I’m happy to report the ACG course was of value! Passed with a 901!
Thanks to the the Exam Simulator, that was awesome. Took it once at work on lunch (60 min) and scored in the 60s’. Uh-oh, so I dug into my deficiency area big-time (IAM). 3 days later I re-took exam simulator again (fair amount of diversity in questions, but def some repeats) and hit in the 90s. I’m ready! That night I signed up for the exam. I spent the next 2 nights and the weekend evenings watching all chapter recaps. I also did some lectures (13%) on VPC from ACG: ‘AWS Certified Advanced Networking – Specialty 2019‘ course and all of Security Specialty Chapters 8, 9, 10 on 2x speed the day before the test.
Simulator Review: I think the questions are on par with the exam, however, ACG actually seemed to have more "possible" answers (pick 2/3 of 4) while in the real AWS exam I felt consistently able to eliminate 2 potential options upon close reading of the choice.
Additional Resources I used: I watched ACG’s courses: ‘Practical Event-Driven Security with AWS‘, & ; ‘Coding for the Cloud 101‘, and a small portion of Adv. Networking as noted above. Event-Driven Security & Networking (VPC stuffs) were worth my time.
I also dug into Lamda @ Edge for re-writing security headers on cached edge content.
In the real-world: I built a new Control Tower org (side-note: I learned you perma-burn an email when you de-activate an AWS account… WTF!) and read over all that it did to build Orgs, SCPs, Cloudformation StackSets and worked to on-board my own existing AWS account (not recommended for PROD, Control Tower is explicitly for NEW organizations and the migration was not smooth).
In this I then setup login alerts, did some athena over CT logs, roles delegation, S3 CRR.
IAM Specifically: To supplement IAM in this course I recommend spending the time and going over the entire AWS IAM user guide (3-6 hours depending on prior knowledge and experience). Link: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
I found this extraordinarily valuable, particularly the Common Scenarios and Identity Providers and Federation. Reading that, checking their example code = winning, and bringing value back to my team.
Thanks for reading and good luck Cloud Gurus!