Tips & Techniques to re-cerity for AWS Solution Architect Professional Exam

Check GitHUB URL for my detailed notes

Focus on Keywords :

There could be multiple correct options , but you need to figure out the “keyword” in question to see which one fits the scenario requirement.

Keywords could be :

  • least expensive
  • cost-effective
  • near real-time
  • least performance impact
  • reduce down-time
  • loosely coupled
  • achieve resiliency, high availability
  • reduce operational overhead

KeyWords Examples:

Technical Tips:

  1. Understand which service AWS recommends for what usecase, i.e. Kinesis Data streams can be used for log ingestion and analytics etc., To confuse; question might give you cloud watch logs + insights as option too. If log ingestion + real time analytics go for Kinesis brand of services.
  2. Learn to differentitate within Kinesis services i.e. If question speaks about real-time streaming, pickup Kinesis Data Streams. If you can tolerate delay of ~60 seconds, go for Kinesis Firehose
  3. Know the limitations on each service, they are very important to elimiate wrong answers for a given question. Like CloudFront supports 100000 RPS, ALB 10000 RPS etc., DynamoDB RCU/WCU 4KB/1KB, SQS/SNS Max Message Size limit 256KB, Lambda memory allocation can go from 128MB to 10,240MB (10GB) , per execution limit upto 15 minutes , S3 single object can be upto 5TB in size etc.
  4. Understand different DR strategies and carefully evaluate given RPO/RTO requirements vs. cost considerations for all types Backup & Restore, Pilot Light, Warm Standby and Multi-Site/Active-Active
  5. Understand when to use migration services like DMS, SCT, SMS,VM Import/Export,Application Discovery Service and their limitations. Can you migrate non-VM servers using SMS ?
  6. If there is no mention of any performance or cost , just asks for the best option. In order to eliminate wrong answers, stick with AWS recommendations.
  7. Understand difference between Private VIF and Public VIF for DX i.e. to access AWS services, use Private VIF , to establish secure VPN tunnel over DX, use Public VIF etc.
  8. Understand Purpose of a given security service i.e. Shield (DoS etc.), Inspector(CVE assessment etc.) , WAF(SQL/injector attacks etc.), X-RAY(debug etc) , Trusted Advisor(recommendations) , Security Hub(centralize security alerts etc.), AWS Config(audit,remediation etc.), Amazon Macie (Sensitive information,PII etc.), AWS Artifact (Compliance-related reports etc.)
  9. Understand when to use SCP vs IAM Policy
  10. Almost always, if you see option to choose between static long term credentails (IAM User) or short-term temporary credentials(IAM role), go for latter option
  11. What are alternative Options to SSH i.e. Systems Manager etc.
  12. Understand purpose of different System Manager services (i.e. Automation, Run Command, Session Manager, State Manager, Patch Manager, Maintenance Window)
  13. When to use AWS Serverless Application Model (SAM) vs CloudFormation in deploying Lambda with DynamoDB
  14. AWS CI/CD Services (CodeCommit, CodeBuild, CodeDeploy, CodePipeline) and 3rd party alternatives so, to understand code repository change from lets say GitHub to CodeCommit
  15. AWS WAF rules and which products it applies on i.e. ELB (ALB), CloudFront, Amazon API Gateway and EC2
  16. AWS Shield Standard vs AWS Shield Advanced (Cost Factor vs Business Continuity)
  17. Amazon ES (Elasticsearch?) – Kibana Endpoint
  18. Providing access to data and visualization tool: QuickSight vs Kibana
  19. Querying data from S3 : Athena or ?
  20. Lambda accessing a database from outside your VPC
  21. Private Hosted Zone in Route 53 to connect the routing of your multiple VPCs..
  22. Lambda@edge vs Lambda Functions
  23. Improving CloudFront performance (Cache Hit Rate?, Origin ?)
  24. Systems Manager Run command vs User Data Scripts vs ?
  25. S3 Standard Access vs Infrequent Access vs Intelligent Tiering vs Glacier vs Glacier Deep Archive
  26. Use cases for Provisioned IOPS vs Throughput Optimized IOPS vs General Purpose GP2
  27. DynamoDB , DynamoDB Accelerator (DAX) , DynamoDB StreamsStreams
  28. ElastiCache cluster (Redis vs. Memcached) based on criteria : performance vs cost etc.
  29. Lambda vs Simple Workflow (SWF) vs Step Functions
  30. AWS Storage Gateway and its offerings (Cached Volume vs Stored Volume vs File vs Tape Gateway)
  31. 6 R’s of Migration and their use cases i.e. Rehosting  (lift-and-shift), Replatforming , Repurchasing, Refactoring / Re-architecting,Retire , Retain
  32. SCP vs IAM Policy vs Resource Policy vs Bucket Policy etc.

Study Resources:

Make sure you go through whitepapers and FAQs:


  • AWS Security Best Practices
  • AWS Well-Architected Framework
  • Architecting for the Cloud AWS Best Practices
  • Practicing Continuous Integration and Continuous Delivery on AWS Accelerating Software Delivery with DevOps
  • Microservices on AWS
  • Serverless Architectures with AWS Lambda
  • Optimizing Enterprise Economics with Serverless Architectures
  • Running Containerized Microservices on AWS
  • Blue/Green Deployments on AWS


  • Amazon Simple Queue Service
  • Amazon DynamoDB
  • Amazon ElastiCache
  • Amazon Kinesis
  • AWS Lambda
  • Amazon API Gateway
  • AWS Elastic Beanstalk
  • AWS Identity and Access Management
  • AWS Key Management Service

Practice Resources :

This blog is a work in progress (WIP). Will add more tips/notes along the way.

Tariq Sheikh Administrator

Tariq Sheikh has been working in IT industry for 15 plus years He is a dual CCIEx26141 with Security,Collaboration and Data Center as his specialities as well as 4xAWS Certified . He is based in Dubai,UAE and his areas of expertise include Data Center technologies, Networking, Security and AWS solution architect

Leave a Reply

Your email address will not be published. Required fields are marked *

Close Bitnami banner