The AWS Certified Solutions Architect Associate exam is intended for individuals who perform a Solutions Architect role. This exam validates an examinee’s ability to:

Identify and gather requirements in order to define a solution to be built using architecture best practices.
Provide guidance on architectural best practices to developers and system administrators throughout the lifecycle of the project.

AWS Cloud Computing Whitepapers (

AWS Solutions Architect – Associate Exam Contents

Domain 1.0: Designing highly available, cost-efficient, fault-tolerant, scalable systems

  • Identify and recognize cloud architecture considerations, such as fundamental components and effective designs.
    Content may include the following:

    • How to design cloud services
    • Planning and design
    • Monitoring and logging
    • Familiarity with:
      • Best practices for AWS architecture
      • EC2 Best Practices
      • S3 Best Practices
      • RDS Best Practices
      • IAM Best Practices
    • Developing to client specifications, including pricing/cost (e.g., on Demand vs. Reserved vs. Spot; RTO and RPO DR Design)
    • Architectural trade-off decisions (e.g., high availability vs. cost, Amazon Relational Database Service (RDS) vs. installing your own database on Amazon Elastic Compute Cloud (EC2))
    • Hybrid IT architectures (e.g., Direct Connect, Storage Gateway, VPC, Directory Services)
    • Elasticity and scalability (e.g., Auto Scaling, SQS, ELB, CloudFront)

Domain 2.0: Implementation/Deployment

  • Identify the appropriate techniques and methods using Amazon EC2, Amazon S3, AWS Elastic Beanstalk, AWS CloudFormation, AWS OpsWorks, Amazon Virtual Private Cloud (VPC), and AWS Identity and Access Management (IAM) to code and implement a cloud solution.
    Content may include the following:

    • Configure an Amazon Machine Image (AMI)
    • Operate and extend service management in a hybrid IT architecture
    • Configure services to support compliance requirements in the cloud
    • Launch instances across the AWS global infrastructure
    • Configure IAM policies and best practices

Domain 3.0: Data Security

  • Recognize and implement secure practices for optimum cloud deployment and maintenance.
    Content may include the following:

    • AWS shared responsibility model
    • AWS platform compliance
    • AWS security attributes (customer workloads down to physical layer)
    • AWS administration and security services
    • AWS Identity and Access Management (IAM)
    • Amazon Virtual Private Cloud (VPC)
    • AWS CloudTrail
    • Ingress vs. egress filtering, and which AWS services and features fit
    • “Core” Amazon EC2 and S3 security feature sets
    • Incorporating common conventional security products (Firewall, VPN)
    • Design patterns
    • DoS mitigation
    • Encryption solutions (e.g., key services)
    • Complex access controls (building sophisticated security groups, ACLs, etc.)
    • Amazon CloudWatch for the security architect
    • Trusted Advisor
    • CloudWatch Logs
  • Recognize critical disaster recovery techniques and their implementation.
    • Content may include the following:
    • Disaster recovery
      • Recovery time objective
      • Recovery point objective
      • Amazon Elastic Block Store
    • AWS Import/Export
    • AWS Storage Gateway
    • Amazon Route53
    • Validation of data recovery method

Domain 4.0: Troubleshooting

  • Content may include the following:
    • General troubleshooting information and questions

Refer to the AWS Solution Architect – Associate Exam Blue Print


Phuc Dang
DevOps Lead at Rainmaker-Labs
AWS Certified Solutions Architect – Associate
AWS Certified SysOps Administrator – Associate


Please enter your comment!
Please enter your name here