AWS Architect Certification (Associate & Professsional)

Associate Certification

Resource Collection

Topic Resources White Papers Technical Terms Qwiklabs


  • Security
    Introduction to EC2 Spot Instances: 20 minutes
ELB ELB: Documentation sticky session, ELB, ALB, NLB, code 504, TCP/IP Level 7, TCP/IP level 4, intelligent routing, Cross Zone Load Balancing, Path Patterns Working with Elastic Load Balancing: 20 minutes
Networking: VPC


VPC landing page

Getting Started Guide(html)

User Guide

Amazon VPC Connectivity Options

End point, gateway, public subnet, subnet, peering, routing, AZ   
Networking: Direct Connect FAQs  

VLAN,  1000BASE-LX, 10GBASE-LR, singlemode fiber, Bidirectional Forwarding Detection, IPsec VPN, Border Gateway Protocol (BGP), Autonomous System Number (ASN)

Storage: EBS EC2 FAQs      
Storage: S3, CloudFront



  Bucket, Origin Access Identity, trusted signer, Cloud Front signed URL  
Storage: Glacier  FAQs   vault lock policy  
Storage: Storage Gateway  FAQs Youtube Introduction video Gateway-VTL, Gateway-Cached Volumes, Gateway-Stored Volumes  
SQS  FAQ (one question)   hidden (after having fetched it), standard queue, FIFO queue, batch, send receive, delete, DeadLetterSourceQueues, Lifecycle, long polls, retention  




Overview of Security Processes

Introduction to AWS Security (High level introduction)

Security Best Practices

AWS Best Practices for DDoS Resiliency

 IDS (Re-Invent pres.), DDos, WAF sandwich Auditing Your Security with AWS Trusted Advisor: 35 minutes
Auditing Changes to Amazon EC2 Security Groups: 37 minutes

Example setup (youtube 11min)


    Maintaining High Availability with Auto Scaling: 50 minutes
Launching Amazon EC2 Spot Instances with Auto Scaling and Amazon CloudWatch: 45 minutes
Database: RDS FAQs    know the DB specific replication technologies RDS is using Administering Amazon RDS for Microsoft SQL Server: 90 minutes
Database: DynamoDB FAQs  

partition key, item, attribute, key-value, composite primary keys, Global Secondary Index, Local Secondary Index (LSI), Projection, Fine-Grained Access Control (FGAC), provisioneds through put, cross-region replication, streams

Working with Amazon DynamoDB:: 25 minutes
Database: Redshift


Cluster Management Guide

 Getting Started Guide (Video, hands on lab etc.) Cluster, Node, Cluster Type, Cluster Parameter Group, WLM (Workload management Configuration)  Working with Redshift: 55 minutes
CloudWatch  FAQs      


Overview of Deployment Options on AWS (Covers as well OpsWork and CodeDeploy Stack, Template, create- cancel- delete- rollback-stack, UserData, AWS:CloudFormation:init, stack updates Creating an Amazon Virtual Private Cloud (VPC) with CloudFormation: 27 minutes
Launching and Managing a Web Application with AWS CloudFormation: 27 minutes
Elastic Beanstalk  FAQs
  ebextensino, leader_only  
Architecure, Availability     RTO, RPO, AZ  
SNS   SNS Mobile Push topic, subscribe, publish  
SWF: Simple Workflow Service Developer Guide    asynchronous, distributed, workflow, activities, domain, activity workers, activity tasks, deciders  
Route 53


Route 53 Developer Guide

  DNS, A (address) record, CNAME (canonical name record), AAAA (IPv6 addres record), Alias record, hosted zone, TTL, WWR (Weighted Round Robin), LBR (Latency Based Routing), Geo DNS, private DNS, health check Introduction to Amazon Route 53: 55 minutes


Annoying Facts

S3 Path Styles


1. Virtual hosted-style

Format: name (Reference)

2.  Path-style

support ends September 30, 2020


3. C-Name Method


The  C.Name is an alias for (Reference)

4. s3-Region


some regions only

Professional Certification

AWS landing page: AWS Certified Solutions Architect – Professional

170 minutes: Multiple choice and multiple answer questions

Exam Guide

Sample questions

Recommended trainings

General advice

Resource Collection (for specific Professional Certification Topics)

Topic Resources White Papers Technical Terms Qwiklabs



Well-Architected Framework (Great appendix)

Security Best Practices

AWS Best Practices for DDoS Resiliency

Disaster Recovery Whitepaper


Security, Reliability, Performance, Cost optimization  



Temporary Security Credentials

Cross Account Access Roles 

Cognito, STS, Identity Federation, SSO  

Deployment: CodeDeploy

FAQs   configuration, application, revision, group, Appspec file, lifecycle events, agent Introduction to CodeDeploy: 40 minutes

Deployment: CodePipeline

FAQs   pipeline, revision, stage, artifact, transition, action  

Architecture: CloudFront

FAQs  Developer's Guide edge location, CNAME alias, invalidation requests, price class, geo restriction, RTMP delivery, signed request  

Data Pipeline

FAQs   Documentation activity, precondition, on-premises task runner  


FAQs   Documentation
  • streams,
    • shards
    • data records
    • retention period
    • partition keys
  • firehose,
    • Firehose delivery stream
    • records
    • data producers
  • analytics
    • time-series analytics
    • real-time dashboards
    • real-time metrics
Introduction to Amazon Kinesis Firehose: 30 minutes

Building Real-Time Dashboards with Amazon Kinesis Dynamic Aggregators: 55 minutes