Introduction
The AWS DevOps Engineer - Professional exam is intended for individuals who perform a DevOps role. This exam validates an examinee’s ability to:
Implement and manage continuous delivery systems and methodologies on AWS
Understand, implement, and automate security controls, governance processes, and compliance validation security controls, governance processes, and compliance validation
Define and deploy monitoring, metrics, and logging systems on AWS
Implement systems that are highly available, scalable, and self-healing on the AWS platform
Design, manage, and maintain tools to automate operational processes
The knowledge and skills required at the professional level include the majority of the following AWS and general IT knowledge areas:
Prerequisites
AWS Certified SysOps Administrator – Associate or AWS Certified Developer – Associate
AWS Knowledge
AWS Services: Compute and Network, Storage and CDN, Database, Analytics, Application Services, Deployment, and Management
Minimum of two years hands-on experience with production AWS systems
Effective use of Auto Scaling
Monitoring and logging
AWS security features and best practices
Design of self-healing and fault-tolerant services
Techniques and strategies for maintaining high availability
General IT Knowledge
Networking concepts
Strong system administration (Linux/Unix or Windows)
Strong scripting skillset
Multi-tier architectures: load balancers, caching, web servers, application servers, databases, and networking
Templates and other configurable items to enable automation
Deployment tools and techniques in a distributed environment
Basic monitoring techniques in a dynamic environment
Exam Preparation
These training courses and materials will assist in exam preparation:
AWS Training (aws.amazon.com/training)
Advanced Operations on AWS aws.amazon.com/training/course-descriptions/advanced-ops
Architecting on AWS – Advanced Concepts aws.amazon.com/training/course-descriptions/architecting-advanced
AWS Whitepapers (aws.amazon.com/whitepapers)
Security at Scale: Governance in AWS http://media.amazonwebservices.com/AWS_Security_at_Scale_Governance_in_AWS.pdf
Security at Scale: Logging in AWS http://media.amazonwebservices.com/AWS_Security_at_Scale_Logging_in_AWS.pdf
Securing Data at Rest with Encryption https://media.amazonwebservices.com/AWS_Securing_Data_at_Rest_with_Encryption.pdf
Development and Test on Amazon Web Services http://media.amazonwebservices.com/AWS_Development_Test_Environments.pdf
Operational Checklists for AWS http://media.amazonwebservices.com/AWS_Operational_Checklists.pdf
Architecting for the Cloud: Best Practices https://media.amazonwebservices.com/AWS_Cloud_Best_Practices.pdf
Building Fault-Tolerant Applications on AWS http://media.amazonwebservices.com/AWS_Building_Fault_Tolerant_Applications.pdf
Storage Options in the AWS Cloud http://media.amazonwebservices.com/AWS_Storage_Options.pdf
Backup and Recovery Approaches Using Amazon Web Services http://media.amazonwebservices.com/AWS_Backup_Recovery.pdf
AWS Security Best Practices http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf
Exam Content
Response Limits
The examinee selects from four or more response options that best complete the statement or answer the question. Distracters or wrong answers are response options that examinees with incomplete knowledge or skill would likely choose, but are generally plausible responses fitting into the content area defined by the test objective.
Test item formats used in this examination are:
Multiple-choice: Examinee selects one option that best answers the question or completes a statement. The option can be embedded in a graphic where the examinee “points and clicks” on their selection choice to complete the test item.
Multiple-response: Examinee selects more than one option that best answers the question or completes a statement.
Sample Directions: Read the statement or question and, from the response options, select only the options that represent the most correct or best answers given the information.
Content Limits
This examination blueprint includes weighting, test objectives, and example content. Example topics and concepts are included to clarify the test objectives. They should not be construed as a comprehensive listing of all of the content of this examination.
The table below lists the domains measured by this examination and the extent to which they are represented. Domain % of Examination
Domain 1: Continuous Delivery and Process Automation 55%
Domain 2: Monitoring, Metrics, and Logging 20%
Domain 3: Security, Governance, and Validation 10%
Domain 4: High Availability and Elasticity 15%
TOTAL 100%
Domain 1: Continuous Delivery and Process Automation
1.1 Demonstrate an understanding of application lifecycle management:
Application deployment management strategies such as rolling deployments and A/B.
Version control, testing, build tools and bootstrapping.
1.2 Demonstrate an understanding of infrastructure configuration and automation.
1.3 Implement and manage continuous delivery processes using AWS services.
1.4 Develop and manage scripts and tools to automate operational tasks using the AWS SDKs, CLI, and APIs.
Domain 2: Monitoring, Metrics, and Logging
2.1 Monitor availability and performance.
2.2 Monitor and manage billing and cost optimization processes.
2.3 Aggregate and analyze infrastructure, OS and application log files.
2.4 Use metrics to drive the scalability and health of infrastructure and applications.
2.5 Analyze data collected from monitoring systems to discern utilization patterns.
2.6 Manage the lifecycle of application and infrastructure logs
2.7 Leverage the AWS SDKs, CLIs and APIs for metrics and logging.
Domain 3: Security, Governance, and Validation
3.1 Implement and manage Identity and Access Management and security controls.
3.2 Implement and manage protection for data in-flight and at rest.
3.3 Implement, automate and validate cost controls for AWS resources.
3.4 Implement and manage automated network security and auditing.
3.5 Apply the appropriate AWS account and billing set-up options based on business requirements.
3.6 Implement and manage AWS resource auditing and validation.
3.7 Use AWS services to implement IT governance policies.
Domain 4: High Availability and Elasticity
4.1 Determine appropriate use of multi- Availability Zone versus multi-region architectures.
4.2 Implement self-healing application architectures.
4.3 Implement the most appropriate front-end scaling architecture.
4.4 Implement the most appropriate middle-tier scaling architecture.
4.5 Implement the most appropriate data storage scaling architecture.
4.6 Demonstrate an understanding of when to appropriately apply vertical and horizontal scaling concepts.