AWS Certified DevOps Engineer Professional, Exams of Nursing

An overview of the aws certified devops engineer professional certification, covering topics such as sdlc automation, aws codecommit, aws codebuild, aws codedeploy, aws codepipeline, and other related aws services. It covers key features, security considerations, and best practices for implementing devops workflows on aws. Likely intended as study material or reference guide for individuals preparing for the aws certified devops engineer professional (dop-c02) exam, which is scheduled for 2024. It delves into various aws services and their capabilities, highlighting how they can be leveraged to automate and streamline the software development lifecycle. The content covers a wide range of devops-related concepts, from version control and build automation to deployment strategies and pipeline orchestration, making it a comprehensive resource for aspiring aws devops professionals.

Typology: Exams

2023/2024

Available from 08/13/2024

Ellah1
Ellah1 🇺🇸

4.3

(11)

11K documents

1 / 21

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
AWS Certified DevOps Engineer Professional
Course DOP-C02 exam 2024
Domain 1 - SDLC Automation -
create elastic beanstlak app - 1-create app
2-web server env
3-name-env or name-dev or name-prod
4-platform node.js
5-Next
6-skip to review
AWS CodeCommit - storing our code
Private Git repositories
• No size limit on repositories (scale seamlessly)
• Fully managed, highly available
• Code only in AWS Cloud account => increased security and compliance
(Developer) John (Developer) push code
• Security (encrypted, access control...)
• Integrated with Jenkins, AWS CodeBuild, and other CI tools
Version control
GitHub, GitLab, Bitbucket
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15

Partial preview of the text

Download AWS Certified DevOps Engineer Professional and more Exams Nursing in PDF only on Docsity!

Course DOP-C02 exam 2024

Domain 1 - SDLC Automation - create elastic beanstlak app - 1-create app 2-web server env 3-name-env or name-dev or name-prod 4-platform node.js 5-Next 6-skip to review AWS CodeCommit - storing our code Private Git repositories

  • No size limit on repositories (scale seamlessly)
  • Fully managed, highly available
    • Code only in AWS Cloud account => increased security and compliance (Developer) John (Developer) push code
  • Security (encrypted, access control...)
  • Integrated with Jenkins, AWS CodeBuild, and other CI tools Version control GitHub, GitLab, Bitbucket

Course DOP-C02 exam 2024

Benefits are:

  • Collaborate with other developers
  • Make sure the code is backed-up somewhere
  • Make sure it's fully viewable and auditable CodeCommit - Security - • Authentication
  • SSH Keys - AWS Users can configure SSH keys in their IAM Console
  • HTTPS - with AWS CLI Credential helper or Git Credentials for IAM user
  • Authorization
  • IAM policies to manage users/roles permissions to repositories
  • Encryption
  • Repositories are automatically encrypted at rest using AWS KMS
  • Encrypted in transit (can only use HTTPS or SSH - both secure)
  • Cross-account Access
  • Do NOT share your SSH keys or your AWS credentials
  • Use an IAM Role in your AWS account and use AWS STS (AssumeRole API) CodeCommit - Monitoring with EventBridge - You can monitor CodeCommit events in EventBridge

Course DOP-C02 exam 2024

3-Approval Rule Templates

  • Automatically apply Approval Rules to PRs in specific repositories
  • Example: define different rules for dev and prod branches aws codebuild features?
  • Security:
  • Integration with KMS for?
  • IAM for?
  • AWS CloudTrail for? - • A fully managed continuous integration (CI) service
  • Continuous scaling (no servers to manage or provision - no build queue)
  • Compile source code, run tests, produce software packages...
  • Alternative to other build tools (e.g., Jenkins)
  • Charged per minute for compute resources (time it takes to complete the builds)
  • Leverages Docker under the hood for reproducible builds
  • Use prepackaged Docker images or create your own custom Docker image
  • Security:

Course DOP-C02 exam 2024

  • Integration with KMS for encryption of build artifacts
  • IAM for CodeBuild permissions, and VPC for network security
  • AWS CloudTrail for API calls logging AWS CodeBuild what can be the source? what is the file name for build? where to store Output logs? how to to monitor build statistics? how to detect failed builds and trigger notifications? how to notify if you need "thresholds" for failures? - building and testing our code CodeCommit, S3, Bitbucket, GitHub buildspec.yml Amazon S3 & CloudWatch Logs Use CloudWatch Metrics EventBridge Use CloudWatch Alarms

Course DOP-C02 exam 2024

what are phases? what is artifact? what is cache? - • buildspec.yml file must be at the root of your code

  • env - define environment variables
    • variables - plaintext variables
    • parameter-store - variables stored in SSM Parameter Store
    • secrets-manager - variables stored in AWS Secrets Manager
  • phases - specify commands to run:
    • install - install dependencies you may need for your build
    • pre_build - final commands to execute before build
    • Build - actual build commands
    • post_build - finishing touches (e.g., zip output)
    • artifacts - what to upload to S3 (encrypted with KMS)
    • cache - files to cache (usually dependencies) to S3 for future build speedup

Course DOP-C02 exam 2024

CodeBuild - Local Build In case of need of deep troubleshooting beyond logs... what to do? - run CodeBuild locally on your desktop (after installing Docker) • For this, leverage the CodeBuild Agent CodeBuild - Inside VPC By default, your CodeBuild containers are launched where? whar are Use cases: to have codebuild inside your vpc? - outside your VPC but It cannot access resources in a VPC

  • Use cases: integration tests, data query, internal load balancers.. CodeBuild - Environment Variables 2 kinds? - • Default Environment Variables
    • Defined and provided by AWS
    • AWS_DEFAULT_REGION, CODEBUILD_BUILD_ARN, CODEBUILD_BUILD_ID, CODEBUILD_BUILD_IMAGE...
    • Custom Environment Variables
    • Static - defined at build time (override using start-build API call)

Course DOP-C02 exam 2024

what are Build Badges - • Dynamically generated badge that displays the status of the latest build

  • Can be accessed through a public URL for your CodeBuild project
  • Supported for CodeCommit, GitHub, and BitBucket
  • Note: Badges are available at the branch level CodeBuild - Triggers how do we trigger a codebuild? - CodeBuild - Validate Pull Requests - • Validate proposed code changes in PRs before they get merged
  • Ensure high level of code quality and avoid code conflicts CodeBuild - Test Reports - • Contains details about tests that are run during builds
  • Unit tests, configuration tests, functional tests
  • Create your test cases with any test framework that can create report files in the following format:
  • JUnit XML, NUnit XML, NUnit3 XML

Course DOP-C02 exam 2024

  • Cucumber JSON, TestNG XML, Visual Studio TRX
  • Create a test report and add a Report Group name in buildspec.yml file with information about your tests AWS CodeDeploy - Deployment service that automates application deployment Deploy new applications versions to -EC2 Instances,
  • On-premises servers,
  • Lambda functions,
  • ECS Services Automated Rollback capability in case of -failed deployments, or -trigger CloudWatch Alarm Gradual deployment control

Course DOP-C02 exam 2024

  • Use EC2 Tags or ASG to identify instances you want to deploy to
    • With a Load Balancer: traffic is stopped before instance is updated, and started again after the instance is updated CodeDeploy - Blue-Green Deployment - CodeDeploy Agent - •The CodeDeploy Agent must be running on the EC instances as a prerequisites
    • It can be installed and updated automatically if you're using Systems Manager •The EC2 Instances must have sufficient permissions to access Amazon S3 to get deployment bundles CodeDeploy - Lambda Platform - • CodeDeploy can help you automate traffic shift for Lambda aliases
    • Feature is integrated within the SAM framework strategies to make X evolves?
    • Linear: grow traffic every N minutes until 100%

Course DOP-C02 exam 2024

  • LambdaLinear10PercentEvery3Minutes
  • LambdaLinear10PercentEvery10Minutes
  • Canary: try X percent then 100%
  • LambdaCanary10Percent5Minutes
  • LambdaCanary10Percent30Minutes
  • AllAtOnce: immediate (jump v1 to v2) CodeDeploy - ECS Platform - • CodeDeploy can help you automate the deployment of a new ECS Task Definition
  • Only Blue/Green Deployments
  • Linear: grow traffic every N minutes until 100%
  • ECSLinear10PercentEvery3Minutes
  • ECSLinear10PercentEvery10Minutes
  • Canary: try X percent then 100%
  • ECSCanary10Percent5Minutes
  • ECSCanary10Percent30Minutes
  • AllAtOnce: immediate

Course DOP-C02 exam 2024

codepipeline orchestrate everything 0-developer pushed code to codecommit 1-codepipeline will use codecommit to build artifact and push into s3 bucket 2-codepipeline will use codebuild to pull artifact from s3 bucket 3-codepipeline will store the new artifact build by codebuild to s3 bucket 4-codepipeline will push the artifact again in codedeploy 5-codedeploy will deploy the artifact CodePipeline - what to use for Troubleshooting? If pipeline can't perform an action? what can be used to audit AWS API calls? - Use CloudWatch Events (Amazon EventBridge). Example:

  • You can create events for failed pipelines
  • You can create events for cancelled stages make sure the "IAM Service Role" attached does have enough IAM permissions AWS CloudTrail

Course DOP-C02 exam 2024

CodePipeline - Events vs. Webhooks vs. Polling - Events are the default and recommended CodePipeline - Action Types Constraints for Artifacts - CodePipeline - Manual Approval Stage - CodePipeline - CloudFormation as a Target CloudFormation Deploy Action? CloudFormation StackSets? what are Action Modes? Template Parameter Overrides? - CloudFormation Deploy Action can be used to deploy AWS resources use to deploy across multiple AWS accounts and AWS Regions Configure different settings: •Stack name, Change Set name, template, parameters, IAM Role, Action Mode.

Course DOP-C02 exam 2024

what is EventBridge does? - detect and react to changes in execution states (e.g., intercept failures at certain stages) run an API call from codepipeline CodePipeline - Invoke Action - to run an API call from codepipeline use invoke action CodePipeline - Multi Region deployment - • Actions in your pipeline can be in different regions

  • Example: deploy a Lambda function through CloudFormation into multiple regions
  • S3 Artifact Stores must be defined in each region where you have actions
  • CodePipeline must have read/write access into every artifact buckets
  • If you use the console default artifact buckets are configured, else you must create them
  • CodePipeline handles the copying of input artifacts from one AWS Region to the other Regions when performing cross-region actions
  • In your cross-region actions, only reference the name of the input artifacts

Course DOP-C02 exam 2024

CodePipeline - CloudFormation Integration - • CREATE_UPDATE - create or update an existing stack

  • DELETE_ONLY - delete a stack if it exists AWS CodeStar - manage software development activities in one place connect github to AWS AWS CodeArtifact - store, publish, and share software packages AWS CodeGuru - automated code reviews using Machine Learning Continuous Integration (CI) explain de process developer/repo/build,test/developer what are advantages? - • Developers push the code to a code repository often (e.g., GitHub, CodeCommit, Bitbucket...)
    • A testing / build server checks the code as soon as it's pushed (CodeBuild, Jenkins CI...)
    • The developer gets feedback about the tests and checks that have passed / failed