INTRODUCTION

Congratulations! You have made the right move by deciding to pursue AWS certification. AWS Solutions Architect certification is one of the hottest certifications in the industry right now, and you are just a step away from being certified. Each year, Global Knowledge, an industry-leading training company, publishes its IT Skills and Training Report. This is a well-respected tool for assessing the trends and skills in high demand in the market. A summary of the 2020 data is available online in the article “15 Top-Paying IT Certifications for 2020,” published by Global Knowledge. As the article indicates, the AWS Certified Solutions Architect – Associate exam ranks second among the top-paying certifications, with a yearly salary of $149,446 (https://www.globalknowledge.com/us-en/content/articles/top-paying-certifications/#2). Given the continued dominance of AWS in the public cloud market, the demand for AWS professionals—especially those with a certification—is expected to continue to grow for the foreseeable future. The goal of this resource is to provide you with practical, hands-on knowledge in addition to preparing you for the certification exam.

About the Exam

Amazon has recently introduced the new version of the exam AWS Certified Solutions Architect – Associate (released in March 2020). This version of the exam introduces a lot of new topics and service offerings. The new exam reflects changes in the solutions architect role since the original exam was launched six years ago. The examination contains 65 questions, and you have 130 minutes to finish it. This exam validates an examinee’s ability to effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies. The examination contains multiple-choice questions; sometimes one option is a correct one, and other times two or even three options will be correct. The examination will tell how you many options to choose.

It validates an examinee’s ability to

•   Define a solution using architectural design principles based on customer requirements

•   Provide implementation guidance based on best practices to the organization throughout the life cycle of the project

As per the AWS Certification website (https://aws.amazon.com/certification/certified-solutions-architect-associate/), the AWS Certified Solutions Architect – Associate exam is intended for individuals with experience designing distributed applications and systems on the AWS platform. Exam concepts you should understand for this exam include the following:

•   One year of hands-on experience designing available, cost-effective, fault-tolerant, and scalable distributed systems on AWS

•   Hands-on experience using compute, networking, storage, and database AWS services

•   Hands-on experience with AWS deployment and management services

•   Ability to identify and define technical requirements for an AWS-based application

•   Ability to identify which AWS services meet a given technical requirement

•   Knowledge of recommended best practices for building secure and reliable applications on the AWS platform

•   An understanding of the basic architectural principles of building in the AWS cloud

•   An understanding of the AWS global infrastructure

•   An understanding of network technologies as they relate to AWS

•   An understanding of security features and tools that AWS provides and how they relate to traditional services

The examination is divided into four domains. The following are the main content domains and their weightings:

Images

About the Book

This book was written with the March 2020 exam in mind and covers all the topics required to pass this version of the exam. When you study the chapters, you will find that AWS has a shared responsibility model; this means AWS is responsible for the security of the cloud, and the customer is responsible for the security in the cloud. To pass the exam, you also have to follow the shared study model. The book is going to give you the theoretical knowledge of this model, and the AWS Management console is going to provide you with the practical knowledge of this model. You need to have both theoretical and practical knowledge to pass this examination.

While you’re studying for the examination, the AWS management console is going to be your best friend. You need to create an account with the AWS management console if you don’t have one already. You can create one by going to https://aws.amazon.com/console/. AWS offers free cloud service for one year under the free tier, so most of the services you will be using should fall into this category. It is important that you do all the labs in this book to get practical, hands-on experience for each subject. In addition to doing the labs, you should browse all the options in the console for a particular service. The more you explore the various options, the quicker you learn.

Amazon has 14 principles that every Amazonian uses on a daily basis. You can learn about them on the Internet. To pass the examination, you need to pay careful attention to two of these principles: “Learn and Be Curious” and “Deep Dive.” For every service you learn about in this book, go to the console and browse every possible option. Try to understand what an option does, why it is of use, and so on. Once you do this for all the services, nothing can stop you from passing the examination.

Currently, AWS has 175+ different services, and as a solutions architect (SA), it is difficult to go deep into each one of them. There are some core services of AWS that are needed no matter what you want to do with AWS. These core services are also called foundational services. Examples include regions, AZs, Amazon Virtual Private Cloud (VPC), Amazon EC2 servers, ELB, AWS Auto Scaling, storage, networking, databases, AWS IAM, and security. You should have in-depth knowledge about the core services. Besides the core services, there are various other services of AWS, such as analytics, machine learning, application services, and so on. For these other services, you don’t need to have in-depth knowledge, but you should be able to articulate what each service does, what the common use cases are for that service, when to choose one service over another, and so on.

This book is divided into nine chapters. Chapter 1, “Overview of Cloud Computing and Amazon Web Services,” gives an overview of Amazon Web Services. It teaches you the concepts of cloud computing, the advantages of cloud computing and AWS, and the building blocks of AWS. It also introduces you to the various offerings of AWS.

Chapter 2, “Storage on AWS,” talks about all the storage offerings and includes Amazon Simple Shared Storage, Glacier, Elastic Block Store, Elastic File System, and various ways of migrating data to AWS. After reading this chapter, you should have a deep knowledge of all the storage offerings.

Chapter 3, “Virtual Private Cloud,” is focused on networking. It introduces the concept of Amazon Virtual Private Cloud and covers how to create a network in the cloud, what some of the network offerings are, and so on. This chapter is also part of the core services.

Chapter 4, “Introduction to Amazon Elastic Compute Cloud,” introduces Amazon Elastic Compute Cloud (EC2). In this chapter, you will learn the various instance types that AWS supports, how to create an instance, and how to add storage to an instance. EC2 is one of the core services of AWS.

Chapter 5, “Identity and Access Management and Security on AWS,” focuses on the security of the cloud. You will learn about the shared responsibility model and how to secure a cloud environment. You will also learn about identity management, how to create a user and group, and how to integrate your existing users to AWS using federation. IAM is also part of the core services. You are also going to learn some of the security offerings from AWS in this chapter.

Chapter 6, “Auto Scaling,” focuses on Elastic Load Balancer and Auto Scaling. It talks about all the different types of load balancers AWS has, including application, network, and classic load balancers. You will also learn about Auto Scaling, a service that makes the cloud very scalable. Auto Scaling is one of the reasons why customers are seamlessly able to scale up and scale down instantly, as per their demand. This is also one of the core services.

Chapter 7, “Deploying and Monitoring Applications on AWS,” focuses on deploying and monitoring applications on AWS. This chapter introduces lots of services that you need to know to build, deploy, and monitor your application in AWS. While reading this chapter, you will find that there are multiple ways of deploying an application. For example, you can use a combination of EC2, RDS, EBS servers, and VPC and deploy your application in a classic way. Another way is to use Elastic Beanstalk and deploy your application, or you can build a totally serverless application. You should be able to tell the pros and cons of choosing one architecture over the other in terms of built-in resiliency, easy manageability, performance, security, and cost. This chapter also focuses on monitoring the applications you are going to deploy in AWS. You need to know which monitoring tool to use for monitoring a specific aspect. You are not required to go very deep into all these services; however, you should know what a particular services does, what the use cases are, when to choose one over the other, and so on. In this chapter, there are no labs since the examination does not cover all these services in detail; that does not mean you should not explore these services via the AWS management console. For all these services, check out their options in the AWS management console. For example, let’s take a look at Amazon Kinesis Firehose. Go to the console and create a delivery stream, explore all the data input sources, and look at all the destination sources (you will realize that there are four destinations: Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk). Bingo! That’s an examination question. At the end of this process, you don’t have to create the Firehose delivery stream; you can click the Cancel button in the last step.

Chapter 8, “Databases on AWS,” covers Amazon RDS, which is one of the core services of AWS. You should be able to tell when to host a database on EC2 servers and when to host a database on RDS. You should also know about Amazon’s other database, which is Amazon Aurora. In addition, you should know about Amazon Redshift (the data warehouse offering), Amazon DynamoDB (the NoSQL database), and Amazon ElastiCache (the in-memory data store offering). All the topics included in this chapter are core services.

Chapter 9, “AWS Well-Architected Framework and Best Practices,” covers architecture best practices. This chapter is divided into five domains, the same domains on which this examination focuses. After going through this chapter, you should be able to design with the five core tenets. As a solutions architect, when you design architecture, you should design it across these five pillars.

Using the Objective Map

The objective map included in Appendix A has been constructed to help you cross-reference the official exam objectives from AWS with the relevant coverage in the book. References have been provided for the exam objectives exactly as AWS has presented them, along with the chapter number(s) that include objective coverage.

Online Practice Exams

This book includes access to online practice exams that feature the TotalTester Online exam test engine, which allows you to generate a complete practice exam or to generate quizzes by chapter or by exam domain. See Appendix C for more information and instructions on how to access the exam tool.