Some Tips I Found When Sitting the AWS Solution Architect Test

  • by Tim

Not only for solution architect professional, it is basically for all kinds of AWS services related questions.

Some Experiences to Share

  • Anything related to cost-efficient,
    • Have an eye an s3. S3 as a cheapest storage solution, you deserve to try it.
    • Serverless solution (lambda, Api gateway) can help you save too
    • Or try ECS Fargate, pay as you go, a Kubernetes like AWS solution
  • Availability or reliability
    • keep an eye on LB, ECS, Serverless (API Gateway, Lambda, Dynamo), RDS Multi AZ, Aurora
  • Unpredictable amount of data to store
    • You only have two options left, S3 or Dynamo (Aurora, RDS they both have a maximum amount)
  • You want something realtime?
    • Try Kinesis
    • CloudWatch logs some times can work too, (but not cloud trail, there is always a minutes delay of cloud trail)

Some Tips

I hope you understand, the tips below cannot help you to pass a cert test or help you gain huge amount of cloud architect/development experience, but it can help to easily detect the options which make no sense.

  • lambda should not be used for creating snapsot
  • s3 galcier expected retrieval 1~5 minutes
  • no source ip filter for s3
  • nat gateway not support ipv4, egress-only does
  • health check
    • 2xx 3xx
  • autora can scale automatically, no other lambda or event
  • athena, query s3 through sql
  • ebs limit 16tb
  • snowmobile > 10pb
  • cloudtrail logs are not real time 5-15min delay
  • aws config rule is for monitor
  • cloudformation, stck policy is used for update
  • dynamo no max size limit
  • aurora 64tb
  • ebs 16tb 20k iops (general is 10k)
  • firehose is more expensive than stream
  • WAF on cloudfront not for auto scal group
  • AWS shield on route 53
  • kinesis cannot stream data from s3, source cannot be s3, target can
  • target group helath check need http/s alb
  • sqs worker can be another region
  • DMS, by default engine will be innodb
  • cannot update a sqs queue to fifo, if want, you have to delete then recreate one
  • cognito identiy pool can use for auth aws resource, user pools just a users directory
  • AWSBasePatch not AWS Windows Patch
  • instacne can bem oved in a placementgroup without termination
  • if want service limit from cloud watch you need aws business support plan
  • certificate for elb cannot be cross region
  • rds support sql server/oracle, but not db2
  • dynamo is not supported by cloud watch event, you need cloud trails
  • dynamo stream to record item change activities
  • lambda can be uses to start/stop beanstalk env
  • red shift cluster is single az
  • cloud watch event do not suppport s3
  • aws opsworks are not os patches
  • video stream cannot save video to s3 directly
  • enbaleDnsHostname to determine if whthin vpc or public
  • enableDnsSupport id aws dns is supported in vpc
  • ebs rds cross region copy
  • (physical to virtual) p2v is not supported by servier migration service
  • cache control header annot be set in cloudfront

P.S.

Please do not relay on these tips too much here, there might be errors and might be outdated in the future too.

## BTW
- Do use it (AWS services)
- Do design some architecture for a solution (from simple)
- Do play around it

Leave a Reply

Your email address will not be published. Required fields are marked *