[[File:AWS Solutions Architect Ramp-Up Guide.pdf|page=1|600px|link=Special:FilePath/AWS_Solutions_Architect_Ramp-Up_Guide.pdf]]
As the top certification in 2023, I'm getting my AWS Solutions Architect - Professional certification.
== Key Personal Characteristics ==
Are you a Solutions Architect, or want to become one?
You will need:
# Hands-on experience - a Solutions Architect is not an entry-level position. It takes years of experience in the technology sector before you have seen and learned enough lessons to truly become a valuable architect.
# Business analysis skills for understanding and interpreting the customer requirements.
# Strong interpersonal skills for dealing regularly with various stakeholders - architects don't work in ivory towers.
# Broad technology skills - software, hardware, various vendors and so-on
# On-premises technology
# Other clouds: you can't know just one. You should know AWS, Azure, GCP and perhaps even more cloud operators such as Digital Ocean, Linode, RackSpace or service offerings from giants like IBM/RedHat, Canonical etc.
# Core technology skills - Compute, storage, networking, databases
# Automation, containers and serverless technologies
# Programming or scripting useful
#Hands-on experience - a Solutions Architect is not an entry-level position. It takes years of experience in the technology sector before you have seen and learned enough lessons to truly become a valuable architect.#Business analysis skills for understanding and interpreting the customer requirements.#Strong interpersonal skills for dealing regularly with various stakeholders - architects don't work in ivory towers.#Broad technology skills - software, hardware, various vendors and so-on#On-premises technology#Other clouds: you can't know just one. You should know AWS, Azure, GCP and perhaps even more cloud operators such as Digital Ocean, Linode, RackSpace or service offerings from giants like IBM/RedHat, Canonical etc.#Core technology skills - Compute, storage, networking, databases#Automation, containers and serverless technologies#Programming or scripting useful == Global ==
[https://aws.amazon.com/about-aws/global-infrastructure/regions_az/ Regions, with discreet Availability Zones] for geographic proximity (low latency), and data compliance. Pay attention to costs (which are determined on a local basis) and service availability.
'''Edge''' locations are what they call CDNs. [https://aws.amazon.com/cloudfront/features/ CloudFront] is their product.
== Interacting ==* [https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/learn-whats-new.html Management Console] The web browser interface to AWS* [https://aws.amazon.com/cli/ CLI] (including cloudshell which is what they call the browser-based CLI)* [https://aws.amazon.com/developer/tools/ SDKs] You can use your favorite programming language to interact with the AWS Service APIs
*[https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/learn-whats-new.html Management Console] The web browser interface to AWS*[https://aws.amazon.com/cli/ CLI] (including cloudshell which is what they call the browser-based CLI)*[https://aws.amazon.com/developer/tools/ SDKs] You can use your favorite programming language to interact with the AWS Service APIs == Security ==
"[https://aws.amazon.com/compliance/shared-responsibility-model/ Shared Responsibility Model]" = AWS is responsible for security '''of''' the cloud. The customer is responsible for security '''in''' the cloud. Specifically, in the use-case of a VM in EC2, AWS will provide security up to the level of the hypervisor. You provide security in terms of OS patches, application and service configuration; and access control to services and data.
Always enable MFA for the "root" user account. == AWS Identity and Access Management ==Identity and Access Management (IAM) '''Identity Center''' (formerly called Single Sign-on) is an [[:en:OpenID#OpenID_Connect_(OIDC)|OIDC-capable]] authentication service similar to Microsoft Active Directory. It is enabled by default for a single account (with minor restrictions). For enterprises, setup your organization first, then enable IC. Using IC, an enterprise can leverage their per-existing (Microsoft Azure Active Directory) Identity and Access Control infrastructure in a federated way. [https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html Security Best Practices in IAM] Of course, IAM IC is available for use in your [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-assignment.html CloudFormation templates] == EC2 ==Amazon's original 'compute' service, [https://aws.amazon.com/ec2/ EC2] offers Virtual Machines (VMs); and now also offers containerized (e.g. [[Docker]]) and serverless (e.g. Fargate) options in addition to traditional [[Virtualization|Virtual Machines]]. A large aspect of the complexity of AWS can be attributed to the sheer number and variations of EC2 Instance types and sizes. It is every bit as complex as choosing hardware from a traditional hardware vendor. == Free Software alternatives ==
Any Solutions Architect with credibility is going to acknowledge that the giants of proprietary software solutions have built their empires on the backs of Free Software. But the product offerings have grown like weeds in a garden, so it can be hard to distinguish the original crop. What solutions or equivalents exist?
=== Cloud Provider Alternatives ===
For specific needs, there are sometimes niche vendors that offer a more attractive proposition. https://www.websiteplanet.com/blog/aws-alternatives/ lists alternatives such as Digital Ocean, Kamatera, LiquidWeb and Cloudways if all you really need is
== Links ==
AWS is so large, here's a short list of the most relevant links
# https://docs.aws.amazon.com/
[[Category:Cloud]]
[[Category:System Architecture]]
[[Category:AWS]]