According to our 2021 Clouds Protection Trends report, 85% of organizations are utilizing the public cloud for two years or more, and this number continues to grow. With that, the need for those who are knowledgeable about the cloud and have experience working on it, especially on AWS, are more important than ever.
AWS has many educational resources available to broaden your knowledge, but few are more coveted than the AWS Certified Solutions Architect Certification. Holding this certification will not only benefit your knowledge and usage of AWS, but will make you more competitive in the job market and advance your career.
Veeam is here to help with a FREE AWS Certified Solutions Architect Exam Guide, packed with all the details you need to study and pass.
What is the AWS Certified Solutions Architect Exam?
The AWS Certified Solutions Architect Exam is used to verify someone’s knowledge of the AWS Cloud. There are two levels to this exam:
- The Associate Level exam is 130 minutes long with 65 questions
- The Professional Level exam is 180 minutes long with 75 questions.
Individuals with over a year’s experience using AWS tools, deploying, managing and operating workloads, and more would qualify for the Associate Level exam. While those with over two years of experience with AWS tools, able to provide recommendations, design hybrid architecture and more would be ready for the Professional Level exam. Both exams are broken up into four key domains as shown below:
| Domain Areas | Percentage of Exam (Weighting) |
| Design Resilient Architectures | 30% |
| Design High-Performing Architectures | 28% |
| Design Secure Applications and Architectures | 24% |
| Design Cost-Optimized Architectures | 18% |
| Total | 100% |
In this free guide, we will go over the type of questions in each domain and their subdomains. Once you understand how the exam is broken up, you will be able to understand what areas you need to focus on to properly prepare.
What will be covered in the AWS Certified Solutions Architect Exam?
-
Storage
-
Networking
-
Security
-
Databases
-
Integration and decoupling services
-
Management tool services
-
Analytics
-
Billing and cost management
Each one of these topics has several sub-domains as well, and you can learn all about each one in the full version of the guide.
In this blog, we will cover some of the topics that are the most critical for you to pass your exam.
Storage
AWS splits up their storage capabilities into three main categories: file, block and object. Depending on when or how you wish to retrieve your data will determine which storage type you use.
File storage is for both cloud and on-premise storage solutions that can either be fully managed or do-it-yourself solutions. Amazon Elastic File System (EFS) is a popular file storage solution that AWS offers. Amazon EFS is a simple serverless, elastic file system that can be created in two ways: Standard storage classes or the One Zone storage classes.
Object storage solutions allow users to manage their data in a centralized place. The most popular object storage service is Amazon Simple Storage Service (Amazon S3) due to its seemingly infinite scale, and cost effectiveness. Plus, there are multiple Amazon S3 storage classes users can choose from depending on their need and budget that get down to fractions of a cent per GB per month.
Lastly, there is block storage. This type of storage allows users to store data files in blocks, however, they do not have metadata like Amazon S3 object storage. Amazon Elastic Block Store (Amazon EBS) is one of the main block storage options and known for its high performance. It is often used with Amazon Elastic Compute Cloud (Amazon EC2) to store data and run applications.
For this exam, you should know the difference between all the storage categories and each of the main storage options in each category. Below is a table that compares the three storage options mentioned above:
| Criteria | Block Storage Amazon EBS | Object Storage Amazon S3 | File Storage Amazon EFS |
|---|---|---|---|
| Throughput scale | Single gigabyte per second | Multiple gigabytes per second | Multiple gigabytes per second |
| Per-operation latency | Lowest, consistent | Low (for mixed request types) and integration with CloudFront | Low, consistent |
| Access | Single EC2 instance in a single availability zone | 1 to millions of web connections | 1 to thousands of on-premises servers or EC2 instances, from multiple availability zones |
| Data durability/availability | Data stored in a single EC2 instance within a single availability zone | Data redundantly stored across multiple availability zones | Data reduntandly stored across multiple availablility zones |
| Use cases | NoSQL and transactional databases, boot volumes, ETL, and data warehousing | Entertainment and media, big data analytics, backups, data lakes, web serving, and content management | Big data analytics, home directories, developer tools, database backups, enterprise applications, entertainment and media, web serving, and content management, container storage |
Networking
Another important topic in the AWS Certified Solution Architect Exam is the networking options and infrastructures AWS offers. All networking and infrastructure options are scalable and can meet the security needs of each user. However, it is key you understand each option available to users and how they work, for exmaple, connecting Virtual Private Clouds (VPCs) with on-premises networks, building firewalls to secure instances, etc.
As you prepare for this exam, it is important you understand the differences between 1 AWS Network Address Translation (NAT) Gateway and NAT Instance. (HINT: users are responsible for managing NAT instances while AWS is responsible for managing NAT gateway).
Below is a table highlighting more of the differences:
| Criteria | NAT Instance | NAT Gateway |
|---|---|---|
| Availability | Use a script to manage failover or disruptions between instances | Highly available, scalable, and AWS-managed; each AZ implemented with redundancy in mind |
| Maintenance | Cloud user responsible for managing, including operating system patches, software installation, and updates | Managed by AWS |
| Size and type | Can select suitable instance size and type based on predicted workloads | Uniform size and type offering, no need to decide on size or type |
| Port forwarding | Cloud user can manually set configuration to support port forwarding | Doesn’t support port forwarding |
| Cost | Total cost calculated based on number of NAT instances used as well as instance type, size, and usage duration | Total cost calculated based on the number of NAT gateways used, amount of data sent through gateways, and usage duration |
| Bandwidth | Total bandwidth depends on instance type bandwidth | Scales up to 45 Gbps |
| Bastion servers | Use a bastion server | Do not support these |
| Private IP addresses | Cloud user can assign specific private IP address within subnet’s IP address range when instance is launched | Private IP address automatically selected from subnet’s IP address range when gateway created |
| Public IP addresses | Cloud user can use public or Elastic IP address; public IP address can also be changed by attaching new Elastic IP address to instance | Cloud user can choose Elastic IP address to attach to public NAT gateway when creating instance |
| IP fragmentation | Supports reassembling of IP fragmented packets for ICMP, TCP, and UDP protocols | Only supports forwarding of IP fragmented packets for UDP protocol; fragmented packets for ICMP and TCP will be dropped |
How to prepare and pass the AWS Certificated Architect Solutions Exam
This exam is difficult to pass because it covers a wide range of topics, tools and technologies. That is why properly preparing is essential. You will not only gain a better understanding on key topics covered in the exam, but you will also be given helpful resources to aid in your study and beyond in practice.
Get your FREE study guide now!
Take your time in preparing for this exam and good luck!
