My experience with the AWS Solutions Architect — Associate exam and some study tips — November 2018
I have passed the AWS CSA-A exam some days ago and I thought is a good idea to share my thoughts on the exam, how I prepared myself for the exam and the key points that my test covered(on a high level).
I know that there a lot of other study guides and stuff but I thought I would also create my own as I would love to have found something similar before I started studying. I have included a number of resources that I have used for my study that are the result of a lot of google searching and also be following other guides on A Cloud Guru(ACG).
Consider everything below as just another guide to pass AWS SA-A. You should for sure make your own research and study according to how you feel you will learn the concepts better.
Not that is important but using the below material I was able to pass the exam with a mark of 865. There are numerous discussions on the internet on the passing score for this exam. There is no standard pass score as it varies according to the difficulty of the questions that are randomly chosen from the questions pool.
Preparation for the exam and tasks separation
Throughout the time i have spent studying for this exam i kept a log book. This log book included the time i have spent studying and the kind of study i was doing on each study day. Because i kept logs for every study day i was able to produce the below bar chart which describes in a graphical way how my study time was spent. It is a good indication for anyone that is just starting to study for the exam and needs an approximation on where to spent his/her time.
AWS Solutions Architect — Associate 2018 Exam Study Videos, Most videos are from Re:Invent 2017
- See the videos after you have completed the ACG or Udemy Course as they contain advanced concepts that will not be understandable if you don’t first know the basics
- https://www.youtube.com/playlist?list=PL16ij0keBKz5Fb5KhEv_YwSbeS04SSOH8
Study guides
- https://acloud.guru/forums/aws-certified-solutions-architect-associate/discussion/-KSS5nf3pekHgwDEuNnF/-
- https://www.cloudreach.com/blog/aws-solutions-architect-professional-exam/
- http://jayendrapatil.com/tag/cheat-sheet/
- https://acloud.guru/forums/aws-certified-solutions-architect-associate/discussion/-KKr5HCv2bzH3EOBSUAt/my_path_to_solutions_architect
- https://expeditedsecurity.com/aws-in-plain-english/
Whitepapers
AWS Well-Architected framework
- Operational Excellence — https://d1.awsstatic.com/whitepapers/architecture/AWS-Operational-Excellence-Pillar.pdf
- Security Pillar — https://d1.awsstatic.com/whitepapers/architecture/AWS-Security-Pillar.pdf
- Reliability Pillar — https://d1.awsstatic.com/whitepapers/architecture/AWS-Reliability-Pillar.pdf
- Performance Efficiency — https://d1.awsstatic.com/whitepapers/architecture/AWS-Performance-Efficiency-Pillar.pdf
- Cost Optimization https://d1.awsstatic.com/whitepapers/architecture/AWS-Cost-Optimization-Pillar.pdf
AWS disaster recovery architectures
Security Whitepapers
Practice tests used
- A Cloud Guru course practice exam — difficulty is similar to the actual test but I found that this covered things a bit more on the developer site — https://acloud.guru/course/aws-certified-solutions-architect-associate/learn/thank-you-good-luck-coming-soon/practice-exam/watch
- Simplilearn practice exam — similar difficulty with the actual test and covers more areas on the VPC and network site of AWS components — https://www.simplilearn.com/aws-solutions-architect-exam-free-practice-test#/
- Whizlabs — didn’t use these but I have read that they are easier that the above too, you can have these as a backup — https://www.whizlabs.com/aws-solutions-architect-associate/
Tips
- The answer you think is correct on the first question read is most probably the correct one
- Know each of the AWS services(al least those found below) purpose and how they should be combined or not with other AWS services
- Must be able to identify either the most cost effective or most performant solution or both from a number of possible architectures
- Be prepared to have multiple correct answers but need to choose one according to words like MOST, LEAST, in terms of etc.
- Do not spend more than 30–60 seconds on a question just flag it and review later if not sure
- More than 50% of the questions are a paragraph long(small or medium large) describing a scenario you need to understand in every detail specified
- You have 130 minutes / 65 questions = 2 minutes per question
- You should spend around 120–150 hours of study depending on the background and previous knowledge. Of those hours around 25–30 % should be spent on the AWS Console or AWS command line doing labs
- Follow the course material at least once and then do practice exams. No course covers everything that can be found in the exam.
- The re:invent videos present advanced topics that is a good way on expanding your knowledge on specific areas depending on the video.
- The practice exams will present topics that will be unfamiliar from the course so follow through those questions and try to read the AWS documentation and expand your knowledge on topics found in the practice exams but not on the course.
- Try to do the practice tests multiple times. Mark the questions that you are unable to answer or answered wrong and try to understand why answers are correct and why some answers are wrong by reading the AWS documentation. Do the test again and follow this cycle until you are able to understand all the exam concepts.
Exam focus points — November 2018
VPC internals
• Availability Zones(AZ)
• Regions
• DR compliance requirements in terms of distance(know when to use AZ and when to use Regions in terms of distance)
EC2
• Dedicated and Scheduled Dedicated Instances
• On-Demand instance costs
• IAM roles used in EC2 to communicate with other services and credential management
• Encryption on EC2 EBS file system
• Ephemeral stores and data loss on restarts
S3
• Storage classes — especially S3-OneZone, S3-Infrequent Access
• S3-Infrequent Access but fast retrieval and costs
• Storing video in S3
• Storage encryption — SSE-KMS, SSE-C
• Scenarios with strict encryption requirements
• How it can be used to store images that are easily reproducible
• How to efficiently store data for fast retrieval on S3
• Cross-region replication
• Remember that S3 is not a file system in questions that you need to select a file system between EFS, EBS and S3
Glacier
• When it is a good and cost effective alternative to S3 or EBS/EFS
• Data retrieval times
EBS
• Know the difference with EFS
• Encryption on EBS either with AWS or Client master keys
• Know the difference storage classes and when to use which(gp2, io1, st1, sc1) — e.g. for a data warehouse on ec2 instances or a legacy app with performance issues
EFS
• Understand the nature of this distributed file system and how it can be shared by hundreds on EC2 instances
• When to use instead of EBS
AWS Security
• Security groups(SG) — the concept of stateful inspection and that they can have only allow rules
• Network Access Control lists(NACL) — the stateless of stateless inspection and that they have allow and deny rules
• SGs vs NACLs
• Restricting access between subnets that share the same SGs
Disaster Recovery on AWS
• DR compliance requirements
Hybrid Architectures — On-premise & Cloud
• AWS as the primary site
• On-premise as the primary site
Auto scaling groups
• Scale-out and Scale-in concepts
• Cost optimization
• High-availability and fault tolerance
Elastic load balancing
• High availability(HA) concepts
• Combination of cost effective but HA requirements
• Web applications and ALBs for fast scale-out architectures
API gateway
• Building APIs using Lambda
• API caching
AWS Lambda
• Building APIs using lambda and API gateway
• Used as Microservices
• Know how lambda scales
• How it can be used in web applications or not
• Know the lambda timeout limits when presented with a solution that will use lambda as a batch data processing component
Dynamo DB
• Table partitioning
• Performance and Cost optimization
• DynamoDB Accelerator (DAX) — in-memory caching to improve performance
• How RCUs and WCUs work per table
• How partition and sort keys work
• How it can store web session data
• Very similar scenario as in https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-time-series.html
Cost Optimization
• Choosing the most cost effective components to implement an architecture
Elastic Container Service
• Web applications and containers
ElastiCache
• When to use it to improve performance on the Web or Data layer
• When it is not a good choice
RDS — MySQL, Aurora
• Database User management
• IAM users integration with RDS
• Using SSH to login to MySQL on RDS
• How read-replicas work and their data consistency
• Multi-AZ database deployments
• Know the concept only of migrating MySQL/Postgress to Aurora
Amazon Redshift Data Warehouse
• Cluster replication
• Cross region DR scenario
• Loading data using a Lambda function
Route53
• Failover/Weighted/Latency routing
• Using DNS failover in a Disaster Recovery scenario
• How Route53 and Load balancing are different in terms of high-availability
SQS
• Stateless web applications
• Decoupling the database from overloading front end requests — e.g. online shop on black Friday or Voting systems
CloudFront
• Static and dynamic web sites availability around the world
• How to restrict access to the distribution to specific users — signed URLs
CloudFormation
• Nested templates and how they can improve security
CloudWatch
• Review EC2 audit trails by pushing data in CloudWatch
CloudTrail
• How to collect operational logs from AWS services especially EC2 and push to CloudWatch
Elastic BeanStalk
• Building an EC2/ELB/Auto-Scaling/RDS alternative requiring minimal administration
• Docker containers on Elastic BeanStalk
Kinesis
• Data Analytics and how to use it to run SQL on real time data
Firehose when to use it to load large volumes of real time data into an ETL pipeline