AWS Professional Certification Guide

Following on from the earlier post covering my experiences taking the AWS associate level certifications, this post covers preparing for and taking the AWS Professional level certifications.

Given that I started studying for these certifications coming up to the Christmas break and there were no suitable exam slots until late January, I decided to study for both the SA and DevOps pro, before sitting either exam. I found it to be a good decision given that there is a good amount of content overlap and I felt more confident going in to the first pro-level exam. The task was daunting – 6 weeks to preparation time for both exams and towards the end, I felt that pace was pushing too hard (if repeated I would have give myself at least 6 weeks per exam). Overall preparation time is relative to the amount of previous experience you have in the subject area and the amount of time you can invest in a given period. I managed an intense amount of study per day which was made easier by a combination of public holidays and planned time off from my day job.

It is a huge relief to be successfully on the better side of the pro-level certifications, something that was far from certain going in to the process. My preparation focused on the same techniques as during the associate level . Firstly, video training from Linux Academy and, secondly, AWS documentation (some of the industry’s best documentation) and finally (most importantly) hands on practice with AWS (lots of this at the pro-level along with some real world experience if possible).

AWS Solution Architect – Professional

As mentioned before, I feel the SA certification has the most wide ranging content which makes for the most daunting preparation. That being said, I didn’t find it the most difficult of the two. Linux Academy is the most comprehensive video training and offers a high standard of content backed by labs and additional tailored documentation, which made preparation that much easier than it would have been otherwise. I also took the course, which is great at focusing on the exam specifics (take both courses if possible).

One of the key things to be aware of when it comes to the exam is the time available, it’s tight! There are approx. 80 questions (I had 77) which have to be completed in 2 hours 50 minutes (170 minutes). The questions are wordy and have multiple theoretically correct answers, the key is to look for what the question is looking for in terms of technologies used and best practices. Reading the questions and deciding on the right answer took me a surprisingly long time. Rather than trying to keep an eye on the number of questions answered vs. amount of time remaining, I set myself a 2 minute rule for each question  and for the questions that took too longer – I gave my first/best guess.

My thoughts on preparing for and taking the exam:

  • Pay particular attention to ElasticBeanstalk and OpsWorks. When do they work together? What are the different deployment types? How do you deploy and rollback? What languages are supported?
  • Get familiar with EC2 instance types. There are a lot of EC2 design related questions and knowing which instance to use in which scenario is essential.
  • Understand connectivity, how each type is setup, how it works, routing, propagation (VPNs, VPCs, VPC Peering, DirectConnect)
  • Understand how to optimise EC2 storage performance, when different instance types are beneficial and how to optimise EBS performance.
  • Do you know when to use different caching engines? When would you choose Memcache and when might you prefer Redis?
  • How do you loose couple services? Do you know how, when, and why to use SQS and SNS? Do you know the limitations and when it is not appropriate to use one or the other of these services?
  • Understand when and how to use AssumeRole,  AssumeRoleWithSAML and AssumeRoleWithWebIdentity.
  • Make sure you understand consolidated billing, how to set it up and what it offers. I got a few easy points questions on this topic.
  • All of the training material, documentation and hands on practice is important and this list isn’t an overall guide to the exam but some pointers that would have been useful to know prior to taking my exam.
  • I found the official practice test for the SA pro exam to be highly misleading, poorly worded and generally I felt that it did me more harm than good when preparing for this certification. AWS really need to get the practice test updated. I recommend using the tests provided by Linux Academy.

AWS DevOps Engineer – Professional

The DevOps experience was the most varied for me. I found studying for the exam to be one of the most enjoyable experiences and learned a lot about OpsWorks, CloudWatch, AutoScaling (lifecycle hooks, self healing) and the various APIs however, the exam was by far the toughest of all. Contrary to some of the articles/blogs that I’d read before sitting the exam, I found it was by far the most challenging on time. I had exactly 80 questions to cover in 2 hours 50 minutes. The questions felt as wordy as the SA pro exam and took me longer to answer – often exceeding my 2 minute rule. The situation got so bad by question 35 that I had to skim read and answer the next 5/6 questions to catch up on time. Definitely be weary of time with the DevOps exam!

In terms of my preparation, both Linux Academy and were equally valuable. The key for me, even more so than in all of the certifications, was the AWS documentation and hands on practice – it was a huge help to develop my understanding.  I recommend researching the topics in depth, I naturally found myself doing this more than in the other certifications because I felt weaker on some of the subject areas and really wanted to familiarise myself with the CLI, API and SDK’s.

My thoughts on preparing for and taking the exam:

  • CloudFormation is one of the main topics in this exam. Understand template structure, intrinsic functions, WaitConditions, Helper Scripts, Stack, Update and Deletion Policies – I strongly recommend hands on familiarity along with theory.
  • OpsWorks and ElasticBeanstalk are also covered in detail. Understand OpsWorks auto healing, stacks, layers, lifecycle events, instances, and EB ebextensions, use cases, SDKs, supported languages.
  • As in the SysOps certification, DevOps builds on CloudWatch so learn about metrics, logging and monitoring.
  • AutoScaling is also covered at an advanced level. Learn about lifecycle hooks, termination policies and API, CLI and SDK calls etc.
  • Deployment strategies. Blue/Green or A/B, All at once, Immutable, Rolling.
  • The official practice exam for the DevOps pro exam is much better than the SA pro and is relevant for exam prep.
  • In summary, study the theory but there is serious benefit in putting this in to action with hands on practice.


The AWS Professional level certifications are a big step up from the associate level certifications and do an excellent job of testing true understanding and hands on abilities. The time aspect is one of the most challenging aspects of both exams but particularly the DevOps exam. If choosing to the take the practice exams be weary of the SA pro exam but I do recommend the DevOps pro practice exam. The practice exams from Linux Academy are by far the best that I found during my pro-level studies.

Final thoughts:

  • Always read the exam blueprint and AWS exam guidance. This is easy to over look but provides great context, detail on expectations and generally gets you in to the mindset of what AWS are assessing with the certification exams.
  • Learn to read fast! What I mean here is concentrate on exam strategy and timing, when taking the Linux Academy practice exam, allow yourself no longer than 2 minutes per question and prepare yourself for the 2 hour 50 minutes of heavy read, consider and answer type scenario of the exam.
  • Practice and practice some more. At the associate level, you could get through with theory but I strongly believe that is not the case with at the professional level.

In addition to reading my blog, read blogs by Adrian Cantrill, Nick Triantafillou and Stephen Wilding (all linked here and below) which I found were a huge help during my preparation.

If you feel that I can help your studies in any way – get in touch! Good luck!



Official Exam Links

** Unlike with the associate certs, I won’t link specific documentation here as there is a huge amount of content and particular focus areas will depend on your current level skills and experience **

AWS Associate Level Certification Guide

I’m happy to report that I now hold all three AWS associate level certifications and have written up my experiences to help you on your AWS certification journey. This guide covers the exam topics, resources used to prepare and my experience on exam day. 

I began my certification journey taking an instructor led and remotely delivered (Webex) version of the official Architecting on AWS course, which is designed to prepare students for the AWS Solution Architect – Associate certification exam. The course was ran by QA and served as a great introduction to AWS certification. On reflection, the course contained all of the content and labs required to pass the exam however, wanting to be extra prepared for the first exam, I purchased’s all five certification bundle.

The three associate certifications provide a solid base and I found preparing for exams was manageable. I allowed up to two weeks to prepare for each and used a combination of, hands on practice with AWS using a free tier account and time spent reading the AWS documentation – particularly for topics that require more depth understanding.

AWS Solutions Architect – Associate 

The instructor led training gave me a good foundation, which gave me the confidence to book the exam immediately after taking the course – giving myself another week to review the content. I spent a lot of the time time running through the basics hands on – creating VPC’s, EC2 instances, Security Groups, NAT gateways, ACLs etc. using both the GUI and CLI.

I feel that the Solution Architect certification has the most wide ranging content, which made it the most daunting to prepare for (not helped by it being my first experience of AWS certification!) 

My thoughts and guidance after taking the exam:

  • Pay particular attention to VPC, IAM, Route 53 and S3
  • By all means, don’t miss any topics on the exam guide but I got the highest number of questions on the areas mentioned. Particularly:
    • Route 53 record types and appropriate usage (set these up, play, create health checks, understand the different record types etc.)
    • Process to create a VPC, difference between a NAT instance and a NAT gateway etc. (again, the best way to know this is to do it a few times)
    • When to use IAM roles, users, groups etc (tip always use Roles where possible, particularly for EC2 instances)
      • AWS recently enabled roles to be added to EC2 instances that are already online, this isn’t reflected in the exam yet
    • S3 storage types and appropriate use cases, difference between durability and availability (pay particular attention to the wording as the stats are different for each)
  • Learn how to calculate DynamoDB provisioned throughput
    • Tip: For reads the formula is (ITEM SIZE (rounded up to the next 4KB multiplier / 4KB) * # of items
    • Tip: For writes the formula is (ITEM SIZE (rounded up to the next 1KB multiplier / 1KB) * # of items
    • I personally got 1 or 2 of these in the SA exam but more in the Developer exam (more on that later)
  • If you only read one piece of documentation, make it the ‘AWS Well-Architected Framework’ whitepaper (link below). This document introduces the five pillars of the well-architected framework and will help develop your approach to architecting solutions and will greatly help (exam strategy here) with eliminating the obviously incorrect questions on the certification exams

AWS Developer – Associate

Many exam takers, blogs and even training providers indicate that the developer associate certification is the easiest of the associate level certifications however, I was quite the opposite and found the developer exam the hardest of the first three. For those of you that have already taken this exam or do in the future – I am interested to hear your experiences.

To prepare for the exam I gave myself two weeks and used as my primary training source along with hands on practice using my free tier account and a more than usual amount of time reading through the AWS documentation, which I found most important for the developer preparation. I’d recommend spinning up an Amazon Linux EC2 instance, getting the AWS CLI setup and interacting with things like S3 using roles / credentials / keys and understanding the differences.

My thoughts and guidance after taking the exam:

  • Know how to interact with the AWS CLI and API particularly common commands for interacting with S3
  • Learn about Simple Notification Service (SNS) particularly the different name/value pairs available in the message body and different notification options
  • How do you approach security in AWS (dev focus)? Important to know IAM roles, access keys, policies etc, S3 encryption, Security Token Service (at a high-level, this is covered in more detail at the professional level), VPC security (security groups (stateful), ACLs (stateless) etc.)
  • I personally had at least 4 DynamoDB provisioned throughput related questions – some easy marks to be gained here (see above)
  • What are S3’s different use cases? Particularly the different URL types for websites vs other objects as well as bucket versioning
  • What are the different deployment types? When and how to use CloudFormation, Elastic Beanstalk etc. and what can and can’t these services do? The focus was more on EB and CF in the developer exam for me (less on OpsWorks, where I saw more questions in the sysops and professional certification exams although this may not be the case for all)

AWS SysOps Administrator – Associate

Last but by no means least, the sysops admin certification. Out of the three so far, I was most nervous about the sysops exam as it is commonly believed to be the most difficult of the associate level certification exams but this didn’t turn out to be the case for me. I actually found that there was a lot of overlapping content (and concepts) from the Solution Architect and Developer certifications allowing me to score highest out of the first three.

Once again, I gave myself two weeks to prepare for the exam and used as the primary training material along with my free tier account and reading through the AWS documentation. The first thing that comes to my mind when I think of the sysops exam is CloudWatch, know how to use it, how to setup metrics and custom metrics and how different AWS services interact with CloudWatch. 

My thoughts and guidance after taking the exam:

  • Understand monitoring and healthchecks, monitoring EBS, RDS, ELB, EC2 etc.
  • What is consolidated billing is and how do you set it up? (I got a couple of questions here, easy marks)
  • How do you make a solution elastic and scalable? RDS read replicas, auto scalaing, HA for single hosts (auto scaling with min 1, max 1) etc.
  • Backup options within AWS? Snapshots, storing log files etc.
  • How do you build IAM policies and use MFA and what are the compliance options?
  • How are networks scalable? Particularly focus on Route53 (weighted, latency based, geolocation etc.), creating and scaling NAT instances, how to enable VPC flow logs etc.


Studying for the associate level exams was enjoyable and gave me a great insight in to the AWS world as well as preparing me with the necessary knowledge and skills not only to pass the certification exams but to be effective with AWS. At the associate level, I personally found that there was enough time in the exam to work through the questions without having to rush and that there was enough time remaining at the end to review any marked questions.

General thoughts on taking the exams:

  • Always read the exam blueprint (linked from the official AWS certification pages) as this document gives you complete list of items to study and helps identify areas of personal strength and weakness
  • At the associate level, is a great resource however, only toward the end did I discover the Linux Academy video series, which are excellent. Where I found that was great at preparing students with the knowledge required to pass the exam, I personally found that Linux Academy is much better at preparing students with the skills and knowledge not only to pass the exam but to really understand the topics and learn the necessary skills to be effective beyond the exam. I found Linux Academy essential at the professional level (more on that later)
  • Read the sample questions (also from the official AWS pages) – I personally found that in at least two of my exams, one of these questions popped up (word for word)
  • TIP: Go to the AWS Japanese site for the Solution Architect sample questions and the PDF has the sample question answers in the bottom right of each question
  • I personally opted not to do the official practice exams at associate level so I can’t comment on those
  • Read blogs (linked below and others) – I personally found that reading about the experiences of others helped with my preparation

Finally, if there is anything that I can do to help, any insights, examples, areas you would like to discuss then please do get in touch. Good Luck!



Video Training:


Official Certification Pages:

Most important AWS Documentation (from my experience):