Passed both GCP ACE and PCA – Thanks Mattias!

I found the GCP exams very different than AWS ones in that the former actually requires one to know the intricacies of the service opposed to simply knowing what the service does. Therefore, the biggest lesson I can share is to do what Mattias says in his final section to pass. The end of the course should be the mid-point of the study. I found these exams one of the toughest and I am thinking back to MCSE and CCNA days,

• You must look at the GCP Exam Guide and actually know how to most of the operations on a topic. Not just how to perform a create. But manage, modify, troubleshoot and understand the limitations. E.g. with VPCs – create a VPC, routes, subnets, instances in subnets, firewall rules, VPNs, etc. Create an GAE service, create versions, etc.

• You must take the K8s course from ACG! I wish I had, but short of that I had to read a lot from kubernetes.io and do tons of hands on myself and even then I was not 100% confident on my K8s answers. No doubt this is a huge GCP differentiator and therefore lots of K8s questions.

• My final advice: In your GCP Console, click on EVERY offered service and its sub menu systematically one by one. Read the description of the service on the page. Click on the “learn” more. Go to the service webpage, click on documentation and read the “Concepts” section for each service. Then enable the API, go create the service. Even DataProc or Spanner don’t cost much for a few minutes. You need to have both breadth and depth.

Without sharing the recollection of my exact exam questions, I can advise these topics be looked at for each exam and the appropriate lecture and GCP docs reviewed in addition to what other posts have mentioned:

GCP-ACE

• How to manage SSH Keys in metadata

• Managing Instance Login using OSlogin

• GAE versions and traffic splits, migrations, deployments

• Valid RFC1918 CIDR ranges

• Upgrading GKE nodes

• Tightening security on one GCE VM….. think as tight as possible using all available means for the worst user lockdown scenario

• Container Registry vs GCS

• All GKE concepts – node, pod, container, services, master, autoscaling, types of service exposure, System Objects, health checks and logs

• Cloud SQL H/A, Read Replicas and Point in Time

• New GCE sizes – some of which are not visible for trial accounts

• VPC – everything – communication in subnets across zones; regions; firewalls; routes;

• Tag vs. labels

• VPN – in great detail

• Peered VPC vs Shared – especially IAM implications

• Everything about GCS classes, lifecycle and versions

• Most of the time 2 options are easy to eliminate in the ACE exam

• No multiple answer questions for me

• Lots of IAM obviously including Cloud Identity even though you cannot setup one without an OU

GCP – PCA

• Most of the time 2 answers are not easy to eliminate and a few choose 2 answers.

• Usually 1 tricky word buried in the question can reveal which answers are wrong/right

• No high level concept questions – everything is about depth and architecture. Think like a Systems Engineer.

• Actually know how to use DataStore – fixing indexes, fastest way to query.

• Datalab vs DataPrep vs DataStudio

• All 3 case studies – I had 5 questions from each case

• Time series data storage

• Know VPN very well, especially from different regions

• Must know K8s well – auto scaling, logging, troubleshooting

• Must know Jenkins

• Compliance – what does GCP and how it translate to you

• Do not need to know limits of any service

• Stackdriver to troubleshoot GKE and GAE

• IAM scopes and svc accounts

• GCP Private Access

• Deployment Manager vs Cloud Launcher (aka Marketplace) vs Using a Service – especially in the context of the 3 case studies

• BiqQuey IAM roles

• Know how to use BQ with different table types and for different data scenarios

• Pub/Sub IAM Roles

• When to hire a GCP consultant vs, GCP Training for your company

• GAE STD vs Flex usage with various DBs

• GCDS for GCP

• IAM and granting access to non G-suite, Gmail users

• Lots of VPC and networking related

Hope this helps.