AWS Developer certification – Associate level

The Developer certification exam is interesting, in that it covers in detail the AWS best practices for CI/CD, Continuous Integration / Continuous Delivery and Deployment, which is very nicely covered in the following white paper: Practicing Continuous Integration and Continuous Delivery on AWS, with the subtitle: Accelerating Software Delivery with DevOps. (I am referencing the June 2017 version of this white paper.) This document is well written, of especial interest to Software Engineers. While Development is the principal component of this certification (30%), there are altogether five domains:

  1. Deployment (22%)
  2. Security (26%)
  3. Development with AWS Services (30%)
  4. Refactoring (10%)
  5. Monitoring and Troubleshooting (12%)

Some of these domains overlap with other certifications. For instance, the 2nd domain, Security, is covered in detail in the Security Specialty exam, which I passed in December 2019 (and described in this post from Dec 3, 2019), and all the domains refer to the knowledge contained in the Solutions Architect certification (which I passed in the spring of 2019; see this post). However, I had to acquire a lot of new knowledge. For instance, the certification assumes advanced knowledge of some programming language, and since the Python3 SDK is one of the best developed AWS SDKs, I studied to become familiar with boto3, the AWS SDK for Python3; see here.

Of course reading manuals to understand boto3 is boring; I suggest to find a project that you always wanted to implement, and work on that. The excitement of building an application helps with the learning of a new tool. I worked, topically, on a pandemic simulator and an url shortener (which I called Tout Court) as I always wanted to have my own bit.ly application.

In order to develop both applications, I used a set of AWS tools that are covered in depth in the Deployment and Development domains: Cloud9 for writing the code (I was happy to find out that Cloud9 has a “Vi Editor” mode), I used GitHub instead of CodeCommit, but GitHub can be integrated into the AWS development environment, CodeDeploy in order to automate the deployment of the applications, and CodePipeline to bind it all together. X-Ray is an important tool for the exam, and helps to isolate “bottle-necks” in your application.

Refactoring is an interesting concept. It means to re-architect or re-imagine an existing solution but leveraging cloud-native capabilities. I learned quite a bit about it from Ahead in the Cloud: Best practices for navigating the future of enterprise IT, by Stephen Orban from AWS.

As AWS certification requires a significant investment of time (for me at least), it is important to understand why one does it. In my case, as a Computer Scientist, I believe it is important to systematically acquire new knowledge, as ours is a fast developing field. I also find the AWS curriculum very well designed, interesting, in-depth, and I have become fascinated by the new paradigm of Cloud Computing. Finally, the most important reason for me is to be able to bring this expertise back to campus, and share with students, and given them an edge in the job market upon graduation.

AWS re:Invent, Las Vegas, 2019

I am attending my first AWS re:Invent conference, Las Vegas December 2-6, 2019.

The conference is enormous, with over 60,000 attendees who command most of the big resorts on the strip.

Yesterday I participated in a Security Certification Bootcamp (proper name AWS Certification Exam Readiness: Security – Specialty) and this morning I wrote the certification exam proper; three hours long, 65 questions, and I had 3 minutes to spare at the end. Let’s face it, the exam is hard, and requires studying. I was successful, but it required steady studying over the last 3 months. The AWS certification exams are challenging, but one does learn a lot. As an academic the hardness of the exams is a good thing as it says that this material has a legitimate role to play in academia, especially as we make it accessible to our students, and deploy it toward our research.

How did I prepare? In addition to reading the requisite white papers (such as Introduction to AWS Security Processes and AWS Best Practices for DDoS Resiliency), I was fortunate enough to have access to the Cloud Guru training in security. Their 10 to 15 minute lessons in all the topics are easy to absorb, and the summaries and quizzes are a good preparation for the exam.

I have been teaching Cybersecurity for over a decade, but the AWS security exam is not about foundations of Cybersecurity — it is about how to use AWS tools in order to achieve security objectives; this kind of knowledge arises not from learning principles or cryptography (although that does help too!), but rather from in-depth familiarity with AWS tools, such as CloudTrail, Inspector, Macie, Athena, CloudWatch, KMS, and many many others. My plan now is to incorporate this knowledge into our CI class in Cybersecurity, COMP 524, so that students will have knowledge of fundamentals as well as an understanding of security in the (relatively new) paradigm of cloud computing. COMP 524 students will have the additional benefit of covering the content of the certification

I should also say that even though foundational knowledge such as cryptography is not tested directly, it is nevertheless helpful. For example, a good portion of the exam relates to keys, specifically AWS KMS. It is much easier to remember when symmetric keys are used (e.g., S3 encryption with AES256) rather than asymmetric keys (i.e., public keys, e.g., key pairs to SSH into EC2) when one actually understand the difference between the two. Or, for example, why hashing of encrypted logs in S3 can help with data integrity measures for backups.

The Bootcamp that I took the day before was perhaps the least helpful toward success in the exam. I would suggest to take the bootcamp at the beginning of your studies toward passing the certification exam, as a quick bird-eye overview of what needs to be mastered. I sat through the bootcamp listening to what I knew already, without the possibility of going more in depth (we had 4 hours total), and without the audience being able to ask questions, as the instructor was rushing to cover the material.

Quick Tip: AWS is uncanny in its rolling out of new tools and features, most really captivating and useful. However, keep in mind that a tool or feature that is younger than 6 months will likely not make it to the exam. As I understand, the exam process is too exacting to be done quickly, and hence it take some time before new material is incorporated.

AWS update

Recently, Computer Science at CI, has made several new connections with AWS:

  • We are an approved member of the AWS Academy and we are authorized to deliver the AWS Academy Cloud Computing Architecture curriculum. I am the Central Point of Contact (CPOC), so if anyone is interested in being nominated to be an AWS Academy instructor at CI, please get in touch with me. [letter]
  • We are part of the AWS Educate initiative, and we were able to offer our COMP 529 students accounts with some credit. Note that an issue with AWS training accounts is that they close after the course is finished; to those students who are able, I would suggest to open your own (or your company’s) account so that as you learn the material you can build your own permanent infrastructure. A compromise is to build the initial infrastructure on a training account, and use “CloudFormation” to export it for re-instatement elsewhere.
  • Almost finished teaching COMP 529, “Cloud Computing,” for the first time using the AWS resources. We used the AWS Certified Solutions Architect official study guide .
  • I have been selected for the AWS Cloud Ambassador program, which offers educators recognition, professional development, and exclusive benefits for helping students learn about the cloud.
  • I have completed by own AWS certification as a Solutions Architect.