AWS Certified Solutions Architect – Associate (2018)

I have recently cleared the AWS Certified Solutions Architect – Associate (2018).

Based on my preparation and the exam itself, i have compiled some points as per the index below.

Simple Storage Service (S3)

Virtual Private Cloud (VPC)

Elastic Compute Cloud (EC2)

Elastic Block Storage (EBS)

CloudWatch

Relational Database Service (RDS)

DynamoDB

Miscellaneous

AWS Certified Solution Architect – Points to remember (miscellaneous)

1. Simple Queue Service.
   Use Visibility Timeout parameter to avoid duplication of message being processed.
   By Default AWS uses short polling which could incur unnecessary cost to empty response polling.
   Long polling should be used to avoid this.
   ReceiveMessage call sets WaitTimeSeconds to 0.
2. Simple Notification Service usage.
3. Simple Workflow Service Usage.
4. Redshift is a Database Warehouse service.
5. Uses block size of 1 MB. Compared to other databases which use 2 KB to 32 KB much more efficient and reduces IO’s.
6. Kenesis is used for streaming data.

AWS Certified Solution Architect – Points to remember (DynamoDB)

1. Fully managed NoSQL database service.
2. You cannot select Availability Zone while creating a DynamoDB table.
3. No Secondary Indexes created by default. Must be created manually if required.
4. Provisioned capacity set to 5 reads and 5 writes by default.
5. Amazon DynamoDB stores three geographically distributed replicas of each table to enable high availability and data durability.
6. Two Consistency models:
   Eventually Consistent Reads (Default): Maximizes read throughput but change might not reflect immediately.
   Strongly Consistent Reads: Can be request and give read speeds of less quicker.
7. A single Scan will only return a result set that fits within the 1 MB size limit.

AWS Certified Solution Architect – Points to remember (RDS)

1. Relational Database Service.
2. Supported databases (AMMMOP – If it helps!)
   Amazon Aurora
   MariaDB
   Microsoft SQL
   MySQL
   Oracle
   PostgreSQL
3. Contrary to DynamoDB, for RDS you can select the availability Zone for RDS in a region.
4. There is no easy way to encrypt an all already existing unencrypted RDS instance.
   You will have to make a snapshot add and encryption key to snapshot and restore the session using this encrypted snapshot.
5. All database backups are automatically deleted once you delete the RDS instance.
6. Default backup retention period is 1 day and can be extended up to 35 days.
7. Read replicas are Asynchronous and Multi-AZ is Synchronous.
8. Anything with read performance improvement points to Read Replicas and Anything with availability points to Multi-AZ Deployments.
9. Backups are automatically deleted if you delete the RDS instance. May be there is still a snapshot if the person who deleted selected this option.

AWS Certified Solution Architect – Points to remember (CloudWatch)

1. Memory Usage of EC2 instance is not monitored by default. Custom checks must be created.
   CPU Usage, Disk Read operations, Network In and Estimated charges are monitored by default.
2. By default, metrics are stored at 1-minute resolution in CloudWatch. Default Granularity is 1 minute.
3. Cloudwatch store the logs for terminated EC2 and EBS volumes for 15 Months by default.
4. Retention period of the monitored logs depend on the data points. 

AWS Certified Solution Architect – Points to remember (EBS)

1. Elastic block storage.
2. Suitable for block based storage, like running an operating system, database, webserver etc..
3. Encryption can be enabled on EBS volumes while creating the volume.
4. You cannot disable or enable encryption on the fly. It will need either a data copy or snapshots.
5. To increase IOPS, add multiple disks and create Raid arrays.
6. You cannot attached EBS volumes to multiple instances. You can attach it to only one instance at a time.

AWS Certified Solution Architect – Points to remember (EC2)

1. Uptime SLA for EC2 and EBS within a region is 99.99%
2. Default cooling period of a Autoscaling group is 5 mins.
3. Cooling period can be adjusted based on requirement.
4. AWS lambda scales automatically. No end-user actions required.
5. User Lambda Environment variables to pass parameters to function. For sensitive information you can use encrypted environment variables.
6. Remember that both EBS and EFS does not scale automatically.
7. EFS to expensive compared to EBS. So EBS is cost effective compared to EFS.
8. EBS volumes cannot be shared between different instances.
9. Since EFS is network file system, a latency is expected.
10. Use Lambda instead of EC2 where ever possible. Example there are simple computations to be done which does not need a big EC2 instance or a scenario where your computations should scale to millions of requests automatically.
11. Regional Reserved Instances do not provide a capacity reservation.
12. Standard and Convertible Reserved Instances provide a capacity reservation in a specific availability zone.
13. Application Load Balancer is the most comprehensive ELB available and most cost effective.

AWS Certified Solution Architect – Points to remember (VPC)

Virtual private cloud.

VPC Limitations

You can use a network address translation (NAT) gateway to enable instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances.

NAT are ideal for instances which need one interntet connection for example patching but no incoming connection from internet.

Bastion hosts (Which are in a public subnet) should be used to connect to the instances in your private subnet.

Other way to connect to server in private subnet is to have a direct VPN connection.

You dont have to

 

AWS Certified Solution Architect – Points to remember (S3)

1. Simple Storage Service.
   
   Durability is same across services.
   Availability reduces marginally with each service.
2. S3 Reduced Redundancy Storage (RRS) will have both availability and Durability at 99.99%.
3. Unlimited Storage. AWS takes care of scaling automatically. This is the only service with almost unlimited storage extended automatically.
4. You can have 100 buckets per account. This is soft limit and can be increased.
5. Cheapest solution for immediate retrival is S3 One Zone IA.
6. S3 Standard, IA and Zingle zone all offer  high durability, high throughput, and low latency.
7. Block based Storage. Means can store only objects  like media files, PDF’s etc.  Cannot run a database or a operating system.
8. Minimum object Size is 0 Bytes for S3 standard and Minumum billable object size for S3 IA and S3 One Zone IA is 128 KB.
9. Size Limit of 5 Terabytes for single object.  The largest object that can be uploaded in a single PUT is 5 gigabytes
10. For big objects it is recommended to use MultiPart upload API.
    Multipart Upload is recommended for files greater than 100 Mb, and is required for files 5 GB or larger.
    
11. Presigned URL’s can be provided to customers/users who dont have access to AWS to upload files to your bucket.
12. HTTP Status code for succesful upload is 200 (Like always).
13. Glacier is used as a data archiving Solution. Cheap storage but costs money for data retreival.
14. S3 maintains the mapping between user defined object names and system defined object names in Glacier. So S3 API or AWS console should be used to retrieve data from Glacier.
15. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures.
16. S3 object access url:
    S3-Region-bucketname.amazonaws.com/object
17. S3 being hosted as static webiste, url will be
    Bucketname-S3-website-Region.amazonaws.com
18. Encryption keys (At rest):Server side encryption:
    S3 – Completely managed by AWS.
    KMS – Also completely managed by AWS but master key is managed by cusotmer.
    C – Completely managed by customer.Client side encryption:
    You have to manage the encryption by yourself completely.