This AWS Certified Solutions Architect – Associate (SAA-C03) provides a quick reference guide for key AWS services, best practices, architecture principles, and security considerations.
1.AWS Fundamentals
AWS Global Infrastructure
- Regions – Geographic areas with multiple Availability Zones (AZs).
- Availability Zones (AZs) – Physically separated data centers within a region.
- Edge Locations – Used by AWS CloudFront for low-latency content delivery.
Well-Architected Framework
- Operational Excellence – Automate and monitor operations.
- Security – Implement least privilege, encryption, and identity management.
- Reliability – Design for failover and redundancy.
- Performance Efficiency – Optimize resources for cost and efficiency.
- Cost Optimization – Use reserved instances, right-sizing, and spot instances.
2.Identity and Access Management (IAM)
Feature | Description |
| IAM Users | Individual accounts with credentials |
| IAM Groups | Collection of users with same permissions |
| IAM Roles | Temporary permissions assigned to AWS services or users |
| IAM Policies | JSON documents defining permissions |
| MFA (Multi-Factor Authentication) | Adds an extra security layer |
Best Practices:
- Follow least privilege principle.
- Use IAM roles instead of storing credentials in applications.
- Enable MFA for users and root accounts.
3.Compute Services
Amazon EC2 (Elastic Compute Cloud)
Instance Types:
- General Purpose – Balanced CPU/memory (e.g., t3.micro)
- Compute Optimized – High performance (e.g., c5.large)
- Memory Optimized – Large RAM (e.g., r5.xlarge)
- Storage Optimized – High disk I/O (e.g., i3.large)
Key Features:
- Auto Scaling – Adjusts capacity based on demand.
- Elastic Load Balancing (ELB) – Distributes traffic across instances.
- Elastic Block Store (EBS) – Persistent storage for EC2.
- Spot Instances – Low-cost, but can be interrupted.
AWS Lambda
- Serverless – Run code without managing servers.
- Supports Node.js, Python, Java, Go, etc.
- Charged based on execution time.
4.Storage Services
| Service | Description | Best Use Case |
| S3 (Simple Storage Service) | Scalable object storage | Backup, static websites |
| EBS (Elastic Block Store) | Block storage for EC2 | Persistent storage for VMs |
| EFS (Elastic File System) | Shared file storage | Multi-instance access |
| Glacier | Low-cost archival storage | Long-term backups |
| Storage Gateway | Hybrid cloud storage | On-prem to AWS storage integration |
S3 Storage Classes:
- S3 Standard – High availability, low latency.
- S3 Intelligent-Tiering – Automatically moves data to cost-effective tiers.
- S3 Glacier – For long-term backups (retrieval time: minutes to hours).
5.Databases
| Service | Type | Use Case |
| RDS | Relational | Managed SQL databases (MySQL, PostgreSQL, SQL Server, etc.) |
| DynamoDB | NoSQL | High-speed key-value database |
| ElastiCache | In-memory | Caching layer using Redis/Memcached |
| Redshift | Data Warehouse | Analyzing large datasets |
| Aurora | Relational | High-performance MySQL/PostgreSQL-compatible DB |
RDS Features:
- Multi-AZ – High availability with automatic failover.
- Read Replicas – Improves read performance.
- Aurora Serverless – Auto-scales based on demand.
6.Networking & Content Delivery
Amazon VPC (Virtual Private Cloud)
- VPC – Isolated network within AWS.
- Subnets – Divide VPC into public/private zones.
- Internet Gateway (IGW) – Enables public internet access.
- NAT Gateway – Allows private instances to access the internet securely.
- Security Groups – Firewall rules for EC2.
- Network ACLs – Firewall rules at the subnet level.
AWS Route 53
- DNS Service – Translates domain names to IPs.
- Supports domain registration, health checks, and traffic routing.
AWS CloudFront
- CDN (Content Delivery Network) for caching static content.
- Works with S3, EC2, and Lambda@Edge.
7.Security & Compliance
| Security Service | Description |
| AWS Shield | DDoS protection |
| AWS WAF | Protects applications from web attacks |
| AWS Config | Monitors configuration changes |
| AWS GuardDuty | Threat detection |
| AWS Secrets Manager | Securely store credentials and API keys |
| AWS KMS | Manage encryption keys |
Security Best Practices:
Enable MFA on all IAM users.
Use CloudTrail for logging API calls.
Encrypt sensitive data in S3, RDS, EBS.
Enforce least privilege access with IAM policies.
8.Monitoring & Logging
| Service | Function |
| CloudWatch | Monitor AWS resources, set alarms |
| CloudTrail | Logs API calls for auditing |
| AWS Config | Tracks configuration changes |
| X-Ray | Debugging distributed applications |
Best Practices:
- Set up CloudWatch Alarms for CPU, memory, and disk usage.
- Use AWS Config for compliance monitoring.
- Enable CloudTrail for logging all AWS API calls.
9.Cost Management
| Service | Function |
| AWS Cost Explorer | Visualize and analyze AWS spending |
| AWS Budgets | Set custom cost and usage budgets |
| AWS Trusted Advisor | Provides cost optimization recommendations |
Cost Optimization Tips:
- Use Auto Scaling to optimize compute costs.
- Choose Spot Instances for non-critical workloads.
- Use S3 Lifecycle Policies to move infrequently used data to Glacier.
10.Exam Tips & Study Guide
- Know AWS services and their use cases.
- Practice with AWS Free Tier to gain hands-on experience.
- Understand HA (High Availability) and DR (Disaster Recovery) architectures.
- Use AWS documentation and whitepapers for reference.
- Take AWS practice exams and labs.
AWS Whitepapers to Read:
- AWS Well-Architected Framework
- AWS Security Best Practices
- AWS Disaster Recovery Guide
