By Wolfgang Unger
Introduction
Are you planning to get a AWS certification within the next time?
For example the Solutions Architect Associate or to your first one the Cloud Practitioner?
This blog will provide you some tips how to prepare for it and pass it.
We will talk about 5 important things to know:
- Know IAM & Security
- Know VPC & Networking
- Know the services
- Know the 5 pillars
- Read the keywords
You can also download this Powerpoint with additional infos and example questions:
Certification Powerpoint
Know IAM & Security
Know VPC & Networking
You don't have to know all 200 aws services by heart, more about this in the chapter 'Know the services',
but IAM ( and Security) and VPC & Networking are really essential and without a profound knowledge on
them, you will have for sure difficulties to pass most of the exams.
Also if you want not just to pass the certification, but work on AWS, you will need this knowledge every day.
For IAM make sure you really know these entities:
Users
Roles
Groups
Policies
Identy Providers
Cognito
For Security read the Security whitepaper and get a good understanding how to secure resources on AWS,
know the most important Security Services like
GuardDuty, WAS, SecurityHub, Macie, Shied and more
Concerning VPC and Networking be sure you know really well these entities:
VPC Security ( SGs, ACLs, VPN etc)
Subnets
ACLs
Endpoints
Gateways
CloudFront
Route53
Know the services
What about the other 200 AWS Services? You don't know them by heart, probably nobody knows all of them really in detail,
but there a couple of really often used services, you must well and for other services, you should know
at least the very basic description of this service and what it does or serves for.
On these services a good knowledge is really recommended to pass the exams :
VPC & Networking, CloudFront, Route53
Security, Identy & Complience
Computing, API Gateway
Storage
Databases
Management
Developer Tools
For all other services take at least one look on the AWS high level description in the documentation of the service.
For example Kinesis, the description from AWS on this service is :
"Amazon Kinesis cost-effectively processes and analyzes streaming data at any scale as a fully managed service.
With Kinesis, you can ingest real-time data, such as video, audio, application logs, website clickstreams,
and IoT telemetry data, for machine learning (ML), analytics, and other applications."
Try to remember the key words of the description, you might get a question where a service is required,
that "ingest real-time data" or "processes and analyzes streaming data" . Once you read this, there is
a high chance, they are asking for Kinesis.
DynamoDB as a second example:
"Amazon DynamoDB is a fully managed, serverless, key-value NoSQL database designed to run high-performance applications at any scale.
DynamoDB offers built-in security, continuous backups, automated multi-Region replication, in-memory caching, and data import and export tools"
So if you read "key-value", "NoSQL Database" and "serverless" you know what they are looking for.
Know the 5 pillars
You definitely have to know the 5 pillars ( by now 6) of the Well Architected Framework.
The Well Architected Framework whitepaper is a must read to prepare for the certifications.
Operational Excellence
The ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedure
Security
The ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategie
Reliability
The ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources
to meet demand, and mitigate disruptions such as misconfigurations or transient network issue
Performance Efficiency
The ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes
and technologies evolve
Cost Optimization
The ability to run systems to deliver business value at the lowest price poin
Sustainability
The discipline of sustainability addresses the long-term environmental, economic, and societal impact of your business activities.
You can find prescriptive guidance on implementation in the Sustainability Pillar whitepaper.
Questions will often focus on one of these 5/6 pillars and the answer might ambiguous or there it might seem there are
more than one valid answers, but if you figure out the focus of the question, more about this in the next chapter,
it will become more clear, what the correct answer is in deed.
Read the keywords
This is maybe the most valuable tip of all of 5, especially when it comes to the professional and speciality exams.
Most of the questions are really long with extensively description or details.
For my taste really too long. I often asked myself did Tolstoi wrote the question?
Some of them can be ignored but some little words - some key words - are the game changer about the correct answer.
Often you will have to choose between multiple presumably correct answers. At least from the aspect of this answer
is a valid architecture desing or choice.
But only one of them is really the correct one.
This will very often depend on little keywords in the question, you have to figure out in the question
Some examples are:
…scalable solution..
…highly available
….security issues
…the most cost effective way
For example if one solution has a Multi AZ RDS Cluster and the other one got a RDS with a Read Replica,
the correct choice might depend if they asked for "highly available" Database or if the focus was "increase read performance".
Often the cost aspect will make the change. For other questions the realibity makes the differ.
Here is one example question:
"A company is planning to launch an application which requires a data warehouse that will be used for their infrequently accessed data.
You need to use an EBS Volume that can handle large, sequential I/O operations.
Which of the following is the most cost-effective storage type that you should use to meet the requirement?"
1. Throughput Optimized HDD (st1)
2. EBS General Purpose SSD (gp2)
3. Provisioned IOPS SSD (io1)
4. Cold HDD (sc1)
These words will guide you to the correct answer:
large, sequential, cost-effective
Which is valid for : 4 Code HDD
Conclusion
I hope these tips will help you on your preparation for the exam and later on to pass it.
Good luck !
References
Practice & training sources:
AWS Well-Architected Framework whitepaper, November 2018
Shared responsibility model
AWS Security Best Practices whitepaper, August 2016
Architecting for the Cloud AWS Best Practices whitepaper, October, 2018
Amazon Web Services: Overview of Security Processes
Development and Test on AWS
Backup and Recovery Approaches Using AWS
Amazon Virtual Private Cloud Connectivity Options
How AWS Pricing Works
The AWS Certified SysOps Administrator - Associate Exam: Official Study Guide
Serverless Architectures with AWS Lambda whitepaper, November 2017
Running Containerized Microservices on AWS whitepaper, November 2017
Blue/Green Deployments on AWS whitepaper, August 2016
See also this videos (3 parts) on my youtube channel
AWS
AWS - Tips how to pass AWS Certifactions(Solutions Architect, SysOps Adminstrator, Developer) - 1