AWS Golden Jacket Complete Guide — 12 Certification Strategy and Study Plan

Phase 1: Building the Foundation (1-2 months)
├── 1. Cloud Practitioner (CLF) — Bird's-eye view of AWS
└── 2. Solutions Architect Associate (SAA) — The most important exam!

Phase 2: Development/Operations (2-3 months)
├── 3. Developer Associate (DVA)
└── 4. SysOps Administrator (SOA)

Phase 3: Professional (3-4 months)
├── 5. Solutions Architect Professional (SAP) — Highest difficulty
└── 6. DevOps Engineer Professional (DOP)

Phase 4: Specialty Domains (4-6 months)
├── 7. Security Specialty (SCS)
├── 8. Database Specialty (DBS)
├── 9. Data Analytics Specialty (DAS)
├── 10. Machine Learning Specialty (MLS)
├── 11. Advanced Networking Specialty (ANS) — Most difficult
└── 12. SAP on AWS Specialty (PAS)

Key Services (60%+ of questions):
├── EC2: Instance types, Auto Scaling, ELB, AMI
├── S3: Storage classes, lifecycle, replication, encryption
├── VPC: Subnets, NACL vs SG, NAT GW, peering
├── RDS: Multi-AZ, Read Replica, Aurora
├── IAM: Policies, roles, federation
├── Lambda: Serverless, triggers, concurrency
├── CloudFront: CDN, OAI, caching
└── Route 53: Routing policies (weighted, latency, failover)

"Design a highly available and cost-effective architecture"
-> Multi-AZ + Auto Scaling + S3 + CloudFront

"Choose a disaster recovery strategy"
-> Pilot Light vs Warm Standby vs Multi-Site
-> Decide based on RPO/RTO requirements

"Select the most cost-effective storage"
-> S3 Standard vs IA vs Glacier
-> Access frequency + retrieval time requirements

SAA + Additional Deep Dives:
├── Multi-account strategy: AWS Organizations, SCP, Control Tower
├── Hybrid: Direct Connect, VPN, Transit Gateway
├── Migration: 6R strategy, DMS, SMS, Application Discovery
├── Cost optimization: Reserved, Savings Plans, Spot, Cost Explorer
├── Advanced security: KMS CMK, CloudHSM, Macie, Detective
└── High availability: Multi-Region Active-Active, Global Accelerator

Networking depth:
├── Advanced VPC: CIDR calculation, IPv6, custom routing
├── Direct Connect: LOA-CFA, VIF, LAG, BGP
├── Transit Gateway: Multi-region, peering, ECMP
├── Route 53: DNSSEC, Resolver, private hosted zones
├── CloudFront: Origin groups, Lambda@Edge
├── Network Firewall: Stateful/stateless rules
└── VPN: Site-to-Site, Client VPN, accelerator

Security core:
├── Advanced IAM: Policy evaluation logic, Permission Boundary
├── KMS: CMK, key rotation, grants, policies
├── CloudTrail: Log integrity, organization trails
├── GuardDuty: Threat detection, automated response
├── Config: Compliance rules, auto-remediation
├── WAF: Web ACL, managed rules, Rate Limiting
└── Incident response: Isolation, forensics, recovery

DB core:
├── RDS: Parameter groups, option groups, proxy
├── Aurora: Global DB, Serverless v2, DSQL
├── DynamoDB: Partition key design, GSI/LSI, DAX, Streams
├── Redshift: Distribution key, sort key, Spectrum, concurrency scaling
├── ElastiCache: Redis vs Memcached, cluster mode
├── Neptune: Graph DB, Gremlin/SPARQL
└── Migration: DMS, SCT, homogeneous/heterogeneous migration

Free:
├── AWS Skill Builder (official, free courses)
├── AWS Well-Architected Labs (hands-on)
├── AWS Whitepapers (must read!)
│   ├── Well-Architected Framework
│   ├── Disaster Recovery
│   └── Security Best Practices
└── AWS re:Invent videos (YouTube)

Paid:
├── Stephane Maarek (Udemy) — Best course for SAA, SAP
├── Adrian Cantrill — Best course for SAP, ANS
├── Jon Bonso (Tutorial Dojo) — Practice exams are a must!
└── A Cloud Guru — Covers all certifications

1. Keep retaking practice exams until you score 80%+
2. Keep an error notebook (note why you got it wrong)
3. AWS official documentation is more important than courses (exams are based on official docs)
4. Hands-on practice is essential (use Free Tier)
5. Time management: 2 minutes per question; flag difficult ones and move on
6. Distinguish between "most cost-effective" vs "most secure"
7. Words like "immediately" vs "least effort" in answer choices are also hints

Exam fees:
├── Foundational: $100
├── Associate: $150 x 3 = $450
├── Professional: $300 x 2 = $600
└── Specialty: $300 x 6 = $1,800
Total: $2,950

Money-saving tips:
├── Use the 50% discount voucher after passing!
├── Each pass gives you 50% off the next exam
├── Actual cost: ~$1,500-2,000 (with discounts)
└── Leverage company training budgets

Compute:
  EC2, Lambda, ECS, EKS, Fargate, Batch, Lightsail

Storage:
  S3, EBS, EFS, FSx, Storage Gateway, Snow Family

Database:
  RDS, Aurora, DynamoDB, ElastiCache, Redshift, Neptune, DocumentDB

Networking:
  VPC, CloudFront, Route 53, API Gateway, Direct Connect, Transit GW
  Global Accelerator, PrivateLink, Network Firewall

Security:
  IAM, KMS, CloudHSM, WAF, Shield, GuardDuty, Inspector
  Macie, Config, CloudTrail, Security Hub, Detective

Analytics:
  Kinesis, Glue, Athena, EMR, Redshift, QuickSight, Lake Formation

AI/ML:
  SageMaker, Bedrock, Rekognition, Comprehend, Textract, Polly

DevOps:
  CodeCommit, CodeBuild, CodeDeploy, CodePipeline
  CloudFormation, CDK, SAM, Systems Manager

Monitoring:
  CloudWatch, X-Ray, EventBridge, Health Dashboard