AWS Certified Solutions Architect Professional Exam Study Path
Few years ago, before you can take the AWS Certified Solutions Architect Professional (or SA Pro for short) exam, you would first have to pass the associate level exam of this track. This is to ensure that you have sufficient knowledge and understanding on architecting in AWS, before tackling the more difficult certification. In October 2018, AWS removed this ruling so that there are no more prerequisites for taking the Professional level exams. You now have the freedom to directly pursue this certification if you wish to.
This certification is truly a levelled-up version of the AWS Solutions Architect Associate certification. It examines your capability to create well-architected solutions in AWS, but on a grander scale and with more difficult requirements. Because of this, we recommend that you go through our exam preparation guide for the AWS Certified Solutions Architect Associate and even the AWS Certified Cloud Practitioner if you have not done so yet. They contain very important materials such as review materials that will be crucial for passing the exam.
The FREE AWS Exam Readiness course, official AWS sample questions, Whitepapers, FAQs, AWS Documentation, Re:Invent videos, forums, labs, AWS cheat sheets, AWS practice exams, and personal experiences are what you will need to pass the exam. Since the SA Pro is one of the most difficult AWS certification exams out there, you have to prepare yourself with every study material you can get your hands on. To learn more details regarding your exam, go through this AWS exam blueprint as it discusses the various domains they will test you on.
AWS has a digital course called Exam Readiness: AWS Certified Solutions Architect – Professional, which is a short video lecture that discusses what to expect on the AWS Certified Solutions Architect – Professional exam. It should sufficiently provide an overview of the different concepts and practices that you’ll need to know about. Each topic in the course will also contain a short quiz right after you finish its lecture to help you lock in the important information.
- Securing Data at Rest with Encryption
- Web Application Hosting in the AWS Cloud
- Migrating AWS Resources to a New Region
- Practicing Continuous Integration and Continuous Delivery on AWS Accelerating Software Delivery with DevOps
- Microservices on AWS
- AWS Security Best Practices
- AWS Well-Architected Framework
- Architecting for the Cloud AWS Best Practices
- Amazon Web Services: Overview of Security Processes
- Using Amazon Web Services for Disaster Recovery
- AWS Architecture Center architecture whitepapers
The instructor-led classroom called “Advanced Architecting on AWS” should also provide additional information on how to implement the concepts and best practices that you have learned from whitepapers and other forms of documentation. Be sure to check it out.
Also check out this article: Top 5 FREE AWS Review Materials.
AWS Services to Focus On
Generally, as a soon-to-be AWS Certified SA Pro, you should have a thorough understanding of every service and feature in AWS. But for the purpose of this review, give more attention on the following services since they are common topics in the SA Pro exams:
- AWS Organizations – Know how to create organizational units (OUs), service control policies (SCPs), and any additional parameters in AWS Organizations. Different SCP from IAM policies. Read how you can save on costs by enabling consolidated billing in your organizations.
- AWS Server Migration Services – Study the different ways to migrate on-premises servers to the AWS Cloud. Also study how you can perform the migration in a secure and reliable manner.
- AWS Serverless Application Model – The AWS SAM has a syntax of its own. Study the syntax and how AWS SAM is used to deploy serverless applications through code. Know the relationship of SAM and CloudFormation.
- AWS EC2 Systems Manager – The responsibilities of an SA Pro involves a lot of automation. Study the different features under Systems Manager and how each feature can automate EC2-related processes. It is also important to know how you can troubleshoot EC2 issues using Systems Manager.
- AWS CI/CD – Study the different CI/CD tools in AWS, from function to features to implementation. It would be very helpful if you can create your own CI/CD pipeline as well using the services below.
- AWS Service Catalog – This service is also part of the automation toolkit in AWS. Study how you can create and manage portfolios of approved services in service catalog, and how you can integrate these with other technologies such as AWS Organizations.
- AWS Direct Connect – Direct Connect is known to commonly pop up in the exam. You should have a deep understanding of this service. VPCs and networks are highly important topics that you need to study for.
We also recommend checking out Tutorials Dojo’s AWS Cheat Sheets which provides a summarized but highly informative set of notes and tips for your review on these services. These cheat sheets are presented mostly in bullet points which will help you retain the knowledge much better vs reading the lengthy FAQs.
We expect that you already have vast knowledge on the AWS services that a Solutions Architect commonly use, such as those listed in our SA Associate review guide. It is also not enough to just know the service and its features. You should also have a good understanding on how to integrate these services with one another to build large-scale infrastructures and applications. It’s why it is generally recommended to have hands-on experience managing and operating systems on AWS.
Validate Your Knowledge
After your review, you should take some practice tests to measure your preparedness for the real exam. AWS offers a sample practice test for free which you can find here. You can also opt to buy the longer AWS sample practice test at aws.training, and use the discount coupon you received from any previously taken certification exams. Be aware though that the sample practice tests do not mimic the difficulty of the real SA Pro exam. You should not rely solely on them to gauge your preparedness. It is better to take more practice tests to fully understand if you are prepared to pass the certification exam.
Fortunately, Tutorials Dojo also offers a great set of practice questions for you to take here. It is kept updated by the creators to ensure that the questions match what you’ll be expecting in the real exam. The practice tests will help fill in any important details that you might have missed or skipped in your review.
Sample Practice Test Questions:
The AWS resources in your production account is shared among various business units of the company. A single business unit may have one or more AWS accounts which have resources in the production account. There were a lot of incidents in which the developers from a specific business unit accidentally terminated the EC2 instances owned by another business unit. You are tasked to come up with a solution to only allow a specific business unit who own the EC2 instances, and other AWS resources, to terminate their own resources.
Which of the following is the most suitable multi-account strategy that you should implement?
- Use AWS Organizations to centrally manage all of your accounts. Group your accounts, which belongs to a specific business unit, to individual Organization Unit (OU). Create an IAM Role in the production account for each business unit which has a policy that allows access to the EC2 instances including a resource-level permission to terminate the instances that it owns. Create an
AWSServiceRoleForOrganizationsservice-linked role to the individual member accounts of the OU to enable trusted access.
- Use AWS Organizations to centrally manage all of your accounts. Group your accounts, which belongs to a specific business unit, to individual Organization Unit (OU). Create a Service Control Policy in the production account for each business unit which has a policy that allows access to the EC2 instances including a resource-level permission to terminate the instances that it owns. Provide the cross-account access and the SCP to the individual member accounts to tightly control who can terminate the EC2 instances.
- Use AWS Organizations to centrally manage all of your accounts. Group your accounts, which belong to a specific business unit, to individual Organization Units (OU). Create an IAM Role in the production account which has a policy that allows access to the EC2 instances including a resource-level permission to terminate the instances owned by a particular business unit. Provide the cross-account access and the IAM policy to every member accounts of the OU.
- Use AWS Organizations to centrally manage all of your accounts. Group your accounts, which belongs to a specific business unit, to individual Organization Unit (OU). Create a Service Control Policy in the production account which has a policy that allows access to the EC2 instances including a resource-level permission to terminate the instances owned by a particular business unit. Provide the cross-account access and the SCP to the OUs, which will then be automatically inherited by its member accounts.
A known security vulnerability was discovered in the outdated Operating System of your company’s EC2 fleet. As the Systems Administrator, you are responsible in mitigating the vulnerability as soon as possible to safeguard your systems from various cyber security attacks. In addition, you are also required to record all of the changes to patch and association compliance statuses.
What is the most efficient way to solve this issue?
- Configure the EC2 fleet to automatically install the security OS patch every week on the provided maintenance window.
- Use AWS Systems Manager and AWS Config to manage, record, and deploy the security patches for the OS for the entire fleet of EC2 instances.
- Set up Amazon QuickSight and Kibana to apply, monitor, and visualize the patch statuses of all EC2 instances.
- Use AWS Systems Manager and Amazon ES to manage, record, and deploy the security patches for the OS for the entire fleet of EC2 instances.
In general, what you should have learned from your review are the following:
- Features and use cases of the AWS services
- AWS networking, security, billing and account management
- The AWS CLI, APIs and SDKs
- Automation, migration planning, and troubleshooting
- The best practices in designing solutions in the AWS Cloud
All these factors are essentially the domains of your certification exam. It is because of this difficult hurdle that AWS Certified Solutions Architect Professionals are highly respected in the industry. They are capable of architecting ingenious solutions that solve customer problems in the AWS. They are also constantly improving themselves by learning all the new services and features that AWS produces each year to make sure that they can provide the best solutions to their customers. Let this challenge be your motivation to dream high and strive further in your career as a Solutions Architect!
Additional Training Materials: High Quality Video Courses on Udemy
There are a few top rated AWS Certified Solutions Architect Professional video courses on Udemy that you can check out as well, which can complement your exam preparations especially if you are the type of person who can learn better through visual courses instead of reading long whitepapers:
- AWS Certified Solutions Architect – Professional 2019 by DolfinEd
- AWS Certified Solutions Architect – Professional 2019 by Zeal Vora
Some notes regarding your exam
The SA Professional exam questions always ask for highly available, fault tolerant, cost-effective and secure solutions. Be sure to understand the choices provided to you, and verify that they have accurate explanations. Some choices are very misleading such that they seem to be the most natural answer to the question, but actually contain incorrect information, such as the incorrect use of a service. Always place accuracy above all else.
When unsure of which options are correct in a multi-select question, try to eliminate some of the choices that you believe are false. This will help narrow down the feasible answers to that question. The same goes for multiple choice type questions. Be extra careful as well when selecting the number of answers you submit.
Since an SA Professional has responsibilities in creating large-scale architectures, be wary of the different ways AWS services can be integrated with one another. Common combinations include:
- Lambda, API Gateway, SNS, and DynamoDB
- EC2, EBS/EFS/Elasticache, Auto Scaling, ELB, and SQS
- S3, Cloudfront, WAF
- S3, Kinesis
- On-premises servers with Direct Connect/VPN/VPC Endpoints
- Organizations, SSO, IAM roles, Config, and Service Catalog
- Mobile apps with Cognito, API Gateway, and DynamoDB
Lastly, be on the lookout for “key terms” that will help you realize the answer faster. Words such as millisecond latency, serverless, managed, highly available, most cost effective, fault tolerant, mobile, streaming, object storage, archival, polling, push notifications, etc are commonly seen in the exam. Time management is very important when taking AWS certification exams, so be sure to monitor the time you consume for each question.
AWS Certifications are consistently among the top paying IT certifications in the world, considering that Amazon Web Services is the leading cloud services platform with almost 50% market share! Earn over $150,000 per year with an AWS certification!