How to study and get "AWS Certified Solutions Architect - Associate"

Total views:91,699 / Applauds for blog:2
Welcome to my page. I am an adminisrator of this site.
If you are this db's user, please contact with me by private mail. If not, please contact with me by email or twitter or facebook
Access record[Graph / PV Info.(Past 1 day / Past 1 week) / Access from outside (Yesterday / Past 1 week) / Vistors's list]
Inbox   /Send   /Sent
Reviews(List   /Limit)
Poll   /Agree:Got   /Sent
My Play List
<=Newer article S3: How to set up web server for static files
=>Older article Summary of Singapore life so far

2016/04/07 "AWS > How to study and get "AWS Certified Solutions Architect - Associate""
[Show only this article / Modify / Delete / Send trackback / Add to the shared category]

1. Certificate
  1. AWS Certified Solutions Architect - Associate
2. The way to study
  1. Check the service list and get the basic understanding of each service
3. Key points to be studied
  1. AWS Region
  2. Limitation of the each service
  3. Roles
  4. Deepen the knowledge of Key services for the examination
    1. CloudFormation
        1. Example of template
        2. Limitation
        3. Intrinsic Function
        4. CLI command list
    2. Elastic Beanstalk
        1. Limitation
        2. CLI command list
    3. DynamoDB
        1. Limitation
        2. CLI command list
    4. EC2
        1. Limitation
        2. awscli command list
    5. IAM
        1. Limitation
        2. CLI command list
    6. Route 53
        1. Limitation
        2. CLI command list
    7. RDS
        1. Limitation
        2. CLI command list
    8. S3
        1. Limitation
        2. CLI command list
    9. SNS
        1. Limitation
        2. CLI command list
    10. SQS
        1. Limitation
        2. CLI command list
    11. SWF
        1. Limitation
        2. CLI command list
    12. VPC
        1. Limitation
4. Study resources

1. Certificate

And my certificate

  1. AWS Certified Solutions Architect - Associate

The table below lists the domains measured by this examination and the extent to which they are represented.
Domain% of Examination
1.0 Designing highly available, cost-efficient, fault-tolerant, scalable systems60%
2.0 Implementation/Deployment10%
3.0 Data Security20%
4.0 Troubleshooting10%

2. The way to study

  1. Check the service list and get the basic understanding of each service

Mobile and analysis is the part which I have to study.
Lambda, DynamoDb, s3 and Gracier must be used for its low cost.
3. Key points to be studied

  1. AWS Region
1us-east-1US East (N. Virginia)
2us-west-2US West (Oregon)
3us-west-1US West (N. California)
4eu-west-1EU (Ireland)
5eu-central-1EU (Frankfurt)
6ap-southeast-1Asia Pacific (Singapore)
7ap-northeast-1Asia Pacific (Tokyo)
8ap-southeast-2Asia Pacific (Sydney)
9ap-northeast-2Asia Pacific (Seoul)
10sa-east-1South America (Sao Paulo)

  2. Limitation of the each service
  3. Roles

aws iam list-policies|grep PolicyName|sort
  4. Deepen the knowledge of Key services for the examination

1. Read through the documentation
2. Touch and create an application
    1. CloudFormation
      1. Example of template
      2. Limitation

ResourceDefault Limit

      3. Intrinsic Function
Condition Functions
      4. CLI command list

o cancel-update-stack
o create-stack
o delete-stack
o describe-account-limits
o describe-stack-events
o describe-stack-resource
o describe-stack-resources
o describe-stacks
o get-stack-policy
o get-template
o get-template-summary
o help
o list-stack-resources
o list-stacks
o set-stack-policy
o signal-resource
o update-stack
o validate-template
    2. Elastic Beanstalk
      1. Limitation

ResourceDefault Limit

      2. CLI command list

o abort-environment-update
o check-dns-availability
o create-application
o create-application-version
o create-configuration-template
o create-environment
o create-storage-location
o delete-application
o delete-application-version
o delete-configuration-template
o delete-environment-configuration
o describe-application-versions
o describe-applications
o describe-configuration-options
o describe-configuration-settings
o describe-environment-health
o describe-environment-resources
o describe-environments
o describe-events
o describe-instances-health
o help
o list-available-solution-stacks
o rebuild-environment
o request-environment-info
o restart-app-server
o retrieve-environment-info
o swap-environment-cnames
o terminate-environment
o update-application
o update-application-version
o update-configuration-template
o update-environment
o validate-configuration-settings
    3. DynamoDB
      1. Limitation

ResourceDefault Limit
US East (N. Virginia) Region: Maximum capacity units per table or global secondary index40,000 read capacity units and 40,000 write capacity units
US East (N. Virginia) Region: Maximum capacity units per account80,000 read capacity units and 80,000 write capacity units
All other Regions: Maximum capacity units per table or global secondary index10,000 read capacity units and 10,000 write capacity units
All other Regions: Maximum capacity units per account20,000 read capacity units and 20,000 write capacity units
Maximum number of tables256

      2. CLI command list

o batch-get-item
o batch-write-item
o create-table
o delete-item
o delete-table
o describe-table
o get-item
o help
o list-tables
o put-item
o query
o scan
o update-item
o update-table
o wait
    4. EC2
      1. Limitation

ResourceDefault Limit
Elastic IP addresses for EC2-Classic5
Security groups for EC2-Classic per instance500
Rules per security group for EC2-Classic100
Key pairs5,000
Throttle on the emails that can be sent from your Amazon EC2 accountThrottle applied
Reserved Instances20 instance reservations per Availability Zone, per month
AMI CopiesDestination regions are limited to 50 concurrent AMI copies at a time, with no more than 25 of those coming from a single source region.

Instance TypeOn-Demand LimitReserved LimitSpot Limit
m4.4xlarge1020Dynamic Spot Limit
m4.10xlarge520Dynamic Spot Limit
c4.4xlarge1020Dynamic Spot Limit
c4.8xlarge520Dynamic Spot Limit
cg1.4xlarge220Dynamic Spot Limit
hi1.4xlarge220Dynamic Spot Limit
hs1.8xlarge220Not offered
cr1.8xlarge220Dynamic Spot Limit
g2.2xlarge520Dynamic Spot Limit
g2.8xlarge220Dynamic Spot Limit
r3.4xlarge1020Dynamic Spot Limit
r3.8xlarge520Dynamic Spot Limit
i2.xlarge820Dynamic Spot Limit
i2.2xlarge820Dynamic Spot Limit
i2.4xlarge420Dynamic Spot Limit
i2.8xlarge220Dynamic Spot Limit
d2.4xlarge1020Dynamic Spot Limit
d2.8xlarge520Dynamic Spot Limit
t2.nano2020Not offered
t2.micro2020Not offered
t2.small2020Not offered
t2.medium2020Not offered
t2.large2020Not offered
All Other Instance Types2020Dynamic Spot Limit

      2. awscli command list
o accept-vpc-peering-connection
o allocate-address
o assign-private-ip-addresses
o associate-address
o associate-dhcp-options
o associate-route-table
o attach-classic-link-vpc
o attach-internet-gateway
o attach-network-interface
o attach-volume
o attach-vpn-gateway
o authorize-security-group-egress
o authorize-security-group-ingress
o bundle-instance
o cancel-bundle-task
o cancel-conversion-task
o cancel-export-task
o cancel-import-task
o cancel-reserved-instances-listing
o cancel-spot-fleet-requests
o cancel-spot-instance-requests
o confirm-product-instance
o copy-image
o copy-snapshot
o create-customer-gateway
o create-dhcp-options
o create-flow-logs
o create-image
o create-instance-export-task
o create-internet-gateway
o create-key-pair
o create-network-acl
o create-network-acl-entry
o create-network-interface
o create-placement-group
o create-reserved-instances-listing
o create-route
o create-route-table
o create-security-group
o create-snapshot
o create-spot-datafeed-subscription
o create-subnet
o create-tags
o create-volume
o create-vpc
o create-vpc-endpoint
o create-vpc-peering-connection
o create-vpn-connection
o create-vpn-connection-route
o create-vpn-gateway
o delete-customer-gateway
o delete-dhcp-options
o delete-flow-logs
o delete-internet-gateway
o delete-key-pair
o delete-network-acl
o delete-network-acl-entry
o delete-network-interface
o delete-placement-group
o delete-route
o delete-route-table
o delete-security-group
o delete-snapshot
o delete-spot-datafeed-subscription
o delete-subnet
o delete-tags
o delete-volume
o delete-vpc
o delete-vpc-endpoints
o delete-vpc-peering-connection
o delete-vpn-connection
o delete-vpn-connection-route
o delete-vpn-gateway
o deregister-image
o describe-account-attributes
o describe-addresses
o describe-availability-zones
o describe-bundle-tasks
o describe-classic-link-instances
o describe-conversion-tasks
o describe-customer-gateways
o describe-dhcp-options
o describe-export-tasks
o describe-flow-logs
o describe-image-attribute
o describe-images
o describe-import-image-tasks
o describe-import-snapshot-tasks
o describe-instance-attribute
o describe-instance-status
o describe-instances
o describe-internet-gateways
o describe-key-pairs
o describe-moving-addresses
o describe-network-acls
o describe-network-interface-attribute
o describe-network-interfaces
o describe-placement-groups
o describe-prefix-lists
o describe-regions
o describe-reserved-instances
o describe-reserved-instances-listings
o describe-reserved-instances-modifications
o describe-reserved-instances-offerings
o describe-route-tables
o describe-security-groups
o describe-snapshot-attribute
o describe-snapshots
o describe-spot-datafeed-subscription
o describe-spot-fleet-instances
o describe-spot-fleet-request-history
o describe-spot-fleet-requests
o describe-spot-instance-requests
o describe-spot-price-history
o describe-subnets
o describe-tags
o describe-volume-attribute
o describe-volume-status
o describe-volumes
o describe-vpc-attribute
o describe-vpc-classic-link
o describe-vpc-endpoint-services
o describe-vpc-endpoints
o describe-vpc-peering-connections
o describe-vpcs
o describe-vpn-connections
o describe-vpn-gateways
o detach-classic-link-vpc
o detach-internet-gateway
o detach-network-interface
o detach-volume
o detach-vpn-gateway
o disable-vgw-route-propagation
o disable-vpc-classic-link
o disassociate-address
o disassociate-route-table
o enable-vgw-route-propagation
o enable-volume-io
o enable-vpc-classic-link
o get-console-output
o get-password-data
o help
o import-image
o import-key-pair
o import-snapshot
o modify-image-attribute
o modify-instance-attribute
o modify-network-interface-attribute
o modify-reserved-instances
o modify-snapshot-attribute
o modify-spot-fleet-request
o modify-subnet-attribute
o modify-volume-attribute
o modify-vpc-attribute
o modify-vpc-endpoint
o monitor-instances
o move-address-to-vpc
o purchase-reserved-instances-offering
o reboot-instances
o register-image
o reject-vpc-peering-connection
o release-address
o replace-network-acl-association
o replace-network-acl-entry
o replace-route
o replace-route-table-association
o report-instance-status
o request-spot-fleet
o request-spot-instances
o reset-image-attribute
o reset-instance-attribute
o reset-network-interface-attribute
o reset-snapshot-attribute
o restore-address-to-classic
o revoke-security-group-egress
o revoke-security-group-ingress
o run-instances
o start-instances
o stop-instances
o terminate-instances
o unassign-private-ip-addresses
o unmonitor-instances
o wait
    5. IAM
      1. Limitation

ResourceDefault Limit
Groups per account100
Instance profiles100
Server certificates20

      2. CLI command list
o add-client-id-to-open-id-connect-provider
o add-role-to-instance-profile
o add-user-to-group
o attach-group-policy
o attach-role-policy
o attach-user-policy
o change-password
o create-access-key
o create-account-alias
o create-group
o create-instance-profile
o create-login-profile
o create-open-id-connect-provider
o create-policy
o create-policy-version
o create-role
o create-saml-provider
o create-user
o create-virtual-mfa-device
o deactivate-mfa-device
o delete-access-key
o delete-account-alias
o delete-account-password-policy
o delete-group
o delete-group-policy
o delete-instance-profile
o delete-login-profile
o delete-open-id-connect-provider
o delete-policy
o delete-policy-version
o delete-role
o delete-role-policy
o delete-saml-provider
o delete-server-certificate
o delete-signing-certificate
o delete-ssh-public-key
o delete-user
o delete-user-policy
o delete-virtual-mfa-device
o detach-group-policy
o detach-role-policy
o detach-user-policy
o enable-mfa-device
o generate-credential-report
o get-access-key-last-used
o get-account-authorization-details
o get-account-password-policy
o get-account-summary
o get-context-keys-for-custom-policy
o get-context-keys-for-principal-policy
o get-credential-report
o get-group
o get-group-policy
o get-instance-profile
o get-login-profile
o get-open-id-connect-provider
o get-policy
o get-policy-version
o get-role
o get-role-policy
o get-saml-provider
o get-server-certificate
o get-ssh-public-key
o get-user
o get-user-policy
o help
o list-access-keys
o list-account-aliases
o list-attached-group-policies
o list-attached-role-policies
o list-attached-user-policies
o list-entities-for-policy
o list-group-policies
o list-groups
o list-groups-for-user
o list-instance-profiles
o list-instance-profiles-for-role
o list-mfa-devices
o list-open-id-connect-providers
o list-policies
o list-policy-versions
o list-role-policies
o list-roles
o list-saml-providers
o list-server-certificates
o list-signing-certificates
o list-ssh-public-keys
o list-user-policies
o list-users
o list-virtual-mfa-devices
o put-group-policy
o put-role-policy
o put-user-policy
o remove-client-id-from-open-id-connect-provider
o remove-role-from-instance-profile
o remove-user-from-group
o resync-mfa-device
o set-default-policy-version
o simulate-custom-policy
o simulate-principal-policy
o update-access-key
o update-account-password-policy
o update-assume-role-policy
o update-group
o update-login-profile
o update-open-id-connect-provider-thumbprint
o update-saml-provider
o update-server-certificate
o update-signing-certificate
o update-ssh-public-key
o update-user
o upload-server-certificate
o upload-signing-certificate
o upload-ssh-public-key
o wait
    6. Route 53
      1. Limitation

ResourceDefault Limit
Hosted zones500
Resource record sets per hosted zone10,000
Reusable delegation sets100
Hosted zones that can use the same reusable delegation set100
Amazon VPCs that you can associate with a private hosted zone100
Health checks50
Traffic policies50
Policy records5

      2. CLI command list

o associate-vpc-with-hosted-zone
o change-resource-record-sets
o change-tags-for-resource
o create-health-check
o create-hosted-zone
o create-reusable-delegation-set
o delete-health-check
o delete-hosted-zone
o delete-reusable-delegation-set
o disassociate-vpc-from-hosted-zone
o get-change
o get-checker-ip-ranges
o get-geo-location
o get-health-check
o get-health-check-count
o get-health-check-last-failure-reason
o get-health-check-status
o get-hosted-zone
o get-hosted-zone-count
o get-reusable-delegation-set
o help
o list-geo-locations
o list-health-checks
o list-hosted-zones
o list-hosted-zones-by-name
o list-resource-record-sets
o list-reusable-delegation-sets
o list-tags-for-resource
o list-tags-for-resources
o update-health-check
o update-hosted-zone-comment
o wait
    7. RDS
      1. Limitation

Reserved Instances40
Total storage for all DB instances100 TB
Manual Snapshots50
Parameter Groups50
Security Groups25
VPC Security Groups5
Subnet Groups20
Subnets per Subnet Group20
Option Groups20
Event Subscriptions20
Read Replicas per Master5

      2. CLI command list

o add-option-to-option-group
o add-source-identifier-to-subscription
o add-tags-to-resource
o apply-pending-maintenance-action
o authorize-db-security-group-ingress
o copy-db-cluster-snapshot
o copy-db-parameter-group
o copy-db-snapshot
o copy-option-group
o create-db-cluster
o create-db-cluster-parameter-group
o create-db-cluster-snapshot
o create-db-instance
o create-db-instance-read-replica
o create-db-parameter-group
o create-db-security-group
o create-db-snapshot
o create-db-subnet-group
o create-event-subscription
o create-option-group
o delete-db-cluster
o delete-db-cluster-parameter-group
o delete-db-cluster-snapshot
o delete-db-instance
o delete-db-parameter-group
o delete-db-security-group
o delete-db-snapshot
o delete-db-subnet-group
o delete-event-subscription
o delete-option-group
o describe-account-attributes
o describe-certificates
o describe-db-cluster-parameter-groups
o describe-db-cluster-parameters
o describe-db-cluster-snapshots
o describe-db-clusters
o describe-db-engine-versions
o describe-db-instances
o describe-db-log-files
o describe-db-parameter-groups
o describe-db-parameters
o describe-db-security-groups
o describe-db-snapshots
o describe-db-subnet-groups
o describe-engine-default-cluster-parameters
o describe-engine-default-parameters
o describe-event-categories
o describe-event-subscriptions
o describe-events
o describe-option-group-options
o describe-option-groups
o describe-orderable-db-instance-options
o describe-pending-maintenance-actions
o describe-reserved-db-instances
o describe-reserved-db-instances-offerings
o download-db-log-file-portion
o failover-db-cluster
o help
o list-tags-for-resource
o modify-db-cluster
o modify-db-cluster-parameter-group
o modify-db-instance
o modify-db-parameter-group
o modify-db-subnet-group
o modify-event-subscription
o promote-read-replica
o purchase-reserved-db-instances-offering
o reboot-db-instance
o remove-option-from-option-group
o remove-source-identifier-from-subscription
o remove-tags-from-resource
o reset-db-cluster-parameter-group
o reset-db-parameter-group
o restore-db-cluster-from-snapshot
o restore-db-cluster-to-point-in-time
o restore-db-instance-from-db-snapshot
o restore-db-instance-to-point-in-time
o revoke-db-security-group-ingress
o wait
    8. S3
      1. Limitation

Buckets100 per account

      2. CLI command list

o cp
o ls
o mb
o mv
o rb
o rm
o sync
o website
    9. SNS
      1. Limitation

Topics per AWS account100,000

      2. CLI command list

o add-permission
o confirm-subscription
o create-platform-application
o create-platform-endpoint
o create-topic
o delete-endpoint
o delete-platform-application
o delete-topic
o get-endpoint-attributes
o get-platform-application-attributes
o get-subscription-attributes
o get-topic-attributes
o help
o list-endpoints-by-platform-application
o list-platform-applications
o list-subscriptions
o list-subscriptions-by-topic
o list-topics
o publish
o remove-permission
o set-endpoint-attributes
o set-platform-application-attributes
o set-subscription-attributes
o set-topic-attributes
o subscribe
o unsubscribe
    10. SQS
      1. Limitation

Size limitationSet from 1KB to256KB

      2. CLI command list

o add-permission
o change-message-visibility
o change-message-visibility-batch
o create-queue
o delete-message
o delete-message-batch
o delete-queue
o get-queue-attributes
o get-queue-url
o help
o list-dead-letter-source-queues
o list-queues
o purge-queue
o receive-message
o remove-permission
o send-message
o send-message-batch
o set-queue-attributes
    11. SWF
      1. Limitation

ResourceDefault Limit

      2. CLI command list

o count-closed-workflow-executions
o count-open-workflow-executions
o count-pending-activity-tasks
o count-pending-decision-tasks
o deprecate-activity-type
o deprecate-domain
o deprecate-workflow-type
o describe-activity-type
o describe-domain
o describe-workflow-execution
o describe-workflow-type
o get-workflow-execution-history
o help
o list-activity-types
o list-closed-workflow-executions
o list-domains
o list-open-workflow-executions
o list-workflow-types
o poll-for-activity-task
o poll-for-decision-task
o record-activity-task-heartbeat
o register-activity-type
o register-domain
o register-workflow-type
o request-cancel-workflow-execution
o respond-activity-task-canceled
o respond-activity-task-completed
o respond-activity-task-failed
o respond-decision-task-completed
o signal-workflow-execution
o start-workflow-execution
o terminate-workflow-execution
    12. VPC
      1. Limitation

ResourceDefault limit Comments
VPCs per region5
Subnets per VPC200
Internet gateways per region5
Virtual private gateways per region5
Cstomer gateways per region50
VPN connections per region50
VPN connections per VPC (per virtual private gateway)10
Route tables per VPC200
Routes per route table (non-propagated routes)50
BGP advertised routes per route table (propagated routes)100
Elastic IP addresses per region for each AWS account5
Security groups per VPC500
Inbound or outbound rules per security group50
Security groups per network interface5
Network interfaces per region350
Network ACLs per VPC200
Rules per network ACL20
Active VPC peering connections per VPC50
Outstanding VPC peering connection requests25
Expiry time for an unaccepted VPC peering connection request1 week
VPC endpoints per region20
Flow logs per single network interface, single subnet, or single VPC in a region2

4. Study resources

Add comment to this article

[Read other articles]
<=Newer article S3: How to set up web server for static files
=>Older article Summary of Singapore life so far

Articles categorized as "AWS by this user"
All articles of this user
Subscribe to RSS
2.Atlassian's products
4.Development of this site
5.Japanese comics
6.Japanese anime
7.Weekly hot news of Japanese culture
9.Japanese game
11.Japanese Comics (Manga)
12.Search Engine
13.Japanese drama
14.Japanese otaku culture
16.Ineternet world
20.Apache programming
34.Mysql Cluster
38.Good and new
50.Life hack
54.Digital Life Hack
55.Project management
Sayings from S-Cry-Ed

Rule in this world is speed. Even stupid person can write cool novel if he can spend 20 years for it.

If someone helped me, I will help him in return, which is my rule.

To become stronger, consider what is cowardliest thinking. And rebel against the thinking, which will make you stronger.

I am Japanese but working for some English sites.

Doctor Job Career
Nurse Job Career