AWS Certified Solutions Architect - Associate

Practice exam
AWS Certified Solutions Architect - Associate

Welcome to the journey of becoming an Amazon Web Services (AWS) solutions architect. A path full of challenges and knowledge awaits you. To begin, we'd like to define a solutions architect's role in software engineering.

Architecture has a lot to do with technology, but it also has a lot to do with everything else; it is a discipline responsible for the nonfunctional requirements and a model to design the Quality of Service (QoS) of information systems.

Architecture is about finding the right balance and the midpoint of every circumstance. It is about understanding the environment in which problems are created, involving the people, processes, organizational culture, business capabilities, and any external drivers that can influence a project's success.

The Goals of the AWS Certified Solutions Architect – Associate Certification

The AWS Certified Solutions Architect – Associate certification is intended for individuals who perform in a solutions architect role. This certification validates a candidate's ability to effectively demonstrate knowledge of architecting and deploying secure and robust applications on AWS technologies. It validates a candidate's ability to

  • Have knowledge and skills in the following AWS services: compute, networking, storage, and database and deployment and management services.
  • Have knowledge and skills in deploying, managing, and operating AWS workloads and implementing security controls and compliance requirements.
  • Identify which AWS service meets technical requirements.
  • Define technical requirements for AWS-based applications.
  • Identify which AWS services meet a given technical requirement.

Amazon considers ideal candidates to be those who possess the following:

  • Experience in AWS technology
  • Strong on-premises IT experience
  • Understanding of mapping on-premises technology to the cloud
  • Experience with other cloud services

AWS Certified Solutions Architect - Associate Domains

Let's quickly run through some of the concepts and services you might be expected to know for each exam domain. The SAA CO3 exam guide references the following four domains, broken down as follows:

Domain 1: Design secure architectures

Domain one covers designing secure architectures. This domain covers 30% of the exam content and focuses on designing secure access to your AWS resources.

We recommend diving deeper into AWS Identity and Access Management, or IAM, AWS Single Sign-On, which was just renamed to AWS IAM Identity Center, AWS Security Token Service, AWS Control Tower, and Service Control Policies.

Also make sure you understand how to secure your workloads. Key services here are Amazon Cognito, Amazon GuardDuty, Amazon Macie, AWS Shield, AWS WAF, AWS Secrets Manager, AWS STS, and the controls available to secure your VPC.

Now along with this, we have to know how to secure our data. Make sure you understand the AWS Key Management Service, or AWS KMS, and AWS Certificate Manager, along with your data recovery and retention requirements. Consider the following questions:

  • How do you implement policies to access your data and protect that data?
  • What services would be key here?

We recommend diving into all of the AWS storage services, plus understand the access policies for encryption keys and implementing policies for key rotation and certificate renewals.

Domain2: Design resilient architectures

Domain two covers designing resilient architectures. This domain covers 26% of the exam content and focuses on designing scalable and loosely coupled architectures and designing highly available and or fault tolerant architectures.

For scalable and loosely coupled, we would know how to integrate and when to use Amazon API Gateway, AWS Transfer Family, Amazon Simple Queue Service, or SQS, AWS Secrets Manager, Application Load Balancers, Amazon SNS, AWS Fargate, AWS Lambda, Amazon Elastic Container Services, and Amazon Elastic Kubernetes Service.

And just so you know, Kubernetes is featuring more on most of the updated certification exams.

  • What are the key design principles for multi-tier microservices and event-driven architectures?
  • Know the difference between horizontal and vertical scaling. This usually confuses most students.

For the second focus area for high availability and fault tolerant architectures, make sure you understand how these AWS services and the AWS global architecture can add high availability and fault tolerance. Dive deeper into Amazon Route 53, Amazon Comprehend, Backup Designs and Strategies, RDS Proxy, and AWS X-Ray. This is where fundamentals and basics will become useful.

  • What is immutable infrastructure?
  • What are the best practices for disaster recovery?

Understand different use cases for the AWS managed services, load balancing, distrusted design patterns, and storage options depending on the requirements and the characteristics of each AWS storage service. This domain also includes automation and identification of metrics to track based on requirements, and then how to use that to ensure high availability.

Domain 3: Design high-performing architectures

Domain three covers designing high performing architectures. This domain covers 24% of the exam content, and this is where we see a brand new section compared to the version SAA-CO2. For this updated exam, ensure you know how to determine requirements and implement high performing data ingestion and storage.

  • What are the available caching services?
  • What are your data access patterns?
  • Do you know how to scale these solutions?

Dive deeper into scaling capabilities of AWS and these AWS services, Amazon CloudFront, AWS Direct Connect, AWS VPN, AWS PrivateLink, Amazon Simple Storage Service, or Amazon S3, Amazon Elastic File System, Amazon Elastic Block Store, AWS Batch, Amazon ElastiCache, Amazon Athena, AWS Lake Formation, Amazon QuickSight, AWS DataSync, AWS Storage Gateway, AWS Glue, Amazon EMR, and Amazon Kinesis.

And remember that you should also have a lot of depth in improving performance of your design with AWS services for storage, databases, networking, and compute.

This domain also includes serverless technologies and patterns for Lambda and Fargate. Here are two questions to consider:

  • How do you decouple workloads so the components can scale independently?
  • And what scaling metrics and conditions kick off scaling actions?

Know how to select the appropriate resource type and size along with the compute options and features to meet requirements. And before you move on, ensure you also understand data transformation and ingestion.

Lake Formation is appearing in this updated version. Know how to secure your ingestion access points and the speed needed for ingestion, transformation, and streaming data.

Domain 4: Design cost-optimized architectures

Domain four covers designing cost-optimized architectures. This domain covers 20% of the exam content. And AWS is actually adding more cost optimization to all of their exams. And cost optimization is always important and it's one of my favorite topics.

Know how to cost optimize your storage, databases, networking, and compute environments. You will see scenario questions with different cost optimization requirements, and you will need to choose the best service for that design.

You should also dive deep into the AWS cost management tools. So Cost Explorer, Tags, AWS Budgets, Saving Plans, Reserved Instances, and Capacity, and the AWS Cost and Usage Reports.

Understand how to optimize the cost of your databases too, along with knowing which storage service will be best for your requirements. One key item of focus should be right sizing. Not only your compute and your database instances, but also right sizing your storage.

  • How do you determine the correct storage size and lowest cost to transfer data?
  • How do S3 life cycles help you cost optimize your storage?

Again, we're going to dive deeper into these questions, but also focus on load balancing and connectivity cost savings. Key services would be AWS Transit Gateway, VPC Peering, DNS, (11:53) Route 53, and Elastic Load Balancers.

And to wrap up this deeper dive into what you should expect from each domain, remember earlier we mentioned the new pillar for the AWS Will Architected Framework, the sustainability pillar. New questions will appear on your exam for this pillar, but also understand the other five pillars too. The AWS Will Architected Framework and all of its pillars will help you in this exam, other AWS certifications, and in the real world.

CertVista
Certifications
An unhandled error has occurred. Reload 🗙