AWS: SysOps Administrator (SOA) study notes

Hello, world. Penned down some keywords after passing my recent AWS SOA exam, and then expanded on ’em below. Perhaps you’ll find ’em useful then.

RAID 0 (striped) vs. 1 (mirrored); i.e., the lower the number, the higher the risk, see

Just like EC2 instances, EBS volumes reside in a specific AZ of a Region; i.e., they can only be attached to a running instances within the same AZ. To switch AZs, use snapshots, see

AMIs can be referred to as being backed by EBS, or ephemeral/instance store. Ephemeral/instance AMIs are stored in S3; i.e., terminating an EC2 instance running the S3-based AMI means that data in the root volume is gone forever, see

EBS optimized; i.e., minimizing contention between EBS I/O and other traffic from your EC2 instance, see

Cluster-type placement groups: low-latency grouping (of EC2 instances) within a single AZ, see

Automated Backups allow users to restore to data within about 5 minutes of the current time, see

TA, as its name suggests, allows users to accelerate file transfers to S3, for when users are underutilizing available Internet bandwidth at upload time, see

Tenancy is typically default (i.e., shared) tenancy. Users cannot change from default to dedicated/host, and vice-versa, see

IPv4 CIDR blocks can range from large (/16 netmask, 65k addresses) to small (/28 netmask, 16 addresses), see

Direct Connect, use private (virtual interface) to connect to your VPC, public for services that aren’t in a VPC (e.g., Glacier), see

Within VPCs, there is a “local” route allowing communication between subnets using private IP addresses only, see,

Active Directory and AWS, see,

Windows EC2 instances can be configured using EC2Config (2.2.10+) to export data to CloudWatch, see


AWS: Analysis of the Certified SysOps Administrator – Associate exam

I recently became fully AWS certified (at the Associate Level), most recently passing the the SysOps Administrator – Associate exam at my third attempt.

  1. In late 2016, I failed with a score of 61% (or  67%). It was my first failure — I deleted the “unsuccessful” notification email in a fit of rage;
  2. In early 2018, I failed with a score of 71%;
  3. In April 2018, I passed with a score of 80%.

My experience was that the Certified SysOps Administrator – Associate exam was the toughest of the lot. In the table below, I compare the weighted scores between attempts #2 and #3 for individual domains:

SysOps Administrator

While I improved in 3 domains, I obtained the same score in the other 4 domains (Monitoring and Metrics, Deployment and Provisioning, Security, & Networking). This gelled with my observation that many of the questions for attempt #3 I’d actually attempted 2 weeks earlier!

Of course, your own mileage may vary, plus you still need to spend time/effort reading through and understanding the AWS FAQs — th9/: are really in-depth, and helped me answer 5 questions correctly; i.e., 9% of 55 ~= 4.95.

In a subsequent post I’ll discuss particular areas that showed up at exam time.


AWS Certified Associate

After an extended hiatus away from AWS certification, finally I’m certified at the Associate level, 3 times over!

Photo 18-4-18, 1 16 13 PM.png

To date I’ve taken and passed:

  1. Certified Developer – Associate
  2. Certified Solutions Architect – Associate
  3. Certified SysOps Administrator – Associate

AWS has a nice road map, so I just re-purposed the following image off their site:


I’m told that the Professional level exams are much harder, but that’s a post for another day…


Docker containers can’t resolve DNS

I’ve recently switched over to using Docker for dev. work on a Windows 10 host, and it’s worked pretty well. Today, apt-get somehow stopped working; e.g.,

...RUN apt-get update && apt-get install...
---> Running in ...
Err:1 xenial-security InRelease
Temporary failure resolving ''
Err:2 xenial InRelease
Temporary failure resolving ''
Err:3 xenial-updates InRelease
Temporary failure resolving ''
Err:4 xenial-backports InRelease
Temporary failure resolving ''
Reading package lists...
W: Failed to fetch Temporary failure resolving ''
W: Failed to fetch Temporary failure resolving ''
W: Failed to fetch Temporary failure resolving ''
W: Failed to fetch Temporary failure resolving ''
W: Some index files failed to download. They have been ignored, or old ones used instead.

This post suggests it might be DNS-related, so I changed it from the (default) Google DNS config to Cloudflare’s. Google’s seem to have been (very recently) blocked for whatever reason. Here’s how my Settings -> Network looks like now: