Recent Score: out of 25.

Design Cost Optimized Architectures
Take the Test again Go Home



Loading Questions...

❮ Previous Reload Next ❯
1 / 10
AWS Well-Architected Cost Optimization Labs
2 / 10
Optimizing the cost of serverless web applications
3 / 10
Cost optimization for Kubernetes on AWS
4 / 10
AWS Cost Management
5 / 10
AWS Set up a cost budget
6 / 10
AWS Pricing Calculator
7 / 10
AWS Landing Zone optimized for AWS Budget management
8 / 10
Querying your AWS Cost & Usage Report using Athena
9/ 10
Estimate Amazon EC2 Spot Instance cost savings
10 / 10
AWS Well-Architected Framework for Machine Learning: Cost Optimization Pillar



Resources

Top AWS Solutions Architect Associate Exam Tips

*

This domain makes up 20% of the exam and includes the following 3 objectives:
1. Identify cost-effective storage solutions
2. Identify cost-effective compute and database services
3. Design cost-optimized network architectures

You need to understand the various cost models of compute and storage services, what you pay for and what the best choices would be given a specific scenario.
You also need to know which services are free and be able to compare the cost of different services that may suit a specific scenario. You’ll definitely need to understand serverless technologies such as AWS Lambda, Amazon Aurora Serverless, and Amazon ECS Fargate.
AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS

0

Read the FAQs for RDS, EC2, Route 53, SQS, and VPC.
AWS RDS FAQ, AWS EC2 FAQ, AWS Route 53 FAQ, AWS SQS FAQ, AWS VPC FAQ

1

Know what instance types can be launched from which types of AMIs, and which instance types require an HVM AMI
AWS HVM AMI

2

Understand bastion hosts, and which subnet one might live on. Bastion hosts are instances that sit within your public subnet and are typically accessed using SSH or RDP. Once remote connectivity has been established with the bastion host, it then acts as a ‘jump’ server, allowing you to use SSH or RDP to login to other instances (within private subnets) deeper within your network. When properly configured through the use of security groups and Network ACLs, the bastion essentially acts as a bridge to your private instances via the Internet."
Bastion Hosts

3

Know the difference between Directory Service's AD Connector and Simple AD. Use Simple AD if you need an inexpensive Active Directory–compatible service with the common directory features. AD Connector lets you simply connect your existing on-premises Active Directory to AWS.
AD Connector and Simple AD

4

Know how to enable cross-account access with IAM: To delegate permission to access a resource, you create an IAM role that has two policies attached. The permissions policy grants the user of the role the needed permissions to carry out the desired tasks on the resource. The trust policy specifies which trusted accounts are allowed to grant its users permissions to assume the role. The trust policy on the role in the trusting account is one-half of the permissions. The other half is a permissions policy attached to the user in the trusted account that allows that user to switch to, or assume the role.
Enable cross-account access with IAM

5

Have a good understanding of how Route53 supports all of the different DNS record types, and when you would use certain ones over others.
Route 53 supports all of the different DNS record types

6

Know which services have native encryption at rest within the region, and which do not.
AWS Services with native Encryption at rest

7

Know which services allow you to retain full admin privileges of the underlying EC2 instances
EC2 Full admin privilege

8

Know When Elastic IPs are free or not: If you associate additional EIPs with that instance, you will be charged for each additional EIP associated with that instance per hour on a pro rata basis. Additional EIPs are only available in Amazon VPC. To ensure efficient use of Elastic IP addresses, we impose a small hourly charge when these IP addresses are not associated with a running instance or when they are associated with a stopped instance or unattached network interface.
When are AWS Elastic IPs Free or not?

9

Know what are the four high level categories of information Trusted Advisor supplies.
#AWS Trusted advisor

10

Know how to troubleshoot a connection time out error when trying to connect to an instance in your VPC. You need a security group rule that allows inbound traffic from your public IP address on the proper port, you need a route that sends all traffic destined outside the VPC (0.0.0.0/0) to the Internet gateway for the VPC, the network ACLs must allow inbound and outbound traffic from your public IP address on the proper port, etc.
#AWS Connection time out error

11

Read the whitepapers about the AWS Well-Architected Framework and its pillars, then make sure you can design technology solutions that balance and satisfy their cost, performance, reliability, operations, and security constraints.
#AWS Well Architected Network