Cover: AWS® Certified Developer Official Study Guide by Nick Alteen, Jennifer Fisher, Casey Gerena, Wes Gruver, Asim Jalis, Heiwad Osman, Marife Pagan, Santosh Patlolla and Michael Roth

AWS^®
Certified Developer
Official Study Guide
Associate (DVA-C01) Exam

Nick Alteen	Jennifer Fisher	Casey Gerena
Wes Gruver	Asim Jalis	Heiwad Osman
Marife Pagan	Santosh Patlolla	Michael Roth

Cover
About the Authors
Table of Exercises
Foreword
Introduction
What Does This Book Cover?
Interactive Online Learning Environment and Test Bank
1. Exam Objectives
2. Objective Map
Assessment Test
Answers to Assessment Test
Chapter 1 Introduction to AWS Cloud API
1. Introduction to AWS
2. Calling an AWS Cloud Service
3. Working with Regions
4. API Credentials and AWS Identity and Access Management
5. Summary
6. Exam Essentials
7. Resources to Review
8. Exercises
9. Review Questions
Chapter 2 Introduction to Compute and Networking
1. Amazon Elastic Compute Cloud
2. Running Applications on Instances
3. Customizing the Network
4. Managing Your Resources
5. Developer Tools
6. Summary
7. Exam Essentials
8. Resources to Review
9. Exercises
10. Review Questions
Chapter 3 Hello, Storage
1. Introduction to AWS Storage
2. Storage Fundamentals
3. AWS Block Storage Services
4. AWS Object Storage Services
5. AWS File Storage Services
6. Storage Comparisons
7. Cloud Data Migration
8. Summary
9. Exam Essentials
10. Resources to Review
11. Exercises
12. Review Questions
Chapter 4 Hello, Databases
1. Introduction to Databases
2. Relational Databases
3. Nonrelational Databases
4. Data Warehouse
5. In-Memory Data Stores
6. Graph Databases
7. Cloud Database Migration
8. Running Your Own Database on Amazon Elastic Compute Cloud
9. Compliance and Security
10. Summary
11. Exam Essentials
12. Resources to Review
13. Exercises
14. Review Questions
Chapter 5 Encryption on AWS
1. Introduction to Encryption
2. AWS Key Management Service
3. AWS CloudHSM
4. Controlling the Access Keys
5. Summary
6. Exam Essentials
7. Resources to Review
8. Exercises
9. Review Questions
Chapter 6 Deployment Strategies
1. Deployments on the AWS Cloud
2. AWS Elastic Beanstalk
3. Deployment Strategies
4. Monitoring and Troubleshooting
5. Summary
6. Exam Essentials
7. Resources to Review
8. Exercises
9. Review Questions
Chapter 7 Deployment as Code
1. Introduction to AWS Code Services
2. Using AWS CodePipeline to Automate Deployments
3. Using AWS CodeCommit as a Source Repository
4. Using AWS CodeBuild to Create Build Artifacts
5. Using AWS CodeDeploy to Deploy Applications
6. Summary
7. Exam Essentials
8. Resources to Review
9. Exercises
10. Review Questions
Chapter 8 Infrastructure as Code
1. Introduction to Infrastructure as Code
2. Infrastructure as Code
3. Using AWS CloudFormation to Deploy Infrastructure
4. Summary
5. Exam Essentials
6. Resources to Review
7. Exercises
8. Review Questions
Chapter 9 Configuration as Code
1. Introduction to Configuration as Code
2. Using AWS OpsWorks Stacks to Deploy Applications
3. Using Amazon Elastic Container Service to Deploy Containers
4. Summary
5. Exam Essentials
6. Resources to Review
7. Exercises
8. Review Questions
Chapter 10 Authentication and Authorization
1. Introduction to Authentication and Authorization
2. Exam Essentials
3. Resources to Review
4. Exercises
5. Review Questions
Chapter 11 Refactor to Microservices
1. Introduction to Refactor to Microservices
2. Amazon Simple Queue Service
3. Amazon Simple Notification Service
4. Amazon Kinesis Data Streams
5. Amazon Kinesis Data Firehose
6. Amazon Kinesis Data Analytics
7. Amazon Kinesis Video Streams
8. Amazon DynamoDB Streams
9. AWS IoT Device Management
10. Amazon MQ
11. AWS Step Functions
12. Summary
13. Exam Essentials
14. Resources to Review
15. Exercises
16. Review Questions
Chapter 12 Serverless Compute
1. Introduction to Serverless Compute
2. AWS Lambda
3. AWS Lambda Functions
4. Inside the AWS Lambda Function
5. Configuring the AWS Lambda Function
6. Invoking AWS Lambda Functions
7. Monitoring AWS Lambda Functions
8. Summary
9. Exam Essentials
10. Resources to Review
11. Exercises
12. Review Questions
Chapter 13 Serverless Applications
1. Introduction to Serverless Applications
2. Web Server with Amazon Simple Storage Service (Presentation Tier)
3. Dynamic Data with Amazon API Gateway (Logic or App Tier)
4. User Authentication with Amazon Cognito
5. Standard Three-Tier vs. the Serverless Stack
6. Amazon Aurora Serverless
7. AWS Serverless Application Model
8. AWS SAM CLI
9. AWS Serverless Application Repository
10. Serverless Application Use Cases
11. Summary
12. Exam Essentials
13. Resources to Review
14. Exercises
15. Review Questions
Chapter 14 Stateless Application Patterns
1. Introduction to the Stateless Application Pattern
2. Amazon DynamoDB
3. Amazon ElastiCache
4. Amazon Simple Storage Service
5. Amazon Elastic File System
6. Summary
7. Exam Essentials
8. Resources to Review
9. Exercises
10. Review Questions
Chapter 15 Monitoring and Troubleshooting
1. Introduction to Monitoring and Troubleshooting
2. Amazon CloudWatch
3. AWS CloudTrail
4. AWS X-Ray
5. Summary
6. Exam Essentials
7. Resources to Review
8. Exercises
9. Review Questions
Chapter 16 Optimization
1. Introduction to Optimization
2. Cost Optimization: Everyone’s Responsibility
3. Right Sizing
4. Using Instance Reservations
5. Using Spot Instances
6. Using AWS Auto Scaling
7. Using Containers
8. Using Serverless Approaches
9. Optimizing Storage
10. Optimizing Data Transfer
11. Relational Databases and Amazon DynamoDB
12. Monitoring Costs
13. Monitoring Performance
14. Summary
15. Exam Essentials
16. Resources to Review
17. Exercises
18. Review Questions
Appendix Answers to Review Questions
1. Chapter 1: Introduction to AWS Cloud API
2. Chapter 2: Introduction to Compute and Networking
3. Chapter 3: Hello, Storage
4. Chapter 4: Hello, Databases
5. Chapter 5: Encryption on AWS
6. Chapter 6: Deployment Strategies
7. Chapter 7: Deployment as Code
8. Chapter 8: Infrastructure as Code
9. Chapter 9: Configuration as Code
10. Chapter 10: Authentication and Authorization
11. Chapter 11: Refactor to Microservices
12. Chapter 12: Serverless Compute
13. Chapter 13: Serverless Applications
14. Chapter 14: Stateless Application Patterns
15. Chapter 15: Monitoring and Troubleshooting
16. Chapter 16: Optimization
Index
Comprehensive Online Learning Environment
End User License Agreement

List of Tables

Chapter 1
1. Table 1.1
2. Table 1.2
3. Table 1.3
4. Table 1.4
Chapter 2
1. Table 2.1
2. Table 2.2
3. Table 2.3
4. Table 2.4
5. Table 2.5
6. Table 2.6
7. Table 2.7
8. Table 2.8
9. Table 2.9
10. Table 2.10
11. Table 2.11
12. Table 2.12
Chapter 3
1. Table 3.1
2. Table 3.2
3. Table 3.3
4. Table 3.4
5. Table 3.5
6. Table 3.6
7. Table 3.7
8. Table 3.8
9. Table 3.9
10. Table 3.10
11. Table 3.11
12. Table 3.12
13. Table 3.13
Chapter 4
1. Table 4.1
2. Table 4.2
3. Table 4.3
4. Table 4.4
5. Table 4.5
6. Table 4.6
7. Table 4.7
8. Table 4.8
9. Table 4.9
Chapter 6
1. Table 6.1
2. Table 6.2
3. Table 6.3
Chapter 7
1. Table 7.1
2. Table 7.2
3. Table 7.3
4. Table 7.4
5. Table 7.5
Chapter 8
1. Table 8.1
2. Table 8.2
3. Table 8.3
Chapter 9
1. Table 9.1
2. Table 9.2
3. Table 9.3
4. Table 9.4
Chapter 10
1. Table 10.1
Chapter 11
1. Table 11.1
2. Table 11.2
3. Table 11.3
4. Table 11.4
5. Table 11.5
6. Table 11.6
Chapter 12
1. Table 12.1
Chapter 13
1. Table 13.1
Chapter 14
1. Table 14.1
2. Table 14.2
3. Table 14.3
4. Table 14.4
5. Table 14.5
6. Table 14.6
Chapter 15
1. Table 15.1
2. Table 15.2
3. Table 15.3
4. Table 15.4
5. Table 15.5
6. Table 15.6
7. Table 15.7
8. Table 15.8
9. Table 15.9
10. Table 15.10
11. Table 15.11
12. Table 15.12
13. Table 15.13
14. Table 15.14
15. Table 15.15
Chapter 16
1. Table 16.1

List of Illustrations

Chapter 1
1. Figure 1.1 AWS Management Console
2. Figure 1.2 Options for managing AWS resources
3. Figure 1.3 API request and authorization
4. Figure 1.4 Configuring API credentials
5. Figure 1.5 AWS Regions, Availability Zones, and planned regions (as of February 2019)
6. Figure 1.6 Regions and Availability Zones
7. Figure 1.7 A regional API endpoint and API action
8. Figure 1.8 IAM user long-term credentials
9. Figure 1.9 IAM groups and IAM users
10. Figure 1.10 IAM roles
11. Figure 1.11 IAM roles are distinct from IAM users and groups.
12. Figure 1.12 IAM policies and IAM identities
13. Figure 1.13 IAM policy elements
Chapter 2
1. Figure 2.1 Amazon EC2 storage
2. Figure 2.2 Amazon Machine Images
3. Figure 2.3 Amazon EC2 instance lifecycle
4. Figure 2.4 Using SSH with an Amazon EC2 instance
5. Figure 2.5 Decrypting a Windows password
6. Figure 2.6 Viewing a Windows password
7. Figure 2.7 Connecting to a Windows instance
8. Figure 2.8 Amazon EC2 metadata attributes
9. Figure 2.9 Querying Amazon EC2 user data
10. Figure 2.10 Instance profile and IAM role credentials
11. Figure 2.11 Amazon VPC overview
12. Figure 2.12 Amazon VPC with gateway connections
13. Figure 2.13 Amazon VPC with public and private subnets
14. Figure 2.14 Amazon VPC with public and private subnets with rules
15. Figure 2.15 Security groups
16. Figure 2.16 Network ACLs and security groups
17. Figure 2.17 Controlling network traffic within an Amazon VPC
18. Figure 2.18 Example of Amazon VPC with NAT
19. Figure 2.19 NAT gateway in Amazon VPC
20. Figure 2.20 Shared responsibility security model
Chapter 3
1. Figure 3.1 The AWS storage portfolio
2. Figure 3.2 A complete set of storage building blocks
3. Figure 3.3 The CIA model
4. Figure 3.4 Amazon S3 versioning
5. Figure 3.5 Amazon S3 object version IDs
6. Figure 3.6 CAP theorem
7. Figure 3.7 Consistency example 1
8. Figure 3.8 Consistency example 2
9. Figure 3.9 Consistency example 3
10. Figure 3.10 Generating a data key
11. Figure 3.11 Encrypting the data
12. Figure 3.12 Encrypted data key
13. Figure 3.13 Encrypted data and key storage
14. Figure 3.14 Defense in depth on Amazon S3
15. Figure 3.15 MFA Delete
16. Figure 3.16 Data lakes
17. Figure 3.17 Using an AWS edge location
18. Figure 3.18 Amazon S3 lifecycle policies
19. Figure 3.19 Mount target
20. Figure 3.20 Mounting the file system
21. Figure 3.21 Using Amazon EFS
22. Figure 3.22 Using AWS Direct Connect with Amazon EFS
23. Figure 3.23 AWS Snowball
24. Figure 3.24 AWS Snowball Edge
25. Figure 3.25 AWS Snowmobile
26. Figure 3.26 Amazon Kinesis Data Firehose
27. Figure 3.27 Streaming to Amazon S3
Chapter 4
1. Figure 4.1 Amazon RDS database engines
2. Figure 4.2 Amazon RDS host responsibilities
3. Figure 4.3 Amazon RDS Databases console
4. Figure 4.4 Maintenance window
5. Figure 4.5 Taking an Amazon RDS snapshot
6. Figure 4.6 Amazon RDS with CloudWatch metrics
7. Figure 4.7 Amazon RDS with CloudWatch Logs
8. Figure 4.8 Amazon Aurora DB cluster
9. Figure 4.9 SQL versus NoSQL format comparison
10. Figure 4.10 Amazon DynamoDB tables and partitions
11. Figure 4.11 Amazon DynamoDB table with items and attributes
12. Figure 4.12 Amazon DynamoDB primary keys
13. Figure 4.13 Local secondary index
14. Figure 4.14 Global secondary index
15. Figure 4.15 Amazon DynamoDB table and secondary index
16. Figure 4.16 Example of Amazon DynamoDB Streams and AWS Lambda
17. Figure 4.17 Global tables
18. Figure 4.18 Replication flow in global tables
19. Figure 4.19 Object persistence model
20. Figure 4.20 Amazon Redshift architecture
21. Figure 4.21 Example of a social network diagram
22. Figure 4.22 Example of a graph database architecture running on Amazon Neptune
23. Figure 4.23 Homogenous database migrations using AWS DMS
24. Figure 4.24 AWS SCT action items
Chapter 5
1. Figure 5.1 Supported AWS services
2. Figure 5.2 Encryption options in AWS
3. Figure 5.3 Amazon S3 client-side encryption
4. Figure 5.4 Encryption in Amazon EBS using SafeNet ProtectV or Trend Micro SecureCloud
5. Figure 5.5 Deploying AWS CloudHSM in an Amazon VPC
6. Figure 5.6 Flow of envelope encryption
Chapter 6
1. Figure 6.1 Major phases of the release lifecycle
2. Figure 6.2 CI/DI pipeline
3. Figure 6.3 AWS Code services
4. Figure 6.4 Deploying highly available and scalable applications
5. Figure 6.5 Deployment and maintenance services
6. Figure 6.6 AWS Elastic Beanstalk underlying technologies
7. Figure 6.7 AWS Elastic Beanstalk responsibilities
8. Figure 6.8 Application running on AWS Elastic Beanstalk
9. Figure 6.9 Worker tier on AWS Elastic Beanstalk
10. Figure 6.10 Health dashboard on AWS Elastic Beanstalk
11. Figure 6.11 Metrics for monitoring on AWS Elastic Beanstalk
12. Figure 6.12 Events on AWS Elastic Beanstalk
Chapter 7
1. Figure 7.1 Branch view
2. Figure 7.2 AWS CodePipeline workflow
3. Figure 7.3 Pipeline structure
4. Figure 7.4 Source stage
5. Figure 7.5 Revision details
6. Figure 7.6 Artifact transition
7. Figure 7.7 Full pipeline
8. Figure 7.8 Creating a pull request
9. Figure 7.9 Reviewing changes
10. Figure 7.10 Selecting the commit ID
11. Figure 7.11 Split view
12. Figure 7.12 Select and compare
13. Figure 7.13 Branch view
14. Figure 7.14 Migrating from a Git repository
15. Figure 7.15 Migrating unversioned content
16. Figure 7.16 Source location
17. Figure 7.17 Using AWS CodeBuild in AWS CodePipeline
18. Figure 7.18 Build provider
19. Figure 7.19 Selecting instances with multiple tags
20. Figure 7.20 Lifecycle hook availability with load balancer
21. Figure 7.21 Lifecycle hook availability with blue/green deployments
22. Figure 7.22 Lifecycle hook availability for AWS Lambda deployments
23. Figure 7.23 Deployment provider
Chapter 8
1. Figure 8.1 AWS CloudFormation parameters
2. Figure 8.2 AWS CloudFormation Exports tab
3. Figure 8.3 Nested stack structure
4. Figure 8.4 AWS CloudFormation Stack Policy field
5. Figure 8.5 AWS CloudFormation StackSets structure
6. Figure 8.6 AWS CloudFormation StackSet actions
7. Figure 8.7 AWS CloudFormation StackSets permissions
8. Figure 8.8 CloudFormation as a deployment provider
Chapter 9
1. Figure 9.1 Cookbook repository structure
2. Figure 9.2 Enabling custom cookbooks
3. Figure 9.3 Running a command
4. Figure 9.4 Example stack structure
5. Figure 9.5 Creating a layer
6. Figure 9.6 Instance usage over time
7. Figure 9.7 AWS OpsWorks Stacks user permissions
8. Figure 9.8 Running command recipes to execute
9. Figure 9.9 Custom Chef recipes for lifecycle events
10. Figure 9.10 Monitoring all layers in a stack
11. Figure 9.11 Monitoring a single layer
12. Figure 9.12 Monitoring an instance
13. Figure 9.13 Using AWS OpsWorks Stacks with AWS CodePipeline
14. Figure 9.14 Amazon ECS architecture
15. Figure 9.15 AWS Fargate architecture
16. Figure 9.16 Amazon ECS as a deployment provider
Chapter 10
1. Figure 10.1 AWS SSO use cases model
2. Figure 10.2 AWS Directory Service chart
Chapter 11
1. Figure 11.1 Microservices in action
2. Figure 11.2 Avoiding single points of failure
3. Figure 11.3 Amazon Simple Queue Service (Amazon SQS) flow
4. Figure 11.4 Amazon SQS queue
5. Figure 11.5 Amazon Simple Queue Service
6. Figure 11.6 Log server
7. Figure 11.7 Amazon SQS queue
8. Figure 11.8 Amazon SNS
9. Figure 11.9 Amazon SNS workflow
10. Figure 11.10 Amazon SNS mobile endpoint subscriber
11. Figure 11.11 Amazon Kinesis Data Streams
12. Figure 11.12 Amazon Kinesis Data Analytics flow
13. Figure 11.13 Amazon DynamoDB Stream
14. Figure 11.14 AWS IoT Device Management
15. Figure 11.15 AWS Step Functions
16. Figure 11.16 State machine code and visual workflow
17. Figure 11.17 Amazon Function State Language
18. Figure 11.18 Parallel state visual workflow
19. Figure 11.19 Input and output processing
Chapter 12
1. Figure 12.1 AWS Lambda execution flow
2. Figure 12.2 AWS Management Console
3. Figure 12.3 Amazon S3 push model
4. Figure 12.4 Amazon Kinesis pull model
5. Figure 12.5 AWS X-Ray service map
Chapter 13
1. Figure 13.1 Amazon CloudFront cache
2. Figure 13.2 Sample dashboard for Amazon API Gateway using Amazon CloudWatch
3. Figure 13.3 Device tracking
4. Figure 13.4 Amazon Cognito prebuilt UI
5. Figure 13.5 Standard three-tier web infrastructure architecture
6. Figure 13.6 Serverless web application architecture
Chapter 14
1. Figure 14.1 Amazon DynamoDB indexes
2. Figure 14.2 Game scores
3. Figure 14.3 Forum thread table
4. Figure 14.4 Last post index
5. Figure 14.5 DynamoDB Streams endpoints
6. Figure 14.6 Stream and shard relationship
7. Figure 14.7 AWS Lambda Customers table
8. Figure 14.8 DynamoDB Auto Scaling
9. Figure 14.9 Data distribution and partition
10. Figure 14.10 Conditional write success
11. Figure 14.11 Conditional write success
12. Figure 14.12 Granting permissions on a table
13. Figure 14.13 Hiding information on a table
14. Figure 14.14 Lazy loading caching
15. Figure 14.15 Object with key and ID
16. Figure 14.16 Same key, different version
17. Figure 14.17 Delete marker
18. Figure 14.18 Permanent delete
19. Figure 14.19 VPC accessing an Amazon EFS
Chapter 15
1. Figure 15.1 Various monitoring services on AWS
2. Figure 15.2 Diagram of Amazon CloudWatch
3. Figure 15.3 Alarm evaluation
4. Figure 15.4 Amazon CloudWatch dashboard
5. Figure 15.5 Microservice example
6. Figure 15.6 Example service graph for an application

Pages

iii
iv
v
vi
vii
xxiii
xxiv
xxv
xxvii
xxix
xxx
xxxi
xxxii
xxxiii
xxxiv
xxxv
xxxvi
xxxvii
xxxviii
xxxix
xl
xli
xlii
xliii
xliv
xlv
xlvi
xlvii
xlviii
xlix
l
li
lii
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940

Published by John Wiley & Sons, Inc., Indianapolis, Indiana.

Published simultaneously in Canada

ISBN: 978-1-119-50819-9
ISBN: 978-1-119-50821-2 (ebk.)
ISBN: 978-1-119-50820-5 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750–8400, fax (978)
646–8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748–6011, fax (201) 748–6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or website is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or website may provide or recommendations it may make. Further, readers should be aware that Internet website listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762–2974, outside the U.S. at (317) 572–3993 or fax (317) 572–4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2019943088

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. AWS is a registered trademark of Amazon Technologies, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

About the Authors

Nick Alteen, technical training architect, Amazon Web Services

Nick specializes in designing and building training labs that educate the U.S. intelligence community on AWS best practices and design patterns. Before this, Nick worked as a cloud support engineer, assisting customers in resolving any number of issues related to AWS DevOps services, with a specific focus on configuration management and infrastructure as code. In his free time, he enjoys building LEGO models with his daughter and watching horror movies with his wife.

Jennifer Fisher, senior technical curriculum developer, Amazon Web Services

Jennifer started at AWS in 2014 as a technical trainer and was the lead instructor for Big Data on AWS. She holds multiple AWS certifications and currently leads a curriculum development team and develops technical curriculum and labs to support public sector customers. Before that, Jennifer spent 20 years as a software and data engineer in the financial services, defense, and healthcare industries. She holds a BS in programming and an MS in software engineering management.

Jennifer grew up on a farm in Northern Maine and bought her first computer, a Tandy TRS-80, with her potato-picking money at the age of 12. She began writing basic programs and role-playing games, not realizing at the time that her passion for coding would turn into a lifelong career. She now mentors female engineers and volunteers for K-12 students in STEM.

Jennifer is based in Herndon, Virginia, and lives with her husband Steve. She is a doting stepmother to Kate, Sophie, and Mason. In her free time, Jennifer enjoys hiking, geocaching, kayaking, mountain biking, weight lifting, and competing in obstacle course races.

Casey Gerena, senior technical trainer, Amazon Web Services

Casey is passionate about helping others learn about the AWS Cloud. He enjoys teaching others new technical skills to help them solve problems using serverless technologies such as AWS Lambda. Casey holds a BS in management information systems from the University of Central Florida and an MS in logistics and global supply chain management from Embry-Riddle Aeronautical University. He is pursuing a second master’s degree in computer science from the Georgia Institute of Technology. Casey holds several IT certifications, including the Certified Information Systems Security Professional (CISSP) and nine AWS certifications. Before joining Amazon, Casey was a software developer and cybersecurity consultant. In his free time, Casey enjoys spending time with his family, watching movies, playing video games, and running.

Wes Gruver, senior technical trainer, Amazon Web Services

Wes has been with AWS since 2015 and is a senior technical trainer with more than 20 years of experience and success in managing IT infrastructure and all aspects of application development and management. He is currently responsible for training AWS enterprise customers on how to use the AWS services best suited for their business and IT solutions. He teaches a broad range of classes, including basic to advanced architecture, DevOps on AWS, Big Data on AWS, and security operations. In his free time, Wes teaches scuba diving and loves to travel.

Asim Jalis, senior technical trainer, Amazon Web Services

Asim is a senior technical trainer at AWS. He has an MS in computer science from the University of Virginia and an MA in mathematics from the University of Wisconsin. When he is not working with AWS technologies, he likes to read and write fiction.

Heiwad Osman, senior manager, Solutions Builders, Amazon Web Services

Heiwad holds a BS in computer science and engineering from UCLA. In his role as an AWS trainer, he meets with AWS customers and teaches them to build resilient, scalable cloud applications. He has helped hundreds of software developers get started with AWS APIs through in-person training and online training videos. His current professional interests include user experience, web application development, and machine learning. In his free time, you can find him in New York City, trying new places to eat or relaxing in Central Park.

Marife Pagan, technical trainer, Amazon Web Services

Marife is a technical trainer for AWS, delivering training to AWS customers in North America. She has more than 15 years of experience in software and web development. Her experience brings a set of skills for multiple platforms, including .NET, Java, and Python. She holds a BS in information technology with a web design/development concentration from George Mason University, in addition to various leading industry certifications. She is currently working on her master’s degree and pursuing higher studies in machine learning.

Before working at AWS, Marife worked for various government contracting firms, including Lockheed Martin. She also serves in the U.S. military as a signal officer working on the setup and maintenance of LAN and WAN signal network footprints, supporting voice and data for various military operations. She currently lives in the Washington, DC, metro area, and in her spare time enjoys fitness, travel, and gardening.

Santosh Patlolla, technical curriculum architect, Amazon Web Services

Santosh is a technical curriculum architect for AWS. He has more than 18 years of experience in developing software applications, automated solutions, and migration projects with complex data conversions. Santosh has been instrumental in providing production-support solutions and managing application delivery programs for enterprises. He also designed cost-effective technical and business solutions for the banking and insurance industries. Santosh is passionate about applying this experience in using the broad range of AWS services for developing business automations. Outside of work, he coaches elementary school robotics, and enjoys watching basketball games and playing with his kids.

Michael Roth, technical trainer, Amazon Web Services

Michael is a technical trainer having joined Amazon in 2015. He is one of the authors of the SysOps Administrator Study Guide (also by Wiley). He is a Certified Cisco Network Academy Instructor, and he has taught Linux. Michael graduated from the University of Michigan with a BS in zoology and a BA in urban planning. He also has an MS in telecommunications management from Golden Gate University. Michael would like to thank his coworkers in the AWS Training and Certification organization—he is very proud to be a part of this amazing group of people. Finally, he would like to thank his spouse, Betsy, and son, Robert. Without their support and love, this book would not have been possible.

Table of Exercises

Exercise 1.1 Sign Up for an Account

Exercise 1.2 Create an IAM Administrators Group and User

Exercise 1.3 Install and Configure the AWS CLI

Exercise 1.4 Download the Code Samples

Exercise 1.5 Run a Python Script that Makes AWS API Calls

Exercise 1.6 Working with Multiple Regions

Exercise 1.7 Working with Additional Profiles

Exercise 2.1 Create an Amazon EC2 Key Pair

Exercise 2.2 Create an Amazon VPC with Public and Private Subnets

Exercise 2.3 Use an IAM Role for API Calls from Amazon EC2 Instances

Exercise 2.4 Launch an Amazon EC2 Instance as a Web Server

Exercise 2.5 Connect to the Amazon EC2 Instance

Exercise 2.6 Configure NAT for Instances in the Private Subnet

Exercise 2.7 Launch an Amazon EC2 Instance into the Private Subnet

Exercise 2.8 Make Requests to Private Instance

Exercise 2.9 Launch an AWS Cloud9 Instance

Exercise 2.10 Perform Partial Cleanup

Exercise 2.11 (Optional) Complete Cleanup

Exercise 3.1 Create an Amazon Simple Storage Service (Amazon S3) Bucket

Exercise 3.2 Upload an Object to a Bucket

Exercise 3.3 Emptying and Deleting a Bucket

Exercise 4.1 Create a Security Group for the Database Tier on Amazon RDS

Exercise 4.2 Spin Up the MariaDB Database Instance

Exercise 4.3 Obtain the Endpoint Value for the Amazon RDS Instance

Exercise 4.4 Create a SQL Table and Add Records to It

Exercise 4.5 Query the Items in the SQL Table

Exercise 4.6 Remove Amazon RDS Database and Security Group

Exercise 4.7 Create an Amazon DynamoDB Table

Exercise 4.8 Add Users to the Amazon DynamoDB Table

Exercise 4.9 Look Up a User in the Amazon DynamoDB Table

Exercise 4.10 Write Data to the Table as a Batch Process

Exercise 4.11 Scan the Amazon DynamoDB Table

Exercise 4.12 Remove the Amazon DynamoDB Table

Exercise 5.1 Configure an Amazon S3 Bucket to Deny Unencrypted Uploads

Exercise 5.2 Create and Disable an AWS Key Management Service (AWS KMS) Key

Exercise 5.3 Create an AWS KMS Customer Master Key with the Python SDK

Exercise 6.1 Deploy Your Application

Exercise 6.2 Deploy a Blue/Green Solution

Exercise 6.3 Change Your Environment Configuration on AWS Elastic Beanstalk

Exercise 6.4 Update an Application Version on AWS Elastic Beanstalk

Exercise 7.1 Create an AWS CodeCommit Repository and Submit a Pull Request

Exercise 7.2 Create an Application in AWS CodeDeploy

Exercise 7.3 Create an AWS CodeBuild Project

Exercise 8.1 Write Your Own AWS CloudFormation Template

Exercise 8.2 Troubleshoot a Failed Stack Deletion

Exercise 8.3 Monitor Stack Update Activity

Exercise 9.1 Launch a Sample AWS OpsWorks Stacks Environment

Exercise 9.2 Launch an Amazon ECS Cluster and Containers

Exercise 9.3 Migrate an Amazon RDS Database

Exercise 9.4 Configure Auto Healing Event Notifications in AWS OpsWorks Stacks

Exercise 10.1 Setting Up a Simple Active Directory

Exercise 10.2 Setting Up an AWS Managed Microsoft AD

Exercise 10.3 Setting Up an Amazon Cloud Directory

Exercise 10.4 Setting Up Amazon Cognito

Exercise 11.1 Create an Amazon SQS Queue, Add Messages, and Receive Messages

Exercise 11.2 Send an SMS Text Message to Your Mobile Phone with Amazon SNS

Exercise 11.3 Create an Amazon Kinesis Data Stream and Write/Read Data

Exercise 11.4 Create an AWS Step Functions State Machine 1

Exercise 11.5 Create an AWS Step Functions State Machine 2

Exercise 12.1 Create an Amazon S3 Bucket for CSV Ingestion

Exercise 12.2 Create an Amazon S3 Bucket for Final Output JSON

Exercise 12.3 Verify List Buckets

Exercise 12.4 Prepare the AWS Lambda Function

Exercise 12.5 Create AWS IAM Roles

Exercise 12.6 Create the AWS Lambda Function

Exercise 12.7 Give Amazon S3 Permission to Invoke an AWS Lambda Function

Exercise 12.8 Add the Amazon S3 Event Trigger

Exercise 12.9 Test the AWS Lambda Function

Exercise 13.1 Create an Amazon S3 Bucket for the Swagger Template

Exercise 13.2 Edit the HTML Files

Exercise 13.3 Define an AWS SAM Template

Exercise 13.4 Define an AWS Lambda Function Locally

Exercise 13.5 Generate an Event Source

Exercise 13.6 Run the AWS Lambda Function

Exercise 13.7 Modify the AWS SAM template to Include an API Locally

Exercise 13.8 Modify Your AWS Lambda Function for the API

Exercise 13.9 Run Amazon API Gateway Locally

Exercise 14.1 Create an Amazon ElastiCache Cluster Running Memcached

Exercise 14.2 Expand the Size of a Memcached Cluster

Exercise 14.3 Create and Attach an Amazon EFS Volume

Exercise 14.4 Create and Upload to an Amazon S3 Bucket

Exercise 14.5 Create an Amazon DynamoDB Table

Exercise 14.6 Enable Amazon S3 Versioning

Exercise 14.7 Create an Amazon DynamoDB Global Table

Exercise 14.8 Enable Cross-Region Replication

Exercise 14.9 Create an Amazon DynamoDB Backup Table

Exercise 14.10 Restoring an Amazon DynamoDB Table from a Backup

Exercise 15.1 Create an Amazon CloudWatch Alarm on an Amazon S3 Bucket

Exercise 15.2 Enable an AWS CloudTrail Trail on an Amazon S3 Bucket

Exercise 15.3 Create an Amazon CloudWatch Dashboard

Exercise 16.1 Set Up a CPU Usage Alarm Using AWS CLI

Exercise 16.2 Modify Amazon EBS Optimization for a Running Instance

Exercise 16.3 Create an AWS Config Rule

Exercise 16.4 Create a Launch Configuration and an AWS Auto Scaling Group, and Schedule a Scaling Action

Foreword

Software development is changing. In today’s competitive market, customers demand low-latency, highly scalable, responsive applications that work—all the time. Customers expect to receive the same level of performance and consistency of applications regardless of their device. Whether they are on a mobile device, desktop, laptop, or Amazon Fire tablet, they expect that applications will behave similarly across platforms.

The goal of building working applications that respond to increasing expectations means that building applications on highly available architecture is now more important than ever. As developers, you can use AWS Cloud computing to build highly available architectures and services on which to deploy and run your applications.

AWS provides you with a broad set of tools to build and develop your applications. We empower you by providing the best tools to achieve your goals. To that end, you’ll learn about compute services, such as Amazon Elastic Compute Cloud (Amazon EC2), and file object storage services, such as Amazon Simple Storage Service (Amazon S3). You’ll also learn about the many types of applications that you can build on top of these services.

Historically, developers have been responsible for designing, creating, and running their applications. In the AWS Cloud, you can create your compute resources with one click using AWS CloudFormation, or you can fully automate the running of your containers using AWS Fargate.

AWS continually listens to customer feedback to understand your workloads and changing needs better. AWS also monitors market trends, understanding that you want to build and run applications on the cloud, but you don’t want to worry about managing the underlying infrastructure. You want infrastructure to scale automatically, you want services with a built-in high availability infrastructure, and you want to pay only for what you consume.

In response to these demands, AWS pioneered services such as AWS Lambda, which is based on serverless technology. It enables you to run compute programming logic in applications without having to worry about maintaining anything other than their code and core logic.

Today is the most exciting time to be a developer. With AWS services, you can focus on the core functionality of your application and allow the AWS Cloud to perform all of the administration of the resources, including server and operating system maintenance. This flexibility provides you with the unique ability to focus on what matters to you most—building, maintaining, and, most importantly, innovating your applications.

In this study guide, AWS experts coach you on how to develop and build applications that can run on and integrate with AWS services. This knowledge allows you, as a developer, to build your services and features quickly and get them running in the AWS Cloud for your customers to use. When you complete this guide and the test bank in the accompanying interactive online learning environment, you have gained the fundamental knowledge to succeed on the AWS Certified Developer – Associate certification exam.

So imagine, dream, and build, because on the AWS Cloud, the only limit is your imagination.

Werner Vogels
Vice President and Corporate Technology Officer
Amazon

Introduction

Developers are builders. They are responsible for imagining, designing, and building applications. This study guide is designed to help you develop, build, and create solutions by using AWS services and to provide you with the knowledge required to obtain the AWS Certified Developer – Associate certification.

The study guide covers relevant topics on the exam, with additional context to increase your understanding of how to build applications on AWS. This study guide references the exam blueprint throughout all of its chapters and content to provide a comprehensive view of the required knowledge to pass the exam. Furthermore, this study guide was designed to help you understand the key concepts required to earn the certification and for you to use as a reference for building highly available applications that run on the AWS Cloud. However, the study guide does not cover any prerequisite knowledge concerning software development; that is, the study guide does not cover how to program in Java, Python, .NET, and other platform languages. Instead, you will use these languages to build, manage, and deploy your resources on AWS.

The study guide begins with an introduction to the AWS Cloud and how you can interact with the AWS Cloud by using API calls. API calls are the heart of the AWS Cloud, as every interaction with AWS is an API call to the service. As such, the initial chapter provides you with the core knowledge on which the rest of the chapters are built. Because security is a top priority for all applications, the first chapter also describes how to create your API keys by using AWS Identity and Access Management (IAM). The rest of the chapters cover topics ranging from compute services, storage services, databases, encryption, and serverless-based applications.

The chapters were designed with the understanding that developers build. To enhance learning through hands-on experience, at the end of each chapter is an “Exercises” section with activities that help reinforce the main topic of the chapter. Each chapter also contains a “Review Questions” section to assess your understanding of the main concepts required to work with AWS. However, understand that the actual exam will test you on your ability to combine multiple concepts. The review questions at the end of each chapter focus only on the topics discussed in that chapter.

To help you determine the level of your AWS Cloud knowledge and aptitude before reading the guide, an assessment test with 50 questions is provided at the end of this introduction. Two practice exams with 75–100 questions each are also included to help you gauge your readiness to take the exam.

What Does This Book Cover?

This book covers topics that you need to know to prepare for the Amazon Web Services (AWS) Certified Developer – Associate Exam.

Chapter 1: Introduction to AWS Cloud API This chapter provides an overview of how to use AWS Cloud API calls. The chapter includes an introduction to AWS software development kits (AWS SDKs) and the AWS global infrastructure. A review of AWS API keys and how to manage them using AWS Identity and Access Management (IAM) is also included.

Chapter 2: Introduction to Compute and Networking This chapter reviews compute and networking environments in AWS. It provides an overview of resources, such as Amazon Elastice Compute Cloud (Amazon EC2), and the network controls exposed through Amazon Virtual Private Cloud (Amazon VPC).

Chapter 3: Hello, Storage In this chapter, you will learn about cloud storage with AWS. It provides a review of storage fundamentals and the AWS storage portfolio of services, such as Amazon Simple Storage Service (Amazon S3) and Amazon S3 Glacier. The chapter also covers how to choose the right type of storage for a workload.

Chapter 4: Hello, Databases This chapter provides an overview of the AWS database services. The chapter provides a baseline understanding of SQL versus NoSQL. It also introduces concepts such as caching with Amazon ElastiCache and business intelligence with Amazon Redshift. The chapter also covers Amazon Relational Database Service (Amazon RDS) and Amazon DynamoDB.

Chapter 5: Encryption on AWS In this chapter, you will explore AWS services that enable you to perform encryption of data at rest using both customer and AWS managed solutions. An overview of each approach and the use case for each is provided. Example architectures are included that show the differences between a customer and an AWS managed infrastructure.

Chapter 6: Deployment Strategies In this chapter, you will learn about automated application deployment, management, and maintenance by using AWS Elastic Beanstalk. You will also learn about the various deployment methodologies and options to determine the best approach for individual workloads.

Chapter 7: Deployment as Code This chapter describes the AWS code services used to automate infrastructure and application deployments across AWS and on-premises resources. You will learn about the differences among continuous integration, continuous delivery, and continuous deployment, in addition to how AWS enables you to achieve each.

Chapter 8: Infrastructure as Code This chapter focuses on AWS CloudFormation and how you can use the service to create flexible, repeatable templates for a cloud infrastructure. You will learn about the different AWS CloudFormation template components, supported resources, and how to integrate non-AWS resources into your templates using custom resources.

Chapter 9: Configuration as Code In this chapter, you will learn about AWS OpsWorks Stacks and Amazon Elastic Container Service (Amazon ECS). OpsWorks Stacks enables you to perform automated configuration management on resources in your AWS account and on-premises instances using Chef cookbooks. You will learn how to add a Chef cookbook to your stack, associate it with an instance, and perform configuration changes. Using Amazon ECS, you will learn how to create clusters and services and how to deploy tasks to your cluster in response to changes in customer demand.

Chapter 10: Authentication and Authorization This chapter explains the differences between authentication and authorization and how these differences apply to infrastructure and applications running on AWS. You will also learn about integrating third-party identity services, in addition to the differences between the control pane and data pane.

Chapter 11: Refactor to Microservices In this chapter, you will learn about microservices and how to refactor large application stacks into small, portable containers. You will also learn how to implement messaging infrastructure to enable communication between microservices running in your environment.

Chapter 12: Serverless Compute This chapter reviews AWS Lambda as a compute service that you can use to run code without provisioning or managing servers. In this chapter, you will learn about creating, triggering, and securing Lambda functions. You will also learn other features of Lambda, such as versioning and aliases.

Chapter 13: Serverless Applications This chapter expands on the serverless concepts you learned in Chapter 12, “Serverless Compute,” and shows you how to architect a full-stack serverless web application. You will learn how to map server-based application architectures to serverless application architectures.

Chapter 14: Stateless Application Patterns This chapter expands on the concepts you learned in Chapter 13, “Serverless Applications,” by explaining how to design stateless applications. You will learn how to develop applications that do not depend on state information stored on individual resources, allowing for additional portability and availability.

Chapter 15: Monitoring and Troubleshooting This chapter discusses AWS services that you can use to monitor the health of your applications, in addition to changes to AWS resources over time. You will learn how to use Amazon CloudWatch to perform log analysis and create custom metrics for ingestion by other tools and for creating visualizations in the dashboard. You will also learn how to use AWS CloudTrail to monitor API activity for your AWS account to ensure that changes are appropriately audited over time. You will also learn how to use AWS X-Ray to create visual maps of application components for step-by-step analysis.

Chapter 16: Optimization This chapter covers some of the best practices and considerations for designing systems to achieve business outcomes at a minimal cost and to maintain optimal performance efficiency. This chapter covers scenarios for compute and storage, how to use a serverless platform, and what to consider for efficient data transfer to optimize your solutions. The chapter describes key AWS tools for managing and monitoring the cost and performance of your infrastructure. It includes code snippets, samples, and exercises to develop monitoring solutions and designs that integrate other AWS services.

Interactive Online Learning Environment and Test Bank

The authors have worked hard to provide you with some great tools to help you with your certification process. The interactive online learning environment that accompanies the AWS Certified Developer – Associate Official Study Guide provides a test bank with study tools to help you prepare for the certification exam. This helps you increase your chances of passing it the first time! The test bank includes the following:

Sample Tests All of the questions in this book, including the 50-question assessment test at the end of this introduction and the review questions that are provided at the end of each chapter are available online. In addition, there are two practice exams available online with 75–100 questions each. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.

Flashcards The online test banks include more than 200 flashcards specifically written to quiz your knowledge of AWS operations. After completing all the exercises, review questions, practice exams, and flashcards, you should be more than ready to take the exam. The flashcard questions are provided in a digital flashcard format (a question followed by a single correct answer). You can use the flashcards to reinforce your learning and provide last-minute test prep before the exam.

Glossary A glossary of key terms from this book is available as a fully searchable PDF.

Symbol of Note Go to www.wiley.com/go/sybextestprep to register and gain access to this interactive online learning environment and test bank with study tools.

Exam Objectives

The AWS Certified Developer – Associate Exam is intended for individuals who perform in a developer role. Exam concepts that you should understand for this exam include the following:

Core AWS services, uses, and basic AWS architecture best practices
Developing, deploying, and debugging cloud-based applications using AWS

In general, certification candidates should understand the following:

AWS APIs, AWS CLI, and AWS SDKs to write applications
Key features of AWS services
AWS shared responsibility model
Application lifecycle management
CI/CD pipeline to deploy applications on AWS
Using or interacting with AWS services
Using cloud-native applications to write code
Writing code using AWS security best practices (for example, not using secret and access keys in the code, and instead using AWS Identity and Access Management (IAM) roles)
Authoring, maintaining, and debugging code modules on AWS
Writing code for serverless applications
Using containers in the development process

The exam covers five different domains, with each domain broken down into objectives and subobjectives.