AWS Certified DevOps Engineer – Professional (DOP-C01) Exam Learning Path

NOTE – Refer to DOP-C02 Learning Path

AWS Certified DevOps Engineer – Professional (DOP-C01) exam is the upgraded pattern of the DevOps Engineer – Professional exam which was released last year (2018). I recently attempted the latest pattern and AWS has done quite good in improving it further, as compared to the old one, to include more DevOps related questions and services.

AWS Certified DevOps Engineer – Professional (DOP-C01) exam basically validates

• Implement and manage continuous delivery systems and methodologies on AWS
• Implement and automate security controls, governance processes, and compliance validation
• Define and deploy monitoring, metrics, and logging systems on AWS
• Implement systems that are highly available, scalable, and self-healing on the AWS platform
• Design, manage, and maintain tools to automate operational processes

Refer to AWS Certified DevOps Engineer – Professional Exam Guide

AWS Certified DevOps Engineer – Professional (DOP-C01) Exam Summary

• AWS Certified DevOps Engineer – Professional exam was for a total of 170 minutes but it had 75 questions (I was always assuming it to be 65) and I just managed to complete the exam with 20 mins remaining. So be sure you are prepared and manage your time well. As always, mark the questions for review and move on and come back to them after you are done with all.
• One of the key tactic I followed when solving the DevOps Engineer questions was to read the question and use paper and pencil to draw a rough architecture and focus on the areas that you need to improve. Trust me, you will be able eliminate 2 answers for sure and then need to focus on only the other two. Read the other 2 answers to check the difference area and that would help you reach to the right answer or atleast have a 50% chance of getting it right.
• AWS Certified DevOps Engineer – Professional exam covers a lot of concepts and services related to Automation, Deployments, Disaster Recovery, HA, Monitoring, Logging and Troubleshooting. It also covers security and compliance related topics.
• Be sure to cover the following topics
  • Whitepapers are the key to understand Deployments and DR
    • Blue Green Deployments
    • Disaster Recovery
    • Architecting for the Cloud: Best Practices 
    • Building Fault-Tolerant Applications on AWS
  • Management Tools
    • DevOps professional exam cannot be cleared without the knowledge of this topics
    • Deep dive into CloudFormation, Elastic Beanstalk and OpsWorks
    • Very important to understand CloudFormation vs Elastic Beanstalk vs OpsWorks
    • CloudFormation
      • Have in-depth understand of CloudFormation concepts
      • Know how to indicate completion of events using CloudFormation helper scripts.
      • Understand CloudFormation deployment strategies esp. rolling and replacing update with AutoScaling and update of launch configuration
      • Understand CloudFormation policies esp. Update and Deletion policies (hint : retain resources on stack deletion)
      • Understand CloudFormation Best Practices esp. Nested Stacks and logical grouping
      • Understand CloudFormation template anatomy – parameters, outputs, mappings
      • Understand CloudFormation Custom resource and its use cases (hint : you can use Custom resource to retrieve AMI IDs or interact with external services)
    • Elastic Beanstalk
      • Understand Elastic Beanstalk overall – Applications, Versions and Environments
      • Understand Elastic Beanstalk Deployment Strategies esp. the rolling, immutable and blue/green deployments
      • Know Custom AMIs can be supported
      • Know Elastic Beanstalk offers Docker support
    • OpsWorks
      • Understand OpsWorks overall – stacks, layers, recipes
      • Understand OpsWorks Lifecycle events esp. the Configure event and how it can be used.
      • Understand OpsWorks Deployment Strategies
      • Know OpsWorks auto-healing and how to be notified for it.
    • Development Tools
      • Unlike the previous DevOps Engineer – Professional exam, the latest pattern has a heavy focus on the Developer tools and be sure to deep dive into them
      • Understand CodePipepline, CodeCommit, CodeDeploy, CodeBuild and their uses cases
      • CodePipeline
        • Understand how to build Pipelines and integration with other Code* services
        • Understand CodePipeline pipeline structure (Hint : run builds parallelly using runorder)
        • Understand how to configure notifications on events and failures
        • Know CodePipeline supports Manual Approval
      • CodeCommit
        • How to handle deployments for code. (Hint : Same repository and branches for projects and environments)
        • Know CodeCommit IAM policies
      • CodeDeploy
        • Understand CodeDeploy Lifecycle events hooks
        • Understand CodeDeploy deployment configurations (hint : supports canary and linear deployment)
        • Understand CodeDeploy redeploy and rollbacks
  • Monitoring & Governance tools
    • Very important to understand AWS CloudWatch vs AWS CloudTrail vs AWS Config
    • Very important to understand Trust Advisor vs Systems manager vs AWS Inspector
    • Know Personal Health Dashboard & Service Health Dashboard
    • CloudWatch
      • Deep dive CloudWatch
      • Understand CloudWatch logs
      • Understand CloudWatch Subscription Filters and its integration with other services.
      • Understand CloudWatch Events
      • Understand CloudWatch supports custom metrics
      • Know how to monitor AWS managed and on-premises instances
      • Know you can triggers events using CloudWatch scheduled events.
    • CloudTrail
      • Understand CloudTrail for audit and governance
      • Understand how to maintain CloudTrail logs integrity
    • Understand AWS Config and its use cases (hint : Config maintains history and can be used to revert the config)
    • Know Personal Health Dashboard (hint : it tracks events on your AWS resources)
    • Understand AWS Trusted Advisor and what it provides (hint : low utilization resources)
    • Systems Manager
      • Systems Manager is also covered heavily in the exams so be sure you know
      • Understand AWS Systems Manager and its various services like parameter store, patch manager
  • Networking & Content Delivery
    • Networking is covered very lightly. Usually the questions are targetted towards Troubleshooting of access or permissions.
    • Know VPC
      • Understand Security Groups, NACLs (Hint : know NACLs are stateless and how it is reflected in VPC Flow Logs)
      • Understand VPC Flow Logs and what information it provides
    • Route 53
      • Understand Route 53
      • Understand Routing Policies and their use cases Focus on Weighted, Latency routing policies
    • Understand CloudFront and use cases (hint : S3 caching)
    • Load Balancer
      • Understand ELB, ALB and NLB 
      • Understand ELB with Auto Scaling (hint : ELB with Auto Scaling for blue/green deployments)
  • Security, Identity & Compliance
    • Identity and Access Management
      • Understand IAM Roles and use cases
      • Know IAM Best Practices
    • Know AWS Inspector
    • Know AWS Application Discovery Service
  • Storage
    • Exam does not cover Storage services in deep
    • Focus on Simple Secure Service (S3)
      • Understand S3 Permissions (Hint – acl authenticated users provides access to all authenticated users. How to control access)
      • Know S3 disaster recovery across region. (hint : cross region replication)
      • Know CloudFront for caching to improve performance
    • Elastic Block Store
      • Focus mainly on EBS Backup using snapshots for HA and Disaster recovery
  • Database
    • Exam covers Database mainly in terms of HA and Disaster Recovery.
    • Know Aurora DR & HA using Read Replicas and Global Database
    • Elastic Search did appear in the exam, but it was only where search was relevant.
    • DynamoDB
      • Improve performance – Best practices (hint : one question for selection of keys)
      • DynamoDB Auto Scaling & DAX for caching
  • Compute
    • Know EC2
      • Understand ENI for HA, user data, pre-baked AMIs for faster instance start times
      • Amazon Linux 2 Image (hint : it allows for replication of Amazon Linux behavior in on-premises)
      • Snapshot and sharing
    • Auto Scaling
      • Auto Scaling Lifecycle events
      • Blue/green deployments with Auto Scaling – With new launch configurations, new auto scaling groups or CloudFormation update policies.
    • Understand Lambda
      • Know Lambda Alias supports Canary deployments using Routing Config
    • ECS
      • Know Monitoring and deployments with image update
  • Integration Tools
    • Know how CloudWatch integration with SNS and Lambda can help in notification (Topics are not required to be in detail)

AWS Certified DevOps Engineer – Professional (DOP-C01) Exam Resources

• Online Courses
  • Stephane Maarek – AWS Certified DevOps Engineer Professional
  • Adrian Cantrill – AWS Certified DevOps Engineer – Professional
  • Whizlabs – AWS Certified DevOps Engineer Professional Course
  • Coursera – DevOps on AWS Specialization 
• Practice tests
  • Braincert AWS Certified DevOps Engineer – Professional Practice Exams
  • Stephane Maarek – AWS Certified DevOps Engineer Professional Practice Tests
  • Whizlabs – AWS Certified DevOps Engineer Professional Practice Tests