How I Passed my AWS Associate-level Certification Exams

Knowing where to focus your time and which resources will best serve you is valuable information for anyone who is working to get AWS certified. With three associate-level AWS certifications under my belt, I thought I would share the information and resources that have served me well in the preparation process. I’ll start with a look at how each exam is structured, and I’ll dig into the resources that were most useful for me in getting exam ready.

Certifications: Some general information

AWS currently has three associate-level exams:

Each exam takes all AWS services into consideration, although the level of detail and focus varies from one exam to another. (We’ll look closely at the most important services for each exam later in this post.) Although the number of questions is different for each, the exams include around 60 multiple choice questions where you can choose one or more correct answers.

You have 80 minutes to complete the exam. While no one knows the exact score necessary to pass it (it changes from session to session), you must get at least 70% correct to be safe. Once you submit your exam, you will know immediately whether you have passed or not and the percentage. Later, you will receive an email from AWS with a recap for each exam area and your overall percentage, although it doesn’t provide information at the question level, so you won’t know which questions you got wrong.

To schedule and manage your exams, you will need to register at the AWS Training and Certification Portal where you will choose an exam date at an AWS or partner training center. Each exam costs $150, and once you have successfully registered, the system will give you a code that you will give to the test center on exam day.

AWS Certified Solutions Architect – Associate

The AWS Certified Solutions Architect – Associate exam is intended for individuals with experience designing distributed applications and systems on the AWS platform. Of the three associate-level exams, the certified solutions architect AWS certification is the most generic, and most of the questions are scenario-based (understanding which services to use to solve different business use cases).
The exam is divided into four sections:

  1. Designing highly available, cost efficient, fault tolerant, scalable systems (60%)
  2. Implementation/Deployment (10%)
  3. Data Security (20%)
  4. Troubleshooting (10%)

Some questions require that you understand and are able to create simple AWS architecture. Most of the questions are related to the following areas:

  • EC2: Typology and when to use one type over another, costs, IAM roles, autoscaling, snapshots, and AMI
  • Identity and Access Management (IAM)
  • S3: Standard vs. infrequent access, Glacier, limits, security, encryption, dynamic hosting (endpoints names), lifecycle management, transfer acceleration, import export data (Snowball)
  • Virtual Private Cloud (VPC)
  • Security Groups and Access Control List: Differences between the two
  • DirectConnect
  • Elastic Load Balancer (ELB)
  • Simple Queue Service (SQS): Limits, characteristics (no order queue), message dimensions (message can contain up to 256KB of text, billed at 64KB chunks), design (two queues if you need priority), visibility timeout, maximum long polling timeout, messages retention, costs.
  • Simple Notification Service (SNS): Redundancy on availability zone (AZ); SNS can notify to email, text or SMS, SQS, or any HTTP endpoint; messages can be customized for each protocol (HTTP, HTTPS, EMAIL, JSON, SQS, or Application)
  • RDS: Configurations, multiple AZ, read replica
  • CloudWatch
  • Route53: Policies
  • Disaster Recovery: Recovery Time Objective, Recovery Point Objective

Amazon Virtual Private Cloud

The Amazon VPC is an essential topic for AWS Certified Solutions Architect – Associate certification and for AWS Certified SysOps Administrator – Associate certification. You will need to know this topic very well to pass both certifications.

To really understand the Amazon Virtual Private Cloud, I highly recommend this Cloud Academy hands-on lab. If you are a beginner, the step-by-step instructions make it easy to follow along. This will give you a general idea of how AWS VPCs works and how to create your own VPC.

Now that you have an understanding of VPC basics, I would suggest that you use your account and try to simulate a production environment. Before even attempting the exam, you should know all of the steps necessary for creating a VPC.

Here is how I went about learning this important function. An AWS environment (Cloud Academy labs allow you to use a real AWS account) will allow you to simulate a production VPC with both public and private subnets.
AWS Cloud Computing
I started out by creating a VPC and two subnets, one public (10.0.2.0) and one private (10.0.1.0). I created two EC2 T2 instances and put one on the public subnet (to simulate the web server) and the other on the private subnet (to simulate the DB). I placed the DB on the private subnet so that it is unreachable from the external network.
VP and subnets
Then, I created an Internet Gateway and the routes that would allow the public instance to connect to the internet.
Internet getaway
Next, I assigned the target of my Internet Gateway to my public subnet.
Internet Getaway
As you can see, we are able to ping google.com, so our connection is successful.
successful connection
Using your Amazon account, you can log into the AWS console where you will be able to train with security groups and access control lists (allow protocols from subnets) with the two subnets and instances. To do this, you can allow the ICMP protocol between the two subnets; from the public EC2 instance you can try to ping the other one.
Amazon accountAs you can see from the image below, without the correct rule I could not initially ping the instance in the private subnet from the one in the public subnet.
without the correct rule I could not initially ping the instance in the private subnet from the one in the public subnet.
Without the correct rule I could not initially ping the instance in the private subnet from the one in the public subnetAfter the All ICMP rule, with the source the id of my private subnet we are able to ping the private instance. You can use the same method to add an ssh rule to allow ssh connections in your private instance.
After the All ICMP rule, with the source the id of my private subnet we are able to ping the private instance. You can use the same method to add an ssh rule to allow ssh connections in your private instance.
If you can get to the point where you are confident with this simple infrastructure, you will be in good shape to pass the first section of the exam (Designing highly available, cost-efficient, fault tolerant, scalable systems), which is the most important part of this certification.
My last suggestion for preparation is to read and understand the AWS Security Best Practices Whitepaper. Here is the AWS link for this certification.

AWS Certified Developer – Associate

In this exam, you will find more theoretical questions and fewer scenarios. If I had to do it over again, I would start with this exam, as I found it to be the easiest of the associate-level certifications.

The exam is divided into four sections:

  1. AWS Fundamentals (10%)
  2. Designing and Developing (40%)
  3. Deployment and Security (30%)
  4. Debugging (20%)

These are the most important topics in this certification:

  • DynamoDB: Provisioned throughput calculations, read capacity units, write capacity units, key types, and usage, indexes, query vs. scan
  • SQS: Limits, characteristics (no order queue), message dimensions (message can contain up to 256KB of text, billed at 64KB chunks), design (two queues if you need priority), visibility timeout, maximum long polling timeout, message retention, costs
  • SNS: Redundancy on AZ; SNS can notify to email, text or SMS, SQS, or any HTTP endpoint; messages can be customized for each protocol (HTTP, HTTPS, EMAIL, JSON, SQS, or Application)
  • Simple Workflow (SWF): Workers, decider, task, processing time
  • CloudFormation
  • ElasticBeanstalk
  • S3: Standard vs. infrequent access, Glacier, limits, security, encryption, dynamic hosting (endpoints names), lifecycle management, transfer acceleration, import export data (Snowball)
  • Cross-Origin Resource Sharing(CORS)
  • EC2: Typology and when to use one type over another, costs, IAM roles, autoscaling, snapshots, AMI
  • API Gateway
  • Web identity federation
  • VPC: Basics

Here is the AWS link for this certification.

AWS Certified SysOps Administrator – Associate

I found this to be the most difficult of the three exams. Because this exam covers many of the same topics in the other two associate-level exams, I would recommend taking this one only after you have successfully passed the other two exams.

The exam is divided into seven sections:

  1. Monitoring and Metrics (15%)
  2. High Availability 15%
  3. Analysis (15%)
  4. Deployment and Provisioning (15%)
  5. Data Management (12%)
  6. Security (15%)
  7. Networking (13%)

Because this exam covers all of the topics in both the solutions architect and developer exams, most of the questions are related to the union of these areas. In summary:

  • EC2: Typology and when to use one type over another, costs, IAM roles, autoscaling, snapshots, AMI
  • IAM
  • S3: Standard vs. infrequent access, Glacier, limits, security, encryption, dynamic hosting (endpoints names), lifecycle management, transfer acceleration, import export data (Snowball)
  • VPC
  • SG and ACL: Differences between the two
  • DirectConnect
  • ELB
  • SQS: Limits, characteristics (no order queue), message dimensions (message can contain up to 256KB of text, billed at 64KB chunks), design (two queues if you need priority), visibility timeout, maximum long polling timeout, message retention, costs.
  • SNS: Redundancy on AZ; SNS can notify to email, text or SMS, SQS or any HTTP endpoint; messages can be customized for each protocol (HTTP, HTTPS, EMAIL, JSON, SQS, or Application)
  • RDS: Configurations, multiple AZ, read replica
  • CloudWatch
  • Route53: Policies
  • Disaster Recovery
  • DynamoDB: Basics
  • SWF: Workers, decider, task, processing time
  • CloudFormation
  • ElasticBeanstalk
  • API Gateway

Here is the AWS link for this certification.

Exam simulations

A practice exam is available for each certification exam on the AWS website. The exams simulate a live testing environment, which is helpful because it is timed and because it provides some sample questions. The only difference is that you’re not working with the same amount of questions (or timeframe) as you would in the real exam.
The main drawback of the practice exams is that you won’t know if you have answered the questions correctly or not—in this, they are very much like the real exam, providing you only with the areas and the percentage correct.  I would still recommend purchasing the practice exam because it will help you assess your preparedness for the real thing.
You can purchase a practice exam from the AWS website here for $20 dollars. (The questions are always the same so there is no need to re-purchase it.)

Other useful resources

In preparation for any of the AWS associate-level certification exams, I suggest reading all of the most important FAQs several days before an exam. You can find all AWS FAQs on the official AWS site.

AWS also provides some very useful whitepapers (some questions are taken from these documents). Check out all of the whitepapers on the AWS Whitepapers section of the site. Those documents provide lots of in-depth information, and they are a great resource for understanding the solutions that cloud architects employ for real enterprise issues. You won’t need to memorize them, but it is well worth your time to read all of them at least once, especially the AWS Security Best Practices Whitepaper, which is both interesting and important for the exam.

Cloud Academy has a variety of learning paths to help users prepare for AWS certifications. Each learning path includes video courses, quiz sessions, and hands-on labs where you can practice in a working AWS environment. Explore all of our certification prep materials in our AWS Certifications Prep section.

My personal tips

  • When you’re unsure about a question, start by removing the obviously wrong answers, maybe two out of four, and take your time on the other two. It may seem trivial, but it can make a big difference when you’re working against the clock.
  • Read all of the options before answering. AWS may offer two correct options and you will need to sort out the best one.
  • The exam time is limited so don’t spend a lot of time if you don’t know the answer. Jot down your best answer, mark the question to review later and push ahead. In this case, if you don’t have time to return to the question, at least you have the chance to have chosen the correct answer instead of leaving it blank (remember, you can go back and change the answer later).
  • Never miss a chance to connect with others who have already passed the exam. Talking with others via groups or other networks is a great way to exchange experiences and tips.
  • Clarify all of your doubts before the exam. During the exam, any doubt can become a wrong answer.
  • Register for an AWS account. AWS has a free tier, and some operations are free for the first 12 months. Use your free account to practice and conduct tests. You can also access AWS through a Cloud Academy membership, which allows you to work directly in an AWS environment in our hands-on labs (included in the subscription). With hands-on labs, you can use the AWS environment for free and you can complete each lab with step by step guidance. This knowledge will be very useful during your exam. Because many questions are related to the AWS tools, you’ll want to have lots of practice working in the AWS console.
  • Take practice quizzes. Quizzes are a powerful way to test where you’re strong or weak. On Cloud Academy, our quiz sessions provide both the correct answer and the explanation so you can develop your knowledge question by question.

Conclusion

Finally, on the day of the exam, don’t forget to bring two valid forms of ID and the registration code. In the days leading up to the exam, go through the main FAQs and the AWS whitepapers one more time.

I’d love to hear your suggestions—please add your preparation tips in the comments.

Good luck!

Avatar

Written by

Mattia Sasso

Mattia is a Software Engineer, passionate about new technologies, softwares, and web development. He loves solving technical problems and he always up to take on new challenges.


Related Posts

Amanda Cross
Amanda Cross
— January 7, 2021

New Content: AWS Terraform, Java Programming Lab Challenges, Azure DP-900 & DP-300 Certification Exam Prep, Plus Plenty More Amazon, Google, Microsoft, and Big Data Courses

This month our Content Team continues building the catalog of courses for everyone learning about AWS, GCP, and Microsoft Azure. In addition, this month’s updates include several Java programming lab challenges and a couple of courses on big data. In total, we released five new learning...

Read more
  • AWS
  • Azure
  • DevOps
  • Google Cloud Platform
  • Machine Learning
  • programming
Avatar
Stuart Scott
— December 17, 2020

Where Should You Be Focusing Your AWS Security Efforts?

Another day, another re:Invent session! This time I listened to Stephen Schmidt’s session, “AWS Security: Where we've been, where we're going.” Amongst covering the highlights of AWS security during 2020, a number of newly added AWS features/services were discussed, including: AWS Audit...

Read more
  • AWS
  • AWS re:Invent
  • cloud security
Joe Nemer
Joe Nemer
— December 4, 2020

AWS re:Invent: 2020 Keynote Top Highlights and More

We’ve gotten through the first five days of the special all-virtual 2020 edition of AWS re:Invent. It’s always a really exciting time for practitioners in the field to see what features and services AWS has cooked up for the year ahead.  This year’s conference is a marathon and not a...

Read more
  • AWS
  • AWS Glue Elastic Views
  • AWS re:Invent
Bryony Harrower
Bryony Harrower
— November 6, 2020

WARNING: Great Cloud Content Ahead

At Cloud Academy, content is at the heart of what we do. We work with the world’s leading cloud and operations teams to develop video courses and learning paths that accelerate teams and drive digital transformation. First and foremost, we listen to our customers’ needs and we stay ahea...

Read more
  • AWS
  • Azure
  • content roadmap
  • GCP
Joe Nemer
Joe Nemer
— October 25, 2020

Excelling in AWS, Azure, and Beyond – How Danut Prisacaru Prepares for the Future

Meet Danut Prisacaru. Danut has been a Software Architect for the past 10 years and has been involved in Software Engineering for 30 years. He’s passionate about software and learning, and jokes that coding is basically the only thing he can do well (!). We think his enthusiasm shines t...

Read more
  • AWS
  • careers
  • champions
  • upskilling
Joe Nemer
Joe Nemer
— October 14, 2020

New Content: AWS Data Analytics – Specialty Certification, Azure AI-900 Certification, Plus New Learning Paths, Courses, Labs, and More

This month our Content Team released two big certification Learning Paths: the AWS Certified Data Analytics - Speciality, and the Azure AI Fundamentals AI-900. In total, we released four new Learning Paths, 16 courses, 24 assessments, and 11 labs.  New content on Cloud Academy At any ...

Read more
  • AWS
  • Azure
  • DevOps
  • Google Cloud Platform
  • Machine Learning
  • programming
Joe Nemer
Joe Nemer
— September 15, 2020

New Content: Azure DP-100 Certification, Alibaba Cloud Certified Associate Prep, 13 Security Labs, and Much More

This past month our Content Team served up a heaping spoonful of new and updated content. Not only did our experts release the brand new Azure DP-100 Certification Learning Path, but they also created 18 new hands-on labs — and so much more! New content on Cloud Academy At any time, y...

Read more
  • AWS
  • Azure
  • DevOps
  • Google Cloud Platform
  • Machine Learning
  • programming
Joe Nemer
Joe Nemer
— August 28, 2020

AWS Certification Practice Exam: What to Expect from Test Questions

If you’re building applications on the AWS cloud or looking to get started in cloud computing, certification is a way to build deep knowledge in key services unique to the AWS platform. AWS currently offers 12 certifications that cover major cloud roles including Solutions Architect, De...

Read more
  • AWS
  • AWS Certifications
Patrick Navarro
Patrick Navarro
— August 25, 2020

Overcoming Unprecedented Business Challenges with AWS

From auto-scaling applications with high availability to video conferencing that’s used by everyone, every day —  cloud technology has never been more popular or in-demand. But what does this mean for experienced cloud professionals and the challenges they face as they carve out a new p...

Read more
  • AWS
  • Cloud Adoption
  • digital transformation
Avatar
Andrew Larkin
— August 18, 2020

Constant Content: Cloud Academy’s Q3 2020 Roadmap

Hello —  Andy Larkin here, VP of Content at Cloud Academy. I am pleased to release our roadmap for the next three months of 2020 — August through October. Let me walk you through the content we have planned for you and how this content can help you gain skills, get certified, and...

Read more
  • alibaba
  • AWS
  • Azure
  • content roadmap
  • Content updates
  • DevOps
  • GCP
  • Google Cloud
  • New content
Alisha Reyes
Alisha Reyes
— August 5, 2020

New Content: Alibaba, Azure AZ-303 and AZ-304, Site Reliability Engineering (SRE) Foundation, Python 3 Programming, 16 Hands-on Labs, and Much More

This month our Content Team did an amazing job at publishing and updating a ton of new content. Not only did our experts release the brand new AZ-303 and AZ-304 Certification Learning Paths, but they also created 16 new hands-on labs — and so much more! New content on Cloud Academy At...

Read more
  • AWS
  • Azure
  • DevOps
  • Google Cloud Platform
  • Machine Learning
  • programming
Alisha Reyes
Alisha Reyes
— July 16, 2020

Blog Digest: Which Certifications Should I Get?, The 12 Microsoft Azure Certifications, 6 Ways to Prevent a Data Breach, and More

This month, we were excited to announce that Cloud Academy was recognized in the G2 Summer 2020 reports! These reports highlight the top-rated solutions in the industry, as chosen by the source that matters most: customers. We're grateful to have been nominated as a High Performer in se...

Read more
  • AWS
  • Azure
  • blog digest
  • Certifications
  • Cloud Academy
  • OWASP
  • OWASP Top 10
  • Security
  • VPCs