Not only for solution architect professional, it is basically for all kinds of AWS services related questions.
Some Experiences to Share
- Anything related to cost-efficient,
- Have an eye an s3. S3 as a cheapest storage solution, you deserve to try it.
- Serverless solution (lambda, Api gateway) can help you save too
- Or try ECS Fargate, pay as you go, a Kubernetes like AWS solution
- Availability or reliability
- keep an eye on LB, ECS, Serverless (API Gateway, Lambda, Dynamo), RDS Multi AZ, Aurora
- Unpredictable amount of data to store
- You only have two options left, S3 or Dynamo (Aurora, RDS they both have a maximum amount)
- You want something realtime?
- Try Kinesis
- CloudWatch logs some times can work too, (but not cloud trail, there is always a minutes delay of cloud trail)
Some Tips
I hope you understand, the tips below cannot help you to pass a cert test or help you gain huge amount of cloud architect/development experience, but it can help to easily detect the options which make no sense.
- lambda should not be used for creating snapsot
- s3 galcier expected retrieval 1~5 minutes
- no source ip filter for s3
- nat gateway not support ipv4, egress-only does
- health check
- 2xx 3xx
- autora can scale automatically, no other lambda or event
- athena, query s3 through sql
- ebs limit 16tb
- snowmobile > 10pb
- cloudtrail logs are not real time 5-15min delay
- aws config rule is for monitor
- cloudformation, stck policy is used for update
- dynamo no max size limit
- aurora 64tb
- ebs 16tb 20k iops (general is 10k)
- firehose is more expensive than stream
- WAF on cloudfront not for auto scal group
- AWS shield on route 53
- kinesis cannot stream data from s3, source cannot be s3, target can
- target group helath check need http/s alb
- sqs worker can be another region
- DMS, by default engine will be innodb
- cannot update a sqs queue to fifo, if want, you have to delete then recreate one
- cognito identiy pool can use for auth aws resource, user pools just a users directory
- AWSBasePatch not AWS Windows Patch
- instacne can bem oved in a placementgroup without termination
- if want service limit from cloud watch you need aws business support plan
- certificate for elb cannot be cross region
- rds support sql server/oracle, but not db2
- dynamo is not supported by cloud watch event, you need cloud trails
- dynamo stream to record item change activities
- lambda can be uses to start/stop beanstalk env
- red shift cluster is single az
- cloud watch event do not suppport s3
- aws opsworks are not os patches
- video stream cannot save video to s3 directly
- enbaleDnsHostname to determine if whthin vpc or public
- enableDnsSupport id aws dns is supported in vpc
- ebs rds cross region copy
- (physical to virtual) p2v is not supported by servier migration service
- cache control header annot be set in cloudfront
P.S.
- Do use it (AWS services)
- Do design some architecture for a solution (from simple)
- Do play around it