Home > Amazon-AWS, HowTo > AWS Certified Solutions Architect

AWS Certified Solutions Architect

October 27th, 2014 Leave a comment Go to comments

Solutions Architect-Associate

I passed my AWS Certified Solutions Architect exam, I got certified !

I did have over 1 year expierence before taking the exam.
There were lots of questions about EBS,AutoScale,ElasticIP,VPC,etc…

I remember little about specific questions, I only had one major doubt on one.
It was about placement groups

I recommend reading the white papers!
http://aws.amazon.com/whitepapers/

I did almost all of the https://cloudacademy.com/ Tests, the questions are not like the real ones but the knowledge will help!

AWS ARCHITECT STUDY GUIDE
S3 does not provide read-after-write consistency, recommend to use random key(file name) for better performance.
S3 can encrypt data using Server Side Encryption
S3 bucket name can contain alpha numberic chars
x-amz-meta to set metada when uploading to S3 via Rest API
S3 supports ACL and bucket policy
Multipart upload larger then 5GB max 5TB max number of objects parts is 10000 and min size 5mb
S3 upload via console can specify standard or RRS storage class
S3 bucket name is min 3 chars and max 63, can be separated by single dot
S3 provides protection of data at REST Permission (Policy) Encryption (Client and Server Side) Bucket Versioning and MFA based delete.
S3 To find out when an object will expire, use GET or HEAD API command
S3 lifecycle rule cannot be applied on a version enable bucket (as if 10/2017 it is possible to enable lifecycle even with versioning)
S3 Amazon Import/Export is ideal for upload large data to S3

ARN Amazon Resource Names, uniquely identify resources
EC2 can be used jointly with S3
Glacier data is stored in vaults

RDS supports: MySQL,Oracle,MSSQL,Postgre SQL,Auror
RedShift uses port 5439 by default
AWS FPS Flexibale Payment Service can help on ecomerce (shop cart)
Easy DKIM is a feature of AWS SES to sign every message sent with a 1024 bit DKIM key
RedShift is a DataWarehouse that integrates with BI tools for U$1000/TB/year, SSL + VPC
AWS Route 53 LBR Latency Based Routing automatic route requests to closest instance/region
Multi-Site solution allows standby DR
Route 53 support domain name registration
Route 53 name of each resource record set in a hosted zone must end with the name of the hosted zone(sub-domains)
Route 53 account is limited to a max 500 hosted zones and 10,000 record per hosted zone, can ask for more.
Route 53  currently offer a private DNS service ( http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html )
EC2 uses the ec2config service to set new randmin admin password, and ecrypts using ec2 key pair public key.
The user can get Windows instance password by using console or cli.
DKIM-DomainKeys Identified Mail allows sender to sign ther email messages and ISPs to verify if message is legitimate
Glacier does not provide version management.
RAID-0 is best performance
RAID-1 fault tolerance
RAID-5,6 not recommended
AWS SWF – SimpleWorkFlow
RDS, can only acess to binary logs if using MySQL 5.6+
DynamoDB – if query result is to large, can use ExclusiveStartKey to get the rest of the result
VPC higest number for a rule in Network ACL is 32766
VPC Network ACLs are stateless; responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa).
AWS SES – Simple Email Service outbound email only
RDS allows up to 5 Read Replicas, it allows Read Replicas from second-tier
Amazon topic can be created to a SNS witch generates a ARN
VPN gateways use Dead Peer Detection
ElasticCache is a in-memory caching service, it uses memcached and redis
EBS pay what you: provisioned storage, I/O requests, and snapshot storage.
EBS standard volumes are charged per GB-month of provisioned storage and per million I/O requests.
EBS Provisioned IOPS volumes are charged per GB-month of provisioned storage and per Provisioned IOPS-month.
EBS snapshots are charged per GB-month of storage actually used (consumed)
EBS volumes, you are charged for provisioned (allocated) storage, whether or not you actually use it
Storage Types: Temporary storage— best use: local instance volumes, SQS, ElastiCache ( Memcached or Redis)
Highly-durable storage: S3 11 9’s per year duability per object or Glacier. EBS only 99.5%-99.9%
Static Data or web content – S3
Relational DB – EBS
Shared Storage – S3 or EBS
Snapshots – EBS

Many new services and options have been added since my original post.

S3

S3- new storage class

S3 Standard – IA for infrequently accessed data. Standard – IA has a 30-day minimum retention period and a 128KB minimum object size.

S3 – new server-side encryption :

AES-256 – AWS provided (no cost)
AWS-KMS – Your personal key (cost)

Permission: Allows access from another AWS Account, by providing accountID or e-mail.

VPC

VPC-peering – allows access from one VPC to another (even different AWS accounts) non transitive (1-1 rule)

Transit VPC supports several important use cases:

  • Private Networking – You can build a private network that spans two or more AWS Regions.
  • Shared Connectivity – Multiple VPCs can share connections to data centers, partner networks, and other clouds.
  • Cross-Account AWS Usage – The VPCs and the AWS resources within them can reside in multiple AWS accounts.

Reviewed 10/2017

  1. Phil
    November 5th, 2014 at 12:46 | #1

    Hi Felipe, thanks for your study guide.

    Q: ¿No VPC questions in exam?

    Regards!

    • admin
      November 19th, 2014 at 12:17 | #2

      yes there were lots of VPC question too.

  1. No trackbacks yet.

VAMOVE *

*