AWS Professional Solution Architect Certification Tips

Having sat and passed all the AWS Associate certification exams and working with AWS technologies for over a year now, I thought it was about time I gave the professional level exams a go. Not only does this give you additional credentials that look great on your résumé, it's a great way to learn a lot more about services you may have never used before in your day-to-day job.

I passed the Professional Solution Architect Certification exam yesterday and haven't seen many blog posts or study guides regarding it (one is coming at https://acloud.guru/ soon!), so I thought I'd write a bit of a guide for those of you who may want to attempt it.

My thoughts about the exam are as follows:

  1. If you are doing this for the first time it will be very long and exhausting. My second attempt seemed to go a lot quicker.
  2. It's a massive coverage of almost every service AWS has, I don't feel I had a lot of any particular kind of technology in my exam, it was so wide open to what you may get asked.
  3. It was actually a good exam and if you pass this I believe you deserve the credentials. The first time I failed I was so close (61%) and was so disheartened I failed by 2-3 questions, but you really can't bluff your way through it

The format of the exam is 80 mostly scenario based questions in 170 minutes. There's a lot of reading, both questions and answers. You can read the full breakdown at AWS here https://aws.amazon.com/certification/certified-solutions-architect-professional/

That said, these are the services that you should research.

  • AWS Key Management Service
  • AWS Import/Export
  • AWS Security Token Service
  • CloudFormation
  • CloudFront
  • CloudHSM
  • CloudSearch
  • CloudWatch
  • Data Pipeline
  • Direct Connect
  • DynamoDB
  • EBS
  • EC2
  • ELB
  • EMR
  • ElastiCache
  • Elastic Beanstalk
  • Elastic Transcoder
  • Glacier
  • IAM
  • Kinesis
  • OpsWorks
  • RDS
  • RedShift
  • Route 53
  • S3
  • SES
  • SNS
  • SQS
  • SWF
  • Storage Gateway
  • VPC

...so basically, everything.

At minimum, you should read the FAQ for everyone of of these services. I suggest taking notes to summarise each one.

Other things you should research:

  • Learn as much as possible about CloudFront. Make sure you are clear as to whether or not it can have dynamic content hosted on it.
  • Learn about how cross-account roles work
  • Learn how to mitigate DDOS attacks
  • Learn the best practices for IDS and IPS
  • Learn what Mobile Push is
  • Learn how many IP addresses AWS reserves when dealing with subnets
  • Learn all the different instance types for EC2 (seriously).
  • Learn what a WAF sandwich is
  • Learn about vSphere connector for AWS
  • Learn how and where you can use Import/Export
  • Learn about NAT bandwidth bottlenecks
  • Learn about MFA and MFA delete
  • Learn about single sign on with Active Directory (you need to know each of the steps).
  • Learn the difference between RTO and RPO, and what services to use for the time frame provided

My recommended reading list (this is not all you should study, but probably a minimum):
https://www.dropbox.com/s/hizoeicmgf4iha5/DDoS_White_Paper_June2015.pdf
https://aws.amazon.com/kinesis/faqs/
https://aws.amazon.com/kinesis/
https://docs.aws.amazon.com/kinesis/latest/dev/introduction.html
https://aws.amazon.com/directconnect/faqs/
https://aws.amazon.com/storagegateway/faqs/
https://aws.amazon.com/glacier/faqs/
https://aws.amazon.com/importexport/
https://aws.amazon.com/importexport/faqs/
https://aws.amazon.com/cloudfront/faqs/
https://aws.amazon.com/cloudfront/dynamic-content/
https://aws.amazon.com/ec2/vcenter-portal/
https://aws.amazon.com/developertools/2759763385083070
https://aws.amazon.com/dynamodb/faqs/
https://aws.amazon.com/elasticache/faqs/
https://aws.amazon.com/redshift/faqs/
https://aws.amazon.com/datapipeline/faqs/
https://docs.aws.amazon.com/IAM/latest/UserGuide/walkthru_cross-account-with-roles.html
http://nineofclouds.blogspot.com.au/2013/01/vpc-migration-nats-bandwidth-bottleneck.html
https://aws.amazon.com/articles/2781451301784570
https://docs.aws.amazon.com/sns/latest/dg/SNSMobilePush.html
https://docs.aws.amazon.com/IAM/latest/UserGuide/walkthru_cross-account-with-roles.html
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html
http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html
http://blogs.aws.amazon.com/security/post/Tx71TWXXJ3UI14/Enabling-Federation-to-AWS-using-Windows-Active-Directory-ADFS-and-SAML-2-0
http://d0.awsstatic.com/whitepapers/migration-best-practices-rdbms-to-dynamodb.pdf