Tips to Clear Solution Architecture Professional Certification (AWS, Azure, GCP, or OCI)
The Path to Cloud Solution Architecture Professional Certification
Author: Monowar Mukul (AWS Certified Solutions Architect Professional, GCP Professional Cloud Architect, Azure Solutions Architect Expert )
Co-Author & Reviewer: Nassyam Basha (Oracle ACE Director, OCM)
Introduction:
The journey is challenging and rewarding for professionals seeking Cloud Solution Architecture Certification. Drawing from over two decades of experience in Information technology and attaining all four major public cloud service provider Solution Architecture Professional Certifications, I understand the dedication and preparation required for success. This article will guide you through the critical services and knowledge domains you must master to excel in your certification pursuit.
Each major cloud service provider brings its unique strengths and services. To prepare for the certification, it’s crucial to understand these core services and how they interconnect deeply. You can start with a single cloud (preferably AWS), understand the major areas clearly, and then use your knowledge for the other cloud providers one by one. From the top level, they provide more or less similar services.
Understand the Exam Blueprint: Review the official AWS Certified Solutions Architect — Professional exam guide. This blueprint outlines the domains and topics that the exam will cover. It’s essential to understand clearly what you need to study.
AWS Certified Solutions Architect — Professional
Google Professional Cloud Architects
Hands-On Experience: Practical experience is crucial for success in this exam. Ensure you have extensive experience designing, building, and managing complex AWS solutions. Work on real-world projects.
AWS Training and Certification Courses: Enroll in AWS official training courses. AWS offers online training and certification resources. Consider taking AWS Certified Solutions Architect — Professional training.
To prepare myself, I took live training on AWS from (AWS Academy), Azure ( Microsoft Education — SkillPipe), GCP (Collected Google Education training materials and online training), and OCI (from Oracle Architecture free training).
Online Courses and Tutorials: There are many online courses and tutorials available on platforms like A Cloud Guru, Udemy, Coursera, edX, and Pluralsight that cover AWS solutions architecture at a professional level. Invest in some of these courses.
Creating a plan to finish a course at your own pace is a great way to stay organized and ensure you complete the material successfully. Here’s a list of topics to cover:
Section 1: Compute and Storage
- Define the core concepts of compute and storage in the cloud.
- Explain the different types of compute resources, such as virtual machines and serverless computing.
- Discuss storage options, including databases, data lakes, and object storage.
- Go through insights into selecting the right compute and storage solutions for various use cases.
# Compute
| Compute Category | AWS | Azure | GCP | OCI |
|----------------------------|-----------------------------------------|-----------------------------------------|------------------------------------------|---------------------------------------|
| Virtual Machines (VMs) | Amazon EC2 | Azure Virtual Machines | Google Compute Engine | Oracle Compute, Oracle Functions |
| Serverless Computing | AWS Lambda | Azure Functions | Google Cloud Functions | Oracle Functions |
| Container Orchestration | Amazon ECS, Amazon EKS | Azure Kubernetes Service (AKS) | Google Kubernetes Engine (GKE) | Oracle Kubernetes Engine (OKE) |
| Serverless Containers | AWS Fargate | Azure Container Instances | Google Cloud Run | Oracle Functions |
| High-Performance Computing (HPC) | AWS HPC, AWS ParallelCluster | Azure HPC, Azure Batch Shipyard | Google Cloud HPC | Oracle HPC Cluster |
| Edge Computing | AWS IoT Greengrass | Azure IoT Edge | Google Cloud IoT Edge | Oracle IoT Edge |
| Bare Metal Instances | Amazon EC2 Bare Metal Instances | Azure Bare Metal Instances | Google Cloud Bare Metal Instances | Oracle Bare Metal Compute |
| Functions as a Service (FaaS) | AWS Lambda | Azure Functions | Google Cloud Functions | Oracle Functions |
| Auto Scaling | AWS Auto Scaling | Azure Autoscale | Google Cloud Instance Groups | OCI Autoscaling |
| Instance Types and Families | Multiple EC2 instance types and families | Multiple Azure VM series and types | Multiple Compute Engine machine types | Multiple Oracle Compute shapes |
| GPU Instances | AWS GPU Instances (EC2 P3, G4) | Azure GPU Instances (NC, ND, NV, NCv3, NVv4, etc.) | Google Cloud GPU Instances (NVIDIA GPUs) | OCI GPU Instances (NVIDIA GPUs) |
| FPGA Instances | AWS FPGA Instances (EC2 F1) | Azure FPGA Instances (Project Catapult) | Google Cloud FPGA Instances (Intel FPGAs) | OCI FPGA Instances |
| Instance Scheduling | AWS EC2 Instance Scheduler | Azure Virtual Machine Auto-Shutdown | Google Cloud Compute Engine Instance Scheduler | OCI Compute Instance Scheduler |
| Spot Instances/Preemptible VMs | AWS EC2 Spot Instances | Azure Spot Virtual Machines | Google Cloud Preemptible Instances | OCI Spot Instances |
| Hybrid Cloud Computing | AWS Outposts, AWS Snow Family | Azure Arc | Google Anthos | Oracle Cloud at Customer, Oracle Cloud Hybrid Compute |
| Nested Virtualization | Supported | Supported | Supported | Supported |
| Instance Metadata and User Data | Instance Metadata Service | Azure Instance Metadata Service | Instance Metadata (Metadata Server) | Instance Metadata and User Data |
| Instance Storage | Amazon EBS, Instance Store Volumes | Azure Managed Disks, Temporary Disk | Google Cloud Persistent Disks | Oracle Block Volumes, Local NVMe SSDs |
| Network Performance | Enhanced Networking, AWS Direct Connect | Azure Virtual Network, ExpressRoute | Google Cloud VPC, Dedicated Interconnect | Oracle Cloud FastConnect |
| Serverless Containers | AWS Fargate | Azure Container Instances | Google Cloud Run | Oracle Functions |
| Service Mesh | AWS App Mesh, Amazon ECS with App Mesh | Azure Service Fabric, Azure Kubernetes Service with Istio | Google Kubernetes Engine with Istio | Oracle Cloud Native Services with Istio |
[multicloud_comparisons](https://github.com/asiandevs/multicloud_comparisons/blob/main/README.md)
# Storage
| Storage Component | AWS | Azure | GCP | OCI |
|--------------------------|-----------------------------------|---------------------------------------|-------------------------------------|------------------------------------------|
| File Storage | Amazon EFS | Azure Files, Azure NetApp Files | Google Cloud Filestore | OCI File Storage |
| Block Storage | Amazon EBS | Azure Managed Disks | Google Cloud Persistent Disks | OCI Block Storage |
| Archival Storage | Amazon Glacier | Azure Blob Storage (Cool and Archive tiers) | Google Cloud Storage (Coldline and Archive storage classes) | OCI Archive Storage |
| Database Storage | Amazon RDS, Amazon Aurora | Azure SQL Database, Azure Database for MySQL/PostgreSQL | Cloud SQL (MySQL, PostgreSQL, SQL Server) | OCI Database Storage (for Oracle Database) |
| CDN Services | Amazon CloudFront | Azure Content Delivery Network (CDN) | Google Cloud CDN | OCI Content Delivery Network (CDN) |
| Hybrid Storage | AWS Storage Gateway | Azure StorSimple | Cloud Filestore, Cloud Volume Service | Oracle Cloud Storage Gateway |
| Shared File System | Amazon FSx | Azure Files, Azure NetApp Files | Google Cloud Filestore | OCI File Storage Service |
| Bulk Data Transfer | AWS Snowball, AWS Snowmobile | Azure Data Box, Azure Data Box Disk, Azure Data Box Heavy | Google Transfer Appliance | OCI Data Transfer Appliance |
| AutoBackup Options | AWS Backup, AWS Database Backup Service | Azure Backup, Azure Site Recovery | Cloud Storage Transfer Service | OCI Backup Service, OCI Database Backup |
[multicloud_comparisons](https://github.com/asiandevs/multicloud_comparisons/blob/main/README.md)
Section 2: Virtual Networking
- Explore the fundamentals of cloud networking, including Virtual Private Cloud (VPC) and load balancing.
- Understand how cloud architects design secure and efficient network architectures.
- Go through many examples of common networking challenges and their solutions.
# Network
| Service | AWS | Azure | Google Cloud | Oracle |
| ----------------------------------------------- | ---------------------------------------- | ------------------------------------------------- | ---------------------------------------------- | --------------------------------------------- |
| Virtual Private Cloud (VPC) | Amazon VPC | Azure Virtual Networks (VNet) | Google VPC (Virtual Private Cloud) | VCN is Oracle's equivalent to VPC and VNet |
| Default | Default VPC in each region. | Default VNet is not existing. | Default network for a new project | No default VCN |
| Allowed VPC size range (IPv4) | /16 to /28 | Subnets are from /29 to /8. | VPC size range is between /16 and /9 | the allowed VCN size range is /16 to /30. |
| Reserved IP address | AWS reserves 5 IP addresses within each subnet | | reserves 3 IP addresses within each subnet | |
| Subnet Types | Subnets types: Private, Public and VPN-only | Subnets types: Private, Public and Gateway | Regional Subnets, Auto Mode Subnets | regional, availability domain [ Access type - Private / Public] |
| Static IP Address | Elastic IP | Azure Static Public IP | Static External IP | OCI Public IP |
| Reserved IP Address | AWS Reserved IP | Azure Reserved IP | Google Cloud Reserved IP | OCI Reserved IP |
| Security | Secure your network using NACLs and Security Groups. | Secure your network using NSGs and ASGs. | Firewall Rules | Security Lists and NSG |
| Gateways | i)VPC Gateway ii)Virtual Network Gateway | i)Azure Bastion ii)VPN Gateway | i)Cloud VPN ii)Interconnect | i)VPN Connect ii)Gateway |
| Route Tables | AWS Route Table | Azure Route Table | Google Cloud Routes | OCI Route Table |
| API Management | AWS API Gateway | Azure API Management | Apigee | OCI API Gateway |
| Network area translation | NAT Gateway | Virtual Network NAT, Azure Route Server (preview) | Cloud NAT | NAT gateway, Service Gateway |
| Traffic Management | Route 53 Traffic Flow | Traffic Manager | Google Cloud Traffic Director | OCI Traffic Management |
| Firewalls | AWS Network Firewall | AWS WAF | Azure Firewall | Google Cloud Firewall | OCI Network Security Groups |
| DDoS Protection | AWS Shield | Azure DDoS Protection | Google Cloud Armor | OCI Web Application Firewall (WAF) |
| Load balancing | Elastic Load Balancing (ELB) | Application Gateway, Load Balancer, Traffic Manager, Azure DNS | Cloud Load Balancing | OCI Load Balancing Service -includes Load Balancer and Network Load Balancer |
| Peering | VPC Peering | AWS Direct Connect Gateway|Transit Gateway | VNet Peering | Azure Bastion | Google Cloud VPC Peering | OCI Peering |
| Content Delivery Network (CDN) | Amazon CloudFront | Azure Content Delivery Network (CDN) | Google Cloud CDN | OCI Content Delivery Network |
| Site-to-Site Connectivity | i)VPN (Virtual Private Network) ii)AWS Direct Connect | i)Azure VPN Gateway ii)ExpressRoute | i)Google Cloud VPN ii)Google Cloud Interconnect | OCI Site-to-Site VPN |
| Global Network Presence | Yes | Yes | Yes | Yes |
| Direct Connection | AWS Direct Connect | Azure ExpressRoute | Google Cloud Interconnect | FastConnect |
| DNS Service | Amazon Route 53 | Azure DNS | Google Cloud DNS | OCI DNS |
| Domain name system (DNS) | Amazon Route 53 | Azure DNS | Cloud DNS, Google Cloud DNS | DNS management and traffic management steering policies |
| Build, deploy and manage APIs | Amazon API Gateway | Azure API Apps, API Management | Apigee API Management Platform | |
| Private Connectivity | Direct Connect|VPN Gateway | Azure ExpressRoute|VPN Gateway | Google Cloud Interconnect|VPN Gateway | OCI FastConnect|VPN Connect |
[multicloud_comparisons](https://github.com/asiandevs/multicloud_comparisons/blob/main/README.md)
Section 3: Identity and Access Management
- Explain the significance of identity and access management (IAM) in the cloud.
- Discuss IAM best practices for securing cloud resources.
- Share advice on effectively managing permissions and access controls.
# Identity
| Identity Category | AWS | Azure | GCP | OCI |
|-----------------------------|----------------------------------------|-----------------------------------------|----------------------------------------|----------------------------------------|
| Identity and Access Management | AWS Identity and Access Management (IAM) | Azure Active Directory (Azure AD) | Google Cloud Identity and Access Management (IAM) | Oracle Cloud Identity and Access Management (IAM) |
| Multi-Factor Authentication (MFA) | AWS Identity and Access Management (IAM) MFA | Azure Multi-Factor Authentication (MFA) | Google Cloud Identity and Access Management (IAM) MFA | Oracle Cloud Identity and Access Management (IAM) MFA |
| Single Sign-On (SSO) | AWS Single Sign-On (SSO) | Azure Active Directory (Azure AD) SSO | Google Workspace (formerly G Suite) SSO | Oracle Cloud Identity and Access Management (IAM) SSO |
| Identity Federation | AWS Identity and Access Management (IAM) Federation | Azure Active Directory (Azure AD) Federation | Google Cloud Identity Platform Federation | Oracle Cloud Identity and Access Management (IAM) Federation |
| Privileged Access Management | AWS Identity and Access Management (IAM) Roles | Azure Privileged Identity Management | Google Cloud Identity and Access Management (IAM) Roles | Oracle Cloud Identity and Access Management (IAM) Roles |
| Role-Based Access Control (RBAC) | AWS Identity and Access Management (IAM) Roles | Azure Role-Based Access Control (RBAC) | Google Cloud Identity and Access Management (IAM) Roles | Oracle Cloud Identity and Access Management (IAM) Roles |
[multicloud_comparisons](https://github.com/asiandevs/multicloud_comparisons/blob/main/README.md)
Section 4: Data Services
Explore data services like Azure, SQL Database, Azure Cosmos DB, Azure Data Factory, and Azure Storage for GCP, BigQuery, Cloud Firestore, and Datastore.
- Know when and how to use each service.
- Highlight the advantages of these data services in terms of scalability, performance, and cost-effectiveness.
- Go through with use cases illustrating the potency of cloud data services.
# Database
| Database Category | AWS | Azure | GCP | OCI |
|--------------------------|-----------------------------------------|-----------------------------------------|------------------------------------------|---------------------------------------|
| **Relational Databases** | Amazon RDS (Multi-AZ, Read Replicas), Amazon Aurora (Multi-Master), Amazon Redshift | Azure SQL Database (Auto-failover Groups, Geo-Replication), Azure Database for MySQL (Geo-Replication), Azure Database for PostgreSQL (Geo-Replication) | Google Cloud SQL (High Availability), Google Cloud Spanner (Global Distribution), BigQuery | Oracle Database Cloud Service (Data Guard, RAC), Oracle Autonomous Database (Regional, Global) |
| **NoSQL Databases** | Amazon DynamoDB (Global Tables) | Azure Cosmos DB (Multi-region Writes) | Google Cloud Firestore (Multi-region), Bigtable (Replication), Datastore (Data Redundancy) | Oracle NoSQL Database (High Availability), Oracle Autonomous NoSQL Database (Regional, Global) |
| **In-memory Databases** | Amazon ElastiCache (Replication) | Azure Cache for Redis (Replication) | Google Cloud Memorystore (Regional) | Oracle Exadata Cloud Service (RAC), Oracle TimesTen (High Availability) |
| **Data Warehouses** | Amazon Redshift (Backup and Restore) | Azure Synapse Analytics (Geo-Redundancy) | BigQuery (Multi-Region Data Replication) | Oracle Exadata Cloud Service (High Availability) |
| **Time Series Databases** | Amazon Timestream (High Availability) | Azure Time Series Insights (High Availability) | Google Cloud Bigtable (Data Replication) | Oracle NoSQL Database (High Availability) |
| **Graph Databases** | Amazon Neptune (Replication) | Azure Cosmos DB (Multi-region Writes) | Google Cloud Bigtable (Data Replication) | Oracle Spatial and Graph (High Availability) |
| **Database Backup/Restore** | Amazon RDS Backup and Restore (Automated Backups, Snapshots) | Azure Backup (Data Redundancy) | Google Cloud Backup (Data Redundancy) | Oracle Database Backup Cloud Service (Data Guard, RMAN) |
| **Database Security** | AWS Identity and Access Management (IAM), Amazon RDS Encryption | Azure Active Directory, Azure SQL Database Firewall Rules | Google Cloud Identity and Access Management (IAM) | Oracle Cloud Identity and Access Management (IAM) |
| **Global Database Deployment** | Amazon RDS Multi-AZ (Global Tables), Amazon Aurora Global Database | Azure Cosmos DB Global Distribution (Multi-master) | Google Cloud Spanner Global Instance (Global Distribution) | Oracle Global Data Services (GDS), Oracle Data Guard, Oracle RAC |
| **Database Analytics** | Amazon Redshift Spectrum (High Availability) | Azure Data Lake Analytics (High Availability) | BigQuery (Data Redundancy) | Oracle Database Cloud Service (Analytics) |
| **Managed Database Services**| Amazon RDS, Amazon Aurora | Azure SQL Database, Cosmos DB | Cloud SQL | Oracle Database Cloud Service, Oracle Exadata Cloud Service |
| **Serverless Databases** | Amazon Aurora Serverless | Azure SQL Database Serverless | Cloud Spanner | Oracle Autonomous Database |
| **Multi-Model Databases** | Amazon DocumentDB (with MongoDB compatibility) | Azure Cosmos DB (multiple APIs) | Firestore, Bigtable (multi-model capabilities) | Oracle NoSQL Database Cloud - Multi-Model |
| **Database Migration Tools** | AWS Database Migration Service | Azure Database Migration Service | Database Migration Service | Oracle Cloud Database Migration Service |
| **Data Encryption** | Amazon RDS Encryption, AWS Key Management Service (KMS) | Azure SQL Database Encryption, Azure Key Vault | Google Cloud SQL Encryption, Cloud Key Management Service (KMS) | Oracle Transparent Data Encryption (TDE), Oracle Key Vault |
| **Database Monitoring and Performance Tuning** | Amazon CloudWatch, Amazon RDS Performance Insights | Azure Monitor, Azure SQL Database Query Performance Insights | Google Cloud Monitoring, Cloud SQL Insights | Oracle Cloud Monitoring, Oracle Database Performance Monitoring |
| **Database Replication** | Amazon RDS Read Replicas, Aurora Replicas | Azure SQL Database Geo-Replication | Cloud SQL Read Replicas, Cloud Spanner Replicas | Oracle Data Guard |
| **Database Version Control** | AWS Database Migration Service Schema Conversion Tool (SCT) | Azure Database Migration Service Schema Conversion Tool (SCT) | Google Cloud Database Migration Service Schema Conversion Tool (SCT) | Oracle SQL Developer Data Modeler |
[multicloud_comparisons](https://github.com/asiandevs/multicloud_comparisons/blob/main/README.md)
Section 5: Security and Compliance
- Emphasize the critical role of security and compliance in cloud architecture.
- Review best practices for cloud security, including encryption and monitoring.
# Security
| Security Category | AWS | Azure | GCP | OCI |
|-----------------------------|----------------------------------------|-----------------------------------------|----------------------------------------|----------------------------------------|
| **Security Policies and Compliance** | AWS Identity and Access Management (IAM) Policies | Azure Policy, Azure Blueprints | Google Cloud Identity and Access Management (IAM) Policies | Oracle Identity Cloud Service Policies |
| **Identity Verification** | Amazon Cognito | Azure Active Directory B2C | Google Cloud Identity Platform | Oracle Identity Cloud Service |
| **Encryption at Rest** | AWS Key Management Service (KMS) | Azure Key Vault | Google Cloud Key Management Service (KMS) | Oracle Cloud Infrastructure Vault |
| **Encryption in Transit** | SSL/TLS, AWS Key Management Service (KMS) | SSL/TLS, Azure Key Vault | SSL/TLS, Google Cloud Key Management Service (KMS) | SSL/TLS, Oracle Cloud Infrastructure Vault |
| **Network Security Groups** | Amazon VPC Security Groups, AWS Firewall Manager | Azure Network Security Groups | Google Cloud VPC Firewall Rules | Oracle Cloud Network Security Groups |
| **Web Application Firewall (WAF)** | AWS WAF | Azure Web Application Firewall | Google Cloud Armor | Oracle Cloud Web Application Firewall |
| **Security Information and Event Management (SIEM)** | Amazon GuardDuty, AWS Security Hub | Azure Sentinel | Google Cloud Security Command Center | Oracle Cloud Security Monitoring |
| **Security Compliance** | AWS Config | Azure Policy | Google Cloud Policy Intelligence | Oracle Cloud Infrastructure Policies |
| **Security Certifications** | ISO 27001, SOC 2, HIPAA, PCI DSS, FedRAMP | ISO 27001, SOC 2, HIPAA, PCI DSS, FedRAMP | ISO 27001, SOC 2, HIPAA, PCI DSS, FedRAMP | ISO 27001, SOC 2, HIPAA, PCI DSS, FedRAMP |
| **Incident Response** | Amazon Inspector, AWS Config Rules, AWS Trusted Advisor | Azure Security Center, Azure Monitor | Google Cloud Security Command Center, Google Cloud Monitoring | Oracle Cloud Infrastructure Security Advisor |
| **Identity Governance** | AWS Identity Governance and Administration | Azure Active Directory Identity Governance | Google Cloud Identity Platform (User Provisioning, Lifecycle Management) | Oracle Identity Cloud Service (Identity Governance, Lifecycle Management) |
| **Authentication Services** | Amazon Cognito, AWS Single Sign-On | Azure Active Directory B2C, Azure Active Directory B2B | Google Identity Platform (OAuth, OIDC) | Oracle Identity Cloud Service (OAuth, OIDC) |
| **Endpoint Protection** | AWS Shield (DDoS protection), AWS Web Application Firewall (WAF) | Azure DDoS Protection, Azure Web Application Firewall (WAF) | Google Cloud Armor (DDoS protection), Google Cloud Web Application Firewall (WAF) | Oracle Cloud Infrastructure Web Application Firewall, Oracle Cloud Infrastructure DDoS Protection |
[multicloud_comparisons](https://github.com/asiandevs/multicloud_comparisons/blob/main/README.md)
Section 6: Management Tools
- Explore the tools and services that help cloud architects manage and monitor their cloud infrastructure.
- Provide insights into infrastructure as code (IaC) and automation.
- Highlight the benefits of efficient management for cost control and resource optimization.
AWS provides CloudWatch and CloudFormation.
Azure has Azure Monitor and Azure Resource Manager.
GCP offers Monitoring and Logging, and Deployment Manager.
OCI has Oracle Cloud Monitoring and Resource Manager.
Section 7: Cost Management
- Learn how to optimize costs using cloud provider's pricing models, instance types, services, and strategies for managing cloud costs effectively.
- Familiarize yourself with activities like -monitoring spending, setting budgets, and optimizing resource usage.
AWS includes Cost Explorer.
Azure provides Azure Cost Management.
GCP focuses on cost optimization strategies.
OCI also emphasizes cost optimization strategies.
Section 8: Disaster Recovery and Backup
- Know the importance of disaster recovery planning in cloud architecture.
- Describe backup and recovery strategies for protecting data and applications.
- Analyze case studies of successful disaster recovery implementations.
AWS offers Disaster Recovery.
Azure provides Azure Site Recovery.
GCP focuses on strategies for disaster recovery.
OCI has Backup and Recovery.
Section 9: Migration
- Guide readers through the process of migrating on-premises applications to the cloud.
- Share migration strategies, best practices, and potential challenges.
AWS offers Database Migration Service.
Azure provides Azure Migrate.
GCP emphasizes migration strategies.
OCI offers Cloud Migration.
Section 10: Serverless Architectures
- Know serverless computing and its benefits.
- Study how serverless architectures leverage cloud resources for event-driven, scalable solutions.
AWS offers AWS Lambda and Elastic Beanstalk.
Azure provides Azure Functions and AKS (Azure Kubernetes Service).
GCP offers Cloud Functions and App Engine.
OCI has Functions and Serverless.
Section 11: Scalability and Elasticity
- Explore the concepts of scalability and elasticity in cloud architecture.
- Know how cloud architects design systems that can handle variable workloads efficiently.
- Know the dynamic scaling of resources based on demand.
AWS uses Auto Scaling and Elastic Beanstalk.
Azure employs Virtual Machine Scale Sets and AKS.
GCP uses Auto Scaling and Elastic Load Balancing.
OCI focuses on Elasticity and Load Balancing.
Section 12: Integration Services
- Explore the significance of integration in cloud architecture.
- Know how integration services, APIs, and data flow within cloud environments, including integration challenges and their solutions.
AWS offers Step Functions and Amazon API Gateway.
Azure has Logic Apps and API Management.
GCP uses App Engine and Cloud Endpoints.
OCI provides Integration Services and API Gateway.
Section 13: Machine Learning
- Explore the role of machine learning in cloud solutions.
- Know how cloud architects leverage machine learning for data analysis, predictions, and automation.
AWS offers SageMaker and AI/ML Services.
Azure provides Azure Machine Learning and Azure AI.
GCP offers AI and ML services.
OCI emphasizes AI and ML Services.
Section 14: DevOps and Automation (IaC)
Understand how DevOps and CI/CD pipelines can be used to automate the deployment and management of Azure solutions. Each cloud has its own code repository and pipeline systems. If you have already worked on Git (Code Repository) and Jenkins / Bamboo (Pipeline), then you are almost done. For IaC, if you have already worked on Ansible and Terraform, it will be much easier.
# DevOps
| Category | AWS | Azure | GCP | OCI |
|------------------------|-------------------------------------------|-----------------------------------------|------------------------------------------|----------------------------------------|
| **Compute** | Amazon EC2, AWS Lambda, AWS Elastic Beanstalk | Azure Virtual Machines, Azure Functions | Google Compute Engine, Google Cloud Functions | Oracle Compute, Oracle Functions |
| **Container Orchestration** | Amazon ECS, Amazon EKS | Azure Kubernetes Service (AKS) | Google Kubernetes Engine (GKE) | Oracle Kubernetes Engine (OKE) |
| **Serverless** | AWS Lambda | Azure Functions | Google Cloud Functions | Oracle Functions |
| **CI/CD** | AWS CodePipeline, AWS CodeBuild, AWS CodeDeploy | Azure DevOps, Azure DevTest Labs | Google Cloud Build, Google Cloud Deployment Manager | Oracle Developer Cloud |
| **Source Control** | AWS CodeCommit | Azure DevOps Repos (formerly VSTS) | Google Cloud Source Repositories | Oracle Developer Cloud |
| **Artifact Repository** | AWS CodeArtifact | Azure Artifacts | Google Cloud Artifact Registry | Oracle Cloud Infrastructure Registry |
| **Infrastructure as Code** | AWS CloudFormation | Azure Resource Manager | Google Cloud Deployment Manager | Oracle Resource Manager |
| **Microservices** | AWS App Runner, AWS App Mesh | Azure Service Fabric, Azure Spring Cloud | Google Kubernetes Engine (GKE), Google Cloud Endpoints | Oracle Cloud Native Services |
# CICD
| CICD | AWS | Azure | GCP | OCI |
|-----------------------------|-----------------------------------------|-----------------------------------------|------------------------------------------|---------------------------------------|
| **CICD Services** | AWS CodePipeline, AWS CodeBuild, AWS CodeDeploy | Azure DevOps, Azure DevTest Labs | Google Cloud Build, Google Cloud Deployment Manager | Oracle Developer Cloud, Oracle Cloud DevOps |
| **Source Control Integration** | AWS CodeCommit, GitHub (integration) | Azure Repos (formerly VSTS), GitHub (integration) | Google Cloud Source Repositories, GitHub (integration) | Oracle Developer Cloud, GitHub (integration) |
| **Container Registry** | Amazon ECR | Azure Container Registry | Google Container Registry | Oracle Cloud Infrastructure Registry |
| **Artifact Management** | AWS CodeArtifact | Azure Artifacts | Google Cloud Artifact Registry | Oracle Cloud Infrastructure Registry |
| **Infrastructure as Code Integration** | AWS CodePipeline, AWS CloudFormation | Azure DevOps, Azure Resource Manager | Google Cloud Build, Google Cloud Deployment Manager | Oracle Developer Cloud, Oracle Resource Manager |
| **Serverless Deployment** | AWS Lambda | Azure Functions | Google Cloud Functions | Oracle Functions |
| **Multi-Cloud Deployment** | Supported (using third-party tools) | Supported (using third-party tools) | Supported (using third-party tools) | Supported (using third-party tools) |
| **Integration with DevOps Tools** | AWS CodePipeline (integration with various third-party tools) | Azure DevOps (integration with various third-party tools) | Google Cloud Build (integration with various third-party tools) | Oracle Developer Cloud (integration with various third-party tools) |
| **Scalability and Elasticity** | AWS CodePipeline (supports scaling) | Azure DevOps (scalable with agents) | Google Cloud Build (scalable with build workers) | Oracle Developer Cloud (scalable) |
| **Security and Access Control** | AWS Identity and Access Management (IAM) | Azure Active Directory (Azure AD) | Google Cloud Identity and Access Management (IAM) | Oracle Cloud Identity and Access Management (IAM) |
| **Monitoring and Reporting** | AWS CloudWatch, AWS X-Ray (tracing) | Azure Monitor, Application Insights | Google Cloud Monitoring, Cloud Logging | Oracle Cloud Monitoring, Oracle Cloud Logging |
| **Third-Party Integration** | Extensive support for third-party integrations | Extensive support for third-party integrations | Extensive support for third-party integrations | Extensive support for third-party integrations |
| **Deployment Environments** | Multiple environments (staging, production, etc.) | Multiple environments (staging, production, etc.) | Multiple environments (staging, production, etc.) | Multiple environments (staging, production, etc.) |
| **Compliance and Governance** | AWS Organizations (for account management), AWS Config | Azure Policy, Azure Blueprints | Google Cloud Resource Manager, Identity and Access Management (IAM) | Oracle Cloud Infrastructure Policies, Identity and Access Management (IAM) |
| **Pricing Model** | Pay-as-you-go | Pay-as-you-go | Pay-as-you-go | Pay-as-you-go |
[multicloud_comparisons](https://github.com/asiandevs/multicloud_comparisons/blob/main/README.md)
Section 15: Serverless and Containers
- Learn about Azure Kubernetes Service (AKS) for container orchestration and Azure Functions for serverless computing.
- Learn about Azure Kubernetes Service (AKS) for container orchestration and Azure Functions for serverless computing.
- Explore Google Cloud Functions, Cloud Run, and Kubernetes Engine for serverless and container-based solutions.
- Explore Oracle Functions for serverless computing and Container Engine for Kubernetes (OKE) for container orchestration.
AWS provides AWS Lambda, Amazon ECS, and AWS Fargate.
Azure has Azure Functions, Azure Container Service, and Kubernetes Engine.
GCP offers Serverless computing with Lambda, Cloud Run, and Kubernetes Engine.
OCI provides Serverless and Containers and Oracle Functions.
Case Studies and Scenarios: Review different cloud case studies and practice working through architectural scenarios based on real-world problems.
Whitepapers and Documentation: Read different cloud-related whitepapers and documentation to understand cloud services and best practices better. Focus on documents like the “Well-Architected Framework,” “Security Best Practices,” and other relevant resources.
Continuous Learning: The cloud evolves continuously. Stay up-to-date with updates, new services, and best practices.
Book the Exam: Book your exam through the AWS Certification Portal once you feel confident.
Conclusion:
In this article, we’ve laid the foundation for your certification journey, focusing on the core services, networking, IAM, data management, security, and resource management. As you proceed, remember that mastering these areas will lead to certification success and empower you to architect innovative, scalable, and secure cloud solutions. Best of luck on your certification journey, and remember, the cloud offers endless possibilities for those who dare to explore it.