Introduction
In the fast-paced world of cloud computing and DevOps, staying abreast of the latest certifications is paramount. Recently, I undertook the challenge of recertifying for the AWS Certified DevOps Engineer - Professional exam. This certification is tailored for seasoned professionals with extensive experience in managing AWS environments, affirming proficiency in deploying and operating distributed applications on the AWS platform.
Articles on how to pass the AWS Certified DevOps Engineer - Professional exam are plentiful, but I always make a point of reviewing the latest ones for any new insights or updates. This year, I'll share my experience recertifying, including new things I didn’t recall from the certification and the aspects I found most interesting this time around.
Overview of the Certification
The AWS Certified DevOps Engineer - Professional exam focuses on various aspects of DevOps engineering, including continuous delivery (CD) methodologies, automation of security controls, governance processes, and monitoring and logging practices. It is recommended to have prior certifications such as the AWS Certified Developer – Associate and AWS Certified SysOps Administrator – Associate, particularly the SysOps certification as it covers a significant part of the content at a different level.
Official Resources:
- The exam content outline and passing score, is in the Exam Guide
- AWS Skill Builder Resources
- The Sample Questions are 20 questions developed by AWS to demonstrate the style of our certification exams.
- AWS offers various resources on their Skill Builder platform to help you prepare for the exam. There is a free course called Exam Prep Standard Course and for those with a subscription, there are additional exam questions and an enhanced version of the preparation course.
Exam Content Domains
The exam covers six content domains, each with a specific weighting. Below is a breakdown of each domain along with key topics and important points to review:
Domain 1: SDLC Automation (22%)
Domain 2: Configuration Management and IaC (17%)
Domain 3: Resilient Cloud Solutions (15%)
Domain 4: Monitoring and Logging (15%)
Domain 5: Incident and Event Response (14%)
Domain 6: Security and Compliance (17%)
Detailed Exploration of my Key Learnings
The domains are important to understand the percentage of questions for each topic, but in this case, the difference between the maximum and minimum is 8%, so all domains have more or less the same weight. Normally, I tend to review the services and how to integrate them with each other more than focusing on the domains. Here are some of the notes I took for review or learning, but this will depend a lot on your experience and background in AWS.
Apart from taking notes, it is very useful to see diagrams of integrations or solutions and practice with real scenarios (hands on experience is always the best). I try to complement this with diagrams from AWS documentation or create my own.
-
AWS Developer Tools: Extensive exploration of AWS CodePipeline, AWS CodeBuild, and AWS CodeCommit.
- AWS CodeArtifact: Understanding How It Works, Integration with External Repositories, and Configuration in a Multi-Account Organization.
- AWS CodeDeploy: Understand the hooks and their appropriate use cases (BeforeInstall, AfterInstall,…). Familiarize yourself with the different deployment types and their impacts. Understand the different deployment strategies.
- Serverless architectures: Ways of deployments, when and how to use canary releases. Differences between provisioned concurrency and reserved concurrency with AWS Lambdas. Use AWS Serverless Application Model (AWS SAM)
- Ensure managed EC2 instances have the correct application version and patches installed using SSM (Patch Manager, Maintenance Windows, state Manager, Inventory).
- Use CloudFormation drift detection to manage configuration changes. How to use different stacks together, different between StackSets and nested stacks, how to deploy instances and how to updated it using its user data and understand the hooks of EC2, ASG and ALB and when use it.
- Use Auto Scaling with warm pools for better instance state management.
- Use of Amazon EventBridge rules for detecting events, for example with AWS Health Service.
- Know well how AWS Organizations works, how it is integrated with other services, how you can delegate the administration of these services to other accounts, how they are defined and what SCPs are used for, and the differences with permission boundaries.
- Set up automatic remediation actions using AWS Config and AWS Systems Manager Automation runbooks.
- Track service limits with Trusted Advisor and set up CloudWatch Alarms for notifications. Additional Services: Learn the difference of each service what it is used for and how it differs from the rest.
- Amazon Inspector: Continuously scan workloads for vulnerabilities.
- Amazon GuardDuty: Detect threats and unauthorized activities.
- AWS Trusted Advisor: Make recommendations when opportunities exist to save money, improve system availability and performance, or help close security gaps.
- Amazon Macie: Automatically discover, classify, and protect sensitive data.
- AWS Compute Optimizer: Identify optimal AWS resource configurations.
- AWS EC2 Image Builder: simplifies the building, testing, and deployment of Virtual Machine and container images for use on AWS or on-premises.
- AWS Elastic Disaster Recovery: Minimize downtime and data loss with fast recovery.
- AWS Resilience Hub: Define, validate, and track application resilience on AWS.
Although certifications do not serve to validate your knowledge, I always learn something new from a service that I have not used or from some functionality that I had not used. For example, using Warm Pools in Amazon EC2 Auto Scaling to decrease latency for applications with long boot times (there is not new it is from 2021) or using the AWS CodeArtifact domain to manage multiple repositories across multiple accounts.
In conclusion, the AWS Certified DevOps Engineer - Professional exam not only reinforced my existing skills but also broadened my understanding of AWS services and their real-world applications. Continuous learning is indispensable in navigating the ever-evolving landscape of cloud technology.
And you, what is the latest thing you have learned?
Keep learning!
Top comments (3)
Thanks for sharing 👌
Thank you for taking time to read it and comment! :)
Thanks for writing this; it's much appreciated!
I am planning to renew my DevOps Professional certification before the end of the year and renew my Solutions Architect Professional certification at the beginning of next year, so I was very interested to hear about your experience.
I was surprised to see a focus on serverless architecture and SAM. I've only used SAM a couple of times and don't recall encountering it in a certification exam. I had never even heard of AWS Resilience Hub before, so I'll definitely have to look into it.
One of the methods that works best for me is taking practice exams, but not the AWS official ones. I retake them until I achieve a passing score on all of the tests available, making sure to research and take notes on the questions I miss.