AWS Certified Solutions Architect - Professional
Validates advanced technical skills and experience in designing distributed systems and applications on AWS. Covers complex solutions for organizational requirements, new solution design, continuous improvement of existing solutions, and workload migration and modernization. Requires two or more years of hands-on experience designing and deploying cloud architecture on AWS, with proficiency in evaluating cloud application requirements and making architectural recommendations across the Well-Architected Framework.
Exam domains
- Design for New Solutions29%
Design a deployment strategy to meet business requirements (CI/CD multi-account pipelines with CodePipeline cross-account roles, CodeBuild, CodeDeploy blue/green and canary, CodeArtifact for shared package repositories, Service Catalog for standardized provisioning, CloudFormation StackSets for multi-account/multi-region deployment, CDK Pipelines, AWS Proton for templated environments; environment promotion - dev/staging/prod, feature toggles via AWS AppConfig, dynamic configuration). Design a solution to ensure business continuity (recovery objectives - RTO and RPO - mapping to architecture patterns: backup-and-restore RTO hours/RPO hours, pilot light RTO 10s of minutes/RPO minutes, warm standby RTO minutes/RPO seconds, multi-site active-active RTO seconds/RPO seconds; AWS Elastic Disaster Recovery - DRS for low-RTO/RPO replication; AWS Backup centralized cross-service backup with cross-region copies; AWS Resilience Hub assessment policies; chaos engineering with AWS Fault Injection Simulator). Determine security requirements and controls when designing and implementing a solution (defense in depth - perimeter, network, identity, application, data layers; AWS Network Firewall stateful inspection, AWS WAF managed rule groups + Bot Control + Account Takeover Prevention; AWS Shield Advanced with DDoS Response Team; data protection - field-level encryption at CloudFront, S3 Object Lambda for data masking, AWS KMS envelope encryption patterns, AWS Nitro Enclaves for confidential compute; secrets - Secrets Manager rotation, IAM Roles Anywhere for workload identity outside AWS). Determine a strategy to meet performance objectives (compute optimization - Graviton/Inferentia/Trainium for price-performance, EC2 instance families, Elastic Fabric Adapter for HPC; data store performance - Aurora I/O-Optimized vs Standard, DynamoDB on-demand vs provisioned with auto scaling and adaptive capacity, DAX for microsecond reads; caching strategies - ElastiCache, CloudFront, API Gateway caching, DAX, AWS App Mesh service mesh observability). Determine an appropriate architecture based on requirements (event-driven architecture with EventBridge and SNS/SQS, serverless first - Lambda + Step Functions + DynamoDB + S3 + API Gateway, microservices with ECS/EKS/App Mesh, batch processing with AWS Batch and EMR, streaming with Kinesis/MSK/Managed Service for Apache Flink, IoT with IoT Core).
Sources
Questions are grounded in 150 references from official and authoritative materials.