Content domains
The 4 domains of DVA-C02, with every task statement and its objectives from the official guide. Study a whole domain, or drill a single task.
1Development with AWS Services
32% of examStudy domain
1.1Develop code for applications hosted on AWS22 q>
Knowledge of
- Architectural patterns (for example, event-driven, microservices, monolithic, choreography, orchestration, fanout)
- Idempotency
- Differences between stateful and stateless concepts
- Differences between tightly coupled and loosely coupled components
- Fault-tolerant design patterns (for example, retries with exponential backoff and jitter, dead-letter queues)
- Synchronous and asynchronous patterns
- APIs (for example, REST, GraphQL) and integration with AWS services
- Messaging services (for example, Amazon SQS, Amazon SNS)
Skills in
- Creating and integrating APIs programmatically (for example, by using AWS SDKs, custom APIs, and Amazon API Gateway)
- Applying integration and messaging patterns (for example, queue-based, pub/sub, event-driven) to loosely couple components
- Writing and integrating application code with AWS services by using AWS SDKs
- Handling data streaming by using AWS services
- Implementing idempotency to make applications repeatable and fault tolerant
- Managing event- and non-event-driven application flows
- Applying fault-tolerant mechanisms and design patterns (for example, retries, dead-letter queues)
- Writing and running unit tests to validate application code locally
1.2Develop code for AWS Lambda22 q>
Knowledge of
- Event source mapping
- Stateless applications
- Unit testing of serverless code
- Event-driven architecture
- Scalability and concurrency of serverless applications
- How to use containers with Lambda
- Configuration of Lambda functions (for example, memory, concurrency, timeout, runtime, handler, layers, extensions, environment variables, triggers, destinations)
Skills in
- Configuring Lambda functions to meet requirements (for example, concurrency, memory, timeout, event source mappings)
- Handling the function lifecycle to avoid persistent storage of data
- Configuring triggers to invoke Lambda functions (for example, Amazon EventBridge rules, event source mappings)
- Authoring, packaging, and deploying Lambda functions with dependencies and layers
- Integrating available AWS services and features with Lambda functions
- Tuning code for optimal Lambda performance (for example, cold start, memory, concurrency)
1.3Use data stores in application development22 q>
Knowledge of
- Relational and non-relational databases
- CRUD (create, read, update, delete) operations
- High-cardinality partition keys for balanced partition access
- Cloud storage options (for example, file, object, databases)
- Database consistency models (for example, strongly consistent, eventually consistent)
- Query compared with scan operations for non-relational databases (for example, Amazon DynamoDB)
- Caching strategies (for example, write-through, read-through, lazy loading, TTL)
- Amazon S3 tiers and lifecycle management
- Ephemeral compared with persistent data storage patterns
Skills in
- Serializing and deserializing data to provide persistence and retrieval
- Modeling and structuring data to be stored in databases and data stores (for example, schemas, partitions, indexes)
- Managing the data lifecycle to comply with business requirements
- Using data caching services to meet business and application requirements (for example, Amazon ElastiCache, DynamoDB Accelerator [DAX])
- Working with data by using CRUD operations against AWS data stores
- Configuring, querying, and writing data by using AWS services (for example, Amazon RDS, DynamoDB, Amazon S3)
2Security
26% of examStudy domain
2.1Implement authentication and/or authorization for applications and AWS services22 q>
Knowledge of
- Identity federation (for example, SAML, OpenID Connect, Amazon Cognito)
- Bearer tokens to authenticate service-level requests (for example, JWT, OAuth, AWS Security Token Service [AWS STS])
- Role-based access controls and permissions policies (for example, difference between IAM managed policies and inline policies)
- Application authentication and authorization mechanisms (for example, resource-based policies, service policies, principal policies, role-based policies)
Skills in
- Implementing authentication and authorization by using AWS services and features (for example, Amazon Cognito, IAM roles, IAM policies, AWS STS)
- Using AWS STS to assume IAM roles for temporary, limited-privilege credentials
- Making authenticated calls to AWS services by using AWS SDKs and IAM credentials
- Verifying permissions by using policies and resource access controls
- Managing and rotating short-lived credentials for programmatic access
2.2Implement encryption by using AWS services22 q>
Knowledge of
- Encryption keys and management (for example, AWS Key Management Service [AWS KMS])
- Certificate management (for example, AWS Certificate Manager [ACM])
- Encryption options for data at rest and data in transit (for example, client-side encryption, server-side encryption)
Skills in
- Using encryption keys to encrypt and decrypt data (for example, AWS KMS)
- Generating certificates and SSH keys for use during development
- Encrypting and decrypting data at rest by using client-side and server-side encryption (for example, Amazon S3, DynamoDB, Amazon EBS)
- Encrypting data in transit by using TLS and ACM certificates
2.3Manage sensitive data in application code22 q>
Knowledge of
- Data classification (for example, personally identifiable information [PII], protected health information [PHI])
- Environment variables
- Secrets management (for example, AWS Secrets Manager, AWS Systems Manager Parameter Store)
Skills in
- Encrypting environment variables that contain sensitive data
- Using secret management services to secure sensitive data (for example, AWS Secrets Manager, Systems Manager Parameter Store)
- Sanitizing sensitive data in logs, error messages, and application output
3Deployment
24% of examStudy domain
3.1Prepare application artifacts to be deployed to AWS22 q>
Knowledge of
- Managing configuration data by using AWS services (for example, AWS AppConfig, AWS Secrets Manager, AWS Systems Manager Parameter Store)
- Application deployment methods and packaging (for example, Lambda deployment packages, container images)
- Version control and dependency management
- Organization of files and directory structures for deployment
Skills in
- Managing application environment variables, secrets, and configuration data
- Preparing application packages and directory structures for deployment to AWS services
- Organizing files and directories for deployment to AWS services
- Managing the dependencies of the code module for deployment
3.2Test applications in development environments22 q>
Knowledge of
- AWS services and tools to deploy testing based on requirements (for example, AWS Serverless Application Model [AWS SAM], AWS CloudFormation)
- Application deployment and testing across services (for example, mock integration, cross-service testing)
- Integration testing of individual components and services
Skills in
- Testing deployed code by using AWS services and tools
- Performing mock integration for services and testing the application configuration
- Identifying deployment and configuration issues before promotion to production
3.3Automate deployment testing22 q>
Knowledge of
- Different types of testing (for example, unit tests, integration tests, acceptance tests, user interface tests, security tests)
- Infrastructure as code (IaC) (for example, AWS SAM templates, AWS CloudFormation templates)
- Continuous integration and continuous delivery (CI/CD) pipelines and processes
Skills in
- Automating the testing of deployed applications in a CI/CD pipeline
- Setting up scalable and repeatable testing environments
- Choosing the correct type of test based on requirements
- Performing integration testing and measuring test coverage
3.4Deploy code by using AWS CI/CD services22 q>
Knowledge of
- Deployment strategies (for example, canary, blue/green, rolling, all-at-once)
- Application rollback based on deployment failures
- API versioning and lifecycle management
- Configuration and use of AWS SAM and CI/CD services
Skills in
- Preparing an application to be deployed to AWS (for example, AWS SAM)
- Applying appropriate deployment strategies (for example, canary, blue/green, rolling)
- Deploying application code and updates by using CI/CD services
- Managing application and API versioning during deployment
- Using a configuration management service during deployment
4Troubleshooting and Optimization
18% of examStudy domain
4.1Assist in a root cause analysis22 q>
Knowledge of
- Logging and monitoring systems (for example, Amazon CloudWatch, AWS X-Ray, AWS CloudTrail)
- Data querying (for example, Amazon CloudWatch Logs Insights)
- Common HTTP error codes and their meanings
- The application deployment lifecycle and how failures surface
Skills in
- Interpreting metric and log outputs to identify the root cause of issues
- Using tracing tools to inspect spans and analyze application flows (for example, AWS X-Ray)
- Correlating and analyzing data from distributed monitoring and logging tools
- Reproducing runtime and deployment issues to isolate the root cause
4.2Instrument code for observability22 q>
Knowledge of
- Distributed tracing concepts
- Structured logging
- Emitting custom metrics
Skills in
- Implementing application observability by integrating with AWS services (for example, AWS X-Ray, Amazon CloudWatch)
- Using structured logging to make application logs machine readable and searchable
- Generating and emitting custom metrics to represent application state and behavior
- Adding annotations and metadata to distributed traces to aid analysis
4.3Optimize applications by using AWS services22 q>
Knowledge of
- Caching strategies and services
- Concurrency and parallelism
- Messaging services (for example, Amazon SQS, Amazon SNS)
Skills in
- Profiling application performance to identify bottlenecks
- Determining and remediating application performance issues
- Optimizing applications for concurrency, scalability, and throughput
- Working with messaging services to decouple and optimize application components (for example, Amazon SQS, Amazon SNS)