Review By: Haris Zaheer
Time taken to Prepare
Detailed Review Of Preparation
I have passed AWS solution architect — Associate exam first. Then I pass AWS SysOPS Administrator, If you are planning to do AWS Certification I prefer to take Solutions Architect exam first.
SysOps -Associate exam is a bit tough than Solutions Architect. to pass the exam the best course for study is by "A Cloud Guru". This course provides the key insights to pass the certification. To pass the exam in your first attempt you must take the practice exam course either by Whizlabs or any other resource. It will help you in areas where you are lacking knowledge.
I will share some important questions which they have asked in exam.
To pass the exam you must know the following key points.
FOR EC2 -
EC2 appears in many questions with other services e.g load balancers. Troubleshooting of EC2 instances. For example "InsufficientInstanceCapacity" and "InstanceLimitExceedederror". Difference between High Availabity and Fault Tolerant solutions. EC2 with ALB and ASG.
For AMI's -
to share AMI with other account and to other region. "To copy an AMI that was shared with you from another account, the owner of the source AMI must grant you read permissions for the storage that backs the AMI, either the associated EBS snapshot (for an Amazon EBS-backed AMI) or an associated S3 bucket (for an instance store-backed AMI).
"you can copy an encrypted AMI that was shared with you from another account. if the underlying snapshot and encryption key both were shared with you"
For S3 -
View the format of bucket policies. Server side and client side encryption of S3 using KMS, and Versioning.
For EBS -
Custom and Default metrics of EBS for CloudWatch, Encryption of EBS Volumes intransit and at rest. ( To encrypt existing EBS volume , take encrypted snapshot and attach the volume to instance). If EBS responce is slow or high wait time for SSD => increase IOPS. For EFS (you can't encrypt existing EFS, make a new EFS enable encryption and copy data to the new encrypted EFS).
Multi AZ is for Disaster recovery , Read Replicas are for high availability. Encryption of RDS. For Aurora (If write operations are high increase instance size, if read operations are high increase increase read replicas).
Primary and important service of AWS for any exam. Important thing to look for SysOps are Nat Gateway, Security Groups and NACL, Direct Connect, VPC Peering. Public and Private Subnet. (If ipv6, use egress only internet gateway), VPV flowLogs, and VPC endpoint.
For CloudWatch -
Very Important topic for SysOps. Focus on what are Default metrics and what are custom metrics of AWS CloudWatch for other services. ( EC2, EBS, ALB mainly)
MUST LOOK THESE SERVICES ( AWS Budget, AWS COST_EXPLORER, AWS Cost and Usage Reports, AWS Cost Allocation Tags) You must know the difference between these services. AWS Organizations ( must question about this service , also check what is Consollidated Billing.) there are 5 to 8 questions on these above mentioned services
For CloudTrail - This is used for logging. IMPORTANT , how to secure Logs in S3 buckets ( using bucket policies, MFA delete, IAM Policies , and Cloud Trail Log Validaion)
AWS Inspector vs Trsuted Advisor ,, AWS Shield vs AWS WAF ,, KMS and Cloud HSM
Other Very Important services
Basics of AWS System Manager , AWS Config, Security Token Services (STS), Elastic_Cache. Troubleshooting of ASG, ALB
CloudFormation ( 5- 6 questions about Cloud Formation are must may be more. Read Faqs of each service but for Cloud Formation read FAQs twice before taking exam.) important points for cloudformation are, ( what is resources, parameters, mappings, outputs, change_sets , stack_sets , Rollback on Failure).
I may miss some other points for Certification, but the course of A Cloud Guru is pretty awesome to prepare for exam. Must read AWS FAQs before exam. and check the AWS exam guide and sample questions here https://aws.amazon.com/certification/certified-sysops-admin-associate/.
Best of Luck for the exam.
Benefits From Certification