AWS Certified DevOps Engineer - Professional

[MUSIC] In this segment, we're gonna take a look at the AWS Certified DevOps Engineer Professional exam. In particular, what are the expectations as far as what we're gonna learn? Who should be ready to take this exam or studying for this exam? How do we sign up? And then what to expect when it comes exam day. Now as far as one of those questions, who should be taking this exam? Before we see anything else, I'm gonna tell you, as of recent, the requirements for an associate level certification from AWS in order to sit for a professional exam were removed. So if you wanna come in and you have no certs but you've had a great deal of DevOps, right? A DevOps experience, then you could go sit for the exam and possibly achieve that certification. However, with that said, I found that through my training, through my studying, through my exploration of really cementing some of the associate level concepts, I was more prepared to tackle the DevOps Engineer exam. Now, what is the DevOps Engineer Professional exam? Let's go and take a look at my screen here. And recently this has been updated, it just came out of beta at this recording. The DevOps Engineer exam essentially wants to see, can you implement and manage continuous delivery systems, right? Can you implement those using appropriate methodologies? What about security controls, governance processes, compliance validations? Can you define and deploy monitoring metrics logging systems? You really need those, and well, it can get fairly deep in AWS. Can you implement highly scalable, highly available, and self healing systems on AWS platform? And can you design, manage, and maintain tools to automate those processes? Now the recent update, there is a little more emphasis on some design aspects particularly around the continuous delivery systems. I guess integration is in there, but also on how to use the tooling in order to monitor, automate, make sure you have appropriate logs, implement security controls. And along with that, there is kind of an assumption. If you're doing the DevOps Engineer, there's an assumption that you have some developer experience, or at least some programming experience. And you have so architectural or sysadmin experience like sysops experience. So this is melding, if you are a developer who've taken the Certified Developer Associate exam, this is your professional level exam. If you are a solutions architect, you actually take the Solutions Architect Professional exam. If you are a sysops admin, you'll also take the DevOps Engineer exam. So as far as progressing through those, that's kind of how it works. DevOps Engineers, the final piece for developers and sysops admins or sysadmins. And well, the solutions architect those go more to design and for scalability fault tolerance, those type of things. Now the exam itself, it's pretty much like all the other AWS exams so if you've taken them. If you haven't, t it consists mostly of multiple choice and multi-select. When I say mostly I mean all, the mostly there is there is some multiple choice, there's some multi-select. Now the multi-select is choose all the answers that satisfy the following. Choose all the answer that are not correct, those type of things, multiple choice or single answer. Those are delineated on the exam through the user interface. You have 170 minutes to complete the exam, you can get it in English and Japanese. The exam registration fee is $300, so it's a little more expensive than the associate-level exams. There's a recommendation on training but you're here for that training. So what are we expected to learn in the upcoming series? And if we hop over here, not to that one, but instead to this exam guide. When preparing for this exam guide, I recommend, or excuse me, when preparing for the exam, I recommend reading these AWS whitepapers. Some of them are very dense, some of them are very specific, for instance Jenkins on AWS. Well, Jenkins is continuous integration tool, right? You can have build pipelines, but there is also AWS services. Such as CodePipeline, CodeDeploy, CodeBuild, CodeCommit, that may replace your Jenkins requirements. Or why would you read the Jenkins paper then? The reason being is some of those practices may translate to the AWS specific services, there is practicing continuous integration and continuous delivery. These are fairly recent papers other than development and test and introduction to DevOps are a little bit older. Now part of these this blue/green deployment, there's a great number of deployment methodologies. Blue/green is really emphasized, red/black, a/b, immutable versus one at a time, it can get dense. So I recommend taking a look at that paper. If nothing else than kind of highlight the high level between these deployment times and to some extent that will roll over into this practicing continuous integration. Infrastructures code inside of AWS that is cloud formation. To some extent, micro services and containers kinda ends up in there too, cuz you may provision those with cloud formation. You should know a fair amount about cloud formation, but you should also be aware of other tools that do a similar thing. It could be the CLI, right? You may have a set of scripts that provisions and sets up through batch scripts or maybe in PowerShell scripts depending on your environment. Your small little servers or maybe it's just few computers that are networked together. That may work, but if you have large scale systems with load balancers and elastic IPs and EBS storage and an S3 bucket. And maybe lambda functions, and that's all in a CodePipeline that has a CodeBuilt. It can get very complicated. How do I manage that, as well as changes to that, that can be reviewed for security and monitoring compliant, right? Kind of the, how do I monitor? Am I monitoring correctly? Is this secure? Am I managing my security policies appropriately? Well, cloud formation allows you to do that, but there are other tools such as Terraform. Now the exam isn't necessarily going to cover Terraform, but you should know that cloud formation is the main push in AWS, but there are open source corollaries. And maybe that helps you cement some of those ideas, within the series we're gonna focus mostly on cloud formation as well as Puppet, Chef through OpsWorks. And to some extent just some of the other provisioning capabilities where you can prebuild AMIs, set those up and that becomes part of your system capabilities or kind of a store if you will. Now, those are the whitepapers, but what specifically? On the previous exam there was mostly, kind of this automation containers integration that kinda lumped all of that together in a large portion in the exam. They further segmented those domains to break this up, it's roughly evenly distributed policies and standards automation is 10%, so that's the lowest amount. But you'll notice configuration management and infrastructure as code, right? That's some of those automation tools as well. Monitoring and logging, could be some automation there as well, right? You're pushing logs automatically you're retrieving logs upon EC2 spin-down, SDLC, software development life cycle automation, right? Some of your deployment models, how you're setting things up, how you're building. And with that SDLC, some of the numerous services that you should be aware of are CodePipeline, CodeBuild, CodeDeploy, CodeCommit. That many or more developer bend, but could be utilized during a review process for releases and deployment or as far as packaging up for deployments. So that's 22% in the exam, that's a fair amount. Coming in at 19%, configuration management infrastructure to code. Technically, these kind of live together, cuz infrastructure of code could be part of your SDLC, right? You're provisioning infrastructure from CloudPipeline or, excuse me, CodePipeline not CloudPipeline, there's too many clouds there. You provision your infrastructure, and then you deploy your application. Well, do you need to provision your infrastructure every time? Well, no, but that might be in a source code repository that uses version control. So you said, this is what our infrastructure looks like, everything looks good. I don't have any change sets to apply, I can go ahead and deploy my new version. Monitoring and logging, that's also during your provisioning stages and your deployment stages. Am I collecting logs appropriately? Am I setting up log groups appropriately? What are appropriate monitoring policies? And speaking of policies, policies and standards automation. Am I HIPPA compliant? Am I PCI compliant? How do I make sure I can check those? Well, there are automations that allow you to go, here are the policies that I need to enforce, my security groups can't be wide open, right? The only thing that's available is a bash and host. Well, how do I check this? There are ways to check those and automate that check. Incident and event response along with high availability fault tolerance and disaster recovery. This last little bit is 34%, right? These two combined domains. Well, sometimes those kind of meld together, right? Event response, disaster recovery, fault tolerance kind of go in there and to some extent, how do you know there was an incident? You have appropriate monitoring and logging, and you have appropriate policies in place for how you respond, it's kind of all mingle, right? Even though there's these top level domains. If you scroll down a little bit, you get little more kind of delineated, it's not super specific. But take a look at these and we cover each one of these points in the upcoming courses, determine source control strategies and how to implement them. I will talk about CodeCommit, so this is AWS ecosystem, how do I use that, how do I set that up, how do I integrate with that? Do I use SSH or do I use HTTPS? Can I use IAM to access that,? How do I manage users? We talk about all of that as well as hey, how do I aggregate store and analyze logs? How I determine appropriate use of multi-AZ versus multi-region architectures. So there comes some of that design, but the design happens because of how your deployment strategies may change. Well, if I need multi-AZ or versus multi-region, why would I need, how do I deploy that? Do I have kind of a pilot light or do I have full backup system that I can do a quick switch over? So I'll definitely take a look at this but, and we'll also be covering each and everyone of this topics in the upcoming course. Now, what they said, if you wanna kind of practice for the exam, right? There is a sample exam on the Certified DevOps Engineer website. Actually if you come back to my screen real quick, then right here there is that exam guide, that's where I got it. And I got Sample questions, that is at aws.amazon.com/certification/certified-de- vops-engineer-professional. And I think it's about ten questions, you can answer these questions, there is a key at the bottom. This is a good metric, but it doesn't necessarily cover all types of questions or the difficulty level of said questions. It does at least say, select three, so you're not like, select all that apply, that becomes difficult. Once you feel comfortable, right, you went through our training course, you're lie, I am ready, I know this. Well, how do you sign up for the exam? Now, I have logged in to my training, my certification portal. So this is my personal one. And you can find this at AWS Training, and if I come to AWS Training and I click on Certification. That is aws.training by the way, if I come to Certification, it will ask me to come to my Certification Account. Now this is a CertMetrics account, it's run through part CertMetrics, the Exam Proctor is actually a little bit different than has been. If you've taken AWS exams a while back, used to be able to take them via Webassessor. I haven't been able to find out a way recently to do the Webassessor exams. You have to use PSI, which administers like FAA exams and such. So I took mine in an airport interestingly enough, but you'll have to find a local one. Well, once you get your CertMetrics portal set up, this is tied to Amazon now. Kinda has the Amazon feel, you know your profile, when your exams are coming up, what certifications, not only your transcripts but also additional benefit. When you pass an exam, you get free vouchers or access to certain programs. But if I want to either manage or schedule a new exam, it's just right here. And I click it, and it takes me back to the AWS Training, so it's logged me out. I'm gonna log back in real quick, and as I log in, right? It's gonna take me back, I'm gonna schedule a new exam. And now it's gonna redirect me to the PSI website. At this point, you come and find your exam. What exam are we taking? We are taking the AWS Certified DevOps Engineer Professional. You'll click Schedule Exam, and it'll say there is more than one, that's because this is coming out of Beta there is also a retired exam that is being phased out. Be careful to pick the appropriate one, typically what'll happen is the retired exam won't be available for the dates. You'll select your language and then, given the capability. It will find the nearest testing center or at least prepopulate your zip and poster code, and then you can search for the exam center. From there, just fill out your credit card information, sign up, you'll get an email confirming. It'll be on your dashboard, make sure you have the appropriate sets of ID. Need two valid forms of ID, don't take in your cellphone, and the kinda the normal exam thing. Now this is the one, there's gonna be a very dense material but we have you covered. And if you're looking to level up your game, then I hope to see you in upcoming episodes. [MUSIC]