Design and deploy dynamically scalable, highly available, fault-tolerant, and reliable applications on AWS
Select appropriate AWS services to design and deploy an application based on given requirements
Migrate complex, multi-tier applications on AWS
Design and deploy enterprise-wide scalable operations on AWS
Implement cost-control strategies
Domain 1: Design for organization complexity 12.5%
Domain 2: Design for new solutions 31%
Domain 3: Migration Planning 15%
Domain 4: Cost Control 12.5%
Domain 5: Continuous improvement for existing solutions 29%
Hello and welcome to this learning path focused on the AWS Certified Solution Architect Professional certification. My name is Stuart Scott. I'm the AWS content lead for Cloud Academy. I've created this learning path, which is pack-full of technical courses, hands-on labs, and assessments to ensure you have a solid understanding across all the domains, the confidence to navigate the AWS environment, and the required preparation needed to pass this difficult certification. This is one of the two professional level certifications available with AWS and is guided to those who already have experience with AWS and ideally have already passed the AWS Solutions Architect - Associate exam. But this is not a prerequisite in taking this specific certification. The aim of the certification is to validate your knowledge across a number of different key areas, which have been defined by AWS as being able to design and deploy dynamic, scalable, highly available, fault-tolerant, and reliable applications on AWS, to select the appropriate AWS services to design and deploy an application based on given requirements, to be able to migrate complex multi-tier applications on AWS, to be able to design and deploy enterprise-wide scalable operations on AWS, and implement cost-control strategies. As a means of demonstrating this knowledge, you will be tested across five different domains with each domain contributing to a total percentage of your overall score. These domains have been broken down as follows: domain one, design for organization complexity, which is 12 1/2%, domain two, design for new solutions, which is 31%, domain three, migration planning, which is 15%, domain four, cost control, which is 12 1/2%, domain five, continuous improvement for existing solutions, which is 29%. Each of these domains can be broken down into defined areas of knowledge. Let's take a look at each domain. Domain one: design for organizational complexity. Now this domain is focused on how to build multiple accounts effectively across the AWS global infrastructure and how to create hybrid connectivity to your own data center all while ensuring security concerns are met from an access level to network level perspective.
There are three points within this domain. The first one, to determine cross-account authentication and access strategy for complex organizations, for example, on organization with varying compliance requirements, multiple units, and varying scalability requirements. This will assess your level of understanding of access control mechanisms when working with multi-accounts. These might be accounts that you own perhaps configured using the AWS Organizations service, or even an external account who might require access to resources within your AWS environment. You must be familiar with JSON policies and federated access methods. The second point, determine how to design networks for complex organizations, for example, an organization with varying compliance requirements, multiple business units, and varying scalability requirements. Again, sticking with the theme of potential multiple AWS accounts, you'll be expected to be able to design an efficient and highly available scalable network spanning multiple regions, allowing connectivity between numerous VPCs, VPNs, and Direct Connection channels from your on-premise data centers. The final point within this domain, you must determine how to design a multi-account AWS environment for complex organizations, for example, an organization with varying compliance requirements, multiple business units, and varying scalability requirements. Now this final point in this domain focuses on your ability to design and implement a multi-account environment to meet specific needs of a scalable business. Domain two: design for new solutions.
This domain contains the largest percentage out of all the domains. As a result, there is a wealth of information to absorb and interpret into designing solutions. It covers a huge range of services from compute, storage, network, databases, analytics, and more. Now there's five different points within this domain, the first one being determine security requirements and controls when designing and implementing a solution. This point is trying to determine your ability to review the security requirements of a new solution, ensuring that it remains protected at all times and meeting compliance controls. An awareness of access control mechanisms, encryption, network security, instance level security, and inbuilt security controls within various services must be demonstrated, how to automate remediation of potential security threads in addition to logging and monitoring should also be observed. Point two, determine a solution design and implementation strategy to meet reliability requirements. This looks at how you interpret business requirements prior to creating a deployment strategy. You must be able to architect the required level of reliability to meet solution demands, ensuring that correct scaling methods are met, and resource is sized correctly.
The third point, determine a solution design to ensure business continuity. This point refers to being able to demonstrate that you have a knowledge of how to recover from a failure should one occur. You must be able to architect a disaster recovery strategy for your resources and environment to meet the requirements of specific recovery point objectives, RPOs, and recovery time objectives, RTOs. The fourth point, determine a solution design to meet performance objectives. Where specific performance is required for an application, you have to be able to architect the environment to meet these performance demands. This involves selecting the correct resource based on capacity, size, and capabilities in addition to how this is managed to meet demands of throughput put upon the application allowing it to scale to continue to meet the base performance requirements. The final point, determine a deployment strategy to meet business requirements when designing and implementing a solution. Now there are a number of ways you're able to deploy a new solution or application. This point looks at your understanding of those different methods available, for example, Elastic Beanstalk or CloudFormation. You must also be aware of the deployment models as well, which allows you to deploy your solution in a controlled and managed process. Domain three: migration planning. As expected from the title, this domain is purely focused on migration. This looks at how you can migrate your existing on-premise solutions to AWS and the necessary steps required to do so while following best practices.
There's four points within this domain, the first one being select existing workloads and processes for potential migration to the cloud. Before you can migrate to AWS, you need to be able to assess your workloads and determine its compatibility with the cloud. Should you simply perform a lift and shift approach, or will it need re-architecting? The second point, select migration tools and/or services for new and migrated solutions based on detailed AWS knowledge. Now here you must be able to show an understanding of the range of migration tools and services that are available from AWS, and when it's best to use them and in which scenario. Point three, determine a new cloud architecture for an existing solution. As I just mentioned in the first point of this domain, sometimes you will need to re-architect an existing workload to make it compatible with the cloud. You need to be able to specify which services you would use to be able to deploy your existing application or service within AWS. This requires knowledge of a wide range of AWS services, specifically services that allow you to design a decoupled architecture.
This will allow you to determine the best course of action. The final point, determine a strategy for migrating existing on-premises workloads to the cloud. Once you have an understanding of what workloads can migrate to the cloud, you'll need to be able to define the best strategy for the migration while ensuring downtime is kept to a minimum and high availability is architected when migrated to AWS. You must be able to show an awareness of deployment controls and data transfer methods. Domain four: cost control. This domain focuses on cost and how to minimize your running costs in addition to being able to provide effective reporting and budgeting methods across multiple AWS accounts. Now there's only three points to this domain, the first one, select a cost-effective pricing model for a solution. This point looks at your level of knowledge when it comes to architecting a cost-effective solution, for example, when best to use spot, on-demand, or reserved instances, or could your solution use AWS Lambda for its compute capacity to help reduce costs. You need to be aware of cost implications of different services and how to minimize those within your solutions. The second point, determine which controls to design and implement that will ensure cost optimization. AWS offers a number of different features and controls that help you monitor your cost within your accounts. Here you're tested on these controls and how they can be used to help you maintain a cost-effective environment. The final point, identify opportunities to reduce cost in an existing solution. By looking at a deployed solution, you need to be able to identify ways of potentially reducing the cost by re-architecting part of your environment while maintaining the same level of performance and other business requirements.
Solutions are not always built with cost in mind, therefore, you need to demonstrate that you can spot opportunities to save money and reduce operational costs. Domain five: continuous improvement for existing solutions. This is the second highest percentage for any domain, which has a 29% weighting against your exam score. Additional emphasis on these elements should be given when studying. You'll be assessed on how well you can improve the security, reliability, performance, and deployment techniques of existing solutions. Now in this domain, there are six points, the first one, troubleshoot solution architectures. Being able to troubleshoot an issue is a fundamental element of being architect. If your design fails, you must know the best method of identifying where the problem exists and how to remediate it using different services and tools. Point two, determine a strategy to improve an existing solution for operational excellence. Over time, resources change, business requirements change, and so does technology. You must be able to review existing architectures and solutions to spot potential errors for operational improvement across a wide range of services in addition to the strategy for then implementing these improvements. Point three, determine a strategy to improve the reliability of an existing solution. Here you are being assessed on how well you can review an existing solution and identify any scope for increasing its high availability and resilience of the solution. Point four, determine a strategy to improve the performance of an existing solution, again, it's about reviewing a solution to determine if the best resources and services are being used and the correct capacity. Can the solution be more effective from a performance perspective by changing various resources perhaps scaling them up or even down? Point five, determine a strategy to improve the security of an existing solution.
Security challenges are being faced every day. Attackers are finding new methods to try and gain access to resources. You must be able to assess a solution and make service improvements and recommendations to implement a stronger and more robust protective strategy to guard your environment and data. The final point, determine how to improve the deployment of an existing solution. Deployments of applications including the releases can cause issues to end users. You need to be able to determine if there is a best practice way of deploying your applications and solutions to minimize any outages and service interruptions using different methods and services. Okay. That's the exam details covered as to what's required from a knowledge perspective. What is involved with this learning path? The learning path has been created in such a way that for each domain covered, there's a number of technical courses and hands-on labs, which will provide you with all the information you need to become prepared to master each domain control point discussed. As you progress through the learning path, you begin by looking at a number of courses and labs that relate to storage architectures across AWS and how they differ from each other and when to use them.
This is then followed in a similar fashion, but we compute a networking infrastructure looking at the compute services, network architecture, and design and implementation. You will then be guided through content that relates to decoupled architectures and how they operate and the services included to help you implement them. After that, we dive into the world of AWS Security covering everything from access control to application security. Following the security section, you will then learn about AWS migration and the different strategies and tools used before looking at application deployment management using a number of different services and techniques. The learning path will then end covering content relating to cost optimization. In total, there are over 40 courses and 18 labs. These figures may fluctuate as time progresses as we create an optimized additional content. It'll provide you with all the knowledge and practical experience to help you prepare for this difficult certification. At the end of the learning path, there is a mock exam simulation to highlight any weak areas that may need further attention and study.
I recommend you review some of the AWS whitepapers when you have completed your learning path to help you solidify your understanding of the services, features, and methodologies. For this particular certification, it would be beneficial to look at the following, all of which can be found using the link on screen: AWS Security Best Practices, AWS Well-Architected Framework, Architecting for Cloud AWS Best Practices, Practicing Continuous Integration and Continuous Delivery on AWS Accelerating Software Delivery with DevOps, Microservices on AWS, Amazon Web Services: Overview of Security Processes, and Using Amazing Web Services for Disaster Recovery. Now we have a clear understanding of what is required by a certified AWS solutions architect professional. Let's get started with the training. If you have any questions throughout this learning path, please contact us at email@example.com.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.