Preparing for the AWS Solutions Architect Professional (SAP-C01) exam? Don’t know where to start? This post is the AWS Solutions Architect Professional Certificate Study Guide (with links to each objective in the exam domain).
I have curated a detailed list of articles from AWS documentation and other blogs for each objective of the AWS Certified Solutions Architect Professional (SAP-C01) exam. Please share the post within your circles so it helps them to prepare for the exam.
AWS Solutions Architect Professional [SAP-C01]
| LinkedIn Learning (Free trial) | AWS Solutions Architect Prof. [SAP-C01] |
| Whizlabs | Certified Solutions Architect Professional Exam |
| Pluralsight | AWS Solutions Architect Professional Exam |
| Udemy | Amazon Solutions Architect Professional |
AWS Solutions Architect Prof. Practice Test
| Whizlabs Exam Questions | AWS Architect Prof. [400 questions & 10 labs] |
| Udemy Practice Test | Solutions Architect Professional (300+ Qs) |
Solutions Architect Professional Other Stuff
| Udacity [Nanodegree] | Become an Amazon Cloud Architect (AWS) |
| Amazon e-book (PDF) | AWS Architect Professional (Complete Guide) |
To view other AWS certificate study guides, click here.
Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.
Domain 1: Design for Organizational Complexity – 12.5%
1.1 Determine Cross-account Authentication and Access Strategy for Complex Organizations
Analyze the organizational structure
AWS organization and account structure
Best practices for Organizational Units with AWS Organizations
Evaluate the current authentication infrastructure
Unified authentication & authorization mechanisms
Authentication and access control
Analyze the AWS resources at an account level
AWS account management & separation
Managing AWS accounts in your organization
Determine an auditing strategy for authentication and access
Identity & access management for AWS Audit Manager
1.2 Determine How to Design Networks for Complex Organizations
Outline an IP addressing strategy for VPCs
VPC with public and private subnets
Determine DNS strategy
Simplify DNS management in a multi-account environment
Centralized DNS management of hybrid cloud
Choose the right DNS architecture for VMware cloud
Classify network traffic and security
Determine connectivity needs for hybrid environments
Hybrid connectivity whitepaper
Determine a way to audit network traffic
Monitor VPC Flow Logs for abnormal traffic patterns
1.3 Determine How to Design a Multi-account AWS Environment for Complex Organizations
Determine how to use AWS Organizations
Implementing AWS Organizations
Implement the most appropriate account structure for proper cost allocation, agility, and security
AWS account structure considerations
Multi-account_billing_strategy
AWS_multi-account_security_strategy
Recommend a central audit and event notification strategy
Configure event notifications using the S3 console
Decide on an access strategy
Strategies for managing access to AWS resources
Best practices for managing AWS access keys
Domain 2: Design for New Solutions – 31%
2.1 Determine Security Requirements and Controls When Designing and Implementing a Solution
Implement infrastructure as code
How to use infrastructure as code for automated environments?
Determine prevention controls for large-scale web applications
Reduce unwanted traffic on your website with WAF bot control
Protect your web applications using AWS Managed rules
Determine roles and responsibilities of applications
Use an IAM role to grant permissions to apps running on EC2 instances
Determine a secure method to manage credentials for the solutions/applications
Distribute, and rotate credentials securely
Store application credentials securely
Manage credentials in mobile applications
Enable detection controls and security services for large-scale applications
How do you detect & investigate security events?
Enforce host and network security boundaries
Enforce your AWS Network Firewall protections at scale
Enable encryption in transit and at rest
Protect data at rest with EC2 instance store encryption
Encrypt Amazon DocumentDB data at rest
2.2 Determine a Solution Design and Implementation Strategy to Meet Reliability Requirements
Design a highly available application environment
Design a highly available app on AWS
Deploy a high-availability PHP application
Determine advanced techniques to detect for failure and service recoverability
Troubleshoot instances with failed status checks
Troubleshoot an instance status check failure on an unreachable EC2 instance
Determine processes and components to monitor and recover from regional service disruptions with regional failover
Implement multi-region disaster recovery with event-driven architecture
Large-scale disaster recovery with AWS regions
Cross-region DNS-based failover
2.3 Determine a Solution Design to Ensure Business Continuity
Architect an automated, cost-effective backup solution that supports business continuity across multiple AWS Regions
Design a backup & recovery solution
Implement a backup solution with AWS Storage Gateway
Automate centralized backup at scale across AWS services
Determine an architecture that provides application and infrastructure availability in the event of a service disruption
Prepare for an AWS outage with these preventative steps
High availability & scalability on AWS
Amazon’s approach to high-availability deployment
2.4 Determine a Solution Design to Meet Performance Objectives
Design internet-scale application architectures
Build high-performance, internet-scale apps with AWS database
How to build a scalable application up to 1 Million users on AWS?
Design an architecture for performance according to business objectives
Performance architecture selection
Optimize AWS architecture for performance efficiency
Apply design patterns to meet business objectives with caches, buffering, and replicas
Beyond caching: Advanced design patterns in Redis
Deep dive into ElastiCache architecture & design patterns
Design patterns for optimizing cost in S3
2.5 Determine a Deployment Strategy to Meet Business Requirements When Designing and Implementing a Solution
Determine resource provisioning strategy to meet business objectives
Resource provisioning using AWS services
Resource provisioning strategy for workflows in the cloud
AWS resource provisioning with attribute-based access control
Determine a migration process to change the version of a service
Upgrading OpenSearch & Elasticsearch
Upgrade an EC2 Windows instance to a newer version
Determine services to meet deployment strategy
Determine patch management strategy
Software patching with AWS Systems Manager
![AWS Certified Solutions Architect Professional [SAP-C01] certificate exam](http://ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&MarketPlace=US&ASIN=B08P3N3BX5&ServiceVersion=20070822&ID=AsinImage&WS=1&Format=_SL250_&tag=ravikirans-20)
Amazon link (affiliate)
Domain 3: Migration Planning – 15%
3.1 Select Existing Workloads and Processes for Potential Migration to the Cloud
Complete an application migration assessment
Evaluating migration readiness
Classify applications according to the six Rs (re-host, re-platform, re-purchase, refactor, retire, and retain)
The 6 R’s: 6 application migration strategies
6 strategies for migrating apps to the cloud
3.2 Select Migration Tools and/Or Services for New and Migrated Solutions Based on Detailed AWS Knowledge
Select an appropriate database transfer mechanism
Best practices for AWS database migration service
AWS Database Migration Service
Select an appropriate data transfer service
Migrating data to AWS: Understand your options
Transfer files from on-premises to AWS without leaving your VPC
Introduction to new AWS services for data transfer
Select an appropriate data transfer target
Select an appropriate server migration mechanism
Migrate Azure VM to AWS using AWS Server Migration Service
Migrate your Virtual Machines to AWS
Apply the appropriate security methods to the migration tools
Improve security as part of data center migrations
3.3 Determine a New Cloud Architecture for an Existing Solution
Evaluate business applications and determine the target cloud architecture
Evaluate modernization readiness for apps in AWS
Evaluate your applications | AWS prescriptive guidance
Target architecture | AWS prescriptive guidance
Break down the functionality of applications into services
Determine target database platforms
3.4 Determine a Strategy for Migrating Existing on-premises Workloads to the Cloud
Determine the desired prioritization strategy of the organization
Prioritization | AWS prescriptive guidance
Prioritize a large-scale move to an open-source database
Analyze data volume and rate of change to determine a data transfer strategy
Lift & shift to speed up your migration to AWS
Evaluate cutover strategies
Cutover | AWS prescriptive guidance
The cutover: Moving your traffic to the cloud
Assess internal and external compliance requirements for a successful migration
Compliance validation for AWS Server Migration Service
Compliance validation for Application Migration Service
Domain 4: Cost Control – 12.5%
4.1 Select a Cost-effective Pricing Model for a Solution
Purchase resources based on usage requirements
What are AWS Cost and Usage reports?
Identify when to use different storage tiers
Using Amazon S3 storage classes
S3 intelligent-tiering adds archive access tiers
4.2 Determine Which Controls to Design and Implement That Will Ensure Cost Optimization
Determine an AWS-generated cost allocation tags strategy that allows mapping costs to business units
AWS-generated cost allocation tags
Organize your cost and usage data with AWS Cost Categories
Manage your costs with AWS Cost Categories
Determine a mechanism to monitor when underutilized resources are present
Launch resource optimization recommendations
Identifying underutilized EC2 instances
Determine a way to manage commonly deployed resources to achieve governance
Management and governance on AWS
Governance in the cloud: The right balance between agility & safety
Define a way to plan costs that do not exceed the budget amount
Managing your costs with AWS Budgets
How to manage cost overruns in your AWS environment?
4.3 Identify Opportunities to Reduce Cost in an Existing Architecture
Distinguish opportunities to use AWS Managed Services
Introducing AWS Managed Services
How AWS Managed Services can benefit my business?
Determine which services are most cost-effective in meeting business objectives
Optimizing your costs for AWS services
Optimize and save your IT costs
Domain 5: Continuous Improvement For Existing Solutions – 29%
5.1 Troubleshoot Solution Architectures
Assess an existing application architecture for deficiencies
Cloud security architecture assessment for AWS
Analyze application and infrastructure logs
What are Amazon CloudWatch Logs?
Analyzing log data with CloudWatch Logs Insights
Test possible solutions in a non-production environment
Test environments in AWS Device Farm
Create a dev/test environment on AWS
5.2 Determine a Strategy to Improve an Existing Solution for Operational Excellence
Determine the most appropriate logging and monitoring strategy
Building a monitoring strategy
Logging & monitoring strategy guide
Recommend the appropriate AWS offering(s) to enable configuration management automation
Configuration Management automation using AWS Systems Manager
Other articles related to Operational Excellence
Operational excellence pillar whitepaper
What’s new in the Well-Architected Operational Excellence Pillar?
Towards Operational Excellence
Gaining Operational Excellence within AWS
Operational Excellence: Learn, Share, & Improve
5.3 Determine a Strategy to Improve the Reliability of an Existing Solution
Evaluate existing architecture to determine areas that are not sufficiently reliable
Reliability pillar | AWS well-architected framework
Remediate single points of failure
Remove single points of failure
Eliminating single points of failures on AWS
Enable data replication, self-healing, and elastic features and services
Configure Amazon S3 replication
Build self-healing Infrastructure-as-Code
Use auto-healing to replace failed instances
Test the reliability of the new solution
Reliability | AWS well-architected framework
5.4 Determine a Strategy to Improve the Performance of an Existing Solution
Reconcile current performance metrics against performance targets
Monitoring performance with CloudWatch dashboard
Identify and examine performance bottlenecks
Troubleshoot performance bottlenecks within EC2 instances
Investigate performance issues with CodeGuru Profiler
Recommend and test potential remediation solutions
Test the automated remediation
5.5 Determine a Strategy to Improve the Security of an Existing Solution
Evaluate AWS Secrets Manager strategy
Track changes to secrets stored in AWS Secrets Manager
Secrets Manager best practices
Monitor Secrets Manager secrets using AWS Config
Audit the environment for security vulnerabilities
Vulnerability reporting in Amazon Web Services
Biggest AWS Security vulnerabilities
Enable manual and/or automated responses to the detection of vulnerabilities
Resolve code vulnerabilities in CI/CD pipeline
5.6 Determine How to Improve the Deployment of an Existing Solution
Evaluate appropriate tooling to enable infrastructure as code
Evaluate current deployment processes for improvement opportunities
Build end-to-end CD/CD pipelines in AWS
Test automated deployment and rollback strategies
Roll back a deployment with CodeDeploy
This brings us to the end of the AWS Solutions Architect Professional (SAP-C01) Exam Preparation Study Guide
What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you about how your preparation is going on!
In case you are looking for other AWS certificate exams study guides, check out this page
Get Updates on AWS Professional Exam
Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.
