AWS Certified DevOps – Professional Exam Learning Path
AWS Certified DevOps – Professional exam basically validates the following
- Implement and manage continuous delivery systems and methodologies on AWS
- Understand, implement, and automate security controls, governance processes, and compliance validation
- Define and deploy monitoring, metrics, and logging systems on AWS
- Implement systems that are highly available, scalable, and self-healing on the AWS platform
- Design, manage, and maintain tools to automate operational processes
Refer to the AWS Certified DevOps – Professional Exam Blue Print
AWS Cloud Computing Whitepapers
- Security at Scale: Governance in AWS
- Security at Scale: Logging in AWS
- Securing Data at Rest with Encryption
- Development and Test on Amazon Web Services
- Operational Checklists for AWS
- Architecting for the Cloud: Best Practices
- Building Fault-Tolerant Applications on AWS
- Storage Options in the Cloud
- Backup and Recovery Approaches Using Amazon Web Services
- AWS Security Best Practices
AWS Certified DevOps – Professional Exam Contents
Domain 1: Continuous Delivery and Process Automation
- 1.1 Demonstrate an understanding of application lifecycle management:
- Application deployment management strategies such as rolling deployments and A/B.
- includes Blue Green Deployment using various services
- includes deployment using Auto Scaling + ELB either as
- separate ELB and Auto Scaling group
- same ELB and Auto Scaling group with different launch config
- includes Elastic Beanstalk deployment types which include rolling, rolling batch and blue green using swap urls
- includes CloudFormation deployments using AutoScalingRollingUpdate & AutoScalingReplacementUpdate
- includes OpsWorks Deployment Strategies with features to rollback
- includes AutoScaling lifecycle and using hooks
- includes AutoScaling Termination policies
- includes Route 53 routing policies esp. health checks with failover and weighted routing
- Version control, testing, build tools and bootstrapping.
- includes CloudFormation Best Practices esp. Nested Templates for better control, using parameters for reusability
- includes bootstrapping using userdata
- includes CloudFormation helper scripts, WaitCondition and Creation Policy
- includes CloudFormation Custom Resource
- Using Pre-Baked AMIs
- Using Docker with Elastic Beanstalk
- Application deployment management strategies such as rolling deployments and A/B.
- 1.2 Demonstrate an understanding of infrastructure configuration and automation.
- includes Deployment tools comparison
- includes CloudFormation configuration, helper scripts and bootstrapping
- includes OpsWorks
- includes Elastic Beanstalk configurations using .ebextensions
- 1.3 Implement and manage continuous delivery processes using AWS services.
- includes CodeDeploy, OpsWorks
- 1.4 Develop and manage scripts and tools to automate operational tasks using the AWS SDKs, CLI, and APIs.
- includes using CloudFormation helper scripts
- includes using Elastic Beanstalk container commands
Domain 2: Monitoring, Metrics, and Logging
- 2.1 Monitor availability and performance.
- includes CloudWatch alarms and metrics
- 2.2 Monitor and manage billing and cost optimization processes.
- 2.3 Aggregate and analyze infrastructure, OS and application log files.
- includes using CloudWatch logs
- includes using ELB access logs, CloudTrail logs which can be integrated with CloudWatch logs
- 2.4 Use metrics to drive the scalability and health of infrastructure and applications.
- includes using CloudWatch alarms, SNS and AutoScaling
- 2.5 Analyze data collected from monitoring systems to discern utilization patterns.
- includes CloudWatch and analysis using CloudWatch metrics
- includes using Kinesis for real time log analysis
- 2.6 Manage the lifecycle of application and infrastructure logs
- includes logs storage using CloudWatch, S3, Glacier and lifecycle policies
- 2.7 Leverage the AWS SDKs, CLIs and APIs for metrics and logging.
- includes CloudWatch logs using CloudWatch agent with logs group, events and metrics
Domain 3: Security, Governance, and Validation
- 3.1 Implement and manage Identity and Access Management and security controls.
- includes IAM, IAM Best Practices
- includes IAM Role – Identity Federation
- 3.2 Implement and manage protection for data in-flight and at rest.
- includes Encryption at Rest options
- includes S3 encryption, EBS encryption
- includes data in flight encryption using ELB HTTPs and TCP listeners
- includes management of certs and credentials
- 3.3 Implement, automate and validate cost controls for AWS resources.
- includes Cost Explorer, CloudWatch Billing alarms
- 3.4 Implement and manage automated network security and auditing.
- includes CloudTrail
- includes VPC security using Security Groups & NACLs
- 3.5 Apply the appropriate AWS account and billing set-up options based on business requirements.
- includes AWS Organizations, Consolidated Billing
- 3.6 Implement and manage AWS resource auditing and validation.
- includes CloudTrail, AWS Config
- 3.7 Use AWS services to implement IT governance policies.
- includes Risk and Compliance
Domain 4: High Availability and Elasticity
- 4.1 Determine appropriate use of multi-Availability Zone versus multi-region architectures.
- includes services boundaries
- 4.2 Implement self-healing application architectures.
- includes ELB, Auto Scaling,
- includes ELB with Auto Scaling with health checks, connection draining
- includes RDS Multi-AZ
- 4.3 Implement the most appropriate front-end scaling architecture.
- includes building scalable architecture using ELB with Auto Scaling
- includes using CloudFront covering cache behavior, dynamic content, work with on premise servers as origin, HLS with Elastic Transcoder
- 4.4 Implement the most appropriate middle-tier scaling architecture.
- includes building scalable architecture using ELB with Auto Scaling
- includes building loosely coupled scalable architecture using SQS, CloudWatch and AutoScaling and SWF
- 4.5 Implement the most appropriate data storage scaling architecture.
- includes various storage options DynamoDB, RDS, RDS with Read Replicas, ElastiCache, S3 and Glacier, EBS
- includes Storage Options patterns and anti-patterns
- 4.6 Demonstrate an understanding of when to appropriately apply vertical and horizontal scaling concepts.
- includes basic understanding of horizontal scaling is scale in/out and vertical scaling is scale up/down
AWS Certified DevOps – Professional Exam Resources
- Online Courses
- Practice Exams
- Braincert AWS DevOps Engineer – Professional Practice Exam – Set of extensive questions, with very nice, accurate & detailed explanation
Hello Jayendra: Congratulations for the quality of the material you have on this blog. It is one, if not the best, AWS contents in the Web.
Cheers,
Diego.
Hello Jayendra,
In the list of AWS Cloud Computing Whitepapers, this link does not work: Security at Scale: Governance in AWS (http://media.amazonwebservices.com/AWS_Security_at_Scale_Governance_in_AWS.pdf)
FYI.
Thanks Benoit, have corrected the links …
which is the best wrt the course – Linux academy or Cloudguru or need to study both?
Please share your thoughts
i prefer linux academy, as they are more detailed. I always felt cloud guru where expensive alteast for professional courses. … but my personal opinion
Thanks for the suggestion
Have you cleared the Devops professional exam? Is that difficult ?
Just cleared DevOps last month, it is tough but not difficult to crack for sure. Make sure you follow the this blog post and be sure to clear the exam.
is brain cert material close to real test? thanks
they are pretty close to the format, topics and concepts required for the actual exam.
So, just a quick question, have you re-cert your devops prof 2018, I just failed the test and appear there are new format of test, would brain-cert can help me to pass next time ?
hi JP,
I cleared Solutions architect – associate . thank you for your blog. I hope to clear sysops- associate as well. for DevOPS professional and Solutions architect professional – my plan is to do the Linuxacademy tutorials, your blog and then whizlabs . will that be enough to clear devops and solutions professional ? please let me know your opinion. thank you for the excellent blog.
Linux Academy is good. Go through the blog for important topics and whitepapers, they will help a lot. I would recommend Braincert practice tests for Professional, they are quite deep and good.
Hello Jayendra, Thanks so much for your detailed blog ..It really helps ..
Happy to Help Yogita ….
Thanks Jay, I finally pass the 2 pro exam. You really help me in this boring study road. You are awesome. 🙂
Thats Great Ray, Congrats on clearing both Professional exams. They are really tough.
Jay ,
Is The DevOps Engineer Professional exam more hard than Solutions architect Professional?
If you could leverage the five exams in difficult levels, what is the level of didddiffi of the DevOps?
DevOps was surely more difficult then the Solutions Architect Professional.
Thanks Jay,
Your blog is really AWSOME!
Passed today in the DevOps Pro exam, after 10 minutes of internal errors 502 bad gateway in the PSI exam environment
your content is.very very helpful
Overall Score: 78%
Topic Level Scoring:
1.0 Continuous Delivery and Process Automation: 72%
2.0 Monitoring, Metrics, and Logging: 81%
3.0 Security, Governance, and Validation: 100%
4.0 High Availability and Elasticity: 83%
Hi Guys,
I’m about to take the certtification bu this week i have watched the all lessons in acloudguru. But still i’m feeling like unprepared can you please advice me something to follow :(. Please give me any quizlet links or guide me the steps which i have to follow.
DevOps, i feel is the toughest of the exams (excluding speciality ones), so you need to be sure you are better prepared. If you are checking on the old pattern try Braincert exams. Haven’t checked on the new format yet.
Hi Jayendra
Thanks for the learning path.. This is very invaluable. Nice content to follow.
Do you know if only new 2019 Devops exams are available now. Do we also have the older/previous version of the exam still?
I think the old ones are not available anymore after 4th Feb, but you can check.
Do you plan on updating this page for the new exam?
yup would be updating them probably by next month …
Waiting for the new content, not only me but my entire team probably 20+.
Please make content updated for new blue print.
I have cleared associate exam by preparation from here. Excepting same for devops professional as well.
Thanks
Working on the new DevOps content, expect an update soon …
Do we have any tentative date of when the new course contents will be updates? Because i’m planning to take the exam by April end, so your course will be the main resource for me to prepare for the exam.
Most probably, April end is what am targeting for both Professional exams.
Your blog is really helpful. Waiting for the new content for DevOps Pro, when can we expect the updated content?
planning to have it updated by month end .. hopefully 🙂
Hi Jay ,
Last year I passed AWS Sysops Admin exam and wanted to say Thank you for your blogs.
Last week I just enrolled for AWS DevOps Professional one and I set exam date mid June.
I have around 45 days. I am hoping by this month end, this blog will be updated so that I go through latest key points to be considered.
Thanks again
Ashish
hoping for the same 🙂
Hi, Your blog is really helpful. When can we expect this blog(AWS Devops Professional) to be updated?
Hi, Your blog is really helpful!!! When can we expect the updated content(AWS Devops Professional)?
Hi, Your blog is really helpful. Waiting for the new content for DevOps Pro 2019, when can we expect that?
hoping to have it by this month end ..
Hi,
When can we expect an update?
So you mentioned Braincrt regarding practice test But looks like they haven’t updated according to new changes made in devops professional course. Not sure it’s reliable.
They are already updated inline with the latest pattern.
Thank you for confirmation.
Urgent please what should be answer for this : I am confused between B and C
Q9
You have a large multi-tier architecture that serves public-facing Web traffic through a load balancer and is backed by a Web tier that is contained within an Amazon EC2 auto scaling group. During a peak in traffic, you discover that your Web tier is adding new instances disproportionately compared to the amount of incoming traffic and the auto scaling policy that was set up. What should you do in order to stop the auto scaling group from scaling incorrectly in response to incoming traffic?
A. Using CloudWatch and the InstanceBootTime metric, increase the PauseTime and CoolDown property on the auto scaling group to be over the value of the metric.
B. Using a custom CloudWatch metric, insert the elapsed time since the instance launch to the time the instance responds to an Elastic Load Balancing health check, and periodically adjust the PauseTime and the CoolDown property of the auto scaling group to be over the value of the metric.
C. Using a custom CloudWatch metric, insert the elapsed time since the instance launch to the time the instance reponds to an Elastic Load Balancing health check, and periodically adjust the PauseTime of the UPdatePolicy and reduce the ScalingAdjustment policy by 50%.
D. Using a third-party configuration management tool and the AWS SDK, suspend all ScheduledActions of the auto scaling group until after the traffic peak, and then resume all ScheduledActions.
Would go with C as Scaling Adjustment with Pause time update policy can be used.
Urgent please:
what should be answer for below question:
Your Company wants to perform A/B testing on a new website feature for 20 percent of its users. The website uses CloudFront for whole site delivery, with some content cached for up to 24 hours. How do you enable this testing for the required proportion of users while minimizing performance impact?
A. Configure the web servers to handle two domain names. The feature is switched on or off depending on which domain name is used for a request. Configure a CloudFront origin for each domain name, and configure the CloudFront distribution to use one origin for 20 percent of users and the other origin for the other 80 percent.
B. Configure the CloudFront distribution to forward a cookie specific to this feature.
For requests where the cookie is not set, the web servers set its value to ”on” for 20 percent of responses and “off” for 80 percent. For requests where the cookie is set, the web servers use Its value to determine whether the feature should be on or off for the response.
C. Create a second stack of web servers that host the website with the feature on. Using Amazon Route53, create two resource record sets with the same name: one with a weighting of “1” and a value of this new stack; the other a weighting of “4” and a value of the existing stack. Use the resource record set’s name as the CloudFront distribution’s origin.
D. Invalidate all of the CloudFront distribution’s cache items that the feature affects. On future requests, the web servers create responses with the feature on for 20 percent of users, and off for 80 percent. The web servers set “Cache-Control: no-cache” on all of these responses.
I think it should be C but when I check this https://medium.com/buildit/a-b-testing-on-aws-cloudfront-with-lambda-edge-a22dd82e9d12 , leads to me choose B:
Please reply ASAP
C should work fine.