Three months ago, on the last day of November last year, I took and passed the famous AWS Certified Solutions Architect – Professional exam for the third time. Due to recent health problems, I couldn’t study as much as I had hoped. Still, I passed with a decent score of 837/1000 and extended it to 2027. I also renewed my first AWS certificate, AWS Certified Solutions Architect – Associate with this exam and guaranteed to be AWS certified for over 10 years.
The exam was different each time I took it. Thus, as of the end of 2024, I want to share my experiences for the third time. I hope it also helps you in your AWS certification journeys.
How did I prepare for the AWS Certified Solutions Architect – Professional exam?
My exam preparations primarily consist of these steps:
Viewing the exam blueprint.
Reading AWS whitepapers if necessary.
Reading each service’s FAQ and, optionally, the primary documentation if it is essential.
Viewing recent re:Invent sessions about services from YouTube when needed.
Taking notes and trying the services included hands-on.
I haven’t taken online certification courses because I am also planning to build one and didn’t want to learn from other instructors and develop my knowledge. Of course, this was the hard way. However, this way, my future courses will be genuine and help you from another perspective.
I already renewed my AWS Certified DevOps Engineer – Professional certification two months before taking the AWS Certified Solutions Architect – Professional exam. Hence, I didn’t have to study DevOps topics for this exam. I just reviewed some of my notes to recall their use cases as a solutions architect.
Reading the documentation and trying the service help greatly. You understand the service well. Watching AWS re:Invent videos is also very valuable because you need to understand AWS services from a solutions architect’s perspective.
About the AWS Certified Solutions Architect – Professional exam content
The AWS Certified Solutions Architect – Professional exam is the same as the AWS Certified DevOps Engineer exam in style but is very different in terms of content. It is not as detailed as the DevOps exam. However, its questions are more scenario-based, mostly with answers asking to select 2-3 choices together, and you must decide what is best for the situation asked as an AWS solutions architect. Mostly, you don’t have to know the exact configuration for a service’s resources in detail. It is more like you must know where to use the service.
As far as I remember, here are the key topics asked in the exam. I divided them into categories to make them easier to identify. However, most questions actually fall into multiple categories.
Organizations
As in all AWS Certified Solutions Architect – Professional exams, AWS Organizations take a central place. However, it is asked more with other domains because it is an organizational structure.
You must know Organizations in general and how to share resources between accounts with the AWS Resource Access Manager.
Applying tag policies across your organization also appeared.
Trusted advisor and GuardDuty usage in a multi-account organizational setting is also crucial.
Know AWS Control Tower in general. Although it was not asked for in detail, like in the DevOps exam, it is still crucial.
Migration
Migrating an on-premises server and data with minimal effort with AWS Systems Manager, AWS Backup, and VM Import/Export
Connecting to an on-premises database to collect database and table information to perform migration analysis. You should know the AWS Database Migration Service and Schema Conversion Tool (SCM) features.
Performing a migration analysis with or without installing anything on the servers: AWS Migration Evaluator, AWS Application Migration Service agent-based and agentless discoveries. Reading the migration whitepaper may be helpful.
Transferring data to AWS with AWS DataSync, AWS Transfer Family, or AWS Storage Gateway.
Migration of OLAP DBs and Oracle DBs to Redshift.
Knowing to use AWS Outposts in migrations to AWS.
Security & Compliance
Knowing how to use IAM permission boundaries and Security Control Policies (SCPs) to limit the permissions of an IAM identity is crucial. You should also know their differences.
AWS Config: How to be notified with SNS when a user changes something in an AWS account without preventing her from doing it.
Differences between AWS CloudHSM, Amazon KMS, and Amazon S3 encryption
Using Security Hub as a central place for security in your AWS organization.
Using AWS Web Application Firewall (WAF) with ALBs and API Gateway APIs
Scanning Amazon ECR images with Amazon Inspector automatically
Know how Identity Center SAML authentication works and how it is configured.
Learn what Audit Manager is used for. It appeared in a few questions.
Serverless
- API Gateway was an essential topic in the exam. You should know AWS solutions for:
- APIs accessed from multiple regions
- Private APIs accessed only from VPCs
- APIs triggering AWS Lambda functions
Hosting static sites on Amazon S3 with Amazon CloudFront
Using Amazon RDS access points in Lambda functions ( It may also be considered in the DB category. )
- Step Functions were not asked as detailed as in the DevOps Engineer exam. However, they appeared in answers to a few questions. Learn how to orchestrate API calls and Lambda function executions with Step Functions.
Networking
Networking with AWS Transit Gateway and VPN Gateway and connecting to multiple VPCs using a dedicated DirectConnect connection.
Using AWS Firewall Manager to automatically add AWS WAF rules across accounts and new accounts. Using AWS Systems Manager Parameter Store to store parameters.
Routing policies on Amazon Route 53 had a few questions. You may be asked why a specific failover configuration doesn’t work or design a failover solution for a multi-region architecture.
Databases
Solutions for creating leaderboards: The differences between Amazon MemoryDB and Amazon ElastiCache for single-digit latency with the ability to preserve data for later analysis. You may also be asked to do it with Amazon DynamoDB.
Caching Amazon DynamoDB tables with DAX, using DynamoDB Global Tables in multi-region architectures, and DynamoDB auto-scaling were asked.
Some questions involved Aurora and Aurora Global Databases. Amazon RDS was also asked, but less than Aurora. Know how to use Aurora readers.
Knowing Amazon Redshift, in general, also helps. Amazon Neptune was among the options in some questions but not directly mentioned.
Using in-memory DBs for high-performance computing.
Amazon DocumentDB appeared in a question. Amazon Timestream was among the options in some questions.
Storage
You should know Amazon S3 access points and their use cases.
Amazon EFS and Amazon EBS differences. Configuring multi-access to EFS filesystems from other EC2 instances.
Knowing the platforms in Amazon FSx family services would help. For example, which one supports NFS and SMB? The questions were primarily about Windows File Server, but Lustre also appeared.
DevOps Tools
Architecting a CI/CD pipeline using AWS CodePipeline, AWS CodeBuild, and AWS CodeDeploy services with minimal effort.
Using the Service Catalog to launch verified AWS CloudFormation templates without affecting the current user’s abilities.
Container solutions with AWS AppRunner, Amazon ECS, Amazon EKS, and AWS Fargate. Know what they are used for. It was not as detailed as the DevOps exam.
Elastic Beanstalk appeared only once as an answer to launching EC2 instances behind an ALB and performing Blue/Green deployments with minimal effort. The DB was separated naturally.
Know Amazon X-Ray and tracing in general. There were a few questions about Amazon CloudWatch logs and metrics, but it was not emphasized as in the DevOps exam.
Data Analytics
Using Kinesis Data Firehose and Data Streams to stream CloudTrail and CloudWatch logs to S3 and other target locations.
Know the use cases of AWS Glue, Athena, and QuickSight.
Learn Amazon EMR in general. It appeared in some questions and answers.
Know Amazon OpenSearch in general.
Application Integration & Messaging
Know how to use Amazon EventBridge to route events from an API to multiple consumers.
Know the differences between Amazon SQS standard and FIFO queues, SNS standard and FIFO topics, and Amazon MQ.
Know Amazon SES in general. It appeared in some questions and answers but not in a detailed way.
Cost Optimization
Know the differences between Saving Plans, on-demand, reserved, and spot instances.
Learn how to merge EC2 saving plans, compute plans for Fargate and Lambda, Lambda (reserved concurrency or on-demand), and database reserved instances to create a cost-effective solution for a given scenario.
Learn S3 storage classes, such as moving to S3 standard infrequent access or S3 Glacier instant retrieval, to achieve a cost-effective solution in a given scenario.
Know cost explorer and cost allocation tags and how to ensure they are included in resources with AWS Config without affecting developers.
Know AWS Compute Optimizer in general.
End-user Computing
Learn use cases of Amazon Workspaces.
Amazon AppStream also appeared in some answers but was not asked directly.
Machine Learning & IoT
SageMaker appeared in a few questions.
Only IoT Core was in the exam from the AWS IoT services.
My Exam Experience with Pearson Vue
I took the exam from my home office like the previous one with online proctoring from Pearson Vue. As always, I checked in, received a link to take pictures of my environment, and connected to a Vue proctor who checked my desktop and elbows (You shouldn’t wear watches.) before starting the exam.
The exam experience was smooth. I encountered no issues. Although I didn’t see the exam result immediately, I received it a few hours later.
Conclusion
After every exam I take, I write my experiences in a blog post. I passed the AWS Certified Solutions Architect Professional for the third time three months ago but had a chance to write about it now. I hope it guides you in the right direction while preparing for it.
I am also developing courses for AWS certifications. While there are many courses from other successful instructors, my courses will help you by leveraging my years of experience and my teaching style. I will start with the foundational certifications but eventually launch professional ones.
So, stay tuned. You can also follow me on LinkedIn and X.com (formerly Twitter) to be notified when my AWS certification courses are ready.
References
