AWS Solutions Architect Associate Exam Study Guide [SAA-C02]

AWS Solutions Architect Associate Certificate Exam Study Guide

Preparing for the AWS Solutions Architect Associate (SAA-C02) exam? Don’t know where to start? This post is the AWS Solutions Architect [Associate] Certificate Study Guide (with links to each objective in the exam domain).

I have curated a detailed list of articles from AWS documentation and other websites for each objective of the AWS Certified Solutions Architect [Associate] (SAA-C02) exam. Please share the post within your circles so it helps them to prepare for the exam.

AWS Solutions Architect Associate Course [SAA-C02]

AWS Solutions Architect Associate Practice Test [SAA-C02]

AWS Solutions Architect Associate Other Material

AWS Solutions Architect Associate Practice Test

Check out all the other AWS certificate study guides

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Design Resilient Architectures - 30%

Design a Multi-tier Architecture Solution

Design Highly Available and/or Fault-tolerant Architectures

Design Decoupling Mechanisms Using AWS Services

Choose Appropriate Resilient Storage

AWS Certified Solutions Associate

Amazon link (affiliate)

Design High-performing Architectures - 28%

Identify Elastic and Scalable Compute Solutions for a Workload

Select High-performing and Scalable Storage Solutions for a Workload

Select High-performing Networking Solutions for a Workload

Review the following videos:

Connectivity to AWS and hybrid AWS network architectures

Optimizing Network Performance for Amazon EC2 Instances

Network Architecture Selection

Wikipedia article on Network Performance

Enable & configure enhanced networking on my EC2 instances

AWS Services for high-performing networking solutions:

AWS Global Accelerator

It Creates accelerators to improve the performance of your app by directing traffic to the best-suited endpoints in the AWS network

AWS Global Accelerator

Get started with AWS Global Accelerator

Achieve up to 60% better performance with Global Accelerator

AWS Global Accelerator: Improving latency & design for failure

Improve application performance for your traffic with Global Accelerator

Improve your app’s performance with AWS Global Accelerator

Global Accelerator: Building performant applications

AWS Direct Connect

Establishes a dedicated network connection from the on-premises network to the cloud

AWS Direct Connect

AWS Direct Connect (for connecting to the on-premises network)

Connect your data center to AWS with Direct Connect

AWS Virtual Private Network

AWS VPN connections extend your on-premises networks to the cloud. Similar to Direct Connect. But VPNs use IPSec (with the help of the Internet) to connect your network with AWS. Whereas Direct Connect uses a dedicated private network to establish connections (does not use the Internet). Similar to Express Route if you come from the Azure world.


Getting started – AWS Site-to-Site VPN

Improve VPN Network Performance with Global Accelerator

Troubleshoot low bandwidth issues on my VPN connection

AWS Transit Gateway

A cloud router. It connects multiple VPCs in your account with the on-premises network (if needed) with a central hub. Replaces many 1-1 connections between the VPCs.

AWS Transit Gateway

Scaling VPN throughput using AWS Transit Gateway

Increasing bandwidth between VPCs by using Transit Gateway

AWS CloudFront

CloudFront is a Content Delivery Network (CDN). It stores a copy of your website assets in different edge locations around the world. When a user requests a resource, it is served from the nearest edge location, thereby reducing latency.

Amazon CloudFront

Improve your website performance with CloudFront

Amazon S3+CloudFront: A match made in the Cloud

AWS Outposts

For running AWS infrastructure and other services in an on-premises environment. So you needn’t move your sensitive data to the cloud. You move the cloud to the location of your data.

What are AWS Outposts?

AWS Outposts: A deep-dive

AWS Local Zones

Moves AWS Compute, Storage, DBs closer to centers where no AWS regions exist.

What are AWS Local Zones?

Low-latency computing with AWS Local Zones

Why Outposts, Local Zones, & Wavelength are game-changing for enterprises?

AWS Wavelength

Move AWS services to the edge of the 5G network, so traffic from 5G devices can reach servers in Wavelength Zones.

Introduction to AWS Wavelength

AWS Wavelength for delivering ultra-low latency apps for 5G

Use Wavelength to deliver apps that require ultra-low latency

Choose High-performing Database Solutions for a Workload

Database architecture selection – Performance efficiency pillar

Relational databases

Simple stuff, data tables related to each other via primary-foreign key relationships. A great fit for transactions (OLTP) in the financial world.

What is a Relational Database?

What is Amazon Relational Database Service (Amazon RDS)?

Best practices for Amazon RDS

Configuring parameters related to performance

Tuning Amazon RDS performance

What is Amazon Aurora?

Managing Performance for Aurora DB Clusters

Amazon Aurora performance assessment

Deep Dive on Amazon Aurora performance tuning

Amazon Redshift

Performance of Amazon Redshift

Top 10 performance tuning techniques for Amazon Redshift

Improving Amazon Redshift Performance

Key-value database

A type of NoSQL database (not only SQL). The unique identifier is the key. The value can be any data structure. It is widely used by web applications for storing user session details.

What is a Key-Value Database?

What is Amazon DynamoDB?

Best practices for designing and architecting with DynamoDB

Amazon DynamoDB: Performance & cost optimization at any scale

In-memory databases

A database that’s housed in memory (RAM) instead of the disk. So it is volatile (you lose all data on failure) but gives you faster response times. Widely used in BI applications, so the user can drill-down/up or filter the report across dimensions with minimal latency.

What is an In-memory database?

Amazon ElastiCache

Amazon ElastiCache for Redis

Amazon ElastiCache for Memcached

Boosting performance with Amazon ElastiCache for Redis

Performance at Scale with Amazon ElastiCache

Accelerate Application Performance with Amazon ElastiCache

Caching strategies

Document database

Data is stored in JSON-like documents. Used when the data is not relational. For example, scanned images, PDF files, etc., In manufacturing aircraft, different parts have a different number of attributes. Storing the information in the Document database can accommodate for the potential increase in the attributes required. 

What is a Document database?

What is Amazon DocumentDB?

Amazon DocumentDB performance

Best practices for Amazon DocumentDB

Graph database

A graph database is best used to describe relationships between entities. These databases consist of nodes (store data entities) and edges (store relationships between entities). They are mostly used in recommendation engines in e-commerce and social media applications.

What is a Graph database?

Amazon Neptune

Performance and Scaling in Amazon Neptune

Amazon Neptune: A scalable graph database for OLTP

Time-series database

Used for monitoring software/financial/physical systems like equipment & machinery where there is a heavy dependence on time.

Wikipedia: Time series database

Amazon Timestream

Ledger database

Databases that are immutable (you cannot update a customer’s address, just add a new record) & with a cryptographically verifiable log. Used where an accurate description of history is required. For example, GDPR, tracking Credit/debit history in banking transactions.

Do I need a Ledger database? What is it?

Amazon Quantum Ledger Database (QLDB)

Building System of Record Applications with Amazon QLDB

Database caching for high performance

Database Caching in AWS

What is caching and how it works?

AWS caching solutions

Amazon ElastiCache

Boosting database performance with Amazon ElastiCache for Redis

Caching for performance with Amazon DocumentDB & ElastiCache

Supercharge query caching with AWS database services

Database caching strategies using Redis

Build high-performance, Internet-scale applications with AWS Databases

Design Secure Applications and Architectures - 24%

Design Secure Access to AWS Resources

Security Pillar: AWS well-architected framework

AWS security design principles

AWS Identity & Access Management

AWS Identity and Access Management (IAM)

What is IAM?

IAM best practices to live by

10 IAM Design Principles

Security best practices in IAM

Business use cases for IAM

High Availability IAM Design Patterns

Approaches for addressing Identity & Access Management:

a. Secure access credentials

AWS Security Token Service

Generates temporary security credentials that are limited in privileges and in duration. Enables you to provide access to users without creating AWS identities.

Introduction to AWS (STS)

AWS Security Token Service API Reference

Temporary security credentials in IAM

IAM Instance profiles

A way for EC2 instances to access AWS APIs.

Using instance profiles

Create an IAM instance profile for your EC2 instances

Difference between an AWS role and an instance profile

b. Principle of least privileges

Granting least privileges in AWS

Defining least-privileged permissions for actions by AWS services

Remove unnecessary credentials

AWS Organizations

Organize several accounts into groups to create an organizational structure. Apply policies to individual organizational units or the entire organization.

What are AWS Organizations?

Best practices for Organizational Units with AWS Organizations

Design Secure Application Tiers

Select Appropriate Data Security Options

Data Protection in AWS

Data protection

Best practices for securing sensitive data in AWS data stores

How to build a data security strategy in AWS

Data Protection Best Practices for AWS

Best practices for data protection on Amazon S3

Different approaches to consider for Data security in AWS are:

a. Data Classification

Analyzing and organizing data based on criticality and sensitivity so that appropriate data protection controls can be applied. For example, if you store sensitive data in your S3 buckets, then you can classify such objects with the help of object tagging.

Tagging your Amazon EC2 resources

Amazon S3 object tagging

AWS Key Management Service (KMS)

An Introduction to AWS Key Management Service

Using key policies in AWS KMS

AWS Key Management Service Best Practices

b. Encryption/Tokenization

Encryption transforms the sensitive content into a form that is unreadable to the hacker without the secret key (the reverse process is decryption).

Tokenization defines a token to represent a sensitive piece of information.

Protecting data using encryption

A Deep Dive into AWS Encryption Services

Protect data using server-side encryption

Protect data using client-side encryption


What is AWS CloudHSM?

When to use AWS CloudHSM?

Data Protection in AWS CloudHSM

c. Secure data at rest

Encryption of Data at Rest

Securing data at rest with encryption

Protect data at rest with EC2 Instance Store Encryption

Amazon S3

How Amazon S3 uses AWS KMS?

Encrypt your S3 objects with AWS KMS key

Amazon EBS

Amazon EBS encryption

How Amazon EBS uses AWS KMS?

Amazon Glacier:

Data encryption at rest for Amazon Glacier

d. Secure data in transit

How do you protect your data in transit?

Protecting data in transit with encryption

AWS Certificate Manager

ACM overview

Automate encryption in transit with ACM

Continuous encryption in transit with ACM

Elastic Load Balancing supports ACM integration

Encryption in Transit with Amazon CloudFront

e. Backup/replicate/recover your data

Amazon S3

How to backup files to Amazon S3?

Amazon S3 cross-region replication

Script the backup of files to S3

Retrieve an S3 object that was deleted

Restore an S3 object that was archived

Design Cost-optimized Architectures - 18%

Identify Cost-effective Storage Solutions

Identify Cost-effective Compute and Database Services

Design Cost-optimized Network Architectures

This brings us to the end of the AWS Solutions Architect [Associate] (SOA-C02) Exam Preparation Study Guide

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you about how your preparation is going on!

In case you are preparing for other AWS certification exams, check out the AWS study guides for those exams.

Follow/Like to Receive Updates

Want to be notified as soon as I post? Subscribe to RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the Article in Your Social Media Networks

  • 5
  • 2
  • 9

You may also like