The Cloud is becoming an increasingly prolific part of modern IT environments. It’s cheap, secure, and offloads responsibilities like patching and hardware maintenance to a third party. Unfortunately, the cloud remains largely misunderstood, even by industry “experts”.
The Starting Line
My AWS knowledge was very limited when I began the certification process. I had previously created a basic forensics lab using EC2 VMs and had pointed an S3 bucket to a static website. Every other service was foreign, as was the concept of “solutions architecture” in general.
AWS offers over 150 unique services. The challenge is figuring out how to use these services and combine them strategically. The CSAA certification covers five “domains”:
Specify Secure Applications and Architectures tests knowledge of basic AWS security. Services like KMS (encryption), VPC (networking), and IAM (users and groups) make up 26% of your score. Some of these concepts may be hard to grasp at first but are critical for a cloud architect to understand. Over 100 million credit applications were stolen from a CapitalOne AWS server due to a WAF misconfiguration.2 Another key driver of enterprise cloud adoption is cost. 10% of your score is based on your ability to Design Cost-Optimized Architectures. This requires knowledge of different S3 storage tiers, EC2 pricing models, etc.
Last is Defining Operationally Excellent Architectures. Many exam scenarios present multiple “correct” answers and ask you to pick the “best” one (cost optimized, fault tolerant, etc.) This domain is similar to the 2nd and is worth 6% of the exam score.
One of the best ways to learn is through hands-on experience. Setting up an AWS account takes five minutes. For a full year, every AWS account gets 750 hours of free RDS and EC2 service per month, 1 million lambda requests, and 5GB of S3 storage. There are other free services offered and there are limitations. For example, free EC2 instances are stuck at 1GB of RAM. Check out the official AWS Free Tier page for more details.
Once you create an account, start experimenting! You might be surprised how much you can do for free. I recommend setting up billing alarms just in case. Here’s an idea for a lab you can try: let’s say you have a
1000x1000 image sitting in an S3 bucket. Combine a handful of AWS services to make it so you can easily view that same image in
200x200, and so on. Here’s an example of what that might look like:
QwikLabs is a great source for walkthroughs on this and other labs.
Most of my time studying was spent by watching online lectures. You can find a surprising amount of quality content for free through sources like Github and YouTube.
• https://github.com/open-guides/og-aws • https://www.youtube.com/watch?v=0UZkc3q_DWI
My employer footed the bill for an ACloudGuru account, which was tremendously helpful. The video lectures were entertaining, easy to understand, and covered every AWS technology I saw on the exam.
• Computing (EC2, Lambda) • Storage (EBS, EFS, S3) • Databases (RDS, DynamoDB, Redshift) • Scalability / Load Balancing (Beanstalk, ASG, CloudFormation) • Networking and Security (VPC, Route53, IAM, Cognito) • Monitoring (CloudWatch, CloudTrail, Flow Logs) • Miscellaneous services like SNS, SQS, SWF, Kinesis, and much more
ACloudGuru also has quizzes at the end of each section as well as two full-sized practice tests that I feel accurately portray the types of questions you’ll see on the real test.
Below is an example of a question you might see on the exam:
Jim’s Pizzas is looking to store copies of customer receipts in the cloud. Receipts should be stored in a highly available and quickly accessible system. Receipts should be automatically deleted after a month. Which of these storage solutions best fits the client need?
A. Glacier B. S3 C. EBS D. DynamoDB
Some questions, such as those in the
Final Exam & Summary
The CSAA exam must be taken at an in-person test center (e.g. Pearson VUE). The test takes around 2 hours to complete and is 65 questions long. Questions are almost entirely scenario-based and might need to be re-read a few times before they are fully digested.
There were no “surprises” on my exam in terms of content or formatting. A variety of services and architectural applications were covered. A few of the more popular services (EC2, S3, RDS, and VPC) were more heavily focused on, but that’s only natural. I finished the test within about an hour and spent the next thirty minutes reviewing questions I didn’t feel great about. Upon finishing the exam, I was given a “PASS”, but had to wait 24 hours before receiving a detailed score report via email.
Overall, I enjoyed the CSAA experience and am excited to start on the CSAP next year. I think this is a great certification for anyone who wants to expand their knowledge of the cloud and become a more marketable IT expert. It’s incredibly popular, meaning an abundance of free and commercial training options. The test is not incredibly long or tricky and does a fantastic job of testing practical knowledge of key AWS services – and at only $150 , you get incredible bang for your buck.
_______________ < Sw33tRoll @W$ > --------------- \ \ . .---. // Y|o o|Y// /_(i=i)K/ ~()~*~()~ (_)-(_) Darth Vader