How to Pass the AWS Solutions Architect Professional Exam

luan vu - Jan 22 '22 - - Dev Community

You are looking to take the AWS Certified Solutions Architect — Professional certification exam. Today I will help you with some tips & tricks that I learned during my professional exam preparation two years ago.

How I PASSED the New AWS Solutions Architect Professional?

Another guide to the certification exam, probably reading the White Paper, watching videos on YouTube, taking that course, etc. No! Such articles are present on the internet a lot. I can get you some:

Those articles are already too many, and adding one of mine is nothing more. Are the other people correct? Right. But to do it is not as easy as it sounds. The exam depends on your ability to learn and your background knowledge. If you study for four months, you will die (I have looked for a whole year, what a shame), but you could still don't pass no matter an entire year's preparation.

What is the standard learning path?

In general, The path to passing the AWS certification exam includes (don't miss anything):

1. Read White papers

There are hundreds of White papers, some with thousands of pages. Can you read it all? No matter how many you read, how much are you able to remember?

I just checked, now there are 314 White Paper & Guides; you can check them at AWS Whitepapers & Guides.

You should read all the essential White Papers mentioned in those articles above.

2. Read FAQs

AWS | FAQs

FAQs are also important. You should read all.

3. Watch AWS re:Invent, This Is My Architecture in YouTube

If you don't have much chance to try services architectures (like me), these videos are beneficial. They show you how a service should be used in actual projects (the exam too, of course) and how a group of services interact in architecture to resolve problems.

Amazon Web Services

4. Take some online/offline courses

It is the easiest to access. Many (most) AWS courses are available, both paid and paid. AWS also has some Exam Readiness (Free) to guide you through the exam questions

Exam Readiness: AWS Certified Solutions Architect --- Professional

There are many types of courses, but they are not enough in general. Especially some of the default courses require you to have a good knowledge of AWS and the overview for you. If you stick to them only, failure is inevitable.

I found a precious course on Udemy. It could be more expensive than usual, but the author deserves it.

https://www.udemy.com/share/104sE03@v25ocWwp5mS6EczCcLEoR6xjbdtVk0GPohkBLMVwUaLf4HB5bd4GAH_1dxW_J10=/

Fun Fact: The first time I took the exam, It hit me in the face with a service called Amazon Mechanical Turk, which didn't appear in any of the White Papers, FAQs, or AWS Console. I think it is a question that has not been scored, so don't worry if AWS gives you such a surprise.

5. Practice

Those learning materials are certainly informative, but it's hard to remember them all if you just read them and watch them do it. Practicing helps you understand better reflect better. Never skip practice any service.

6. Learn English

It's serious. It depends on the certification level you take the exam. With Professional, I took the exam, and all questions are very long; printing must also be over 50 pages. As I read and thought of the answer, it was indeed a terrible sprint. For test takers whose native language is not English (non-English speakers or English as a Second Language), AWS allows you to request accommodations, whereby you get a bonus of 30 minutes each time, so take advantage of it.

Many of you are probably shocked and don't dare to study, but that's the truth. This test is challenging, requiring hundreds of hours of study and practice. You should have terrible determination to make it through. Fortunately, Amazon will only test you on a few essential services. If you know (to the point of mastering) them, you have achieved over 80%. And if you don't understand these services and lose points, then strange services you never touch will be a lifesaver, but it is boundless knowledge. That is why AWS Solutions Architect Professional is touched, it is difficult to understand something deeply, and if it is broad, it is too wide to understand it all.

Tip & Trick


I'm not a person who can remember well. I tried to learn by going from service to service and memorizing them. According to statistics, I have read at least 47 full books about AWS, about 10--20 White Papers. However, the more I try to remember, the more I forget, learning 10--20 services, overlooking the first ones, reading a lot of books also forgetting quite a bit. So, I chose to study on my own.

Service classification

AWS has already categorized it for you at https://aws.amazon.com/products/

Service classification is critical. It helps you know what you face and how you deal with it. If you encounter a storage service, you need to know security, capacity, availability, and reliability. If you use databases, remember it is RDBMS or NoSQL, cache, or Big data.

It also helps you to remember the service better. There are various service names you have never heard before, so classification helps you have some idea about it. For instance, EC2 Auto Scaling or Elastic Load Balancer sounds reminiscent, but what do you think Neptune's purpose? Universe? Snowball, Glacier, etc.

Based on Well-Architected Framework's Five Pillars

Well-Architected Framework provides guidelines to help customers deploy systems on AWS. The framework offers five main pillars:

  • Security
  • Reliability
  • Performance Efficiency
  • Cost Optimization
  • Operational Excellence

When encountering any service, you need to think about these pillars.

1. Security

AWS places great emphasis on security across all architects. There are two main types of security that you need to know:

  • Security operations
  • Data protection

Security operations

There are always employees who do wrong things they are not authorized to do or should not do. Those are why there are services like IAM, Organizations, Cognito, CloudTrail, etc. When learning a specific service, you must know how to grant access or limit it. Amazon S3, how to not allow others to publish it? How do I allow access to someone with another AWS account (and only them)? How to prevent someone from Terminating EC2 instances? Knowing what a service can do is important, but securing it is just as important.

Data protection

You must get used to the concept of Encrypt at rest and Encrypt in transit. Is data stored in Storage encrypted? Is it encrypted when transferring data to the internet or on-premises via VPN? Most services are encrypted in transit by default, but encrypt at rest is not (Encryption is not enabled by default on EBS). There are still a lot of demanding customers out there. They require even more security. Have to use CloudHSM, use their certificate, or use end-to-end encryption too, and it's tough as well. You will become confusing with such services as KMS, CloudHSM, Direct Connect, Security Hub, Transit Gateway, VPN, etc... Still, it will frequently appear in the exam because that's how enterprise applications are built.

2. Resiliency: Availability and Disaster Recovery (DR)

High Availability, Blue/Green Deployment, Zero Down Time, Uptime, service level agreement (SLA), recovery time objective (RTO), recovery point objective (RPO), Redundancy, Failback, etc. You must go into deep dives on it.

Maybe the projects you have done or are doing are at an elementary level: one server, one database, one data center, etc. Stop and start again. But when it came to AWS, the architecture standard took a new high level. Your system must be redundant for everything: hardware failure leading to server stop or data loss. Possibilities like hurricanes, earthquakes, and volcanoes destroy a data center. Even, you have to consider the case of the main error from AWS.

You need to know four ways to preserve the system

  • Backup and Restore
  • Pilot Light
  • Warm Standby
  • Multi-site Example

For example, EC2 only guarantees 95.0% availability, which means every 1 hour, EC2 can be down for 3 minutes. We need to combine with Auto Scaling Group, Load Balancer to increase availability. More advanced, use Cross-region Load Balancer, Multi-site between AWS infrastructure and on-premises. The Serverless option can also be considered as an alternative. What about data? EC2 stores data in EBS. How to ensure no data loss? By now, you will probably have to know things like RAID, Snapshot, Point-in-time-recovery (PITR).

Similarly, in RDS, we have RDS snapshot, backtrack, Replica, Multi-AZ, etc. With ElastiCache, there is also Multi A-Z, Failover, Append Only Files (AOF)...You also need to know how long it takes to recover (RTO) and how much data can be lost (RPO). If customers need to restore the system within 1 hour, storing it in Glacier is wrong.
Refer

3. Performance

The performance here is understood as using computing resources to meet system requirements and maintain performance when conditions change or technology evolves. Some of the issues raised could be:

  • Latency
  • IOPS
  • Throughput

When choosing a service to use for your architecture, there are four types of resources you need to consider: compute, storage, database, and network.

Compute

There are three main types of computing:

  • Instance: a virtual server, typically EC2 and Lightsail. You can use EC2 to solve everything if there is no other option. For example, launch a MySQL server inside an EC2 instance.
  • Container: this is a way of virtualizing the operating system, I can immediately think of Docker, Kubernetes. With AWS, think about ECS, Fargate, and EKS. When to use Container instead of Instance? Most of the answers (in the test) will be customers who already use on-premises containers and want to spend the least amount of effort if migrating to AWS.
  • Function: focus on code and run without having to manage instances. Functions have three essential benefits: minimal management effort, outstanding scalability and are particularly suitable for event-based programs.

Storage

There are three main types of storage:

  • Object Storage: just S3
  • Block Storage: just EBS
  • File Storage: EFS, FSx

In my opinion, Storage Gateway should also be included here. The storage classification doesn't make much sense either. You can save it in Object Storage, Block Storage, or File Storage with a file. However, there is a slight difference. E.g., S3 is limited to 3,500 PUT/COPY/POST/DELETE and 5,500 GET/HEAD requests per second per prefix (directory name), and don't forget there's also a KMS limit if you choose to encrypt. And yet, accessing files from S3 will have extremely high latency. Think about them when you use them. With EBS, it is necessary to know the difference between the volume types, which are optimal for IOPS? Which are optimal for Throughput? If you need even higher performance, you can think of RAID, but what are the disadvantages of RAID? Data loss, Downtime. EBS still has certain limitations: IOPS, Throughput, Hybrid Storage, Limit storage size, Sharing, Availability, etc. Then you will need to use EFS.

Database

Databases can be divided into seven types:

  • Relational: RDS
  • Key-Value: DynamoDB, or maybe even Redis
  • Document: DocumentDB
  • In-Memory: ElastiCache, MemoryDB (new)
  • Graph: Neptune
  • Time-Series: Timestream
  • Ledger: QLDB

Each type of database will be used for different purposes, but sometimes it is not too noticeable.

E.g., Customers using MySQL on-premises does not mean that going to AWS is required to use RDS. That's also just an option. Another option could be MySQL on EC2 instance, converting MySQL to DynamoDB.

If you want a database with high access frequency low latency, it can be DynamoDB, but if the data is not too necessary, ElastiCache is also a good choice.

In general, the database selection problem is not too complex. Usually, the question will revolve around the issue of optimizing a particular type of database.

E.g., the customer is using MySQL on RDS and is noticing slow response as traffic increases. Think about multi-writer, multi-reader, and maybe even ElastiCache to reduce RDS load.

Refer:

Network

All AWS components are connected through a network, AWS's private network, or the internet.

EC2 instances connect to EBS through the internal network; Route53, CloudFront, S3 in/out internet; the connection between AWS and on-premises... In this regard, there are several standard solutions:

4. Cost

Usually, there are two scenarios:

  • Customers already have the system and want to reduce the price
  • Customers want to migrate to AWS for the lowest possible price.

So how to optimize the price:

  • Choose cheaper services. When to use Kinesis instead of SQS? When to use a VPN instead of Direct Connect? When to use Spot Instances?
  • Remove unnecessary resources.
  • Commitment: Savings Plans, Reserved Instances
  • Cost Management: Consolidated Billing, Cost Allocation Tags, Trust Advisor,...

And finally, remember, optimizing for price also comes at the expense of other things (performance, availability, reliability, security, etc.). The architecture you choose may not be perfect, but it is still the correct answer if it is feasible and the most cost-effective according to the customer's requirements.

5. Operational Excellence

"The Operational Excellence pillar includes the ability to support development and run workloads effectively, gain insight into their operations, and to continuously improve supporting processes and procedures to deliver business value"

It depends on services, but there are some common aspects:

  • Infrastructure as code: in short, CloudFormation, Opsworks. You don't need to understand what Ansible or Puppet is, but you should know what Opsworks is and what it is suitable for. You also don't need to master the CloudFormation template, but you must know some basic syntax and create some services by CloudFormation, such as VPC, Subnets, RDS...
  • Basic settings: some services have unique settings you must be familiar. E.g.: could I change Lambda CPU configuration? Restore an RDS snapshot, make a failover on an RDS instance? Change Launch Template, etc.
  • Monitoring, Incident response: logging, metric visualizer, alarms, incident management, and remediation
  • Some managed operator services: there are some services you should get to know, such as CloudTrail, Config, Personal Health Dashboard, Organizations, Service Catalog, Systems Manager. Refer
  • https://wa.aws.amazon.com/wellarchitected/2020-07-02T19-33-23/wat.pillar.operationalExcellence.en.html

Don't trust keywords

When taking the exam, many of you will have a trick that believes in the keyword, see this keyword, and immediately decide. But here, things are not so clear. If you insist on choosing the most appropriate service, it is easy to lead you to the wrong architecture because this is a collection of services and methods, not a story of just one service.

E.g., When a customer needs a Relational database, RDS comes to mind, but don't forget you could also use EC2 and launch the database on its instance. Why does it? Because of the cost, there are features of the database that RDS does not support.

When customers think of storing static data, you think of S3. But, saving in EBS, EFS is also away.

When facing a problem, the answers will gather a lot of services and methods to solve it. Your job is to choose the most suitable plan, only the most appropriate service is not enough.

Do what customers ask

There are widespread errors I have encountered. Each question will present many problems, and you must focus on only some of them: What the customer wants. These could be requests:

  • How to optimize price?
  • How to reduce latency?
  • How to shorten the processing time?

Why is it a problem? Because the content of the question will be very rambling and make you think of its request in the wrong way.

E.g., The customer has a website deployed in region us-east-1, using EC2 instance and Application Load Balancer, Auto Scaling Group. The website has about 1 million users worldwide. Customers find that users accessing from Asia will experience significant latency. Ask how to optimize the price?

You can think of CloudFront with global access, high latency, and optimal price. However, CloudFront is not price-optimized too much, sometimes even increasing costs, while customer requirements are price-optimized. So you have to think about Spot Instances, Reserved Instances. So, your job is to choose the answer to the question, don't let other things distract you.

Time management

You have 170 minutes (or 200 minutes if you request as ESL) to solve 75 questions. However, the topic is very long. Furthermore, to the pressure of the exam, it is easy to get immersed in some difficult questions and waste a lot of time. Try to practice solving each question within 2 or 2.5 minutes. I will review the sentences marked with review the rest of the time.

Also, do not mark the review too many. Should only keep the check under 20 sentences. For questions you don't know or think you can't answer, answer indiscriminately and don't look back; spend your precious time on questions that are more likely to earn points.

Conclude

The AWS Certified Solutions Architect --- Professional exam is challenging. You need a solid determination to overcome. But whether you pass or not, it doesn't matter; what matters is that you will gain various knowledge, which will help you in a real career path.

. . . . .