My personal motivation
I have invested heavily in my VMware certifications the past few years and managed to become certified at the highest level after becoming VCDX-DCV #252 in May of this year. This was a personal mission and I absolutely love VMware technology. However, I am also very passionate about cloud computing. I have been building the cloud practice at ITQ. We are doing great things for service providers in the vCloud Air Network program but helping enterprises successfully adopt VMware public cloud technology has been challenging. I was ecstatic when VMware announced their partnership with AWS last year at VMworld.
I know criticasters are sceptic about the necessity of extending the VMware based infrastructure layer into AWS data centers but I firmly believe a lot of our customers will love the idea of simply vMotioning a workload into the AWS cloud … and back. Reality is, most enterprise data centers are running traditional n-tier apps. Moving these apps into a public cloud is not as easy as it sounds. I also expect these customers wanting to do more and more with native AWS services. So, being able to architect a hybrid cloud solution with VMware technology on-premises, VMware technology in AWS and native AWS services is the next logical step for me.
Ryan Kroonenburg from Acloudguru recently published an amazing animation of Gartner’s MQ for IaaS providers, which shows how the market evolved over the past few years. Amazon’s dominance is incredible. They are the clear leader in the public cloud space and my guess is they will remain there for years to come. Check out the animation here: https://www.youtube.com/watch?v=0fE2Dxl1BOc&index=1&list=PLI1_CQcV71RmeydXo-5K7DAxLsUX6SVhL. For me personally, this clearly shows investing in AWS certification is a solid choice.
OK, where to start?
My strategy for this certification is basically the same as with any other IT certification. First step is to have a look at the exam blueprint or exam guide as Amazon calls it. Amazon collects all relevant exam information and recommended steps on an exam preparation website.
This page provides the exam guide at Step 2 but it is also available directly at https://aws.amazon.com/certification/certified-solutions-architect-associate/. The most relevant portion content-wise is the “Contents limits” section. This states the following objectives:
1 Designing highly available, cost-efficient, fault-tolerant, scalable systems
1.1 Identify and recognize cloud architecture considerations, such as fundamental components and effective designs. Content may include the following:
- How to design cloud services
- Planning and design
- Monitoring and logging
- Familiarity with:
- Best practices for AWS architecture
- Developing to client specifications, including pricing/cost (e.g., on Demand vs. Reserved vs. Spot; RTO and RPO DR Design)
- Architectural trade-off decisions (e.g., high availability vs. cost, Amazon Relational Database Service (RDS) vs. installing your own database on Amazon Elastic Compute Cloud (EC2))
- Hybrid IT architectures (e.g., Direct Connect, Storage Gateway, VPC, Directory Services)
- Elasticity and scalability (e.g., Auto Scaling, SQS, ELB, CloudFront)
2.1 Identify the appropriate techniques and methods using Amazon EC2, Amazon S3, AWS Elastic Beanstalk, AWS CloudFormation, AWS OpsWorks, Amazon Virtual Private Cloud (VPC), and AWS Identity and Access Management (IAM) to code and implement a cloud solution. Content may include the following:
- Configure an Amazon Machine Image (AMI)
- Operate and extend service management in a hybrid IT architecture
- Configure services to support compliance requirements in the cloud
- Launch instances across the AWS global infrastructure
- Configure IAM policies and best practices
3 Data Security
3.1 Recognize and implement secure practices for optimum cloud deployment and maintenance. Content may include the following:
- AWS shared responsibility model
- AWS platform compliance
- AWS security attributes (customer workloads down to physical layer)
- AWS administration and security services
- AWS Identity and Access Management (IAM)
- Amazon Virtual Private Cloud (VPC)
- AWS CloudTrail
- Ingress vs. egress filtering, and which AWS services and features fit
- “Core” Amazon EC2 and S3 security feature sets
- Incorporating common conventional security products (Firewall, VPN)
- Design patterns
- DoS mitigation
- Encryption solutions (e.g., key services)
- Complex access controls (building sophisticated security groups, ACLs, etc.)
- Amazon CloudWatch for the security architect
- Trusted Advisor
- CloudWatch Logs
3.2 Recognize critical disaster recovery techniques and their implementation. Content may include the following:
- Disaster recovery
- Recovery time objective
- Recovery point objective
- Amazon Elastic Block Store
- AWS Import/Export
- AWS Storage Gateway
- Amazon Route53
- Validation of data recovery method
4 Troubleshooting Content may include the following:
- General troubleshooting information and questions
I have a pretty sound understanding of the common AWS services but unfortunately I have not had the amount of exposure to AWS to get beyond the basics. I am kind of starting from scratch here. My first source is the awesome online video training by Ryan Kroonenburg from Acloudguru. His lectures are absolutely amazing. I am only a couple of hours into the series but I am loving it!
AWS Free Tier
My second choice is obviously doing labs in the AWS Free Tier. Read my previous post about getting signed-up and securing your AWS root account. Nothing beats hands-on experience! Again, the lab guidance from Acloudguru is very helpful here.
AWS Certified Solutions Architect Official Study Guide: Associate Exam
I am hoping to pick up a more formal study guide or book soon. I am looking at the Official Study Guide but any tips are more than welcome! I am also contemplating taking the “Architecting on AWS” classroom training.
Architecting on AWS official training
This is a 3-day instructor led training. I am fairly convinced I would be able to finish this certification track successfully without a formal classroom training but simply getting three full days of dedicated study time is priceless on itself.
Amazon publishes excellent whitepapers on their services. They are available as Kindle ebooks and as PDF documents at https://aws.amazon.com/whitepapers/. The exam preparation website provides some guidance about which whitepapers to focus on:
Finally, it is highly recommended to the FAQ documents mentioned at step 5:
I will continu blogging about my journey to become a certified AWS Solution Architect … so keep posted!