AWS Certified Solutions Architect - Note (1)

官网:AWS Certified Solutions Architect – Associate

  • 费用:150$
  • 时间:130 Minutes
  • 题目:65 Questions (单选和多选)
  • 成绩:~72% Passing Score (720/1000 points)
  • 有效期:Valid for 3 years
  • 语言:虽然可以选择简体中文,但许多资料都是英文。所以按照英文考试准备,以下笔记都为英文。

考试指引PDF:Exam Guide


Types of Cloud Computing

IaaS, PaaS and SaaS

Simple Storage Service (S3)

S3 Storage Classes

S3 Storage Classes Comparison

S3 Security

S3 Encryption

S3 Data Consistency

S3 Cross Region Replication (CRR)

S3 Versioning

S3 Lifecycle Management

S3 Transfer Acceleration

S3 Presigned Urls

S3 MFA Delete

S3 CheatSheet

  • Simple Storage Service(S3) Object-based storage. Store unlimited amount of data without worry of underlying storage infrastructure.
  • S3 replicates data across at least 3 AZs to ensure 99.99% Availability and 11’9s of durability.
  • Objects contain your data (they’re like files).
  • Objects can be size anywhere from 0 Bytes up to 5 Terabytes
  • Buckets contain objects. Buckets can also contain folders which can in turn can contain objects.
  • Bucket names are unique across all AWS accounts. Like a domain name.
  • When you upload a file to S3 successfully you’ll receive a HTTP 200 code. Lifecycle Management Objects can be moved between storage classes or objects can be deleted automatically based on a schedule.
  • Versioning Objects are given a Version ID. When new objects are uploaded the old objects are kept. You can access any object version. When you delete an object the previous object is restored. Once Versioning is turned on it cannot be turn off, only suspended.
  • MFA Delete enforce DELETE operations to require MFA token in order to delete an object. Must have versioning turned on to use. Can only turn on MFA Delete from the AWS CLI. Root Account is only allowed to delete objects.
  • All new buckets are private by default.
  • Logging can be turned to on a bucket to log to track operations performed on objects.
  • Access control is configured using Bucket Policy and Access Control Lists(ACL).
  • Bucket Policies are JSON documents which let you write complex control access.
  • ACLs are the legacy method (not deprecated) where you grant access to objects and buckets with simple actions.
  • Security in Transit Uploading files is done over SSL.
  • SSE stands for Server side Encryption. S3 has 3 options for SSE.
  • SSE-AES S3 handles the key, uses AES-256 algorithm.
  • SSE-KMS Envelope encryption via AWS KMS and you manage the keys
  • SSE-C Customer provided key (you manage the keys).
  • Client-Side Encryption You must encrypt your own files before uploading them to S3.
  • Cross Region Replication (CRR) allows you to replicate files across regions for greater durability. You must have versioning turned on in the source and destination bucket. You can have CRR replicate to bucket in another AWS Account,
  • Transfer Acceleration provide faster and secure uploads from anywhere in the world. Data is uploaded via distinct url to an Edge Location. Data is then transported to your S3 bucket via AWS backbone network.
  • Presigned Urls is a url generated via the AWS CLI and SDK. It provides temporary access to write or download object data. Presigned Urls are commonly used to access private objects.
  • S3 has 6 different Storage Classes:
    • Standard Fast! 99.99% Availability, 11 9’s Durability. Replicated across at least three AZs.
    • Intelligent Tiering Uses ML to analyze your object usage and determine the appropriate storage class. Data is moved to the most cost-effective access tier, without any performance impact or added overhead.
    • Standard Infrequently Accessed (IA) Still Fast! Cheaper if you access files less than once a month.Additional retrieval fee is applied. 50% less than Standard (reduced availability).
    • One Zone IA Still Fast! Objects only exist in one AZ. Availability (is 99.5%). but cheaper than Standard IA by 20% less (Reduce durability) Data could get destroyed. A retrieval fee is applied.
    • Glacier For long-term cold storage. Retrieval of data can take minutes to hours but the off is very cheap storage.
    • Glacier Deep Archive The lowest cost storage class. Data retrieval time is 12 hours.


Petabyte-scale data transfer service. Move data onto AWS via physical briefcase computer.

Snowball Edge, more storage and on-site compute capabilities.



  • Snowball and Snowball Edge is a rugged container which contains a storage device.
  • Snowmobile is a a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck.
  • Snowball and Snowball Edge is for peta-scale migration. Snowmobile is for exabyte-scale migration.
  • Low Cost thousands of dollars to transfer 100TB over high speed internet. Snowball is 1/5th price.
  • Speed 100 TB over 100 days to transfer over high speed internet, Snowball takes less than a week.
  • Snowball come in two sizes:
    • 50 TB (42 TB of usable space)
    • 80 TB (72 TB of usable space)
  • Snowball Edge comes in two sizes:
    • 100 TB (83 TB of usable space)
    • 100 TB Clustered (45 TB per node)
  • Snowmobile comes in one size: 100PB
  • You can both export or import data using Snowball or Snowmobile.
  • You can import into S3 or Glacier.
  • Snowball Edge can undertake local processing and edge-computing workloads.
  • Snowball Edge can use in a cluster in groups of 5 to 10 devices.
  • Snowball Edge provides three options for device configurations.
    • storage optimized (24 vCPUs)
    • compute optimized (54 vCPUs)
    • GPU optimized (54 vCPUs)
comments powered by Disqus