AWS Certified Solutions Architect - Professional (SAP-C02) Domain 2

Design for New Solutions

Official Exam Guide: Domain 2: Design for New Solutions

Skill Builder: AWS Certified Solutions Architect - Professional Exam Prep

---

Domain Overview

Domain 2 (29% - largest domain) focuses on deployment strategies, business continuity, security controls, reliability, performance objectives, and cost optimization for new solutions.

---

Task 2.1: Design a deployment strategy to meet business requirements

Knowledge Areas:

• Infrastructure as code (CloudFormation)
• CI/CD pipelines
• Change management processes
• Configuration management (Systems Manager)

Essential Documentation:

• AWS CloudFormation User Guide
• AWS CodePipeline
• AWS Systems Manager

---

Task 2.2: Design a solution to ensure business continuity

Knowledge Areas:

• AWS Global Infrastructure
• AWS networking (Route 53, routing methods)
• RTOs and RPOs
• Disaster recovery scenarios
• DR solutions on AWS

Essential Documentation:

• Amazon Route 53 Developer Guide
• Reliability Pillar - Well-Architected
• AWS Elastic Disaster Recovery

---

Task 2.3: Determine security controls based on requirements

Knowledge Areas:

• IAM
• Route tables, security groups, network ACLs
• Encryption for data at rest and in transit
• AWS service endpoints
• Credential management
• AWS managed security services (Shield, WAF, GuardDuty, Security Hub)

Essential Documentation:

• AWS IAM User Guide
• AWS WAF Developer Guide
• Amazon GuardDuty User Guide
• AWS Secrets Manager

---

Task 2.4: Design a strategy to meet reliability requirements

Knowledge Areas:

• AWS Global Infrastructure
• AWS storage services and replication
• Multi-AZ and multi-Region architectures
• Auto scaling policies
• Application integration (SNS, SQS, Step Functions)
• Service quotas and limits

Essential Documentation:

• Amazon EC2 Auto Scaling
• Amazon RDS Multi-AZ
• AWS Step Functions

---

Task 2.5: Design a solution to meet performance objectives

Knowledge Areas:

• Performance monitoring technologies
• Storage options on AWS
• Instance families and use cases
• Purpose-built databases

Essential Documentation:

• Amazon CloudWatch
• Amazon EC2 Instance Types
• Amazon DynamoDB
• Amazon ElastiCache

---

Task 2.6: Determine a cost optimization strategy

Knowledge Areas:

• AWS cost monitoring tools (Cost Explorer, Trusted Advisor, Pricing Calculator)
• Pricing models (Reserved Instances, Savings Plans)
• Storage tiering
• Data transfer costs
• AWS managed service offerings

Essential Documentation:

• AWS Cost Management
• AWS Savings Plans
• Amazon S3 Storage Classes

---

AWS Service FAQs

• AWS CloudFormation FAQs
• Amazon Route 53 FAQs
• AWS Auto Scaling FAQs
• Amazon RDS FAQs

---

Study Tips

1. Master CloudFormation - Understand stacks, nested stacks, StackSets for multi-account/region, change sets, drift detection.

2. Learn DR strategies - Match RTO/RPO requirements to appropriate DR strategy (backup/restore cheapest but slowest recovery, multi-site fastest but most expensive).

3. Understand security layers - Defense in depth: VPC isolation, security groups, NACLs, WAF, GuardDuty, encryption, IAM policies.

4. Practice performance optimization - Caching (CloudFront, ElastiCache), right instance types, purpose-built databases, auto-scaling.

5. Study cost optimization - Storage tiering, Reserved Instances vs Savings Plans, data transfer costs, rightsizing.

---

Note: This is Domain 2 of 4, representing 29% (largest domain) of exam content.