Preparing for AWS Solutions Architect Professional Level Certification Exam

August 21, 2014 | Comments(4) |

AWS has now publicly launched Professional level of their Solutions Architect certification exam. I cleared the certification a few days after it was launched. Below I discuss about my experience with the exam, and strategies that help clear the certification.

AWS Certification Exam Levels

Until now only Associate Level certification were available for all three vertices, Solutions Architect, SysOps and Developer. But Amazon is aggressively adding more certification levels and my prediction about Professional level certification has come true. Below is the chart for current and future certifications in the pipeline. As you can observe, Solutions Architect is now has Professional Level certification and possibly Master level is coming soon.



About Professional Level Certification Exam

According to Amazon, “The AWS Certified Solutions Architect – Professional Level exam validates advanced technical skills and experience in designing distributed applications and systems on the AWS platform“. In my experience, it was a very comprehensive and advance exam with a lot of real-world use cases being converted to exam questions. If you have not worked on real-life projects which involves architecting infrastructure on AWS, it might be quite difficult to answer some of the questions. Below we break down the exam objectives and the kind of questions that you can expect from this certification exam.


The pre-requisite for appearing for this certification exam is that:

  1. One has already achieved AWS Certified Solutions Architect – Associate Level certification. To know more about the Solutions Architect Associate Level Certification, click here.
  2. Although not strictly a pre-requisite, hands-on experience with AWS and/or some training will be required for clearing this certification. You must have experience architecting fairly involved solutions on AWS.

Exam Overview

  1. The cost for the certification is $300. Sometimes AWS does give out 50% off coupons in many of their events.
  2. The exam has about about 60 multiple choice, multiple answer questions. There is no hands-on or writing needed as part of the exam. The duration of the exam is 170 minutes. Its a long exam so go properly rested to be able to have the energy to keep going for three hours.
  3. The passing percentage are not disclosed and Amazon says it is derived by “statistical analysis and are subject to change“. Although many LinkedIn discussions believe it to be around 65%, but nobody can really guarantee that.
  4. The results are obtained immediately after the exam and the certification is valid for two years.
  5. In case you fail, the retake policy mentions that you can take the exam again after a month. Maximum three attempts are allowed in a year & each attempt costs separately, unless there is a coupon sometimes circulated by AWS, which gives one free reattempt.

Exam Contents

Below are the exam domains and the extent to which they are represented in the exam.

1.0 High Availability and Business Continuity (15%)

This section deals with ability to architect high availability solutions on AWS infrastructure. One needs to first understand the availability guarantee of each service and how they can be designed to provide higher availability then individual service does. For example, a single EBS volume has 99.95% uptime SLA and annual failure rate (AFR) which is 10 times more durable compared to commodity disk drives. But if storage in EBS requires higher durability compared to what EBS volumes natively provide, what kind of strategies can one use? Some of the examples are creating multiple volumes of the same size and creating a software raid on top of it, and using that as a storage solution. Another solutions can be taking frequent snapshots, as snapshots are stored in S3, the snapshots now gets 99.99999999% durability. Exam will have such scenarios and the questions will be on how to provide high availability.

2.0 Costing (5%)

Detailed information about cost parameters of each service is needed to be remember for this section. It might not be required to remember exact cost, but the pricing parameters. Ways to reduce costs are also part of this section. For example, the pricing parameters for S3 are bandwidth, storage and number of requests. Ways to reduce costs in S3 are using Reduce Redundancy Storage when applicable, reduce the bandwidth requirement by storing zipped content, etc. Such scenarios might be presented in form of use cases.

3.0 Deployment Management (10%)

Topics here include life cycle management of applications deployed on AWS. Strategies to have proper deployment strategies for dev, testing, staging and production environments based on the given use cases. Deep understanding of three main deployment services on AWS: CloudFormation, OpsWorks and Elastic BeanStalk is required.

For example, you might have an application deployed through AWS Beanstalk that is deployed first to testing, then to staging and later to production. The application has separate database for each. What are the best ways to manage the database connection strings? Also to consider things like how deployment strategies for application that changes only once every few months will be different compared to applications updated multiple times a day.

4.0 Network Design (10%)

This is fundamentally VPC based network architecture for large AWS infrastructure. This includes judgement of what pieces of infrastructure goes into public vs private subnets, what are use cases that require NAT and such technologies, determination of Network ACL and Routing rules for given subnets. This also includes use cases of when a VPC should have public internet gateway attached to it vs. only Virtual Private Gateway attached to it, or both at the same time.

For example, a given system architecture relies on network based IP blacklisting to protect against DDOS. When a DDOS in underway, where is it more efficient to blacklist the offending IP addresses? At Security Group, ELB, Network ACL, application layer or by modifying Routing rules.

5.0 Data Storage (15%)

This section deals with object stores like S3, archive-storage like Glacier and block storage like EC2′s ephemeral storage and EBS. Questions are mostly use cases where objective is to find the appropriate data storage method for that use case. Understanding the capabilities and cost associated for each of the services to replicate data within the region and across regions. Also services, tools and technologies to replicate data from in-house to AWS infrastructure and vice versa (for example AWS Storage Gateway).

For example, what are the best strategies to copy contents of a bucket in one region to a bucket in another region for disaster recovery? Here some of the solutions can be writing own scripts and crons, third party tools, and services like Data Pipeline which automates this process.

It will get advisable to go through the storage options whitepaper published by AWS.

6.0 Security (20%)

This topic is on how to secure infrastructure and applications hosted on AWS. With 20% weight, this is the most meaty section that can fetch you good score. One needs to understand the concepts of STS service thoroughly along with IAM concepts. Service level security features e.g. encryption at block level for EBS, encryption for data at rest in S3, fine grained access control for DynamoDB etc. can come in handy for questions related to compliance regarding data security & access. Network level security is another important area that needs to be understood well e.g. stateful vs stateless nature of firewall at security group / network ACL level. In addition it will be a good idea to read about Hardware Security Module (HSM) & how it can interact with other services like RedShift etc. to provide better management of your encryption keys.

7.0 Scalability & Elasticity (15%)

How to scale applications on AWS, including making sure that it scales well horizontally and there is no single point of failure. How to make sure application deployments are elastic, so that it scales up and down automatically with load. Here questions can be like figuring out the right criteria for auto-scaling. For example, lets say you have a fleet of servers streaming live media, fronted by an ELB, what metric will you use for auto-scaling? Although most people use CPU usage, in this case it might be better to setup autoscaling on the bytes transferred through the network interface. The exact values will depend on that instance type and other application parameters of course.

8.0 Cloud Migration & Hybrid Architecture (10%)

Although this section is weighted at only 10% but throughout the exam you might encounter multiple scenarios based questions that talk about Hybrid Architecture where AWS VPC is connected to your corporate data-center through a VPN tunnel. A deep understanding of setting up a VPN tunnel using Virtual Private Gateway & Customer Gateway using either static routing or dynamic BGP routing is required. There can be some scenarios where your knowledge will be checked on when to use static vs dynamic routing, when & where to use DirectConnect service etc.

In addition there could be use cases about migrating in-house application stack to cloud while minimizing the downtime using strategies like replicating your in-house database to the cloud using data-pipeline or other third party tools before the scheduled time window to perform switchover etc.


Overall the exam seems comprehensive and hands-on experience with AWS is a must.

Here is some additional information that can help while planning for this exam.

We are also offering this course to help with preparation for this certification, click here to know more. If you would like us to contact you with more info, please fill out this form and we will get back to you.

If you have not already cleared Associate level certification, do it now. Check out the sample questions for AWS Solutions Architect Certification – Associate Level here.

How to Register

To register, click this Kryterion testing center link. You will need to create an account before you register for the test.

Good luck!! If you have any questions, please mention them below and will try to answer them. Also if you like the article please share it with others.

4 Responses to “Preparing for AWS Solutions Architect Professional Level Certification Exam”

  1. Narender

    did you clear the aws professional exam? could you let me know was just reading the aws documentation and whitepapers and little hands on was enough for the exam.

  2. Himanshu Sachdeva Himanshu Sachdeva

    Even in my experience with the exam, I found it to be very well designed that really challenges your knowledge of AWS Infrastructure & Architecture practices.
    Just reading the whitepapers or little hands-on might not be enough & you should have some practical experience working on AWS for production scale enterprise environments. That will give you experience with real-world projects.
    Or you can plan for attending trainings that CloudThat provides which covers such use cases and learnings that we have gained while working extensively for our clients


Leave a Reply