Hey guys! 🎉

I’m super excited to share that I recently passed the AWS Solution Architect Associate certification! In this document, I’ve put together a list of key AWS topics that you must learn and understand to ace the exam.

This isn’t a full blog post—just a quick and handy reference guide to help you focus on the most important topics. Note: This list highlights essential exam concepts, but I highly recommend using it alongside other study materials for a well-rounded understanding.

I’ve also made a video where I share my exam experience, study tips, and insights to help you prepare better. If you’re interested, check it out here: https://youtu.be/HyYjveYPC3o

1️⃣ EC2 (Elastic Compute Cloud)

  • EC2 Instance: Virtual servers in AWS for running applications.
  • Types of EC2 Instances: General Purpose (T, M), Compute Optimized (C), Memory Optimized (R, X), Storage Optimized (I, D, H), GPU-based (P, G, F).
  • Pricing Options: On-Demand (pay as you go), Reserved (1-3 years), Spot (cheapest, but interruptible), Savings Plans, Dedicated Hosts.
  • Cost-Effective Solutions: Choose instance types based on workload, use Spot and Reserved instances, enable auto-scaling.
  • Snapshots (EBS Snapshots): A point-in-time backup of an Amazon EBS volume.
  • AMI (Amazon Machine Image): A pre-configured template for launching EC2 instances.

2️⃣ S3 Storage

  • Types of S3 Storage: Standard, Intelligent-Tiering, Standard-IA, One Zone-IA, Glacier, Glacier Deep Archive.
  • S3 Replication: Copies data across buckets for redundancy and availability.
  • Cross-Region Replication (CRR): Replicates data across different AWS regions.
  • Same-Region Replication (SRR): Replicates data within the same AWS region.
  • Object Versioning: Keeps multiple versions of an object to protect against accidental deletion.
  • S3 Lifecycle: Automatically moves data between storage classes based on age.
  • Presigned URLs (S3): Provides temporary access to private S3 objects without making them public.
  • S3 Glacier storage options:
    • S3 Glacier Instant Retrieval
    • S3 Glacier Flexible Retrieval
    • S3 Glacier Deep Archive

3️⃣ AWS Storage Services

  • EBS (Elastic Block Store): Persistent storage for EC2, used for databases and applications.
  • Types of EBS Volumes: General Purpose SSD (gp2, gp3), Provisioned IOPS SSD (io1, io2), Throughput Optimized HDD (st1), Cold HDD (sc1).
  • IOPS and Throughput: IOPS (speed of small transactions), throughput (speed of large data transfers).
  • Instance Store: Temporary storage directly attached to EC2 instances.
  • EFS (Elastic File System): Managed file storage for multiple EC2 instances.
  • FSx: Managed file system for Windows and Lustre workloads.
  • When to Use Each Storage Service:
    • EBS – Persistent storage for EC2.
    • EFS – Shared storage for multiple instances.
    • FSx – Windows file system and high-performance workloads.
    • Instance Store – Temporary storage for fast processing.

4️⃣ Networking & VPC

  • VPC (Virtual Private Cloud): Isolated network within AWS for launching resources.
  • Subnets: Divide VPC into public and private sections.
  • Five Reserved IP Addresses: AWS reserves the first 5 IPs in each subnet for internal purposes.
  • Security Groups: Firewall for instances (stateful, allows specific traffic).
  • NACLs (Network ACLs): Firewall for subnets (stateless, controls inbound/outbound rules).
  • Internet Gateway: Connects VPC to the internet for public-facing instances.
  • NAT Gateway: Allows private instances to access the internet without being exposed.
  • Route Table: Defines how network traffic is directed within a VPC.
  • VPC Flow Logs: Captures network traffic metadata for monitoring and troubleshooting.

5️⃣ IAM & Security

  • IAM Roles, Groups, and Users: Roles (assigned to AWS services), Groups (user collections), Users (individual accounts).
  • Identity Policy: Defines permissions for IAM users, roles, and groups.
  • Resource Policy: Defines permissions at the resource level (e.g., S3 bucket policy).
  • SCP (Service Control Policies): Controls permissions at the organization level.
  • AWS Organizations: Manages multiple AWS accounts under a single management account.
  • KMS (Key Management Service): Encrypts data using AWS-managed or customer-managed keys.
  • Secrets Manager: Securely stores and manages secrets like passwords and API keys.
  • Systems Manager & Parameter Store: Stores configuration data securely.
  • AWS WAF: Protects applications from web attacks.
  • AWS Shield: DDoS protection for AWS resources.
  • AWS Inspector: Automated security assessment for vulnerabilities.
  • Amazon GuardDuty: Threat detection using AI and logs.
  • Amazon Macie: Uses ML to detect sensitive data exposure.
  • AWS Certificate Manager(ACM): Manages SSL/TLS certificates for AWS services.
  • Inline Policy: Directly attached to a user, group, or role.
  • Policy Restrictions: Least privilege principle to restrict unnecessary access.
  • Types of Encryption:
    • At-rest (EBS, S3, RDS encryption).
    • In-transit (SSL/TLS).
    • Client-side (before sending data to AWS).

6️⃣ Containers

  • ECS (Elastic Container Service): Managed container orchestration for Docker containers.
  • EKS (Elastic Kubernetes Service): Fully managed Kubernetes service for containerized applications.

7️⃣ Monitoring & Logging

  • CloudWatch: Monitors AWS resources and applications.
  • CloudTrail: Tracks API activity and user actions.
  • AWS Config: Tracks AWS resource configurations and compliance.

8️⃣ Global Services

  • Route 53: AWS-managed DNS service.
  • CloudFront: Content delivery network (CDN) for fast content distribution.
  • Global Accelerator: Improves global application availability and performance.

9️⃣ Databases

  • RDS (Relational Database Service): Managed relational databases (MySQL, PostgreSQL, SQL Server, etc.).
  • DynamoDB: NoSQL database with key-value and document storage.
  • Aurora: High-performance relational database compatible with MySQL and PostgreSQL.
  • Read Replica: Improves read performance by replicating databases.
  • ElastiCache: In-memory caching for faster database performance.
  • Redshift: Managed data warehouse for analytics.
  • DocumentDB: Managed NoSQL database compatible with MongoDB.
  • Neptune: Managed graph database for relationships and networks.

🔟 Storage Gateway

  • Tape Gateway: Virtual tape storage for backup solutions.
  • Amazon S3 File Gateway: Stores files as objects in S3.
  • Amazon FSx File Gateway: Extends FSx file systems to on-premises environments.
  • Volume Gateway: Hybrid cloud storage for block-based applications.

1️⃣1️⃣ Load Balancing & Disaster Recovery

  • ELB (Elastic Load Balancer): Distributes traffic across instances.
  • Types of ELB:
    • Application Load Balancer (ALB) – Layer 7, routes based on URL.
    • Network Load Balancer (NLB) – Layer 4, low-latency performance.
    • AWS Gateway Load Balancer (GWLB): Distributes traffic across third-party virtual appliances (e.g., firewalls, IDS/IPS).
    • Classic Load Balancer (CLB) – Older, Layer 4/7 balancing.
  • Auto Scaling Group (ASG): Automatically scales EC2 instances based on demand.
  • ASG Policies: Target tracking, step scaling, scheduled scaling.
  • Disaster Recovery Strategies:
    • Backup & Restore
    • Pilot Light
    • Warm Standby
    • Multi-Site
  • AWS Backup Service: Centralized backup management for AWS resources.
  • AWS Snow Family: Physical devices for data transfer (Snowcone, Snowball, Snowmobile).

1️⃣2️⃣ Placement Groups for Amazon EC2

A placement group is a logical grouping of EC2 instances that influence how instances are placed on underlying hardware to optimize performance, fault tolerance, or availability.

Types of Placement Strategies:

  • Cluster – Low-latency, high-bandwidth networking for HPC workloads.
  • Partition – Isolates instance groups across partitions for fault tolerance in distributed systems.
  • Spread – Distributes instances across different hardware to reduce failure impact.

I'm also digitizing my notes since I originally wrote them in a physical notebook. If you're interested in getting a copy, feel free to reach out to me on LinkedIn, and I'll share them with you once I’ve compiled everything! 😊

Happy studying, and best of luck with your AWS journey! 🚀💡