# Certification Roadmap — Cloud Engineering Track Your goal: Cloud Engineer. This is one of the best-paid, highest-demand roles in tech. Your project already demonstrates cloud engineering skills. Certs give you the vocabulary and credentials to prove it on paper. --- ## Your Path (In Order) ``` CompTIA A+ Core 1 ✅ DONE (highest score) ↓ CompTIA A+ Core 2 ← YOU ARE HERE ↓ CompTIA Network+ ← OPTIONAL (CCNA covers this and more) ↓ CCNA ← Strong networking foundation ↓ AWS Solutions Architect Associate ← Core cloud cert ↓ CompTIA Cloud+ ← Vendor-neutral cloud (optional, pairs well with AWS SAA) ↓ AWS SysOps Administrator Associate ← Operations focus (very relevant to homelab) ↓ Kubernetes (CKA) ← Container orchestration (natural next step from Docker) ↓ AI / Prompt Engineering certs ← After cloud foundation is solid ``` --- ## Each Cert Explained ### CompTIA A+ Core 2 (In Progress) **What it covers:** Windows OS, macOS, Linux basics, security fundamentals, troubleshooting, remote support **Why it matters:** Completes your A+ certification — required baseline for most IT roles **How it connects to your homelab:** Linux troubleshooting, OS concepts, security basics **Study tips:** - Professor Messer (free on YouTube) — best A+ resource, period - Jason Dion practice exams (Udemy, ~$15) — take these until you consistently hit 85%+ - Focus on Core 2's security domain — it maps directly to your Authentik/SSO work --- ### CCNA (Cisco Certified Network Associate) **What it covers:** TCP/IP networking, routing, switching, VLANs, subnetting, wireless, security basics, automation basics **Why it matters:** The gold standard networking cert. Hiring managers trust it more than Network+. Cloud engineering requires deep networking knowledge. **How it connects to your homelab:** - Subnetting: your Docker bridge networks (172.x.x.x), Tailscale (100.x.x.x) are subnets - DNS: you configured Cloudflare DNS for every subdomain - Routing: Cloudflare Tunnel routes traffic to specific containers by hostname - Firewalls: you configured ufw rules on kscloud1 - TCP/UDP: you opened specific ports, understand why services bind to certain ports **Study resources:** - *Jeremy's IT Lab* (free, YouTube + Packet Tracer labs) — best free CCNA content - *Neil Anderson's CCNA course* (Udemy) — comprehensive paid option - Cisco Packet Tracer (free simulator) — build labs, don't just watch - Allan Johnson's *CCNA 200-301 Official Cert Guide* (Cisco Press) — the official book **Timeline:** Plan 3–6 months of consistent study. Don't rush it. --- ### AWS Solutions Architect — Associate (SAA-C03) **What it covers:** EC2, S3, VPC, IAM, RDS, load balancers, auto-scaling, serverless, storage, CDN, security **Why it matters:** Most in-demand cloud cert in the market. AWS powers ~33% of the internet. This cert is the entry point to cloud engineering jobs. **How it connects to your homelab:** - Your Hetzner VPS is essentially what an EC2 instance is on AWS - Your Cloudflare Tunnel is similar to AWS CloudFront + ALB - Your Docker networking maps to AWS VPC concepts - Your Tailscale private network maps to AWS VPC peering / PrivateLink - Your Prometheus/Grafana stack maps to AWS CloudWatch - Your active-active failover maps to AWS multi-AZ architecture **Study resources:** - *Stephane Maarek's AWS SAA course* (Udemy, ~$15 on sale) — the best, period - *Tutorial Dojo practice exams* by Jon Bonso — most accurate practice exams for AWS - AWS Free Tier — build the same things you built in your homelab, but on AWS **Timeline:** 2–3 months after CCNA. Easier once you know networking well. --- ### AWS SysOps Administrator — Associate (SOA-C02) **What it covers:** Monitoring, logging, automation, deployments, security, cost management, high availability **Why it matters:** More hands-on than SAA. Directly maps to what you did in your homelab — keeping systems running, monitoring them, troubleshooting. **How it connects to your homelab:** This is literally your homelab at enterprise scale. Prometheus → CloudWatch. Docker → EC2/ECS. Cloudflare Tunnel → ALB. Tailscale → VPC. **Take this after SAA.** Many people skip it — don't. It makes you a better engineer. --- ### Certified Kubernetes Administrator (CKA) **What it covers:** Container orchestration, Kubernetes cluster management, deployments, networking, storage, troubleshooting **Why it matters:** Docker Compose is what you use at home. Kubernetes is what companies use in production. This cert is highly valued at mid-to-senior level. **How it connects to your homelab:** You run containers with Docker Compose — Kubernetes is the enterprise version. Your `kitestacks` Docker network maps to Kubernetes namespaces. Your services map to Kubernetes Deployments. **Study resources:** - *Mumshad Mannambeth's CKA course* (KodeKloud) — industry standard - KodeKloud labs — hands-on practice environment built specifically for this exam **When to take it:** After AWS certs. Kubernetes before cloud fundamentals is backwards. --- ### AI / Prompt Engineering Certifications Since you're already running Open WebUI + LiteLLM, you have a head start. | Cert | Provider | Cost | Best For | |------|----------|------|----------| | **AWS AI Practitioner (AIF-C01)** | AWS | ~$150 | Cloud AI fundamentals, pairs with your AWS path | | **Azure AI-900** | Microsoft | ~$165 | Broad AI concepts, vendor-neutral feel | | **Google Generative AI Fundamentals** | Google Cloud | Free | Quick badge, good starter | | **DeepLearning.AI — Prompt Engineering** | Coursera/DeepLearning | Free (audit) | Best hands-on prompt content | | **Vanderbilt Prompt Engineering Specialization** | Coursera | ~$50 | Certificate for LinkedIn | **Honest advice:** For prompt engineering, a portfolio beats a cert. Document your LiteLLM/Open WebUI setup. Show model routing configurations. Write about the decisions you made. That's more valuable than any certificate. --- ## Certification Timeline Given where you are today: | Timeframe | Milestone | |-----------|-----------| | Next 1–2 months | CompTIA A+ Core 2 ✅ | | Months 3–8 | CCNA | | Months 9–11 | AWS SAA-C03 | | Months 12–14 | AWS SysOps Associate | | Months 15–18 | CKA (or CompTIA Cloud+) | | Months 18+ | AI/ML certs | --- ## Why This Order Matters **Networking before cloud:** AWS, Azure, and GCP are all just managed networking + compute. If you don't understand subnets, routing, and DNS, cloud will be confusing. CCNA first makes cloud certs 3x easier. **Associate before specialty:** Don't skip to advanced certs. The associate level forces you to learn breadth. You'll encounter scenarios in the SysOps exam that directly map to what broke in your homelab. **Hands-on alongside study:** The fastest way to pass any of these is to *build the thing* while you study. You already have a homelab. Use it. Every AWS service you study — ask yourself: "what's the equivalent in my homelab?" --- ## What These Certs Say to a Hiring Manager | You Have | They Hear | |----------|-----------| | A+ | You know how hardware and OS work | | CCNA | You understand networking deeply, not just surface level | | AWS SAA | You can architect solutions in the cloud | | AWS SysOps | You can keep cloud infrastructure running in production | | CKA | You can manage container workloads at scale | | Homelab project | You do this for fun, not just for a paycheck | The last row is the most important one.