Thank you so much AWS. I learned a lot about AWS Development services and best practices. Here are some tips that mighe be useful if you are about to take this exam. Things change quick in here so these are my tips as of 09/18/2021. Of Course this are not a complete list but my top 10.
- There is a lot of emphasis on Serverless patterns and in particular Lambda functions. Make sure you understand Asynchronous Vs Synchronous Invocations, Event Source Mapping, Cloud Watch Events and how Lambda integrates with other AWS Services. Also the key numbers about Lambda are good to know like Concurrency limits, Memory, storage capacity in /tmp and understand how concurrency applies for Event Source mapping Vs Asyn Invocations. Also very important to understand the IAM Roles that apply to Lambda and what needs to be done for allowing cross account access. A popular topic that I did not encounter in exam seems to be Lambda deployment [CF or SAM] and Canary deployments.
- Make sure you understand the API Gateway. Gateway Integration types (for Lambda and Other Services) and understand their differences, Integration timeouts, errors received when timed out, Services that it integrates with etc. Absolutely essential to understand API Gateway Security and methods that can be used for that (IAM, Resource policies, Cognito User Pools, Custom Integration for token or query string authentication). Good to know about CORS and Caching for API Gateway with their default numbers (time out and how to invalidate for authorized users).
- Cross Account Access of resources using STS and other mechanisms for receiving temporary credentials to make API Calls (Cognito Identity Pools, Web Identity Fedration, SAML / LDAP). Essential to understand STS AssumeRole API and trust boundaries. Also I would suggest to checkout API Calls supported by STS to understand their use cases
- AWS Developer Services like CodeCommit, CodeBuild, CodeDeploy and CodePipeline. Important to understand how to get GIT credentials for CodeCommit, buildspec, appsepc files, Phases of Inplace deployments, In place and Blue Green Deployments and their limitations, Code Deploy Agent. SQS (standard vs FIFO Queues), visibility Timeouts, delay Queues. SNS FIFO Topics and their integration with FIFO Queues. Important to understand the SNS Fanout pattern. Another important topic is which service to use for secrets [Secrets manager/SSM Parameter Store/ Environment Variables]. Another topic that came up was Cloud Formation intrinsic Functions and Stacksets.
- Debugging and Troubleshooting with X-Ray. Important to know how to install/enable the agent in different Environments like (EC2/Lambda/Elastic Beanstalk/ ECS) and how to implement agent in container environments. Important to understand how to instrument application using AWS SDK. The agent communicates on UDP Port 2000. For the service some high level concepts like Traces, Segments, Subsegments, Annotations, Metadata and Sampling Rules.
- Understand ECS Task, Cluster and Service. Also important to understand the high level architecture (EC2 or Fargate). In case of EC2 understand the Instance Profiles used to make API Calls to ECS Service Vs Container Roles. Very important to go over data sharing mechanisms between containers.
- Understanding Envelope Encryption is absolutely essential. Good to know the APIs involved (GenerateDataKey, Encrypt, Decrypt etc) and their limits. Also understand the Master Key, Data Key which of the keys are encrypted, how to get a plaintext key from Encrypted Key.
- DynamoDB is a super important topic. Absolutely important to know about [Streams and Viewtypes, TTL, Conditional Writes, Projection Expressions, Optimistic Locking, Differences between LSI and GSI and their impacts on throttling, How to calculate Read and Write Capacity, Ways to optimize Scans etc
- S3 Server Side Encrytion Mechanisms and when to use SSE-S3, SSE-KMS, SSE-C or client side encryption. Important to understand who manages the key and how is it rotated/tracked. Other S3 scenarios are Multipart Uploads, Transfer Acceleration, Parallel Uploads etc.
- Deployment strategies in Elastic Beanstalk. Different scenarios like impact of failed deployments, deployments on totally new instances, supporting Traffic shifting, down time and reduced capacity during deployments.
Those were just my Top 10. There is much more to go over and practice. I highly recommend some hands on exercises. Nothing like the Console to gain more confidence. I enjoyed this exam a lot and my next challenge is the SysOps Admin exam. I hear the format recently changed and it requires some practical hands on in the exam. I look forward to the challenge and hopeful that I will write a similar post after that 🙂 Best of Luck if you are considering taking this exam.