AWS Developer Certification – Exam Tips

AWS provides certifications in 3 major categories called Developer certification, Sysops/devops certification and  solutions architect certifications.

Each category has Associate and Professional level certifications, like AWS developer certification assoicate and AWS developer certification professional etc.

For any professional certifications, relevant associate certification is mandatory to complete.

We are going to see the complete details which you need to know about AWS developer certification and exam tips in this post.

AWS Official link for AWS Developer Certification

AWS Certified Developer–Associate (DVA-C01) Examination Guide

 

AWS Developer Certification – Topics:

IAM (Identity Access Management)

  • Users, Groups, Roles and Policies are part of IAM.
  • IAM is universal, meaning it is not specific to region levels.
  • The account which you used to create and login to AWS is also referred as “root account” and it has all the access by default.

Users:

  • Whenever you create a new user, they will not have any permissions on any of the aws services.
  • Access Key ID & Secret Access Keys are assigned when the new users are created, new user will not be able to login to AWS management console using these keys, however they will be able to login to AWS CLI/API’s.
  • Do remember that Access Key ID & Secret Access Keys are displayed only once when the new user is created, if you missed it then you have to regenerate it.
  • Enabling Multi factor authentication (MFA) on your root account is a best practice and most secured way.

 

S3 (Simple Storage Service)

  • S3 is a object storage service provided by AWS.
  • Objects/files can be of size from 0 Bytes to 5 TB (Max size of a single object).
  • S3 provides unlimited storage.
  • Every object/file is stored in a bucket based storage.
  • When you want to create any s3 bucket you need to provide the namespace and do remember that namespace is universal.

Eg: https://s3.us-east-2.amazonaws.com/ilogoswebp/ajio.webp
here ilogoswebp is the namespace created and it will not be allowed to create in other regions like us-west-1 or us-east-1 etc.

  • S3 provides different storage tiers like S3 (default and Frequently access), S3-Infrequently Accessed, S3 – One Zone IA, S3 – Reduced Redundancy Storage & Glacier.
  • S3 allows us to do bucket specific policy configurations.
  • An S3 bucket will have properties like Key, Value, Version ID, MetaData.
  • S3 never allows to install OS or any software’s on it, it is only for files and objects.
  • Whenever you performed successful S3 upload, you will get HTTP 200 response code.
  • Newly created S3 buckets are “Private” by default.
  • S3 provides Bucket level (using Bucket Policies) and Object level(using Access Control Lists) access controls.
  • It is possible to track the access of a particular S3 bucket by enabling access logs.
  • S3 can be added with the policy to allow only encrypted files for secured storages. Encryption can be performed during upload/rest.
    • SSL/TLS can be used during In transit encryption (x-amz-server-side-encryption should be available in the request header part for allowing only in transit encryptions / uploading only encrypted files.)
    • SSE-S3 (Server Side Encryption – S3) , SSE-KMS, SSE-C are server side encryption.
  • S3 CORS (Cross Origin Resource Sharing) must be configured to enable accessing other S3 buckets, example scenario would be S3 can be used to host static websites, if suppose any of the resource which static website needs present in the another S3, then S3 CORS must be enabled to access it.

EC2

DynamoDB

KMS

Serverless

SQS

SES

SNS

ELB

RDS

Kinesis

CodeCommit

CodeDeploy

CodePipeline

CloudFormation

Cognito

CloudWatch

CloudTrail

CloudFront

  • Cached datas will be stored in Edge Locations.
  • Edge location is totally different from Availability Zones / Regions.
  • Origin needs to configured for CloudFront configurations, origin can be S3 Bucket/EC2 instance/Route 53 or Elastic Load Balancer.
  • RTMP (Protocol for media streaming) can also be used for cloud front caching.
  • Edge locations can be used for writing also, because cached datas are stored in edge locations, it does not mean that only READ data’s can be stored.
  • Objects are cached based on the TTL config (Time To Live).
  • Do remember that if you like to invalidate/clear the cache manually from your side then you will be charged for the same.
  • CloudFront is best when you want to perform more GET calls.

 

 

Leave a Reply