Split View: AWS 골든재킷 취득 완전 가이드 — 12개 자격증 전략과 공부법
AWS 골든재킷 취득 완전 가이드 — 12개 자격증 전략과 공부법
들어가며
AWS 골든재킷(Golden Jacket) — AWS의 모든 활성 자격증(현재 12개)을 보유한 사람에게 수여되는 금색 재킷입니다. re:Invent에서 착용하면 AWS 직원들도 알아보는, 클라우드 업계의 최고 훈장입니다.
12개 자격증 전체 맵
Foundational (1개)
| 자격증 | 코드 | 난이도 | 시험 시간 | 합격선 |
|---|---|---|---|---|
| Cloud Practitioner | CLF-C02 | ⭐ | 90분 | 700/1000 |
Associate (3개)
| 자격증 | 코드 | 난이도 | 시험 시간 | 합격선 |
|---|---|---|---|---|
| Solutions Architect | SAA-C03 | ⭐⭐⭐ | 130분 | 720/1000 |
| Developer | DVA-C02 | ⭐⭐⭐ | 130분 | 720/1000 |
| SysOps Administrator | SOA-C02 | ⭐⭐⭐ | 130분 | 720/1000 |
Professional (2개)
| 자격증 | 코드 | 난이도 | 시험 시간 | 합격선 |
|---|---|---|---|---|
| Solutions Architect Pro | SAP-C02 | ⭐⭐⭐⭐⭐ | 180분 | 750/1000 |
| DevOps Engineer Pro | DOP-C02 | ⭐⭐⭐⭐⭐ | 180분 | 750/1000 |
Specialty (6개)
| 자격증 | 코드 | 난이도 | 핵심 영역 |
|---|---|---|---|
| Advanced Networking | ANS-C01 | ⭐⭐⭐⭐⭐ | VPC, Direct Connect, Transit GW |
| Security | SCS-C02 | ⭐⭐⭐⭐ | IAM, KMS, GuardDuty, WAF |
| Machine Learning | MLS-C01 | ⭐⭐⭐⭐ | SageMaker, 데이터 전처리 |
| Database | DBS-C01 | ⭐⭐⭐⭐ | RDS, DynamoDB, Aurora, Redshift |
| Data Analytics | DAS-C01 | ⭐⭐⭐⭐ | Kinesis, Glue, Athena, EMR |
| SAP on AWS | PAS-C01 | ⭐⭐⭐⭐ | SAP HANA, SAP NetWeaver |
추천 취득 순서
Phase 1: 기초 다지기 (1~2개월)
├── 1. Cloud Practitioner (CLF) — AWS 전체 조감도
└── 2. Solutions Architect Associate (SAA) — 가장 중요한 시험!
Phase 2: 개발/운영 (2~3개월)
├── 3. Developer Associate (DVA)
└── 4. SysOps Administrator (SOA)
Phase 3: 전문가 (3~4개월)
├── 5. Solutions Architect Professional (SAP) — 최고 난이도
└── 6. DevOps Engineer Professional (DOP)
Phase 4: 전문 분야 (4~6개월)
├── 7. Security Specialty (SCS)
├── 8. Database Specialty (DBS)
├── 9. Data Analytics Specialty (DAS)
├── 10. Machine Learning Specialty (MLS)
├── 11. Advanced Networking Specialty (ANS) — 가장 어려움
└── 12. SAP on AWS Specialty (PAS)
시험별 핵심 서비스 + 공부 포인트
1. Solutions Architect Associate (SAA) — 가장 중요!
핵심 서비스 (60% 이상 출제):
├── EC2: 인스턴스 타입, Auto Scaling, ELB, AMI
├── S3: 스토리지 클래스, 수명주기, 복제, 암호화
├── VPC: 서브넷, NACL vs SG, NAT GW, 피어링
├── RDS: Multi-AZ, Read Replica, Aurora
├── IAM: 정책, 역할, 페더레이션
├── Lambda: 서버리스, 트리거, 동시성
├── CloudFront: CDN, OAI, 캐싱
└── Route 53: 라우팅 정책 (가중치, 지연시간, 장애조치)
출제 패턴:
"가용성이 높고 비용 효율적인 아키텍처를 설계하시오"
→ Multi-AZ + Auto Scaling + S3 + CloudFront
"재해 복구 전략을 선택하시오"
→ Pilot Light vs Warm Standby vs Multi-Site
→ RPO/RTO 요구사항에 따라 결정
"가장 비용 효율적인 스토리지 선택"
→ S3 Standard vs IA vs Glacier
→ 접근 빈도 + 검색 시간 요구사항
2. Solutions Architect Professional (SAP) — 최고 난이도
SAA + 추가 심화:
├── 멀티 계정 전략: AWS Organizations, SCP, Control Tower
├── 하이브리드: Direct Connect, VPN, Transit Gateway
├── 마이그레이션: 6R 전략, DMS, SMS, Application Discovery
├── 비용 최적화: Reserved, Savings Plans, Spot, Cost Explorer
├── 보안 심화: KMS CMK, CloudHSM, Macie, Detective
└── 고가용성: 멀티 리전 Active-Active, Global Accelerator
3. Advanced Networking (ANS) — 가장 어려움
네트워킹 깊이:
├── VPC 심화: CIDR 계산, IPv6, 커스텀 라우팅
├── Direct Connect: LOA-CFA, VIF, LAG, BGP
├── Transit Gateway: 멀티 리전, 피어링, ECMP
├── Route 53: DNSSEC, Resolver, 프라이빗 호스트
├── CloudFront: 오리진 그룹, Lambda@Edge
├── Network Firewall: 상태 저장/비저장 규칙
└── VPN: Site-to-Site, Client VPN, 가속기
4. Security Specialty (SCS)
보안 핵심:
├── IAM 심화: 정책 평가 로직, Permission Boundary
├── KMS: CMK, 키 로테이션, 그랜트, 정책
├── CloudTrail: 로그 무결성, 조직 트레일
├── GuardDuty: 위협 탐지, 자동 대응
├── Config: 규정 준수 규칙, 자동 교정
├── WAF: 웹 ACL, 관리형 규칙, Rate Limiting
└── 인시던트 대응: 격리, 포렌식, 복구
5. Database Specialty (DBS)
DB 핵심:
├── RDS: 파라미터 그룹, 옵션 그룹, 프록시
├── Aurora: 글로벌 DB, Serverless v2, DSQL
├── DynamoDB: 파티션 키 설계, GSI/LSI, DAX, Streams
├── Redshift: 분산 키, 정렬 키, Spectrum, 동시성 스케일링
├── ElastiCache: Redis vs Memcached, 클러스터 모드
├── Neptune: 그래프 DB, Gremlin/SPARQL
└── 마이그레이션: DMS, SCT, 동종/이종 마이그레이션
합격 전략
공부 리소스
무료:
├── AWS Skill Builder (공식, 무료 코스)
├── AWS Well-Architected Labs (핸즈온)
├── AWS Whitepapers (필수 읽기!)
│ ├── Well-Architected Framework
│ ├── Disaster Recovery
│ └── Security Best Practices
└── AWS re:Invent 영상 (YouTube)
유료:
├── Stephane Maarek (Udemy) — SAA, SAP 최고 강의
├── Adrian Cantrill — SAP, ANS 최고 강의
├── Jon Bonso (Tutorial Dojo) — 모의고사 필수!
└── A Cloud Guru — 전체 자격증 커버
시험 팁
1. 모의고사 80%+ 나올 때까지 반복
2. 오답 노트 필수 (왜 틀렸는지)
3. AWS 공식 문서 > 강의 (시험은 공식 문서 기반)
4. 핸즈온 필수 (Free Tier 활용)
5. 시험 시간 관리: 문제당 2분, 어려우면 플래그 후 넘기기
6. "가장 비용 효율적" vs "가장 안전한" 구분
7. 보기에서 "즉시" vs "최소 노력"도 힌트
비용
시험 비용:
├── Foundational: $100
├── Associate: $150 x 3 = $450
├── Professional: $300 x 2 = $600
└── Specialty: $300 x 6 = $1,800
총: $2,950 (약 400만원)
절약 팁:
├── 합격 후 50% 할인 바우처 활용!
├── 한 번 합격하면 다음 시험 50% 할인
├── 실제 비용: ~$1,500~2,000 (할인 적용)
└── 회사 교육비 지원 활용
AWS 핵심 서비스 치트시트
컴퓨팅:
EC2, Lambda, ECS, EKS, Fargate, Batch, Lightsail
스토리지:
S3, EBS, EFS, FSx, Storage Gateway, Snow Family
데이터베이스:
RDS, Aurora, DynamoDB, ElastiCache, Redshift, Neptune, DocumentDB
네트워킹:
VPC, CloudFront, Route 53, API Gateway, Direct Connect, Transit GW
Global Accelerator, PrivateLink, Network Firewall
보안:
IAM, KMS, CloudHSM, WAF, Shield, GuardDuty, Inspector
Macie, Config, CloudTrail, Security Hub, Detective
분석:
Kinesis, Glue, Athena, EMR, Redshift, QuickSight, Lake Formation
AI/ML:
SageMaker, Bedrock, Rekognition, Comprehend, Textract, Polly
DevOps:
CodeCommit, CodeBuild, CodeDeploy, CodePipeline
CloudFormation, CDK, SAM, Systems Manager
모니터링:
CloudWatch, X-Ray, EventBridge, Health Dashboard
📝 퀴즈 — AWS 골든재킷 (클릭해서 확인!)
Q1. AWS 골든재킷을 받으려면 몇 개의 자격증이 필요한가? ||현재 활성화된 12개 자격증 전부. Foundational 1 + Associate 3 + Professional 2 + Specialty 6||
Q2. SAA에서 Multi-AZ와 Read Replica의 차이는? ||Multi-AZ: 동기 복제, 장애 시 자동 failover (고가용성). Read Replica: 비동기 복제, 읽기 부하 분산 (성능). Multi-AZ는 같은 리전, Read Replica는 다른 리전도 가능||
Q3. S3 스토리지 클래스를 비용 순서대로 나열하라. ||Standard (가장 비쌈) → Intelligent-Tiering → Standard-IA → One Zone-IA → Glacier Instant → Glacier Flexible → Glacier Deep Archive (가장 저렴)||
Q4. Direct Connect와 VPN의 차이는? ||Direct Connect: 전용 물리 회선, 안정적 대역폭, 높은 비용, 설치 수주~수개월. VPN: 인터넷 기반 암호화 터널, 변동 대역폭, 저렴, 즉시 설정||
Q5. DynamoDB에서 파티션 키 설계가 중요한 이유는? ||파티션 키가 데이터 분산을 결정. 핫 파티션(특정 키에 트래픽 집중)이 발생하면 전체 처리량이 제한됨. 카디널리티가 높은 키 선택 필수||
Q6. SAP 시험에서 자주 출제되는 마이그레이션 6R 전략은? ||Rehost(리호스트), Replatform(리플랫폼), Repurchase(재구매), Refactor(리팩터), Retire(폐기), Retain(유지)||
Q7. AWS에서 재해 복구 전략 4가지를 RTO 순서대로 나열하라. ||Backup & Restore (RTO 수시간) → Pilot Light (RTO 수십분) → Warm Standby (RTO 수분) → Multi-Site Active-Active (RTO ~0)||
AWS Golden Jacket Complete Guide — 12 Certification Strategy and Study Plan
- Introduction
- The Complete Map of 12 Certifications
- Recommended Certification Order
- Key Services and Study Points per Exam
- Passing Strategies
- AWS Key Services Cheat Sheet
- Quiz
Introduction
AWS Golden Jacket -- a gold jacket awarded to individuals who hold all active AWS certifications (currently 12). Wearing it at re:Invent gets you recognized even by AWS employees -- it is the highest honor in the cloud industry.
The Complete Map of 12 Certifications
Foundational (1)
| Certification | Code | Difficulty | Exam Duration | Passing Score |
|---|---|---|---|---|
| Cloud Practitioner | CLF-C02 | 1/5 | 90 min | 700/1000 |
Associate (3)
| Certification | Code | Difficulty | Exam Duration | Passing Score |
|---|---|---|---|---|
| Solutions Architect | SAA-C03 | 3/5 | 130 min | 720/1000 |
| Developer | DVA-C02 | 3/5 | 130 min | 720/1000 |
| SysOps Administrator | SOA-C02 | 3/5 | 130 min | 720/1000 |
Professional (2)
| Certification | Code | Difficulty | Exam Duration | Passing Score |
|---|---|---|---|---|
| Solutions Architect Pro | SAP-C02 | 5/5 | 180 min | 750/1000 |
| DevOps Engineer Pro | DOP-C02 | 5/5 | 180 min | 750/1000 |
Specialty (6)
| Certification | Code | Difficulty | Key Areas |
|---|---|---|---|
| Advanced Networking | ANS-C01 | 5/5 | VPC, Direct Connect, Transit GW |
| Security | SCS-C02 | 4/5 | IAM, KMS, GuardDuty, WAF |
| Machine Learning | MLS-C01 | 4/5 | SageMaker, Data Preprocessing |
| Database | DBS-C01 | 4/5 | RDS, DynamoDB, Aurora, Redshift |
| Data Analytics | DAS-C01 | 4/5 | Kinesis, Glue, Athena, EMR |
| SAP on AWS | PAS-C01 | 4/5 | SAP HANA, SAP NetWeaver |
Recommended Certification Order
Phase 1: Building the Foundation (1-2 months)
├── 1. Cloud Practitioner (CLF) — Bird's-eye view of AWS
└── 2. Solutions Architect Associate (SAA) — The most important exam!
Phase 2: Development/Operations (2-3 months)
├── 3. Developer Associate (DVA)
└── 4. SysOps Administrator (SOA)
Phase 3: Professional (3-4 months)
├── 5. Solutions Architect Professional (SAP) — Highest difficulty
└── 6. DevOps Engineer Professional (DOP)
Phase 4: Specialty Domains (4-6 months)
├── 7. Security Specialty (SCS)
├── 8. Database Specialty (DBS)
├── 9. Data Analytics Specialty (DAS)
├── 10. Machine Learning Specialty (MLS)
├── 11. Advanced Networking Specialty (ANS) — Most difficult
└── 12. SAP on AWS Specialty (PAS)
Key Services and Study Points per Exam
1. Solutions Architect Associate (SAA) -- The Most Important!
Key Services (60%+ of questions):
├── EC2: Instance types, Auto Scaling, ELB, AMI
├── S3: Storage classes, lifecycle, replication, encryption
├── VPC: Subnets, NACL vs SG, NAT GW, peering
├── RDS: Multi-AZ, Read Replica, Aurora
├── IAM: Policies, roles, federation
├── Lambda: Serverless, triggers, concurrency
├── CloudFront: CDN, OAI, caching
└── Route 53: Routing policies (weighted, latency, failover)
Question Patterns:
"Design a highly available and cost-effective architecture"
-> Multi-AZ + Auto Scaling + S3 + CloudFront
"Choose a disaster recovery strategy"
-> Pilot Light vs Warm Standby vs Multi-Site
-> Decide based on RPO/RTO requirements
"Select the most cost-effective storage"
-> S3 Standard vs IA vs Glacier
-> Access frequency + retrieval time requirements
2. Solutions Architect Professional (SAP) -- Highest Difficulty
SAA + Additional Deep Dives:
├── Multi-account strategy: AWS Organizations, SCP, Control Tower
├── Hybrid: Direct Connect, VPN, Transit Gateway
├── Migration: 6R strategy, DMS, SMS, Application Discovery
├── Cost optimization: Reserved, Savings Plans, Spot, Cost Explorer
├── Advanced security: KMS CMK, CloudHSM, Macie, Detective
└── High availability: Multi-Region Active-Active, Global Accelerator
3. Advanced Networking (ANS) -- Most Difficult
Networking depth:
├── Advanced VPC: CIDR calculation, IPv6, custom routing
├── Direct Connect: LOA-CFA, VIF, LAG, BGP
├── Transit Gateway: Multi-region, peering, ECMP
├── Route 53: DNSSEC, Resolver, private hosted zones
├── CloudFront: Origin groups, Lambda@Edge
├── Network Firewall: Stateful/stateless rules
└── VPN: Site-to-Site, Client VPN, accelerator
4. Security Specialty (SCS)
Security core:
├── Advanced IAM: Policy evaluation logic, Permission Boundary
├── KMS: CMK, key rotation, grants, policies
├── CloudTrail: Log integrity, organization trails
├── GuardDuty: Threat detection, automated response
├── Config: Compliance rules, auto-remediation
├── WAF: Web ACL, managed rules, Rate Limiting
└── Incident response: Isolation, forensics, recovery
5. Database Specialty (DBS)
DB core:
├── RDS: Parameter groups, option groups, proxy
├── Aurora: Global DB, Serverless v2, DSQL
├── DynamoDB: Partition key design, GSI/LSI, DAX, Streams
├── Redshift: Distribution key, sort key, Spectrum, concurrency scaling
├── ElastiCache: Redis vs Memcached, cluster mode
├── Neptune: Graph DB, Gremlin/SPARQL
└── Migration: DMS, SCT, homogeneous/heterogeneous migration
Passing Strategies
Study Resources
Free:
├── AWS Skill Builder (official, free courses)
├── AWS Well-Architected Labs (hands-on)
├── AWS Whitepapers (must read!)
│ ├── Well-Architected Framework
│ ├── Disaster Recovery
│ └── Security Best Practices
└── AWS re:Invent videos (YouTube)
Paid:
├── Stephane Maarek (Udemy) — Best course for SAA, SAP
├── Adrian Cantrill — Best course for SAP, ANS
├── Jon Bonso (Tutorial Dojo) — Practice exams are a must!
└── A Cloud Guru — Covers all certifications
Exam Tips
1. Keep retaking practice exams until you score 80%+
2. Keep an error notebook (note why you got it wrong)
3. AWS official documentation is more important than courses (exams are based on official docs)
4. Hands-on practice is essential (use Free Tier)
5. Time management: 2 minutes per question; flag difficult ones and move on
6. Distinguish between "most cost-effective" vs "most secure"
7. Words like "immediately" vs "least effort" in answer choices are also hints
Cost
Exam fees:
├── Foundational: $100
├── Associate: $150 x 3 = $450
├── Professional: $300 x 2 = $600
└── Specialty: $300 x 6 = $1,800
Total: $2,950
Money-saving tips:
├── Use the 50% discount voucher after passing!
├── Each pass gives you 50% off the next exam
├── Actual cost: ~$1,500-2,000 (with discounts)
└── Leverage company training budgets
AWS Key Services Cheat Sheet
Compute:
EC2, Lambda, ECS, EKS, Fargate, Batch, Lightsail
Storage:
S3, EBS, EFS, FSx, Storage Gateway, Snow Family
Database:
RDS, Aurora, DynamoDB, ElastiCache, Redshift, Neptune, DocumentDB
Networking:
VPC, CloudFront, Route 53, API Gateway, Direct Connect, Transit GW
Global Accelerator, PrivateLink, Network Firewall
Security:
IAM, KMS, CloudHSM, WAF, Shield, GuardDuty, Inspector
Macie, Config, CloudTrail, Security Hub, Detective
Analytics:
Kinesis, Glue, Athena, EMR, Redshift, QuickSight, Lake Formation
AI/ML:
SageMaker, Bedrock, Rekognition, Comprehend, Textract, Polly
DevOps:
CodeCommit, CodeBuild, CodeDeploy, CodePipeline
CloudFormation, CDK, SAM, Systems Manager
Monitoring:
CloudWatch, X-Ray, EventBridge, Health Dashboard
Quiz -- AWS Golden Jacket (Click to reveal!)
Q1. How many certifications are needed to receive the AWS Golden Jacket? ||All 12 currently active certifications. Foundational 1 + Associate 3 + Professional 2 + Specialty 6||
Q2. What is the difference between Multi-AZ and Read Replica in SAA? ||Multi-AZ: Synchronous replication, automatic failover on failure (high availability). Read Replica: Asynchronous replication, distributes read load (performance). Multi-AZ is within the same region; Read Replica can be cross-region||
Q3. List S3 storage classes in order of cost. ||Standard (most expensive) then Intelligent-Tiering then Standard-IA then One Zone-IA then Glacier Instant then Glacier Flexible then Glacier Deep Archive (cheapest)||
Q4. What is the difference between Direct Connect and VPN? ||Direct Connect: Dedicated physical line, stable bandwidth, high cost, weeks to months to set up. VPN: Internet-based encrypted tunnel, variable bandwidth, inexpensive, instant setup||
Q5. Why is partition key design important in DynamoDB? ||The partition key determines data distribution. If a hot partition occurs (traffic concentrated on a specific key), overall throughput is limited. Choosing a key with high cardinality is essential||
Q6. What are the 6R migration strategies frequently tested on the SAP exam? ||Rehost, Replatform, Repurchase, Refactor, Retire, Retain||
Q7. List the 4 disaster recovery strategies in AWS in order of RTO. ||Backup and Restore (RTO: hours) then Pilot Light (RTO: tens of minutes) then Warm Standby (RTO: minutes) then Multi-Site Active-Active (RTO: near zero)||
Quiz
Q1: What is the main topic covered in "AWS Golden Jacket Complete Guide — 12 Certification
Strategy and Study Plan"?
A complete roadmap for all 12 AWS certifications needed for the Golden Jacket. Covers recommended order, exam difficulty, key services, passing strategies, and practical AWS knowledge that matters in the real world.
Q2: What is The Complete Map of 12 Certifications?
Foundational (1) Associate (3) Professional (2) Specialty (6)
Q3: Explain the core concept of Key Services and Study Points per Exam.
- Solutions Architect Associate (SAA) -- The Most Important! Question Patterns: 2. Solutions Architect Professional (SAP) -- Highest Difficulty 3. Advanced Networking (ANS) -- Most Difficult
- Security Specialty (SCS) 5. Database Specialty (DBS)
Q4: What are the key aspects of Passing Strategies?
Study Resources Exam Tips Cost
Q5: How does AWS Key Services Cheat Sheet work?
Q1. How many certifications are needed to receive the AWS Golden Jacket? Q2. What is the
difference between Multi-AZ and Read Replica in SAA? Q3. List S3 storage classes in order of cost.
Q4. What is the difference between Direct Connect and VPN? Q5.