close
雲端服務在近年來已經被業界廣泛的應用, 不論大公司或小公司越來越被採納且使用, 這方面的職缺與薪資都相對地比起傳統工程師好上很多, 非常建議有興趣的同好,
試著考取AWS 的證照, 來豐富自己的職涯 (還有荷包~~誤)!
AWS solution architect associate (簡稱: SAA) 的 考試範疇:
• Identify and gather requirements in order to define a solution to be built using architecture best practices.
• Provide guidance on architectural best practices to developers and system administrators throughout the lifecycle of the project.
作答方式: 選擇題單選, 複選, 是非題(true/false)
考試內容:
AWS solutin architect associate exam blueprint - https://d0.awsstatic.com/training-and-certification/docs-sa-assoc/AWS_certified_solutions_architect_associate_blueprint.pdf?refid=em_27264
Domain 1.0: Designing highly available, cost-efficient, fault-tolerant, scalable systems
- Identify and recognize cloud architecture considerations, such as fundamental components and effective designs. Content may include the following:
- How to design cloud services
- Planning and design
- Monitoring and logging
- Familiarity with:
- Best practices for AWS architecture
- Developing to client specifications, including pricing/cost (e.g., on Demand vs. Reserved vs. Spot; RTO and RPO DR Design)
- can include EC2 Purchasing Options, Disaster Recovery Whitepaper
- Architectural trade-off decisions (e.g., high availability vs. cost, Amazon Relational Database Service (RDS) vs. installing your own database on Amazon Elastic Compute Cloud (EC2))
- can include the Storage Options Whitepaper
- Hybrid IT architectures (e.g., Direct Connect, Storage Gateway, VPC, Directory Services)
- Elasticity and scalability (e.g., Auto Scaling, SQS, ELB, CloudFront)
2 Domain 2.0: Implementation/Deployment
- Identify the appropriate techniques and methods using Amazon EC2, Amazon S3, AWS Elastic Beanstalk, AWS CloudFormation, AWS OpsWorks, Amazon Virtual Private Cloud (VPC), and AWS Identity and Access Management (IAM) to code and implement a cloud solution.
Content may include the following:- Configure an Amazon Machine Image (AMI)
- Operate and extend service management in a hybrid IT architecture
- Configure services to support compliance requirements in the cloud
- Launch instances across the AWS global infrastructure
- Configure IAM policies and best practices
3 Domain 3.0: Data Security
- Recognize and implement secure practices for optimum cloud deployment and maintenance. Content may include the following:
- AWS shared responsibility model
- AWS platform compliance
- AWS security attributes (customer workloads down to physical layer)
- AWS administration and security services
- AWS Identity and Access Management (IAM)
- Amazon Virtual Private Cloud (VPC)
- includes NAT, VPC Endpoints , VPC Peering,
- AWS CloudTrail
- Ingress vs. egress filtering, and which AWS services and features fit
- “Core” Amazon EC2 and S3 security feature sets
- Incorporating common conventional security products (Firewall, VPN)
- includes VPN
- Design patterns
- DoS mitigation
- Encryption solutions (e.g., key services)
- Complex access controls (building sophisticated security groups, ACLs, etc.)
- Amazon CloudWatch for the security architect
- Trusted Advisor
- CloudWatch Logs
- included in the CloudWatch blog post
- Recognize critical disaster recovery techniques and their implementation.
Content may include the following:- Disaster recovery
- Recovery time objective
- is included in the Disaster Recovery Whitepaper
- Recovery point objective
- is included in the Disaster Recovery Whitepaper
- Amazon Elastic Block Store
- includes sub topics for EBS Volume Types, EBS Snapshots, EBS Performance, Comparison with Instance Store
- AWS Import/Export
- AWS Storage Gateway
- Amazon Route 53
- includes important topic of Route 53 Routing policy
- Validation of data recovery method
4 Domain 4.0: Troubleshooting
- Content may include the following:
- General troubleshooting information and questions
文章標籤
全站熱搜
留言列表
