Passing the AWS Certified Sysops Administrator — Associate Certification in 2024
The AWS Certified SysOps Administrator — Associate certification is the AWS Certification that is designed to demonstrate AWS knowledge in the areas of system administration and devops. It was the only AWS Certification that required a lab component up until March 28, 2023. I recently passed this certification and would like to share my approach and learnings in an effort to help others be successful in their studies as well.
Study materials
I would encourage anyone considering this certification to review the overall information on the AWS site. Then I would watch Stephane Maarek’s Udemy Video course for the basics of the overall material. For Udemy materials, never pay more than $30 and you can do this by using coupons at Stephane Maarek’s site, using coupons, or waiting for the price to drop. The AWS exam guide can provide insight into specific knowledge areas.
Practice Questions
Tutorials Dojo (340 questions total in a variety of formats, the Final Test randomized format is good along with set tests to review some of the particular areas you are week in)
Whizlabs Practice Tests(340 questions, 5 x 55 question sets, with 65 section tests)
AWS Sample Questions (10 Questions)
AWS Certified SysOps Administrator — Associate Official Practice Question Set (SOA-C02) (20 questions)
For the last 2 question sets, I printed them out and did them on paper while watching tv in the evening. Other practice questions which I did not use but might be of use to you:
Maarek/Singh’s Udemy Practice Tests (260 questions, 4 x 65 questions)
Neal Davis Practice Tests (325 questions, 5 x 65 questions)
Study approach
There is no substitute for training and iterating on practice tests. You will start out taking close to full time of about 2 hours and less than a passing mark. With more practice, you will quickly improve the scores and reduce the time to take the tests. Consistent learning is better by trying to do tests on a daily basis to improve your scores.
Remember that the tests and questions that you do poorly on generally indicate valuable areas for you to do more work.
Tutorials Dojo
The SysOps test is in a bit of limbo now as they discontinued the labs for this certification. Also, the number of questions used to be 55 with the lab and now it is 65 questions.
For Tutorials Dojo, I really like the fact that there are different modes(Timed with a set group of questions, Review Mode where you it is marked question by question, and the Final Test Mode which is a randomized set of questions). I really think they should do some work to get the question set size back up to 65 from the current 55.
For each test, I record the mark, time in minutes that it took and I capture the questions I did not answer correctly. Then before I retake the test I review the incorrect ones from the previous time I took the test. This way I am working to improve the scores.
Whizlabs
Whizlabs is another source of certification questions. It is reasonably priced and you get a good number of questions.
Again, I worked though all the questions that were provided. The level of English is a bit lower but the material covers the certification sufficiently. Also, the order of the questions themselves is not randomized and the options are always in the same order. This means that you can get programmed to know the answer without really even looking at the question. Although, recently they added a “Final Test” at the end which is randomized but with the options in the same order. They also added this “Final Test” for another certification that I had. That is a step in the right direction. It would really be best if WhizLabs was able to randomize questions and the options for all exams. This would help avoid you from just “knowing” the answer by feel. Again, you can see that it takes less time to do these tests as you essentially memorize the positions. With Whizlabs, I got to a point where I did one full test a day and I would stop only when I received 100% twice in a row. This would force me to keep sharp up until I wrote the exam.
My findings
Although the video course and practice questions are definitely required to pass the examination. Based on the exam guide and what I saw in the training materials I would also include reviewing the following scenarios as well.
- If an S3 Bucket implemented Governance Mode S3 Object Locking and you wanted to bypass this you. You must have the s3:BypassGovernanceRetention permission and must explicitly include x-amz-bypass-governance-retention:true as a request header with any request that requires overriding governance mode.
- If you encounter the OUTDATED status when running a CloudFormation StackSet for one region. According to Troubleshooting AWS CloudFormation StackSets coud be a result that “the template could be trying to create global resources that must be unique but aren’t, such as S3 buckets.”
- If you had a single AWS Aurora cluster with one writer and reader and you were encountering memory issues, you might want to deal with this using AWS Aurora DB Multi-Master. However, I believe the AWS Aurora DB Multi-Master has been phased out. You can read further on trouble shooting AWS Aurora Memory Issues.
- If there are EC2s that are terminated in an environment, you should use the EIP-attached Config rule to find EIPs that are unattached in your environment.
- If you have an Lambda which processes/updates an S3 object and writes the updated object back to the same S3 bucket, you might want to consider ways to avoid recursive Lambda calls on the same S3 bucket. Generally using a separate bucket is preferred. If you must use the same bucket you can consider some of the following options:
(1)Using a prefix or suffix in the S3 event notification
(2) Using object metadata to identify the original S3 object
(3) Using an Amazon DynamoDB table to filter duplicate events
6. If you have an on premise server with a fixed IP address and you are migrating this to an EC2 behind a load balancer, you should consider using an A record as an A Record maps to one or more IP Addresses. A CNAME record should not be used as it maps an alias name to another name(Not an IP Address)
7. If you have some existing EC2 and you are a client who wishes to convert some of these to Fargate. You should consider Cost Savings Plans and different scenarios to reduce costs ensure that there are no unused reservations. Options to be considered:
Compute Savings Plan with no upfront costs
Compute Savings Plan with partial upfront costs
EC2 Instance Savings Plans
8. If there are many EC2s behind an autoscaler that are failing intermittently and it will take weeks to solve the actual issue. Some ways to deal with this could include:
(a) Use CloudWatch agent with health checks and restart them
(b) AWS System State Manager/AWS System Session Manager to check the status of these applications every 5 minutes and restart them.
Conclusion
I think the AWS Certified SysOps Administrator — Associate certification will definitely help you learn more of the Systems Administrator aspect of the AWS environment. With good study and practice this certification is achievable. When studying for AWS Certification, you should be consistent in your studies right up until you want to take the exam. I would advise you to take at least one full test a day for whichever time of day works best given your current schedule.
