AWS Certified DevOps Engineer - Professional
Validates technical expertise in provisioning, operating, and managing distributed application systems on the AWS platform. Covers SDLC automation, configuration management and infrastructure as code, resilient cloud solutions, monitoring and logging, incident and event response, and security and compliance. Requires two or more years of experience provisioning, operating, and managing AWS environments with proficiency in implementing and managing CI/CD pipelines and automation frameworks.
Exam domains
- SDLC Automation22%
Implement CI/CD pipelines (AWS CodePipeline source stages - CodeCommit, GitHub via CodeStar Connections, Bitbucket, S3; CodeBuild buildspec.yml with phases - install/pre_build/build/post_build, batch builds, build report groups for test results, environment images - managed and custom; CodeDeploy deployment configurations - all-at-once, half-at-a-time, one-at-a-time, canary, linear, blue/green for EC2/Lambda/ECS, deployment groups, AppSpec hooks - BeforeBlockTraffic/AfterAllowTraffic, automatic rollback on alarm, deployment monitoring; cross-account pipelines via cross-account IAM roles, cross-region replication via S3 artifact buckets; pipeline approvals - manual approval actions; CodePipeline V2 with triggers, file paths, branches). Integrate automated testing into CI/CD pipelines (unit tests with CodeBuild, integration tests with SAM local invoke, contract tests, end-to-end tests against ephemeral environments, performance tests with Distributed Load Testing on AWS; test reports - JUnit, NUnit, Cucumber, TestNG; quality gates - failure on test threshold; security testing - SAST with CodeGuru Reviewer, DAST, dependency scanning with Inspector and CodeArtifact; smoke tests in canary deployments). Build and manage artifacts (Amazon ECR for container images - immutable tags, lifecycle policies, scanning on push and continuous scanning, cross-region replication, cross-account access; AWS CodeArtifact for package management - npm/PyPI/Maven/NuGet, upstream repositories, package retention and signing; S3 for build artifacts with versioning and encryption; AWS Signer for code signing of Lambda functions and container images). Implement deployment strategies (blue/green at multiple layers - Route 53 weighted records, ALB target groups, ECS service deployments, Lambda aliases with weighted routing; canary deployments via AppMesh traffic splitting, ECS service blue/green via CodeDeploy, Lambda CodeDeploy canary; feature toggles via AWS AppConfig with hosted configurations and Lambda extension; rolling updates in Auto Scaling Groups with refresh; SAM Pipelines for serverless CI/CD).
- Security and Compliance17%
Sources
Questions are grounded in 100 references from official and authoritative materials.