Category: Uncategorized

A New Year and New AWS Exams

AWS Cloud Practitioner

Firstly I’d like to wish a Happy New Year to everyone.  Apologies for the lack of posts recently as I’ve taken a bit of a break from the studying following re:Invent and the festive period.

January has started as last year finished from a work perspective with lots of things currently on the go at the moment and hence why I’ve been trying to recharge myself before continuing with any of the AWS certifications.

Last Friday I attended an event at the AWS UK Headquarters for re:Invent 2.0 comes to London which was focused on the Public Sector.  Whilst there wasn’t any new announcements since it was aimed at people that weren’t able to attend Las Vegas for re:Invent, it was designed to bring to life some of new releases to the platform at a. high level.  Personally for myself, it was a good opportunity to listen to the talk on Elastic Container Service (ECS), AWS Fargate and Amazon Elastic Kubernetes Service (EKS).  Fargate and EKS were two new announcements from re:Invent and I didnt have the opportunity to attend any of the breakout sessions related to those services whilst I was there so it was a good opportunity to learn about them.  I’m going to try and spend some time learning more about containers such as Docker, Kubernetes and Mesos and the use cases for them as opposed to traditional IaaS. Continue reading “A New Year and New AWS Exams”

AWS SA Professional – Practice Question 11


An enterprise customer is starting their migration to the cloud, their main reason for migrating is agility, and they want to make their internal Microsoft Active Directory available to any applications running on AWS; this is so internal users only have to remember one set of credentials and as a central point of user control for leavers and joiners. How could they make their Active Directory secure, and highly available, with minimal on-premises infrastructure changes, in the most cost and time-efficient way? (Choose 1)

a. Using Amazon Elastic Cloud Compute (EC2), they could create a DMZ using a security group; within the security group they could provision two smaller Amazon EC2 instances that are running Openswan for resilient IPSEC tunnels, two larger instances that are domain controllers, they would use multiple availability zones.

b. Using VPC, they could create an extension to their data centre and make use of resilient hardware IPSEC tunnels; they could then have two domain controller instances that are joined to their existing domain and reside within different subnets, in different availability zones.

c. Within the customer’s existing infrastructure, they could provision new hardware to run Active Directory Federation Services; this would present Active Directory as a SAML2 endpoint on the internet; any new application on AWS could be written to authenticate using SAML2.

d. The customer could create a stand-alone VPC with its own Active Directory Domain Controllers; two domain controller instances could be configured, one in each availability zone; new applications would authenticate with those domain controllers.

This question is testing your understanding of how to extend your existing on-premises Active Directory Service into AWS as well as the varying options that AWS offers. There are a few fundamentals of Active Directory that are worth knowing in order to know how you might begin with answering this question.

Continue reading “AWS SA Professional – Practice Question 11”

AWS Exam Provider Changes

AWS Certification

Apologies for the delay since my last post as I’ve been working on the Design, Migration and Transformation on a large scale solution that is currently in the progress of moving to AWS from their existing on-premises Data Centers.

I received an e-mail tonight advising that my exam that I’ve booked for AWS re:Invent in Las Vegas was being provided by PSI, which was quite strange since I’d booked it via Web Assessor who I’ve sat all my previous AWS exam with.

Therefore I’ve logged into the AWS Certification Portal at and noticed the following message.

AWS Certification exams are now delivered through a new testing partner, PSI.

Administration for all AWS exams began at PSI on September 7, 2017.

Now that in itself isn’t an issue for me, however the one thing I’ve noticed and certainly for where I’m located in the UK is that there is hardly any test centers.  The usual test centers don’t provide the PSI exams (such as Global Knowledge, QA etc..).

Hopefully more test centers will become available soon otherwise I’m going to find myself potentially travelling further in order to sit future exams.