cerf

Content domains

The 4 domains of DVA-C02, with every task statement and its objectives from the official guide. Study a whole domain, or drill a single task.

1Development with AWS Services

32% of examStudy domain
1.1Develop code for applications hosted on AWS>

Knowledge of

  • Architectural patterns (for example, event-driven, microservices, monolithic, choreography, orchestration, fanout)
  • Idempotency
  • Differences between stateful and stateless concepts
  • Differences between tightly coupled and loosely coupled components
  • Fault-tolerant design patterns (for example, retries with exponential backoff and jitter, dead-letter queues)
  • Synchronous and asynchronous patterns
  • APIs (for example, REST, GraphQL) and integration with AWS services
  • Messaging services (for example, Amazon SQS, Amazon SNS)

Skills in

  • Creating and integrating APIs programmatically (for example, by using AWS SDKs, custom APIs, and Amazon API Gateway)
  • Applying integration and messaging patterns (for example, queue-based, pub/sub, event-driven) to loosely couple components
  • Writing and integrating application code with AWS services by using AWS SDKs
  • Handling data streaming by using AWS services
  • Implementing idempotency to make applications repeatable and fault tolerant
  • Managing event- and non-event-driven application flows
  • Applying fault-tolerant mechanisms and design patterns (for example, retries, dead-letter queues)
  • Writing and running unit tests to validate application code locally
1.2Develop code for AWS Lambda>

Knowledge of

  • Event source mapping
  • Stateless applications
  • Unit testing of serverless code
  • Event-driven architecture
  • Scalability and concurrency of serverless applications
  • How to use containers with Lambda
  • Configuration of Lambda functions (for example, memory, concurrency, timeout, runtime, handler, layers, extensions, environment variables, triggers, destinations)

Skills in

  • Configuring Lambda functions to meet requirements (for example, concurrency, memory, timeout, event source mappings)
  • Handling the function lifecycle to avoid persistent storage of data
  • Configuring triggers to invoke Lambda functions (for example, Amazon EventBridge rules, event source mappings)
  • Authoring, packaging, and deploying Lambda functions with dependencies and layers
  • Integrating available AWS services and features with Lambda functions
  • Tuning code for optimal Lambda performance (for example, cold start, memory, concurrency)
1.3Use data stores in application development>

Knowledge of

  • Relational and non-relational databases
  • CRUD (create, read, update, delete) operations
  • High-cardinality partition keys for balanced partition access
  • Cloud storage options (for example, file, object, databases)
  • Database consistency models (for example, strongly consistent, eventually consistent)
  • Query compared with scan operations for non-relational databases (for example, Amazon DynamoDB)
  • Caching strategies (for example, write-through, read-through, lazy loading, TTL)
  • Amazon S3 tiers and lifecycle management
  • Ephemeral compared with persistent data storage patterns

Skills in

  • Serializing and deserializing data to provide persistence and retrieval
  • Modeling and structuring data to be stored in databases and data stores (for example, schemas, partitions, indexes)
  • Managing the data lifecycle to comply with business requirements
  • Using data caching services to meet business and application requirements (for example, Amazon ElastiCache, DynamoDB Accelerator [DAX])
  • Working with data by using CRUD operations against AWS data stores
  • Configuring, querying, and writing data by using AWS services (for example, Amazon RDS, DynamoDB, Amazon S3)

2Security

26% of examStudy domain
2.1Implement authentication and/or authorization for applications and AWS services>

Knowledge of

  • Identity federation (for example, SAML, OpenID Connect, Amazon Cognito)
  • Bearer tokens to authenticate service-level requests (for example, JWT, OAuth, AWS Security Token Service [AWS STS])
  • Role-based access controls and permissions policies (for example, difference between IAM managed policies and inline policies)
  • Application authentication and authorization mechanisms (for example, resource-based policies, service policies, principal policies, role-based policies)

Skills in

  • Implementing authentication and authorization by using AWS services and features (for example, Amazon Cognito, IAM roles, IAM policies, AWS STS)
  • Using AWS STS to assume IAM roles for temporary, limited-privilege credentials
  • Making authenticated calls to AWS services by using AWS SDKs and IAM credentials
  • Verifying permissions by using policies and resource access controls
  • Managing and rotating short-lived credentials for programmatic access
2.2Implement encryption by using AWS services>

Knowledge of

  • Encryption keys and management (for example, AWS Key Management Service [AWS KMS])
  • Certificate management (for example, AWS Certificate Manager [ACM])
  • Encryption options for data at rest and data in transit (for example, client-side encryption, server-side encryption)

Skills in

  • Using encryption keys to encrypt and decrypt data (for example, AWS KMS)
  • Generating certificates and SSH keys for use during development
  • Encrypting and decrypting data at rest by using client-side and server-side encryption (for example, Amazon S3, DynamoDB, Amazon EBS)
  • Encrypting data in transit by using TLS and ACM certificates
2.3Manage sensitive data in application code>

Knowledge of

  • Data classification (for example, personally identifiable information [PII], protected health information [PHI])
  • Environment variables
  • Secrets management (for example, AWS Secrets Manager, AWS Systems Manager Parameter Store)

Skills in

  • Encrypting environment variables that contain sensitive data
  • Using secret management services to secure sensitive data (for example, AWS Secrets Manager, Systems Manager Parameter Store)
  • Sanitizing sensitive data in logs, error messages, and application output

3Deployment

24% of examStudy domain
3.1Prepare application artifacts to be deployed to AWS>

Knowledge of

  • Managing configuration data by using AWS services (for example, AWS AppConfig, AWS Secrets Manager, AWS Systems Manager Parameter Store)
  • Application deployment methods and packaging (for example, Lambda deployment packages, container images)
  • Version control and dependency management
  • Organization of files and directory structures for deployment

Skills in

  • Managing application environment variables, secrets, and configuration data
  • Preparing application packages and directory structures for deployment to AWS services
  • Organizing files and directories for deployment to AWS services
  • Managing the dependencies of the code module for deployment
3.2Test applications in development environments>

Knowledge of

  • AWS services and tools to deploy testing based on requirements (for example, AWS Serverless Application Model [AWS SAM], AWS CloudFormation)
  • Application deployment and testing across services (for example, mock integration, cross-service testing)
  • Integration testing of individual components and services

Skills in

  • Testing deployed code by using AWS services and tools
  • Performing mock integration for services and testing the application configuration
  • Identifying deployment and configuration issues before promotion to production
3.3Automate deployment testing>

Knowledge of

  • Different types of testing (for example, unit tests, integration tests, acceptance tests, user interface tests, security tests)
  • Infrastructure as code (IaC) (for example, AWS SAM templates, AWS CloudFormation templates)
  • Continuous integration and continuous delivery (CI/CD) pipelines and processes

Skills in

  • Automating the testing of deployed applications in a CI/CD pipeline
  • Setting up scalable and repeatable testing environments
  • Choosing the correct type of test based on requirements
  • Performing integration testing and measuring test coverage
3.4Deploy code by using AWS CI/CD services>

Knowledge of

  • Deployment strategies (for example, canary, blue/green, rolling, all-at-once)
  • Application rollback based on deployment failures
  • API versioning and lifecycle management
  • Configuration and use of AWS SAM and CI/CD services

Skills in

  • Preparing an application to be deployed to AWS (for example, AWS SAM)
  • Applying appropriate deployment strategies (for example, canary, blue/green, rolling)
  • Deploying application code and updates by using CI/CD services
  • Managing application and API versioning during deployment
  • Using a configuration management service during deployment

4Troubleshooting and Optimization

18% of examStudy domain
4.1Assist in a root cause analysis>

Knowledge of

  • Logging and monitoring systems (for example, Amazon CloudWatch, AWS X-Ray, AWS CloudTrail)
  • Data querying (for example, Amazon CloudWatch Logs Insights)
  • Common HTTP error codes and their meanings
  • The application deployment lifecycle and how failures surface

Skills in

  • Interpreting metric and log outputs to identify the root cause of issues
  • Using tracing tools to inspect spans and analyze application flows (for example, AWS X-Ray)
  • Correlating and analyzing data from distributed monitoring and logging tools
  • Reproducing runtime and deployment issues to isolate the root cause
4.2Instrument code for observability>

Knowledge of

  • Distributed tracing concepts
  • Structured logging
  • Emitting custom metrics

Skills in

  • Implementing application observability by integrating with AWS services (for example, AWS X-Ray, Amazon CloudWatch)
  • Using structured logging to make application logs machine readable and searchable
  • Generating and emitting custom metrics to represent application state and behavior
  • Adding annotations and metadata to distributed traces to aid analysis
4.3Optimize applications by using AWS services>

Knowledge of

  • Caching strategies and services
  • Concurrency and parallelism
  • Messaging services (for example, Amazon SQS, Amazon SNS)

Skills in

  • Profiling application performance to identify bottlenecks
  • Determining and remediating application performance issues
  • Optimizing applications for concurrency, scalability, and throughput
  • Working with messaging services to decouple and optimize application components (for example, Amazon SQS, Amazon SNS)