ScaleSec Blog

Learning in the Cloud | ScaleSec

Written by Greg Peterson | Mar 7, 2023 8:00:00 AM

 

How to Learn Cloud

A Guide to Securely Embracing the Cloud

I frequently get asked how someone can “learn the cloud”. I hear this from seasoned Infrastructure Technology (IT) professionals and from people new to the industry. Both of these starting points have great justification for learning about cloud as the industry has been heading this direction for the last 10+ years. I put together this short article suggesting directions for both starting points to learn the cloud.

Many people think “cloud” is a data center run by another company, but that is too simplistic. The use of cloud is truly a paradigm shift, where much of the infrastructure management can be borne by the cloud providers. That is why the cloud is so valuable to businesses and why you should learn how it differs from data centers. Technologies used in traditional data centers (servers, databases, networking, etc.) all still exist in the cloud. And cloud providers give you the choice to be hands-on with these technologies or let the cloud handle the underlying management of them. (Read about IaaS, PaaS, and SaaS models here.) If you’re new to the technology industry, I would highly recommend leveraging a SaaS model, where the provider handles almost everything but the application for you.

 

Read about IaaS, PaaS, and SaaS models here: What Is Cloud Security?

As a security professional, working for a leading cloud security company, I would be remiss to not mention that security is a big part of technology everywhere and the cloud is no exception. Not fully understanding the technologies you are working with will definitely increase your exposure to cyber risks. Learning on the go is acceptable in a development environment, but a solid security review should be completed before anything in the cloud (or on-premise) is promoted to production.

Cloud Service Providers

Today the three biggest cloud service providers providing IaaS, PaaS and IaaS are Amazon’s AWS, Google’s GCP and Microsoft’s Azure. Some other providers include Oracle’s OCI and IBM’s Kyndryl. This blog will focus on AWS and GCP, but the approach would be the same for the other cloud providers.

 

 

 

 

How to Learn Cloud

The two paths I discussed diverge a bit here. Both require you to set a goal and create a plan. I will focus on managed SaaS solutions in path 1 (for those that are new to IT or want to transfer operations to the cloud providers) and cover PaaS and IaaS solutions in path 2 for those that desire a more hands on approach.

The first thing you should do is choose a cloud provider to initially focus on. This should be whatever cloud your company or target company primarily uses. If you don’t have a preference I would recommend choosing AWS as they currently have the largest market share.

Path 1: SaaS

If you don’t have a solid IT background, you may want to first get a basic understanding of the industry. CompTIA offers IT fundamental courses such as IT Fundamentals+, A+, Network+ and Security+ that would be beneficial to start with. Once you have this background, the cloud will begin to make more sense.

 

 

 

CompTIA — IT Fundamentals+

CompTIA — A+

 

 

CompTIA — Network+

CompTIA — Security+

 

Each cloud provider has a certification path to follow. I will highlight each of the clouds with recommendations.

AWS SaaS Certification Path

AWS’s certification path offers more than 10 different certifications to achieve. The first one to focus on is the Cloud Practitioner. This certification ensures that you understand the main services and features that AWS offers. It is not overly technical and is achievable with little experience.

AWS Certification Path

The recommendations below assume you have achieved your cloud practitioner certification.

If you want to focus primarily on development and less on the infrastructure itself, this path makes the most sense:

AWS Developer AssociateAWS SysOps AdministratorAWS DevOps Engineer

AWS SaaS Developer Path

💡 If you are already comfortable with AWS you may want to skip directly to DevOps Engineer as it is a professional level certification that covers everything in the associate level certifications.

AWS also offers specialty certifications that may make sense, depending on your career path. I will list the SaaS centric ones below:

AWS SaaS Path Specialty Certifications

GCP Saas Certification Path

GCP’s certification path offers more than 10 different certifications to achieve. The first one to focus on is the Cloud Digital Leader. This certification ensures that you understand the main services and features that GCP offers. It is not overly technical and is achievable with little experience.

The recommendations below assume you have achieved your cloud digital leader certification.

If you want to focus primarily on development and less on the infrastructure itself, this path makes the most sense:

GCP Associate Cloud EngineerGCP Professional Cloud Developer GCP Cloud DevOps Engineer

GCP SaaS Developer Path

💡 If you are already comfortable with GCP you may want to skip directly to Developer and Engineer as they are professional level certifications that cover everything in the associate level certification.

GCP also offers specialty certifications that may make sense, depending on your career path. I will list the SaaS centric ones below:

GCP SaaS Path Specialty Certifications

Path 2: Leveraging PaaS and IaaS

If you are choosing this path, you should have a solid IT background with the understanding of networking, operating systems and infrastructure management.

Each cloud provider has a certification path to follow. I will highlight each of the clouds with recommendations.

AWS PaaS and IaaS Certification Path

If you are new to AWS I would recommend the Cloud Practitioner. This is an entry level certification that will help identify what terminology AWS uses for different technologies.

If you want to focus on both development and managing the infrastructure itself, this path makes the most sense.

For development focus I would stay with the path 1 recommendation:

AWS Developer AssociateAWS SysOps AdministratorAWS DevOps Engineer

AWS SaaS, PaaS and IaaS Developer Path

For infrastructure management this would be the recommendation:

AWS Solution Architect AssociateAWS Solution Architect Professional

AWS PaaS and Iaas Infrastructure Management Path

💡 If you are already comfortable with AWS you may want to skip directly to Engineer or Architect Professional as they are professional level certifications that cover everything in the associate level certifications.

As with path 1 above, AWS also offers specialty certifications that may make sense, depending on your career path. I will list the PaaS/IaaS centric ones below:

AWS PaaS and IaaS Path Specialty Certifications

GCP PaaS and IaaS Certification Path

If you are new to GCP I would recommend the Cloud Digital Leader. This is an entry level certification that will help identify what terminology GCP uses for different technologies.

If you want to focus on both development and managing the infrastructure itself, this path makes the most sense.

For development focus I would stay with the path 1 recommendation:

GCP Associate Cloud EngineerGCP Professional Cloud Developer GCP Cloud DevOps Engineer

GCP Saas, PaaS and IaaS Developer Path

For infrastructure management this would be the recommendation:

GCP Associate Cloud EngineerGCP Professional Cloud Architect

GCP PaaS and Iaas Infrastructure Management Path

💡 If you are already comfortable with GCP you may want to skip directly to Architect Professional as it is a professional level certifications that cover everything in the associate level certification.

As with path 1 above, GCP also offers specialty certifications that may make sense, depending on your career path. I will list the PaaS/IaaS centric ones below:

GCP PaaS IaaS Path Specialty Certifications

Security Path

👏 If you are focused on security I applaud you. There are a couple cloud-neutral security certifications out there worth looking into:

  • Certificate of Cloud Security Knowledge (CCSK)
  • Certified Cloud Security Professional (CCSP)

 

Certificate of Cloud Security Knowledge

Certified Cloud Security Professional


 

Cloud providers have specific security paths for security as well. I will highlight those below.

Security Path — AWS

Security Path — GCP

Next Steps

The next steps are up to you. Following these recommendations will give you a strong understanding of cloud technologies. Hopefully this will help you achieve your career goals.

With that said, nothing beats being hands on. You can sign up for accounts on both AWS and GCP with a credit card. You don’t have to spend any money when you sign up and they offer free tiers or credits for you to practice with. Play around but remember to delete everything that you create because you can eventually start accruing charges to your credit card.

If you want to learn more about cloud technologies or specifically on how to secure them, please reach out to me or to ScaleSec - we love talking about this.