This course introduces the AWS Certified Solutions Architect - Professional learning path, covering the five domains of the certification:
- Design for organization complexity (12.5%)
- Design for new solutions (31%)
- Migration planning (15%)
- Cost control (12.5%)
- Continuous improvement for existing solutions (29%)
Hello, and welcome to this learning path focused on the AWS Certified Solution Architect-Professional certification. My name is Stuart Scott, and I'm the AWS content lead for Cloud Academy. And I've created this learning path which is packed full of technical courses, hands-on labs, and assessments to ensure you have a solid understanding across all the domains, the confidence to navigate the AWS environment, and the required preparation needed to pass this difficult certification.
This is one of the two professional level certifications available with AWS and is guided to those who already have experience with AWS and ideally have already passed the AWS Solutions Architect- Associate Exam. But this is not a prerequisite intake in this specific certification.
The aim of the certification is to validate your knowledge across a number of different key areas which have been defined by AWS as being able to design and deploy dynamic, scalable, highly available, fault-tolerant, and reliable applications on AWS, to select the appropriate AWS services to design and deploy an application based on given requirements, to be able to migrate complex, multi-tier applications on AWS, to be able to design and deploy enterprise-wide scalable operations on AWS, and implement cost-control strategies.
As a means of demonstrating this knowledge, you'll be tested across five different domains, with each domain contributing to a total percentage of your overall score. These domains will be broken down as follows: domain one: design for organization complexity, which is 12.5%, domain two: design for new solutions, which is 31%, domain three: migration planning, which is 15%, domain four: cost control, which is 12.5%, domain five: continuous improvement for existing solutions, which is 29%. And each of these domains can be broken down into defined areas of knowledge.
Let's take a look at each domain. Domain 1: Design for Organizational Complexity. Now, this domain is focused on how to build multiple accounts effectively across the AWS global infrastructure and how to create hybrid connectivity to your own data center, all while insuring security concerns are met from an access level to network level perspective. There are three points within this domain. The first one: to determine cross-account authentication and access strategy for complex organizations. For example, an organization with varying compliance requirements, multiple business units, and varying scalability requirements. So this will assess your level of understanding of access control mechanisms when working with multi-accounts. These might be accounts that you own, perhaps configured using the AWS Organization service or even an external account who might require access to resources within your AWS environment. You must be familiar with JSON policies and federated access methods.
The second point, determine how to design networks for complex organizations, for example, an organization with varying compliance requirements, multiple business units, and varying scalability requirements. Again, sticking with the theme of potential multiple AWS accounts, you'll be expected to be able to design an efficient and highly available scalable network spanning multiple regions, allowing connectivity between numerous VPCs, VPNs, and Direct Connection channels from your on-premise data centers.
The final point within this domain, you must determine how to design a multi-account AWS environment for complex organizations. For example, an organization with varying compliance requirements, multiple business units, and varying scalability requirements. Now, this final point in this domain focuses on your ability to design and implement a multi-account environment to meet specific needs of a scalable business.
Domain 2: Design for New Solutions. This domain contains the largest percentage out of all of the domains. As a result, there is a wealth of information to absorb and interpret into designing solutions. It covers a huge range of services, from compute, storage, network, databases, analytics, and more.
Now, there's five different points within this domain, the first one being, determine security requirements and controls when designing and implementing a solution. And this point is trying to determine your ability to review the security requirements of a new solution, ensuring that it remains protected at all times and meeting compliance controls.
An awareness of access control mechanisms, encryption, network security, instance level security, and inbuilt security controls within various services must be demonstrated. How to automate remediation of potential security threats in addition to logging and monitoring should also be observed.
Point two, determine a solution design and implementation strategy to meet reliability requirements. This looks at how you interpret business requirements prior to creating a deployment strategy. You must be able to architect the required level of reliability to meet solution demands, ensuring that correct scaling methods are met and resource is sized correctly.
The third point, determine a solution designed to ensure business continuity. This point refers to you being able to demonstrate that you have a knowledge of how to recover from a failure should one occur. You must be able to architect a disaster recovery strategy for your resources and environment to meet the requirements of specific recovery point objectives, RPOs, and recovery time objectives, RTOs.
The fourth point, determine a solution design to meet performance objectives. Where specific performance is required for an application, you have to be able to architect your environment to meet these performance demands. This involves selecting the correct resource based on capacity, size, and capabilities, in addition to how this is managed to meet the demands of throughput put upon the application, allowing it to scale to continue to meet the best performance requirements.
And the final point, determine a deployment strategy to meet business requirements when designing and implementing a solution. Now, there are a number of ways you are able to deploy a new solution or application, and this point looks at your understanding of those different methods available. For example, Elastic BeanStalk or CloudFormation. You must also be aware of the deployment models as well, which allows you to deploy your solution in a controlled and managed process.
Domain 3: Migration Planning. As expected from the title, this domain is purely focused on migration. This looks at how you can migrate your existing on-premise solutions to AWS and the necessary steps required to do so while following best practices.
There's four points within this domain, the first one being select existing workloads and processes for potential migration to the cloud. Before you can migrate to AWS, you need to be able to assess your workloads and determine its compatibility with the cloud. Should you simply perform a lift and shift approach, or will it need re-architecting?
The second point, select migration tools and/or services for new and migrated solutions based on detailed AWS knowledge. Now, here you must be able to share an understanding of the range of migration tools and services that are available from AWS, and when is best to use them and in which scenario.
Point three, determine a new cloud architecture for an existing solution. As I just mentioned in the first point of this domain, sometimes you'll need to re-architect an existing workload to make it compatible with the cloud. You need to be able to specify which services you would use to be able to deploy your existing application or service within AWS. This requires knowledge of a wide range of AWS services, specifically services that allow you to design a decoupled architecture. And this will allow you to determine the best course of action.
The final point, determine a strategy for migrating existing on-premises workloads to the cloud. Once you have an understanding of what workloads can migrate to the cloud, you'll need to be able to define the best strategy for the migration while ensuring downtime is kept to a minimum and high availability is architected when migrated to AWS. You must be able to show an awareness of deployment controls and data transfer methods.
Domain 4: Cost Control. This domain focuses on cost and how to minimize your running costs in addition to being able to provide effective reporting and budgeting methods across multiple AWS accounts. Now, there's only three points to this domain.
The first one, select a cost-effective pricing model for a solution. This point looks at your level of knowledge when it comes to architecting a cost-effective solution. For example, when best to use spot, on demand, or reserved instances. Or could your solution use AWS Lambda for its compute capacity to help reduce costs? You need to be aware of cost implications of different services and how to minimize those within your solutions.
The second point, determine which controls to design and implement that will ensure cost optimization. AWS offers a number of different features and controls that help you monitor your cost within your accounts. Here you are tested on these controls and how they can be used to help you maintain a cost-effective environment.
The final point, identify opportunities to reduce cost in an existing solution. By looking at a deployed solution, you need to be able to identify ways of potentially reducing the cost by re-architecting part of your environment while maintaining the same level of performance and other business requirements. Solutions are not always built with cost in mind, therefore, you need to demonstrate that you can spot opportunities to save money and reduce operational costs.
Domain 5: Continuous Improvement for Existing Solutions. This is the second-highest percentage for any domain, which has a 29% weighting against your exam score. So additional emphasis on these elements should be given when studying. You'll be assessed on how well he can improve the security, reliability, performance, and deployment techniques of existing solutions.
Now, in this domain, there are six points. The first one, troubleshoot solution architectures. Being able to troubleshoot an issue is a fundamental element of being an architect. If your design fails, you must know the best method of identifying where the problem exists and how to remediate it using different services and tools.
Point two: determine a strategy to improve an existing solution for operational excellence. Over time, resources change, business requirements change, and so does technology. You must be able to review existing architectures and solutions to spot potential areas for operational improvement across a wide range of services in addition to the strategy for then implementing these improvements.
Point three: determine a strategy to improve the reliability of an existing solution. Here you're being assessed on how well he can review an existing solution and identify any scope for increasing its high availability and resilience of the solution.
Point four: determine a strategy to improve the performance of an existing solution. Again, it's about reviewing a solution to determine if the best resources and services are being used and the correct capacity. Can the solution be more effective from a performance perspective by changing various resources, perhaps scaling them up or even down?
Point five: determine a strategy to improve the security of an existing solution. Security challenges are being faced every day and attackers are finding new methods to try and gain access to resources. You must be able to assess a solution and make service improvements and recommendations to implement a stronger and more robust protective strategy to guard your environment and data.
The final point: determine how to improve the deployment of an existing solution. Deployment of applications, including new releases, can cause issues to end users. You need to be able to determine if there's a best practice way of deploying new applications and solutions to minimize any outages and service interruptions using different methods and services.
Okay, so that's the exam details covered as to what's required from a knowledge perspective. So what is involved with this learning path? The learning path has been curated in such a way that for each domain covered, there's a number of technical courses and hands-on labs, and it will provide you with all the knowledge and practical experience to help you prepare for this difficult certification.
At the end of the learning path, there is a mock exam simulation to highlight any weak areas that may need further attention and study. Now we have a clear understanding of what is required by Certified AWS Solutions Architect-Professional. Let's get started with the training. If you have any questions throughout this learning path, please contact us at email@example.com.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.