In today’s fast-moving IT environment, no field is hotter than cloud computing, no platform is more relevant than Amazon Web Services (AWS) and no skill set is more in-demand than DevOps Engineering.
As business needs change and evolve more rapidly than ever, Certified AWS DevOps Engineering Professionals facilitate delivery, security, and performance engineering. They do this by using advanced software techniques to manage, deploy, govern and optimize AWS cloud infrastructure. Some background on the basics can be found in a previous post from Michael Sheehy.
AWS DevOps Engineer Professional Certification
AWS Certifications demonstrate to employers the certification holder’s proficiency in cloud computing with an industry-respected stamp of approval. Of the AWS Certifications, the AWS DevOps Engineer Professional certificate is the newest and most uncommon – having one may unlock many opportunities.
What is this certificate? In Amazon’s own words…:
The AWS Certified DevOps Engineer – Professional exam validates technical expertise in provisioning, operating, and managing distributed application systems on the AWS platform.
Practically speaking, the exam covers four subject areas:
- Continuous Delivery & Process Automation
- Monitoring, Metrics, & Logging
- Security, Governance & Validation
- High Availability & Elasticity
This is a professional level certification and any exam taker must excel in all of these knowledge domains as well as the many other skills that make up each focus area. That’s a lot of material!
How to Study for the AWS DevOps Pro Exam
The DevOps Engineering Professional exam (AWS DevOps Pro Exam) requires in-depth knowledge of the core concepts of each AWS service. It also requires practical skills in the creation and optimization of systems using these tools. This differs from some of the other certifications, in that it is not sufficient to merely know what tool to use, but one must also understand the best ways of optimally using each tool. This certification also requires a user to fully understand the practical limitations of each tool as well as its capabilities.
For example, instead of being asked which tool to use for automating continuous delivery of complete stacks (Use AWS CloudFormation), you may be asked to design an optimal system for creating a stack and knowing how it is finished completing (Use AWS CloudFormation with SNS Stack Topics in a delivery pipeline).
Because the DevOps Engineering Certification requires so much in-depth knowledge, you should head on over to Cloud Academy’s Labs and try your hand at the relevant subject areas.
Since we also need to build our working knowledge of the concepts used to design distributed systems and automation on AWS, Video Lectures will be critical to all of our success. Make sure to pay close attention to the “why” when learning. After finishing a course, come back after some time and re-watch. The second time viewing, try to see if you can predict what the lecturer will say next. For knowledge-based portions of lectures, this is an excellent way to memorize important concepts. Use the practical work-along sections of videos for testing your knowledge of system design.
Finally, since all of the questions require scenario-based intuition and design expertise, make sure you take lots of practice quizzes before sitting for your AWS DevOps Pro Exam. You need about 70% accuracy to pass the exam. The key here, beyond accuracy, is pace. The exam is nearly three hours long, and you must quickly so solve questions and move on to the next challenge. When taking quizzes on CloudAcademy, you should be able to answer knowledge questions in 20 seconds or less, and scenario-based questions in 150 seconds or less. If you can do that, you are fast enough for the real exam.
The AWS DevOps Engineering Pro Guide
While AWS provides an Official Exam Blueprint, this PDF covers only the very high-level subject areas. I have compiled a more comprehensive list of topics, grouped in a way that should help you find study resources. I took the certification exam in October of 2015. I was the 645th person to pass the exam, and the 71st person to pass all 5 exams offered.
Each heading covers a major focus area for the exam. These major headings may each take several weeks of solid study for a beginner. Each sub-heading covers one logical skill set and should take a student about one week to learn. The bullets are question types you will encounter, and will take about one day of reading the AWS Developer Guides for the relevant subject.
Automation on AWS
- Automation Basics
- Continuous Integration
- Continuous Deployment
- Source Control Best Practices
- Delivery Automation Tools on AWS
- AWS Elastic Beanstalk
- AWS CodeDeploy
- AWS ECS and Docker on AWS
- Intro to AWS OpsWorks
- Advanced AWS Opsworks
- AWS CodePipeline
- AWS CodeCommit
- AWS CloudFormation: Automating Infrastructure
- Intro AWS CloudFormation Template
- A VPC-Based Project in CloudFormation
- Using CloudFormation To Deploy Builds
- Continuous Deployment of Infrastructure
- Advanced CloudFormation: Nested Stacks
- Advanced CloudFormation: Custom Resources
- Deployment Techniques and Strategies
- Rolling & Canary Deployments
- Blue-Green Deployments
- Full-Stack testing
- Immutable Infrastructures
Monitoring, Metrics, and Logging
- Monitoring Tools
- CloudWatch Metrics
- Health Checks (Route53 + ELB + EC2)
- CloudWatch Alerts
- Logging Tools
- CloudWatch Logs
- Using Log Streams
- Log Aggregation and Traceability
- Real-Time Log Analysis
Data Security on AWS
- Data Lifecycles
- At Rest
- In Transit
- During Disposal
- Data Encryption on AWS
- Encryption Keys: KMS, HSM, X.509, IKE
- Encryption In Transit: HTTPS, SSL and Client-Side
- Encryption At Rest: AWS EC2
- Encryption At Rest: AWS S3
Access Control on AWS
- Controlling Access to AWS: IAM
- IAM Policies: Language of Permissions
- IAM Users & Groups: Manage Your Team
- IAM Roles: Granting Access to Services
- IAM Roles: Managing Multiple Accounts
- Security Auditing AWS
- AWS Trusted Advisor
- AWS Config
- AWS CloudTrail
- AWS Inspector
Network Security on AWS
- AWS VPC
- Intro to AWS VPC
- AWS VPC Subnetting
- AWS VPC and the Internet: NATs, IGWs, Routes
- Secure a VPC: Security Groups vs Network ACLs
- Private S3 Traffic: AWS VPC Endpoints
- Access Other VPCs: AWS VPC Peering
- AWS VPC: Sample Networks (A peered network, private S3, Ruby on Rails implementation)
- Multi-Site Networks on AWS
- AWS Direct Connect
- VPNs and IPsec
- Multi-Region Connectivity
- Metering and Budgeting
- Metering and Billing Basics
- Multi-Account and Consolidating Billing
- AWS DevPay
- Monitoring Spending
- IT Governance
- Tools for Monitoring Compliance
- AWS Service Directory
- Compliance Reporting
- AWS Directory Service
High Availability and Elasticity
- Basic Concepts
- Measuring Availability
- Measuring Recoverability
- Measuring Performance
- Availability Zones and Regions
- Availability on AWS
- Self-Healing Architecture
- Recovery Through Infrastructure Automation
- Mitigating Risk
- Failover Strategies
- Scaling on AWS
- Vertical vs Horizontal Scaling
- Offload Effort to AWS
- Scaling network, asset delivery, and front-ends
- Scaling compute and middle-tiers
- Scaling databases and storage
To Wrap It Up
Passing the Certified AWS DevOps Pro Exam opens up many doors for intrepid engineers. With careful study of the materials the exam covers, plenty of practice in real-world scenarios, and rigorous training with example questions, you too can obtain this prestigious certification. Cloud Academy offers a standard 7-day free trial so check it out. I encourage you to leverage all the learning tools Cloud Academy has to offer, conquer the exam, and come back and tell us about it! Search for DevOps and see what is new.
New Content: Platforms, Programming, and DevOps – Something for Everyone
This month our team of expert certification specialists released three new or updated learning paths, 16 courses, 13 hands-on labs, and four lab challenges! New content on Cloud Academy You can always visit our Content Roadmap to see what’s just released as well as what’s coming soon....
Mastering AWS Organizations Service Control Policies
Service Control Policies (SCPs) are IAM-like policies to manage permissions in AWS Organizations. SCPs restrict the actions allowed for accounts within the organization making each one of them compliant with your guidelines. SCPs are not meant to grant permissions; you should consider ...
New Content: Focus on DevOps and Programming Content this Month
This month our team of expert certification specialists released 12 new or updated learning paths, 15 courses, 25 hands-on labs, and four lab challenges! New content on Cloud Academy You can always visit our Content Roadmap to see what’s just released as well as what’s coming soon. Ja...
New Content: Get Ready for the CISM Cert Exam & Learn About Alibaba, Plus All the AWS, GCP, and Azure Courses You Know You Can Count On
This month our team of intrepid certification specialists released five learning paths, seven courses, 19 hands-on labs, and three lab challenges! One particularly interesting new learning path is Certified Information Security Manager (CISM) Foundations. After completing this learn...
Which Certifications Should I Get?
The old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and companies. With all that in mind, the s...
The 12 AWS Certifications: Which is Right for You and Your Team?
As companies increasingly shift workloads to the public cloud, cloud computing has moved from a nice-to-have to a core competency in the enterprise. This shift requires a new set of skills to design, deploy, and manage applications in cloud computing. As the market leader and most ma...
AWS Certified Solutions Architect Associate: A Study Guide
Want to take a really impactful step in your technical career? Explore the AWS Solutions Architect Associate certificate. Its new version (SAA-C02) was released on March 23, 2020. The AWS Solutions Architect - Associate Certification (or Sol Arch Associate for short) offers some ...
New Content: AWS Terraform, Java Programming Lab Challenges, Azure DP-900 & DP-300 Certification Exam Prep, Plus Plenty More Amazon, Google, Microsoft, and Big Data Courses
This month our Content Team continues building the catalog of courses for everyone learning about AWS, GCP, and Microsoft Azure. In addition, this month’s updates include several Java programming lab challenges and a couple of courses on big data. In total, we released five new learning...
Where Should You Be Focusing Your AWS Security Efforts?
Another day, another re:Invent session! This time I listened to Stephen Schmidt’s session, “AWS Security: Where we've been, where we're going.” Amongst covering the highlights of AWS security during 2020, a number of newly added AWS features/services were discussed, including: AWS Audit...
AWS re:Invent: 2020 Keynote Top Highlights and More
We’ve gotten through the first five days of the special all-virtual 2020 edition of AWS re:Invent. It’s always a really exciting time for practitioners in the field to see what features and services AWS has cooked up for the year ahead. This year’s conference is a marathon and not a...
WARNING: Great Cloud Content Ahead
At Cloud Academy, content is at the heart of what we do. We work with the world’s leading cloud and operations teams to develop video courses and learning paths that accelerate teams and drive digital transformation. First and foremost, we listen to our customers’ needs and we stay ahea...
Excelling in AWS, Azure, and Beyond – How Danut Prisacaru Prepares for the Future
Meet Danut Prisacaru. Danut has been a Software Architect for the past 10 years and has been involved in Software Engineering for 30 years. He’s passionate about software and learning, and jokes that coding is basically the only thing he can do well (!). We think his enthusiasm shines t...