AWS (Amazon Web Services) Certification Roadmap

More and more companies are moving their workloads to the public cloud. To successfully make this shift, these companies need skilled professionals to design, deploy, and manage cloud computing applications. In the year 2020, AWS continues to be the leading public cloud provider, and hence an AWS certification can help you land a prime job in the field of cloud computing.

Here is a roadmap for you to become an AWS certified cloud computing professional. This article is based on the personal experience of our PGP-CC alumnus, Srinivasan Panchapakesan. Below is his brief introduction followed by the complete roadmap to become AWS certified professional.

My name is Srinivasan Panchapakesan (called as P.Srini), I have over 28 years of experience in the industry and I am presently working as ‘Executive Vice President’ at Hexaware Technologies Ltd. I am responsible for 2 key businesses and have over 5000 people in my group. I started my career as a developer with Ramco system in 1991 and was always passionate about technology and its impact on business and life. I have been with Hexaware for over 21 years now and I am a part of the management council which steer the organisation. 

I have been learning AWS for over 1.5 years now and for the past 6 months, I have significantly invested my personal time in learning and getting myself certified. The learning interest made me join ‘PGP-CC  – Post Graduate Program in Cloud Computing’, by Great Learning. It has helped me a lot with a structured and formal learning approach, and consolidation of learning through assignments, projects, quizzes etc. This course has helped me to stay focused, follow time commitments, develop a healthy competitive attitude with co-learners, and explore various services through hands-on lab exercises and assignments.

I intend to share some of my notes and tips that might be useful if you are focusing to get the AWS Solution Architect Associate Certification.

I recently took this certification and I must admit it was a little bit more challenging than I originally expected. I have been learning a variety of AWS services for the past 1.5 years and doing a Cloud Computing course with Great Learning, so I was optimistically expecting this practical exposure to be enough to get AWS certified. In reality, I had to spend a lot of time studying and fill some gaps on important topics or details that I had never dealt with earlier during preparations.

On this note, I will try to recap some of the topics I believe are important to know for this specific certification with a particular focus on things that I struggled a bit to remember or that I generally tripped over during the quiz simulations.

Hopefully, it will be helpful for you! 

Challenge your mind rather than knowledge

The AWS certification exam is a classic quiz where you have to pick one or more right answers. It is about 65 scenarios driven average to complex questions with multiple-choice to be responded within 130 minutes. Some questions will have more than one answer and you need to check all those right answers to have the question marked as a success.

All the questions are quite reasonable, if you understood the theory behind all the different AWS services and you know the most important details (in terms of costs, setup, options, configuration, availability, durability, etc.), you should be able to figure out the right answers.

I admit some questions might be tricky. For instance, I got questions where more than one answer seems to be correct, but you are expected to give one answer. In those cases, it might be helpful to try to reason by exclusion and look for all the answers that are definitely wrong. If this is still not helping you to come up to a definitive answer, you can still “flag” the question (yeah, that’s an option in the examination platform) and come back to it later with a fresh mind.

Managing your time will be important too. Try not to spend more than 2 to 3 minutes per question. If you feel you are spending too much time on a question, again, you can flag it and come back to it later when you have addressed all the others. In short, make sure you address all the questions you feel sure about and save some time to address and review the ones you are struggling with.

Study material and practice exercises

I used a number of different sources to prepare for the exam. The mandatory place to start with is the official AWS Solution Architect Associate certification page. On this page, you will find all the necessary details about the certification and links. The following are the key topics that could help you to prepare well.

• AWS_Well-Architected_Framework
• AWS-Reliability-Pillar
• AWS-Operational-Excellence-Pillar
• AWS-Performance-Efficiency-Pillar
• AWS-Cost-Optimisation-Pillar
• AWS-Security-Pillar

• AWS Services Overview
• Architecting for the Cloud – Best Practices
• AWS Storage Options
  • AWS Storage Options – S3 & Glacier
  • AWS Storage Options – EBS & Instance Store
  • AWS Storage Options – RDS, DynamoDB & Database on EC2
  • AWS Storage Options – SQS & Redshift
  • AWS Storage Options – CloudFront & ElastiCache
  • AWS Storage Options – Storage Gateway & Import/Export
• AWS High Availability & Fault Tolerance Architecture
• AWS Encrypting Data at Rest
• AWS Security
• AWS Disaster Recovery
• AWS Blue Green Deployment
• AWS Elastic Beanstalk Deployment Strategies
• AWS OpsWorks Deployment Strategies
• AWS Cloud Migration
• AWS Network Connectivity Options

Take into account that some practical experience/ knowledge with AWS is very important. Of course, you can understand all the concepts only at a theoretical level, but practice will be very important to fix those concepts in your mind and to understand why many details are important. So be sure you spend some time playing around with all the services you might not have used yet. In those cases, I found my lab exercises and project work at Great Learning to be helpful in consolidating theoretical learning into actionable experience and outcome. 

My Notes

Here’s a collection of notes that I took during my studies, somewhat organised by topic/service. Again, these notes don’t aim to be comprehensive but they might still be useful to recap some of the most important aspects of all the different services (that’s at least why I compiled this list for myself).

Key Services that I could remember being covered 

1. EC2
2. VPC
3. AZs
4. IAM
5. Keys, Encryptions
6. KMS
7. AMIs
8. S3
9. Glacier
10. Storage Gateway
11. RDS
12. DynamoDB
13. Elastic Cache
14. MySQL
15. AuroraDB
16. Athena
17. Kinesis
18. AWS Glue
19. Cloud Formation
20. Lambda
21. Batch
22. SNS
23. SQS
24. Step Functions
25. CloudFront
26. EBS
27. ECS /ECR / Docker / Fargate
28. Redshift
29. Cloudwatch
30. AWS Auto scaling
31. Cloud trail 
32. EFS

EC2

• Dedicated and Scheduled Dedicated Instances
• On-Demand instance costs
• IAM roles used in EC2 to communicate with other services and credential management
• Snapshots
• Instance requests (Spot, reserved etc)
• Instance types
• Tags
• Target group
• Encryption on EC2 EBS file system
• Ephemeral stores and data loss on restarts

VPC 

• Availability Zones(AZ)
• Regions
• DR compliance requirements in terms of distance(know when to use AZ and when to use Regions in terms of distance)
• VPC Endpoint
• VPC Peering
• Route table
• Internet gateway
• VPC NAT Instance, gateway
• Elastic IP
• Security Group vs NACLs
• AWS Bastion Host
• AWS Elastic Load Balancing – ELB
• AWS ELB Monitoring
• AWS Application Load Balancer
• AWS Network Load Balancer

S3

• Storage classes — especially S3-OneZone, S3-Infrequent Access
• S3-Infrequent Access but fast retrieval and costs
• Storing video in S3 Storage encryption — SSE-KMS, SSE-C
• Scenarios with strict encryption requirements
• How it can be used to store images that are easily reproducible
• How to efficiently store data for fast retrieval on S3
• Cross-region replication
• Remember that S3 is not a file system. Keep that in mind for questions where you need to select a file system between EFS, EBS and S3

Glacier

• When it is a good and cost-effective alternative to S3 or EBS/EFS
• Data retrieval times

EBS

• Know the difference with EFS
• Encryption on EBS either with AWS or Client master keys
• Know the different storage classes and when to use which(gp2, io1, st1, sc1) — e.g. for a data warehouse on ec2 instances or a legacy app with performance issues

EFS

• Understand the nature of this distributed file system and how it can be shared by hundreds on EC2 instances
• When to use EFS instead of EBS

AWS Security

• Security groups(SG) — the concept of stateful inspection and that they can only allow rules
• Network Access Control Lists(NACL) — the concept of stateless inspection and that they can allow and deny rules
• SGs vs NACLs
• Restricting access between subnets that share the same SGs

Disaster Recovery on AWS

• DR compliance requirements

Hybrid Architectures — On-premise & Cloud

• AWS as the primary site
• On-premise as the primary site

Auto scaling groups

• Scale-out and Scale-in concepts
• Cost optimisation
• High-availability and fault tolerance

Elastic load balancing

• High availability(HA) concepts 
• Combination of cost-effective but HA requirements
• Web applications and ALBs for fast scale-out architectures

AWS Lambda

• Building APIs using lambda and API gateway
• Used as Microservices
• Know how lambda scales
• How it can be used in web applications or not
• Know the lambda timeout limits when presented with a solution that will use lambda as a batch data processing component

DynamoDB

• Table partitioning
• Performance and Cost optimisation
• DynamoDB Accelerator (DAX) — in-memory caching to improve performance
• How RCUs and WCUs work per table
• How partition and sort keys work
• How it can store web session data  

Elastic Container Service

• Web applications and containers

ElastiCache

• When to use it to improve performance on the Web or Data layer
• When it is not a good choice

RDS — MySQL, Aurora

• Database User Management
• IAM users integration with RDS
• Using SSH to log in to MySQL on RDS
• How read-replicas work and their data consistency 
• Multi-AZ database deployments
• Know the concept only of migrating MySQL/Postgres to Aurora

Route53

• Failover/Weighted/Latency routing
• Using DNS failover in a Disaster Recovery scenario
• How Route53 and Load balancing are different in terms of high-availability

SQS

• Stateless web applications
• Decoupling the database from overloading front end requests 

CloudFront

• Static and dynamic web sites’ availability around the world
• How to restrict access to the distribution to specific users — signed URLs

CloudFormation

• Nested templates and how they can improve security

CloudWatch

• Review EC2 audit trails by pushing data in CloudWatch

CloudTrail

• How to collect operational logs from AWS services especially EC2 and push to CloudWatch

Kinesis

• Data Analytics and how to use it to run SQL on real-time data

• Firehose, when to use to load large volumes of real-time data 

Elastic BeanStalk

• Building an EC2/ELB/Auto-Scaling/RDS alternative requiring minimal administration

• Docker containers on Elastic BeanStalk

AWS IAM

• AWS IAM Role
• IAM Role – Identity Providers and Federation
• IAM Policy and Permissions
• AWS IAM Roles vs Resource-Based Policies
• AWS IAM Best Practices
• AWS Key Management Service – KMS
• AWS Web Application Firewall – WAF

This is not a difficult one but definitely needs a good amount of practice. I wish everyone all the very best.

These notes, coupled with the PG program in Cloud Computing by Great Learning, and the right attitude are a sure-shot way of clearing an AWS certification if you want to pursue a career in the cloud domain.