITEPAPERS: https://aws.amazon.com/whitepapers/

• AWS Security Best Practices
• AWS Well-Architected Framework
• Architecting for the Cloud AWS Best Practices
• Practicing Continuous Integration and Continuous Delivery on AWS Accelerating Software Delivery with DevOps
• Microservices on AWS
• Serverless Architectures with AWS Lambda
• Optimizing Enterprise Economics with Serverless Architectures
• Running Containerized Microservices on AWS
• Blue/Green Deployments on AWS

FAQs: https://aws.amazon.com/faqs/

• Amazon Simple Queue Service
• Amazon DynamoDB
• Amazon ElastiCache
• Amazon Kinesis
• AWS Lambda
• Amazon API Gateway
• AWS Elastic Beanstalk
• AWS Identity and Access Management
• AWS Key Management Service

Practice Resources :

This blog is a work in progress (WIP). Will add more tips/notes along the way.