37. The Path to AWS Certification

Rich: In episode 37 of Mobycast, we discuss the process of becoming AWS certified. Including a few tips on how to prepare and pass the exam. Welcome to Mobycast, a weekly conversation about containerization, Docker and modern software deployment. Let’s jump right in.

Jon: Welcome to another episode of Mobycast. Welcome, Chris. Welcome, Rich.

Chris: Hey.

Rich: Hey guys.

Jon: Rich, what have you been up to?

Rich: We’re heading towards the end of the year and we got little projects that are with anticipated launches before the New Year so I’m just navigating that world, the crunch time of the end of the year closing in. that’s pretty much it and it’ll probably be like that for the next couple of weeks.

Jon: Yeah, same here. There’s always that crunch time at the end of the year. It’s like demos and conferences are happening at the beginning of the year and people want to solve or finish. What about you, Chris? What have you been up to?

Chris: I’m just trying to stay out of trouble. I’m really busy with various projects and have been busy lately. I’m taking another certification exam which is what we’re going to talk about today.

Jon: Yeah, very cool. I’m so stoked that you got another certification a couple of days ago. I, too, am working towards a sort of my very first certification so you’ve got a bucket. You got a hat trick worth of certifications, isn’t that right Chris?

Chris: I do. This was number three.

Jon: Right on. Yeah, I’ll be getting my first hopefully at re:Invent unless I fail which is a real possibility. So let’s not rule that out.

Chris: But hopefully after today’s podcast, you’ll have some tips and tricks that will make that less likely a possibility.

Jon: Exactly. So yeah, let’s just start talking about certification in general. Maybe give us the 101, Chris.

Chris: Like a lot of other large companies in the industry, you have folks that are working as consultants or vendors in that space. Certifications are a really great way of establishing just baseline knowledge mastery of various topics and areas in those specialties. Having a certification that say, “Yup, this person has that knowledge and is the right person to do that specific field of work.”

AWS has its own certification program. There’s nine certificates now in their program with all various different levels and covering all the various topics as well. Like we’ve talked about in previous episodes how AWS is AWS is so large and so many services, they keep innovating and throwing those stuff at you, likewise their certification program seems to continue to grow, and it keeps getting bigger as well just to reflect the fact that there’s just more and more stuff to know.

For each one of these certification programs that they have, it starts up with a blueprint and that blueprint is really just an outline. It’s a syllabus for like, “This is the material that the certification is going to cover.” so someone that takes this exam, passes this exam, they’re going to be masterful in accordance with that blueprint, that outline of knowledge of the various services, and techniques, and principles that are outlined in that blueprint.

There are four different types of certification. You have a foundational level. Currently, there’s one at the foundational level, and that’s the cloud practitioner certificate. This is really kind of the entry level, it covers a very broad scope of the various AWS services, and it also does not go very deep—it’s very foundational. It’s kind of a great way for anyone to start, in their process of becoming AWS certified, start with the cloud practitioner.

Jon: I did a practice test of the cloud practitioner at one point. I’ve spent a lot of time around AWS, I’ve been using it for years, I’ve never had really studied it other than what I’ve learned from you throughout this Mobycast and my own usage, but I never actually applied myself to studying it. I discovered that—in a practice test on the cloud practitioner—I would have been likely to pass that certificate. It definitely, is sort of very general knowledge about how AWS works. If you have some experience around it, probably you don’t need much study on that one.

Chris: Absolutely. if you’ve been using AWS for a year or two and you actually got your hands dirty and have actually built some things with it, you know what VPCs are and, how to basic setup with them, and you understand IM and S3 and RDS and whatnot—if you have that basic foundational knowledge, you’ll do just fine on the cloud practitioner one, so that’s the foundational level.

The next level is the associate level. There are three certificates at that level. They have one for solution architect, one for developer and one for SysOp. Each one of those are covering different facets of the various domains, solution architect is more broad-based and definitely concentrating on overall architecture of applications running in the AWS cloud and what are the best practices and principles there, what are the major components to use. Things like VPC and S3 and RDS and IM, kind of understand a little bit about hybrid, so on-prem and cloud working together, that’s the kind of material we cover with that.

Developer obviously more developer-focused. So like the API calls, the developer building block services like SQS and things like getting deeper into databases like Dynamo and whatnot. Then SysOp is obviously something more for system administrators. A lot of the management aspects of running cloud services, security, provisioning and just the overall health of that. Definitely very broad-based exam of all the various tools and management apps that you can use for provisioning, monitoring and optimizing your cloud architecture. That’s the associate level.

Above that is the professional level. This is definitely a big step up from the social level. There’s two professional level certificates: one for solution architect and the other one is for DevOps. The DevOps is really kind of combination obviously from the developer and then the SysOp and then the solution architect. Definitely a step up from the solution architect at the associate level.

The associate level is really kind of demonstrating more like just the basic knowledge and understanding of the services versus the pro level is kind of more about applying that knowledge. The questions are much more in-depth and again, is really kind of gauging your ability to apply the knowledge, not just to kind of repeat it back and show that you understand it. Then the last certificate is the specialty certificates. There’s three of them currently: there’s one for security, there’s one for advanced networking, and there’s one for big data.

These are obviously very narrow in scope, but they go extremely deep. If you’re taking the security specialty exam, you’re going to know everything about security inside and out inside of AWS and likewise for the for the other two. They’re really good add-ons for when you want to specialize in a particular domain.

Jon: That’s a pretty good overview of all the different types of certifications. The reason that we started down the path of getting these certifications wasn’t really for any other reason than it was a requirement for Kelsus to level up in the AWS partner program. As a company, we felt like being AWS partners could lead to us like just frankly, a better sales pipeline. It may at some point but at this point, we’re still on that journey. The journey involves lots of AWS certification. I think that’s one of them. For consulting companies, in particular, I think that’s one of the main reasons that they go down this path.

But there are probably a few other reasons, for individuals, there are other reasons that you get certified. Like you said in the beginning, just demonstrating your skill in a particular area. Can you think of any others are a major blanket reasons on why you get certified?

Chris: Yeah. I mean one of the things for me personally, the reason why I’m motivated to do that is because it really is a useful process and that it’s forcing me to learn about other services and features that perhaps you haven’t used. It makes your AWS knowledge much more complete. Again, we’ve talked time and time again about how new services are being rolled out all the time, existing services are continually evolving and really changing pretty rapidly, and it’s so easy for us to kind of get stuck in a rut, stay with what’s comfortable.

If you’re not careful, you’re going to find out that you’re way behind. You’re down the road type things. Doing these exams kind of really keep forces you to stay on top of mind on this stuff, learn about things that you maybe didn’t know about or you maybe heard people whisper about and you have a vague idea but not really understanding what it is. Going through this process will really force that issue for you.

Jon: Chris, I think that’s a really great point. As I’ve started to go through this process, I’ve realized that that’s true too. I will say to listeners out there that you may the experience of, “Oh, we’re going to use this service,” maybe it’s like Cognito, you’re going to use Cognito to do some user stuff with your mobile app. If you’ve made that decision, you know you’re going to do that, it is absolutely okay to go and figure out Cognito on the fly and use it, and you’ll succeed, and you’ll be fine. You’ll create a service that works.

There may be a few times where you’re surprised like, “Oh gosh, why isn’t this working the way I expected it?” but you’ll get through it. What Chris is getting at is something kind of different and I think it’s unique to AWS and it’s purely because of its size. As I’ve been going through this, I have been like, “I didn’t know you could do that.” Or, “What a way to move this amount of data around, or secure something in that way, or just run workloads in ways that I hadn’t thought of before.”

It’s just because I had a lack of awareness of some of the things that you could do. Now that I have an awareness, I feel like, “Well, I could have architected a perfectly valid system that did what it was supposed to do before. Now I can architect the same system with much more confidence that I’m doing it effectively.” The least cost and the most availability. I just don’t have to worry that I’m making mistakes or that I’m going to have be cautious. This certification really kind of gets you exposed to enough stuff and gives you some confidence. If you already have all the other skills of being a good solid developer and architect, this’ll push you over the top and make you comfortable inside the AWS, I would say.

Chris: Yeah, absolutely. This is one of those things where it just does not feel like it’s a road task where you’re just doing jumping through some hoops for a piece of paper. This is actually enriching and you’re just going to get better from it. From that standpoint, it’s been really rewarding.

Jon: This may actually be a good place, since we’re talking about why and what it’s like, a good place for me to mention a couple of things that were surprising to me as I’ve been studying. I’m studying for my solutions architect associate. It’s a lot harder than I expected it to be. It’s a struggle between, “Oh my god, there’s just a lot to memorize.” And, “Actually knowing this stuff is useful.” I sort of am always anti-memorization where possible. But sometimes, just having this stuff in your head makes it so you can save time later down the road.

I think that some examples of this come from some of the questions. I took a practice test and I noticed that a lot of the test questions I was like, “Oh yeah, I get this, I understand what they’re asking.” I can kind of make an intuitive guess at how it should work. Here’s one example, AWS has a thing called well-architected applications and it’s just a set of pillars that they say, “If you follow these pillars, you can feel comfortable that your applications are well-architected.” The test questions is like, “Below are some possible well-architected pillars, what are actually four of them?” and it said, “Security, reliability, performance-efficiency, cost optimization and availability.”

I was like, “Oh my god, yeah, AWS, they talk about availability so much so that’s obviously one. Performance efficiency sounds good, reliability sounds good, security also of course.” And I was like, “Probably not cost optimization because that’s important but it’s not really a key.” Just in my mind I was like, “That’s not really that much of a key to the actual software and the architecture,” but I was wrong. The one that’s not in there is availability. It’s just like a little bit of a, “Huh. You got to know this stuff.”

I think a better example though is one on SNS. It was asking questions about SNS and there are several different options for SNS and you had to choose which ones that SNS guaranteed. I remember seeing one option was like, “It guarantees that messages will be in a certain order and that there’s guarantee to be no duplicates.” Another option was, “They’re not guaranteed to be in a certain order, but they’re guaranteed to be no duplicates.”

I was like, “You know, if I was designing a queue system, that’s what I would go for.” I would say, we can’t really guarantee the order because this is distributed and maybe things will come in kind of a weird order, but we can definitely make sure that you do not have to worry about duplicates. I was like, “Woah, that’s actually wrong. It doesn’t guarantee that there’s no duplicates.”

Knowing that you might have duplicates in advance of writing your system and then testing it and then getting surprised when you get duplicates is going to save you a ton of time when you’re actually working on your system. Those are just two examples out of literally dozens of things where the answer that you feel like might be intuitive is not necessarily the right answer.

Just to make one more value statement about AWS, I kind of feel like that comes out AWS’s whole wacky user experience in the first place. It’s not an intuitive user experience in the console. I think that that lack of intuition like the lack of, “I bet it works like this.” is everywhere inside of AWS. They often will make choices where the way that AWS works is really based on how it’s put together and what’s most efficient and not necessarily on how you would expect it to work.

Chris: Yeah. Again, this is one of the really useful things of going through this process and studying for an exam and taking it and passing it. You are kind of forced to understand the nuances and the gotchas of these things. Understanding what your options are with SQS, what a visibility time […] is and is it possible that messages can be received more than once, and do you have that guarantee, and what about order of delivery, what are the options there versus something like SNS that does guarantee single delivery of messages. But it’s a different technique. Going through this process really forces that issue, you learn about it. It rounds you up before you may have been at 80% level and now this takes you up to 92% or 93%.

Jon: Right. And you spend like 10 or 15 hours studying for the exam instead of 25-32 hours troubleshooting your broken system.

Chris: Yeah, absolutely. Again, coming right back to the fact that this is actually useful. It’s really not just for the sake of saying like, “Hey, I’m certified.” You’re becoming much better and becoming more valuable with your skill set.

Jon: Are we ready to talk about preparation?

Chris: I think so. We’ve covered the basics of what AWS certification is, the various types, and the material that it covers. Yeah, maybe we should talk a little bit about just preparation and kind of what that looks like.

First and foremost, definitely the foundation here is a real-world experience with AWS. Maybe you can do it with cloud practitioner, but I definitely would not take any of the other exams without actually just hands-on experience of using AWS. Otherwise, why would you be doing this to begin with? You’re probably taking it for the wrong reasons. We definitely stress that you have been using AWS, and then also as you go through the process of preparing, go in and use AWS to brush upon the areas that are new to you, play around with them, experiment with them and build some prototypes and really understand how they work. There’s no substitute for actually using the services themselves.

That’s definitely a foundational aspect of preparation. Beyond that, I mean obviously, we talked about the exam blueprints; reading the blueprint, understanding the material that’s being covered and then there are some options for training. AWS has its own AWS-led training courses. They’re pretty pricey but you are getting it from the experts, and there is the opportunity there to have someone that you can ask questions of real time. That’s an option for folks if that might be something that they prefer.

Me, personally, I found some online courses have been just perfect for this. In particular, I really like A Cloud Guru. This is a company that really has built themselves into a pretty big business now. They’re really focused around certification exams. I think they did start with AWS, now they’ve branched out into like Google and Azure as well. But I think they started with AWS and it really was about just the certification process and put together courses that were really aimed at helping you prepare for these certification exams and passing them.

I have to say, I’ve used it now for all of the exams that I’ve taken, and they’re uncanny and really making sure they give you exactly what it is that you need and what you should be focused on for the exam itself. For me, this is a non-negotiable in preparing for the exam. Take the associated Cloud Guru course for it, and I can almost guarantee, if you go through all that material and understand it and retain it, you will pass the exam.

I don’t think I’ve yet come across in taking one of the exams and materials where I was like, “Oh, that wasn’t really covered in the Cloud Guru course.” it’s almost always been the opposite. It’s like, “Wow, this is like a really obscure question, but they really stressed this in the Cloud Guru course.” I just took the SysOps exam and one of the things in the Cloud Guru course that they hammered home was just the difference between with encryption keys. KMS only support symmetric keys versus if you need asymmetric key, so basically a public key, a private key type of scenarios, then you have to use CloudHSM which is a hardware security module offering.

It’s not multitenant, it’s single tenant. If you need to bring your own keys and you needed it to be asymmetric like CloudHSM is the way to go. It kind of feels a little obscure although I guess, for especially on-prem folks or people that have existing security requirements maybe not so obscure, but I think for us, and definitely for myself, that was a bit obscure. But there was absolutely a question on the exam specifically to that point.

Jon: It kind of goes back to the point I was making for 25 minutes when I was on my Soapbox is like, if you don’t know that and you go architect the system that depends on KMS and then you get halfway through and you’re like, “Oh my god, we can’t use our keys.”

Chris: Yeah, the big whoopsie that you really don’t want to have for sure. There’s other online courses out there, but again, literally I can’t stress how happy I’ve been with A Cloud Guru. Really clear and concise instructions. Definitely check it out. Other sources the preparation and AWS has a bunch of white papers, really good white papers. I think they’re probably just about 100 of these now. Obviously, you don’t have to go and look at all of them but there are some pretty foundational and ones that are more relevant to the exam that you’re taking—check those out.

The FAQs that they have for each one of those services are a great source of material for studying. Definitely things like the S3 FAQ, look at that. You should really know that inside and out. Same thing with EC2, IM, VPCs, those FAQs are definitely very useful in preparing for the exam.

Take the practice exams that are available. Jon, you mentioned you took the practice exam is a great way of just seeing where you stand and get an idea for the types of questions that they’re going to be asking on these exams. It’s a really great part of the process. Go do some preparation, once you feel like you’re ready, take the practice exam and see where you stand.

Jon: I think the A Cloud Guru courses, you could just jump right in and just start going through that material without taking a practice exam and then hold off and take it after you’ve been through some of that material. In general, sort of in my life when studying for things, if there ever is a practice exam, it’s always been, “Take the practice exam first, figure out what you need know and then go study that.” As opposed to, “Start studying then take the practice exam and then study more.”

The A Cloud Guru stuff is so right on point that it could be argued that unless you know what you’re doing, you’re definitely going to need to kind of study across everything. I might as well not waste your money failing in practice exam until you’re at least a little ready. A Cloud Guru also has like a beta exam.

Chris: Exam simulator.

Jon: Yeah, so if you’re a member of A Cloud Guru, if you buy your membership, you can do that as many times as you want for free. That’s another way to kind of take the temperature of your knowledge before spending too much time trying to learn.

Chris: Indeed, yes. I have not had a chance yet to play with that, but I plan too. We talked about preparation, maybe just real quick about the exam itself. All these exams are administered by a third-party PSI. You’ll go online, you’ll schedule your exam when you’re ready, you’ll pay your exam fee at that time, they’ll pick your time and date and then when the day comes, you’ll go to that to that on-site facility. They’re pretty strict on the rules for this.

It’s just short of a strip search going into this place. Things like watches and phones and all that kind of stuff, books, pieces of paper—all that is not allowed. You’ll hand over all your personal belongings, they’ll put it into a locked bag and you get to take the bag with you, so you don’t have to worry about your valuables being in someone else’s hands. But it is in a locked bag that you can’t access. You can’t wear big coats or jackets. This time around when I did it, I was wearing a very light jacket and during the exam I decided I was going to get a little warm so I took it off, put it on the back of my chair and they came over and interrupted me a few minutes later saying, “Sorry, if you’re going to take that off, you can’t be in the room. You got to get up and go move it outside the exam room.”

Jon: Did you put it back on?

Chris: I almost did. I was like, “Seriously?” I was just like, “Whatever. I’m in your world, I kind of feel like you’re the warden and I’m the inmate.” I did go outside the room and hang up my jacket and finished the exam. I get it, obviously, you want to have a very controlled environment and make sure that folks aren’t cheating and make sure that it’s fair and equitable and whatnot. It definitely kind of puts a little […] on the whole process. You kind of feel little bit like a criminal almost.

Jon: Right, not a trusted person.

Chris: Yeah. That’s something I didn’t expect there, if you got to an on-site facility to do it. If you are at re:Invent, they have so many opportunities. It’s five days’ worth of exams that you can take there on-site and definitely, a much different experience just from atmosphere and energy levels. I’ve taken the exams on-site at PSI and also at re:Invent and hands down taking it at re:Invent was so much better.

Jon: I want that executive experience where as I’m walking from one venue to another, they just sent someone with me to ask me the question as I walk on. I’m excited taking it at re:Invent too based on your advice. I do want to say that given what I’ve seen out of our own team—and hopefully, they’re listening to this—it’s a good idea to just get it scheduled. Just put it on the schedule if you know you’re going to do it, put it a month out, two months out, whatever you feel like you need to […] have the confidence that you’re going to study for it. If you put it two months out, my guess is you probably won’t really start studying until you’re about three weeks out so why bother.

Everybody needs that time pressure so just get it on the schedule. Don’t say, ” I’m going to study for this until I feel comfortable, then I’m going to schedule it.” because you’ll never get to it and that’s not a good strategy in life.

Chris: Yeah. Great, great point. That’s what I’ve been telling folks as well. I took my own medicine, so it’s been on my to-do list to get a few more certifications on my belt for the whole year. I keep saying, “Oh, I should do it, I should do it.” Every day is busy, and it comes and goes and it’s like, “I’ll do it tomorrow.” and just today becomes tomorrow, tomorrow becomes the next day and whatnot. About two weeks ago I was like, “I’m just going to go ahead and schedule it.” forcing function. I gave myself two weeks and yeah, that kind of puts a fire in you and gets it done.

Jon: Absolutely. Unless you have anything else, I think that’s a great thing to leave people with.

Chris: Yeah, I think so.

Jon: Cool. Thanks for sticking with us and listening to a little longer episode than usual but we had a lot to cover and yeah, talk to you again next week.

Chris: Alright, thank you.

Jon: Bye.

Chris: See you guys.

Jon: Bye.

Rich: Well, dear listener, you made it to the end. We appreciate your time and invite you to continue the conversation with us online. This episode, along with the show notes and other valuable resources is available at mobycast.fm/37. If you have any questions or additional insights, we encourage you to leave us a comment there. Thank you. We’ll see you again next week.