Photo by Nick Morrison on Unsplash
AWS Certified DevOps Engineer Professional DOP-C02 Exam Preparation
One of my goals for the new year is to pass the AWS DevOps Engineer Professional Exam. In this post, I'll be sharing a summary of my notes and updating it as I continue my journey to certification. [Last updated: 18/06/24]
Exam Guide
Started off by going through the exam guide and seeing which domains will be tested. SDLC Automation has the highest weighting of 22% so this is something to really focus on.
I'm using the following courses to prepare. There is probably an overlap in content so I will take bits from each course to make sure I am covering all topics in depth.
Udemy - https://www.udemy.com/course/aws-certified-devops-engineer-professional-hands-on/
A Cloud Guru - https://www.pluralsight.com/cloud-guru/courses/aws-certified-devops-engineer-professional-dop-c02
Domain 1: SDLC Automation
CI/CD
CodeCommit
A managed service used to host private git repos
HA, fault tolerant and scalable
Need to create HTTPS Git credentials for IAM users
Can use regular Git commands to create branches etc.
Data encrypted in transit and at rest
AWS CodeCommit Power User permissions don't allow for creation or deletion of repos
Key commands:
aws codecommit create-repository --repository-nameaws codecommit get-repository --repository-nameaws codecommit list-repositoriesaws codecommit delete-repository --repository-name
CodeBuild
Fully managed CI service that compiles source code, runs test and produces packages to deploy
Output artifacts stored in S3 with versioning enabled
Can set up CloudWatch events to monitor code and run CodeBuild after a successful merge
From AWS docs: A buildspec is a collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build. You can include a buildspec as part of the source code or you can define a buildspec when you create a build project
CodeDeploy
Automates application deployments to AWS services or on prem
Use EventBridge to detect the result of a deployment job and use SNS or Lambda to notify
In CodeDeploy an application is a name identifier to reference deployment settings. An appspec file manages deployments
A deployment group is the instance or instances where you want to deploy code
Deployment configuration is the number of instances for which you want to deploy your code.
Predefined deployment configurations: one at a time, half at a time and all at once.
CodePipeline
- A CI service to automate pipelines to build, test and deploy
Domain 2: Configuration Management and IaC
Elastic Beanstalk
Fully managed service to deploy apps
Two environment types: single instance and HA
Configuration options are applied from multiple sources:
Directly to the environment
Saved Configurations
Configuration Files (.ebextensions) – .ebextensions is a folder at the root of the application source bundle
Docker and RDS:
Lambda
Default timeout period is 15 minutes
When a function is created, it doesn’t have any published versions. Unpublished versions are $LATEST which point to all unpublished changes. Once a version is published it becomes immutable.
Aliases can be used to point to a specific version e.g. dev to $LATEST. Can also be used for canary deployments.
SAM provides a bridge between Lambda and CloudFormation
API Gateway
Rest API: one way communication, request/response
WebSocket API: two-way communication, request/response and can also send independent communication to client
CloudFormation
IaC that encourages collaboration and uses version control and automation
A template is a declaration of AWS resourced that make up a stack
Objects are declared as name-value pair. Resources is the only required section in a template
Storing templates in a second region is a good DR practice
Intrinsic functions allow you to dynamically assign values at run time