Scott's Journey on Passing AWS DevOps Engineer Professional Certification

fantastichsieh

Scott Hsieh 🇹🇼

Posted on October 3, 2021

Scott's Journey on Passing AWS DevOps Engineer Professional Certification

AWS DevOpe Engineer Professional

Content Table

Prologue

After passing the AWS DAS in February this year, I'd been fascinating about how to become a professional lazybones[3] in spare time apart from building custom CDK constructs, sharing at the AWS Taiwan UG, internal sharing in my own company, and recording for an external session. All of sudden, I felt gotta keep moving on towards goals after studying the quintessence of lazybones for a while. So, the journey of pursuing the AWS DevOps Engineer Professional Certification began at that moment.


Official Exame Guide

Like you will check how many mountain trails you gotta walk through for taking down the Taipai Grand Trail and what materials you need to collect so that you could get a legendary weapon Kudzu for your ranger in Guild War 2. To get the One Piece of the DOP, you have to evaulaute whether you've had quite some sense what specific enterprise scenarios (cases) are going to show up in this certification and what AWS services you could consider resolving the issues transpired in those cases. From the website, you could see:

Validation on candidates' ability

  • Implement and manage continuous delivery systems and methodologies on AWS
  • Implement and automate security controls, governance processes, and compliance validation
  • Define and deploy monitoring, metrics, and logging systems on AWS
  • Implement systems that are highly available, scalable, and self-healing on the AWS platform
  • Design, manage, and maintain tools to automate operational processes

Recommended knowledge and experience

  • Experience developing code in at least one high-level programming language; building highly automated infrastructures; and administering operating systems
  • Understanding of modern development and operations processes and methodologies
  • Ability to implement and manage continuous delivery systems and methodologies on AWS
  • Ability to implement and automate security controls, governance processes, and compliance validation
  • Ability to define and deploy monitoring, metrics, and logging systems on AWS

In the exam guide, we could see the content expounds more detail into 6 fields that this certification is going to test whether you can respond rapidly towards forementioned enterprise scenarios and understand what AWS services can fulfil the requirements in those cases.

+----------+----------------------------------------------------------+-----+
| Domain 1 | SDLC Automation                                          | 22% |
+----------+----------------------------------------------------------+-----+
| Domain 2 | Configuration Management and Infrastructure as Code      | 19% |
+----------+----------------------------------------------------------+-----+
| Domain 3 | Monitoring and Logging                                   | 15% |
+----------+----------------------------------------------------------+-----+
| Domain 4 | Policies and Standards Automation                        | 10% |
+----------+----------------------------------------------------------+-----+
| Domain 5 | Incident and Event Response                              | 18% |
+----------+----------------------------------------------------------+-----+
| Domain 6 | High Availability, Fault Tolerance, and Disaster Recover | 16% |
+----------+----------------------------------------------------------+-----+
Enter fullscreen mode Exit fullscreen mode

SDLC Automation

  1. Apply concepts required to automate a CI/CD pipeline
  2. Determine source control strategies and how to implement them
  3. Apply concepts required to automate and integrate testing
  4. Apply concepts required to build and manage artifacts securely
  5. Determine deployment/delivery strategies (e.g., A/B, Blue/green, Canary, Red/black) and how to implement them using AWS services

Configuration Management and Infrastructure as Code

  1. Determine deployment services based on deployment needs
  2. Determine application and infrastructure deployment models based on business needs
  3. Apply security concepts in the automation of resource provisioning
  4. Determine how to implement lifecycle hooks on a deployment
  5. Apply concepts required to manage systems using AWS configuration management tools and services

Monitoring and Logging

  1. Determine how to set up the aggregation, storage, and analysis of logs and metrics
  2. Apply concepts required to automate monitoring and event management of an environment
  3. Apply concepts required to audit, log, and monitor operating systems, infrastructures, and applications
  4. Determine how to implement tagging and other metadata strategies

Policies and Standards Automation

  1. Apply concepts required to enforce standards for logging, metrics, monitoring, testing, and security
  2. Determine how to optimize cost through automation
  3. Apply concepts required to implement governance strategies

Incident and Event Response

  1. Troubleshoot issues and determine how to restore operations
  2. Determine how to automate event management and alerting
  3. Apply concepts required to implement automated healing
  4. Apply concepts required to set up event-driven automated actions

High Availability, Fault Tolerance, and Disaster Recovery

  1. Determine appropriate use of multi-AZ versus multi-Region architectures
  2. Determine how to implement high availability, scalability, and fault tolerance
  3. Determine the right services based on business needs (e.g., RTO/RPO, cost)
  4. Determine how to design and automate disaster recovery strategies
  5. Evaluate a deployment for points of failure

Tips for Real Exam

Compute

Such as EC2, Elastic Beanstalk, Lambda, ECS, and Fargate, you need to grasp basic understanding of these services. By saying basic understanding, it doesn’t mean reading over related official documentations is enough, but at least you gotta equipped with operation experience of those services via the Web Console. Of course, if you work hard enough, deploying the services by CloudFormation (CFN will be used in the rest of the article) or the CDK can be beneficial both to smashing DOP and your own DevOps experience.

EC2 can be utilized to become an AP or API server; From scratch, you probably will grow your system gradually from a single functionality based on requirements. During the time, you might still log in the EC2 where your system, or function aggregation, resides via ssh with a key pair to manage the code snippets that support your system or service. Aside from ssh, is there a safer way to log in? Have you ever operated EC2 Instance Connect and Session Manager in AWS Systems Manager? To log in an EC2 server via two forementioned methods, do you know what steps you need to go through on authorization and configuration so that a user can log in via the services?

As time passes, you might realize that during some specific time spans, requesting number to your service, or server, is large and your server cannot handle this copious amount of requesting. Do you know in this moment you could consider using Elastic Load Balancing and EC2 AUto Scaling to tackle this kind of issue? About launch templates (LT) and launch configuration (LC), can you explain the difference between the two and what scenarios they are suitable? Is there any connection between Auto Scaling Groups (ASG), and LT and LC? What are EC2 Auto Scaling lifecycle hooks? What states are included in the lifecycle hooks? What events, or states, are followed after the scale-out and scale-in events? If traffic in the coming future cannot be predicted or depicted, among multiple scaling strategies of Auto Scaling, what option you can consider? After grasping all of the scaling strategies, what are their proper usage scenarios? What phenomena will make auto scaling start to work? Can I trigger auto scaling based on some condition? What conditions can I select? If auto scaling is at the scale-in state, before compute instances are going to be terminated, you want to snapshot the instances or create the AMIs, do you know in what state of the lifecycle hooks allows you to define the forementioned custom actions? Or what if there are running compute instances in an ASG, and for regulation purpose, the instances need to be attached the 2nd network interface for connecting to an independent subnet managed by other business unit, what you can do in the lifecycle hooks in order to achieve the requirements?

Alt Text Introducing Native Support for Predictive Scaling with Amazon EC2 Auto Scaling[41]

In terms of Elastic Load Balancing, can you name all of the load balancers[9]? In what aspects there is the difference between Application Load Balancer (ALB) and Network Load Balancer (NLB)? In the OSI model, which kind of OSI level for load balancing do they support respectively? If load balancing is required to be integrated with Lambda, what load balancer should be chose?

Do you know what things Elastic Beanstalk as a service can do for you automatically? What are Elastic Beanstalk composed of? Can environment be categorized? If there are multiple kinds of environments, what specific tasks they are especially good at? What is .ebextensions for? What can it achieve? Can I modify hardware spec of compute instances via .ebextensions?

Alt Text Model serving in Java with AWS Elastic Beanstalk made easy with Deep Java Library[28]

With micro-service architecture becoming more popular and popular, after assimilating related concepts[18][27][43], its history[20], and what AWS services can assist you in building micro services[8], you'll enter the world of Lambda, ECS, and Fargate. How many phases are there in terms of AWS Lambda execution environment? What programming languages does it support natively, or directly? If a programming language that isn't supported by AWS is preferred to be executed, what method you could consider to achieve the goal? What are the least permissions for an AWS Lambda function to be executed? If integration with other AWS services via Lambda is required, what needs to be done as wishes? If a web server hosted on an EC2 instance with authentication functionality is intended to be migrated to Lambda as serverless service, what components might be changed compared to the original architecture?

Alt Text How to get notified on specific Lambda function error patterns using CloudWatch[29]

ECS is for containers, as a managed service, what components are there in ECS? Like task definition, auto scaling, container agent, etc., you're supposed to distinguish components of ECS. Just follow classic examples on the official documentations for hands-on experience, with explanation in the technical documentations and a fabulous late melt with Hokkaido milk. What is the relationship between ECS and ECR? Do they need each other to work, or they can be combined to work together? Is there any one between the services that can execute other task independently?

Alt Text Figure in How Steamhaus Used AWS Well-Architected to Improve Sperry Rail’s Artificial Intelligence System

You still need to manage web servers by deploying your applications or services to ECS, there exists operation cost to some extent. Hence, AWS who captured the customers' need launched AWS Fargate. What differences there are between the ECS container service and AWS Fargate? Why the need of AWS Fargate is getting more and more? When you attempt to figure out carefully, you'll realize what elegant and efficient developing experience is.

Alt Text Figure in Game Server Hosting on AWS Fargate

Networking & Content Delivery

On the aspect of VPC, you'll also need some understanding, after all, the services mentioned so far are built upon VPC (except Amazon ECS Anywhere, Amazon EKS Anywhere, and AWS Outposts). Like what public subnets, private subnets, route tables, network ACL, and security group (SG) are. What are ENI, CIDR, Internet Gateway, NAT Gateway, and VPC endpoints, etc.? When grasping ENI at the beginning level, you could schedule some time to go deeply about what is the difference among ENI, ENA, and EFA[36].

About Route53, you're suggested to have sense on how many kinds of DNS records there are, such as A, AAAA, CNAME, Alias records, etc. You gotta at least read through the documentation of routing policies. Geolocation and geo-proximity are all connected to geolocation. What is their difference? What can be achieved via DNS failover? What options can be considered for DNS failover?

Developer Tools

Deployment Models

Now we are about to enter into the scope of deployment models. If you look carefully at Point 5 of the SDLC Automation in domain knowledge of the exam guide, you'll see blue/green, canary[11][38], and red/black deployment models. Regarding the blue/green deployment, I personally thought the 2015 speech given by Andy Mui and Vlad Vlasceanu will be a good start32. Its content delivered concise and informative information on what possible combinations there are to run through the blue/green deployment on the aspect of EC2 and ECS. Aside from some super helpful comparison, strategies at data level were also suggested, such as when a blue/gree deployment is about to be progressed, if data schema is also going to be changed, what corresponding methods can be implemented?

The red/back deployment and blue/green deployment can be regarded as the same deployment model. You could spend some time figuring out their mindset in back and then focus on the blue/green deployment. After all, in a presentation file titled Deployment Strategies on Kubernetes in the CNCF also equals the blue/green deployment and red/black deployment.

On the aspect of computing, you could see AWS offers numerous selections. How to progress the blue/green deployment for EC2? How about the blue/green deployment via CFN for ECS[39]? How to execute a canary deployment for pure Lambda[33]? If there is a serverless service combined with Lambda and Amazon API Gateway, a newer version to be deployed is required while visiting the original API should be allowed, what needs to be configured in procedure?

Alt Text Blue/Green Deployments with Amazon Elastic Container Service[16]

AWS CloudFormation and AWS Serverless Applicaiton Model

You must manipulate CFN, by sorely viewing technical documentation, you might not be able to have quite solid grasp. In CFN, how do you refer to resources in nested stacks? When infrastructure becomes huge, is there any organizing practice that can be followed in terms of stack building? What are cfn-init, cfn-signal, cfn-get-metadata, and cfn-hup for? What resources support the UpdatePolicy attribute? With AWS::AutoScaling::AutoScalingGroup, what other more specific options are provided for managing ASG via CFN? Do you know that custom resources can invoke Lambda functions and AWS APIs? For example, making Lambda functions managed by CFN updatable, which are stored in a S3 bucket where versioning is open, configuring event notification to Lambda on an existing S3 bucket (right now, CDK already supports this scenario), creating and updating AWS well-architected reviews, making the ARN of a Lambda function deployed by AWS::Serverless::Application visible to the following S3 Object Lambda deployment, etc. WaitCondition in CFN can make signals without accessing the Internet[30].

Alt Text Best practices for organizing larger serverless applications12

AWS CodeCommit, AWS CodeBuild, AWS CodeDeploy, and AWS CodePipeline

Developers might agree with that git is a popular tool for version control and CodeCommit is a managed service of version control by AWS. To empower developers in a team to execute specific git commands towards a CodeCommit repository, what needs to be set related to permissions? If a Git repository is going to be migrated to CodeCommit, what steps are necessary? If an action in CodePipeline failed, what can be implemented to notify DevOps engineers or related developers? (Not through AWS Chatbot) In a CodePipeline pipeline combined with CodeBuild and CodeDeploy, if the insertion of code testing (function test, unit test, integration test, bra bra) is intended, what you can do to achieve the goal? In a CICD pipeline, what way is feasible to make applications conform to security regulations? How many kinds of events can be listened in CodePipeline? What servcies are used for listening? CodeDeploy can not only assist in deployment for AWS resources but also IDC machines. If we want to deploy to IDC machines via CodeDeploy, what are the prerequisites? How do you build a cross-account CD pipeline? If sensitive information will be accessed in a CICD pipeline, do you know that AWS Systems Manager Parameter Store and AWS Secrets Manager can be adopted pertaining to security concerns?

Alt Text Figure in CI/CD on Amazon EKS using AWS CodeCommit, AWS CodePipeline, AWS CodeBuild, and FluxCD

Storage

How many storage classes are there in S3? What are the differences among these classes? In what circumstances, you should select Intelligent Tiering? And in what situation One-Zone IA will be more suitable? What configuration you need to deal with so that the storage level of objects will be deleted and transitioned according to some time unit? What is ACL? How many kinds of pre-defined S3 ACLs are there? What is the bucket policy of an S3 bucket for? What is the application possibility on S3 object tags[14]?

Amazon RDS and AWS DynamoDB as the solutions for RDBS and NoSQL respectively, what criteria you might consider when it comes to selecting storage place for your data? NoSQL doesn't mean that there is no relation among data, also, it is not an invention to replace RDBS. About this topic, I suggest you could refer to the one-hour speech21 given by Rick Houlihan as AWS NoSQL Principal Technologist, you'll have a wonderful trip there.

What is the functionality of Amazon Aurora Global Database? What are Amazon DynamoDB Global Tables for? Either Auora or DynamoDB, how to do the Multi-AZ and Multi-region backups? What are GSI and LSI? Regarding RDS, for improving read or write throughput, you probably will consider utilizing Amazon ElastiCache, either Memcached or Redis. To achieve the same result, do you know there is a thing called DAX23? If you still have time, go check RCU and WCU. If data in DynamoDB is intended to archive to S3 based on some time frequency, what services can be integrated to achieve this[40]?

Alt Text Figure in Use Amazon DynamoDB Accelerator (DAX) from AWS Lambda to increase performance while reducing costs

Log

What is the major difference between CloudTrail and CloudWatch? To reach real-time processing on CloudWatch logs, what you can do? Is there any difference between CloudWatch Events and EventBridge? For example, if you want to monitor cross-account launch failure on EC2 instances, what you should do? To record topic, timestamp, resource IP in SES to a log group in CloudWatch, what service can be adopted to achieve the goal? If analyzing log data is intended, is there any functionality in CloudWatch that can help me query? Is there any choice on storage location for logs?

Alt Text Figure in BBVA: Architecture for Large-Scale Macie Implementation

High Availability, Fault Tolerance, and Disaster Recover

With proper understanding on compute, networking, and storage services, you'll start to digest the concepts of high availability, failover, and disaster recovery (DR). About this field, I recommend Reliability Pillar in the AWS Well-Architected series. It is a book which organizes the concepts pretty much well. At least you need to know how many levels are defined in terms of disaster recovery. What is the definitions of RTO and RPO? In the real world, the people you're discussing with might not understand what the backup & restore is or what the pilot light is. Yet, by talking with time unit, you still can roughly get what level the disaster recovery being discussed belongs to.

About exam questions related to this field (DR), you will be in hell if you don't have solid grasp of the forementioned AWS services. You not only learn these services' functionalities, you gotta compare responding time on the aspects of backup and relaunch also. By going through this way, you'll be able to resonate in the content in Reliability Pillar.

Take a brief example, There is a company which has infrastructure in three continents. The base is Europe, and Asia and the United States are extended areas. There are analysts in the three continents. They analyze log data via a web application. The data is stored in DynamoDB of Europe and ECS on Fargate with ALB and auto scaling serves their web application. Now, the analyst in Asia and the United States are complaining about slow response time and the speed of specific analysis is starting killing them. How can you modify the infrastructure architecture and then send the anaysts a sincere Bon-Jovi-have-a-nice-day smile?

Alt Text Figure in Implementing Multi-Region Disaster Recovery Using Event-Driven Architecture

Others

I suggest you also need some understanding on Amazon ES and AWS Storage Gateway, i.e., what are their functionalities? How the architectures look like? You have to grasp thoses to some extent. AWS OpsWorks can be used to manage instance configuration. What two automation services is it based on? What is the difference among AWS OpsWorks Stacks, AWS OpsWorks for Chef Automate, and AWS OpsWorks for Puppet Enterprise? AWS OpsWorks and AWS Systems Automation can both be taken to execute automation tasks. What is the difference? Amazon Inspector can be helpful on security. What is its difference to Amazon GuardDuty? Except vulnerability assessment on AWS resources according to assessment rules, is there anything else that AWS Inspector can do[19]? What does AWS Trusted Advisor do? What is its difference to AWS Config? Apart from that AWS Config rules can work in a single account, if the enablement of AWS Config rules across multiple accounts is required, what needs to be done? If specific actions are intended to be executed automatically after targets are discovered by AWS Config rules, what can be adopted to reach this kind of automation? What is Tag Editor for? What we can do via AWS RAM?

Alt Text Improve monitoring of AWS Systems Manager Agent[26]

Alt Text How to visualize multi-account Amazon Inspector findings with Amazon Elasticsearch Service[37]


Implementation Suggestions

If possible, please get hands-on experience on all the AWS services mentioned above at least via the Web Console. Either they are simple examples (some of them I won't say it's easy, I prefer to take the term of classic to describe) organized by the documentations of AWS services or films on Youtube that were published by passionate developers, all of them are options that you can run through. Like ECS, a beginner example or an auto-scaling example both can be found on the Internet. Furthermore, if time permits, attempt to craft some application examples via CFN or CDK. From the AWS official documentations to AWS Samples to AWS blogs, they all provide CFN templates that you could deploy quickly. Just make your hands dirty, with description on the technical documentations, the ride can reach the final for sure. Lastly, if you still can squeeze somte time by accident, go manipulate CDK to build some applications based on miscellaneous scenarios with any one of the services mentioned above. Following the suggestions, I believe on the road of pursuing DOP, you'll feel safe.

As of me, looking to the past, I had experience on the CICD in the IDC and the CICDs with pure AWS solutions. I implemented the latter one with CFN and CDK. I also once built the construct of CICD combining AWS Glue DataBrew. About the compute services, once built them via CFN and CDK also. A project where the front-end and back-end are split. A project with pure back-end. A project for CloudFront extensions. For example, like DNS record type that points to an ALB, the application and renewal of ACM certifications, etc. When reading new articles in the AWS blogs, I'll try as much as possible to manipulate their mindset via CFN, if there exist, and then ponder possible variation based on them. It's not that as easy as you might feel when reading through this article, yet it's very similar to leveling up in an online game. From lvl 80 to lvl 81, you just need 36,065,092 exactly that much. It's inescapable.


Conclusion

In the DOP exam, it's included numerous condensed real scenarios (brief and comprehensive) to test whether you can act properly by given limitations or conditions and tackle the issues. Via grasping the essence of the AWS services and figuring out the solutions built by other developers, you'll be eventually capable of resolving problems swiftly when facing various and diverse of them.

About the DOP exam, normally, latest features won't come to you. In computing, such as Lambda container, Amazon ECS Anywhere, Amazon EKS Anywhere, Instance Refresh of EC2 Auto Scaling. In networking, like Amazon Route 53 Resolver DNS Firewall[25]; Or like CFN modules[17] and CFN registry. DOP usually tests your horizontal level and some will be deep (detail); about the k8s knowledge, you might consider the CKA, CKAD, and CKS created by the CNCF.

Concerning the SDLC automation, its implementation might differ[42] because of industries, enterprise culture, and so on. What DOP tests you mostly focuses on horizontal level and the AWS services. Like unit test, integration test, and static analysis, you won't see in this exam. Regarding their detail, readers can consider joining the DevOps Taiwan group on Facebook. In addition to annual party, merely watching conversations among DevOps experts may already give you lessons learned. (Of course, not only the forementioned tests will be discussed, trust me, you have a bumper harvest by participating).

In the end, wanna share I took the exam on the Pearson VUE platform. There will be a proctor who watches you during the exam (shy shy >////<). The available languages are English and Japanese. I chose the English exam and an English proctor, strongly suggest you should bring your personal laptop. Actually, in the guidance of the online exam, it is also suggested that it's better to bring your own laptop. I didn't capture the information and took the company laptop to welcome the exam. And what happened is the anti-virus software in the company laptop didn't give the green light to the VUE online program for exams.

It took me around one hour to negotiate with the proctor to wait for my colleague (the unit who manages the anti-virus software) coming to take a look but to no avail, the proctor cancelled the exam, and rushed back to my living place to take my personal laptop. The most impressive thing is I purchased the exam at 10:26 AM and chose one which starts at 10:30 AM. (Different proctor in the first exam and second exam). I spent around 2 hours going through 75 questions and checked those which were tagged by me previously in the rest of time. In the last 3 minutes, nothing I could do anymore and submitted my exam. Eventually, I got the ONE PIECE of DOP.

If anyone who is thinking about taking the exam intends to choose the online way, PLEASE use your personal laptop. Trust me, you'll thank me. If you prefer testing centers, you probably need to evaluate the COVID-19 pandemic situation. By this channel, you also lose the flexibility of going through the exam 4 minutes later right after purchasing. However, you might benefit from the availability of physical little white board. If you'd learned something on taking the DOP exam from this sharing, this article would fulfill its mission. Good luck, fellows!

Day 2 is stasis. Followed by irrelevance. Followed by excruciating, painful decline. Followed by death. And that is why it is always Day 1. — Jeff Bezos

References

  1. Contruct Hub, https://constructs.dev/search?q=scott.hsieh&offset=0
  2. AWS User Group Taiwan Online Meetup 2021-07, https://youtu.be/HG8mQ32m970.
  3. Genshin and the Revelation Online, along with watching bunches of K-dramas and western TV shows with Patrice. The last drama is Vocie 4.
  4. Taipei Grand Trail, https://gisweb.taipei.gov.tw/release/.
  5. Kudzu, https://wiki.guildwars2.com/wiki/Kudzu.
  6. AWS Certified DevOps Engineer — Professional, https://aws.amazon.com/tw/certification/certified-devops-engineer-professional/.
  7. DOP exame guide, https://d1.awsstatic.com/training-and-certification/docs-devops-pro/AWS-Certified-DevOps-Engineer-Professional_Exam-Guide.pdf.
  8. Amazon Web Services, Inc. or its affiliates., 2017. Running Containerized Microservices on AWS. [ebook] Available at: https://d1.awsstatic.com/whitepapers/DevOps/running-containerized-microservices-on-aws.pdf [Accessed 25 July 2021].
  9. Amazon Web Services, Inc. or its affiliates., 2021. Elastic Load Balancing features. [online] Amazon Web Services, Inc. Available at: https://aws.amazon.com/elasticloadbalancing/features/ [Accessed 7 August 2021].
  10. Amazon Web Services, Inc. or its affiliates, 2021. Error retries and exponential backoff in AWS. [online] Docs.aws.amazon.com. Available at: https://docs.aws.amazon.com/general/latest/gr/api-retries.html [Accessed 31 July 2021].
  11. Ball, D. and Fallahi, K., 2020. AWS CodeDeploy now supports linear and canary deployments for Amazon ECS. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/containers/aws-codedeploy-now-supports-linear-and-canary-deployments-for-amazon-ecs/ [Accessed 8 August 2021].
  12. Beswick, J., 2020. Best practices for organizing larger serverless applications. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/compute/best-practices-for-organizing-larger-serverless-applications/ [Accessed 8 August 2021].
  13. Bingöl, S., 2020. Exam Readiness : AWS DevOps Engineer Professional (DOP-C01). [online] Medium. Available at: https://medium.com/aws-certified-user-group-turkey/exam-readiness-aws-devops-engineer-professional-dop-c01-975e22b3f98a [Accessed 7 August 2021].
  14. Bhattacharya, S., Benjamin, G. and Natarajan, V., 2021. Simplify your data lifecycle by using object tags with Amazon S3 Lifecycle. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/storage/simplify-your-data-lifecycle-by-using-object-tags-with-amazon-s3-lifecycle/ [Accessed 8 August 2021].
  15. Chapman, C., 2020. Creating a secure DevOps pipeline for AWS Service Catalog. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/creating-a-secure-devops-pipeline-for-aws-service-catalog/ [Accessed 8 August 2021].
  16. Cowan, J., Sharma, A. and Dalbhanjan, P., 2017. Blue/Green Deployments with Amazon Elastic Container Service. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/compute/bluegreen-deployments-with-amazon-ecs/ [Accessed 18 July 2021].
  17. DeJong, K., 2020. Introducing AWS CloudFormation modules. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/introducing-aws-cloudformation-modules/ [Accessed 28 July 2021].
  18. Docker Inc., 2021. Configure logging drivers. [online] Docker Documentation. Available at: https://docs.docker.com/config/containers/logging/configure/ [Accessed 31 July 2021].
  19. Dodge, C. and Quigg, S., 2018. A simpler way to assess the network exposure of EC2 instances: AWS releases new network reachability assessments in Amazon Inspector. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/security/amazon-inspector-assess-network-exposure-ec2-instances-aws-network-reachability-assessments/ [Accessed 1 August 2021].
  20. Hochstein, L., Prytoegrian, Siqueira, D., Basgall, S., Smith, S., Harvey, A. and Berry, C., 2016. Netflix/chaosmonkey: Chaos Monkey is a resiliency tool that helps applications tolerate random instance failures. [online] GitHub. Available at: https://github.com/netflix/chaosmonkey [Accessed 31 July 2021].
  21. Houlihan, R., 2018. Amazon DynamoDB Deep Dive: Advanced Design Patterns for DynamoDB (DAT401). [video] Available at: https://youtu.be/HaEPXoXVf2k [Accessed 8 August 2021].
  22. Jayendra’s Cloud Certification Blog. 2021. AWS Certified DevOps Engineer — Professional (DOP-C01) Exam Learning Path. [online] Available at: https://jayendrapatil.com/aws-certified-devops-engineer-professional-exam-learning-path/ [Accessed 24 May 2021].
  23. Idziorek, J., 2017. Amazon DynamoDB Accelerator (DAX): A Read-Through/Write-Through Cache for DynamoDB. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/database/amazon-dynamodb-accelerator-dax-a-read-throughwrite-through-cache-for-dynamodb/ [Accessed 8 August 2021].
  24. Intellipaat, 2019. Puppet Tutorial for Beginners | Puppet Tutorial | Intellipaat. [video] Available at: https://www.youtube.com/watch?v=kHD4KQKKP5Y [Accessed 3 August 2021].
  25. Ismail, M. and Bentzen, M., 2021. Secure your Amazon VPC DNS resolution with Amazon Route 53 Resolver DNS Firewall. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/networking-and-content-delivery/secure-your-amazon-vpc-dns-resolution-with-amazon-route-53-resolver-dns-firewall/ [Accessed 7 August 2021].
  26. Lempka, R., 2021. Improve monitoring of AWS Systems Manager Agent. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/improve-monitoring-of-aws-systems-manager-agent/ [Accessed 7 August 2021].
  27. Lewis, J. and Fowler, M., 2014. Microservices. [online] martinfowler.com. Available at: https://martinfowler.com/articles/microservices.html [Accessed 31 July 2021].
  28. Liu, F., 2021. Model serving in Java with AWS Elastic Beanstalk made easy with Deep Java Library. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/machine-learning/model-serving-in-java-with-aws-elastic-beanstalk-made-easy-with-deep-java-library/ [Accessed 2 August 2021].
  29. Malhotra, S. and Mathur, R., 2020. How to get notified on specific Lambda function error patterns using CloudWatch. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/get-notified-specific-lambda-function-error-patterns-using-cloudwatch/ [Accessed 9 August 2021].
  30. Meyer, C., 2018. Signaling AWS CloudFormation WaitConditions using AWS PrivateLink. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/signaling-aws-cloudformation-waitconditions-using-aws-privatelink/ [Accessed 31 July 2021].
  31. Miguelez, B. and Chapman, C., 2020. Standardizing CI/CD pipelines for .NET web applications with AWS Service Catalog. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/devops/standardizing-cicd-pipelines-net-web-applications-aws-service-catalog/ [Accessed 3 August 2021].
  32. Mui, A. and Vlasceanu, V., 2015. (DVO401) Deep Dive into Blue/Green Deployments on AWS. [video] Available at: https://youtu.be/aX54mhZbN58 [Accessed 17 July 2021].
  33. Munns, C., 2017. Implementing Canary Deployments of AWS Lambda Functions with Alias Traffic Shifting. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/compute/implementing-canary-deployments-of-aws-lambda-functions-with-alias-traffic-shifting/ [Accessed 5 August 2021].
  34. Peven, B., 2020. Introducing Instance Refresh for EC2 Auto Scaling. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/compute/introducing-instance-refresh-for-ec2-auto-scaling/ [Accessed 31 July 2021].
  35. Rakesh Singh, 2021. Blue/Green deployment with AWS Developer tools on Amazon EC2 using Amazon EFS to host application source code. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/devops/blue-green-deployment-with-aws-developer-tools-on-amazon-ec2-using-amazon-efs-to-host-application-source-code/ [Accessed 7 August 2021].
  36. Rathore, A., 2020. AWS Networking — ENI, ENA & EFA. [online] Medium. Available at: https://medium.com/nerd-for-tech/aws-networking-eni-ena-efa-2db316fdbf85 [Accessed 6 August 2021].
  37. Saha, M., 2020. How to visualize multi-account Amazon Inspector findings with Amazon Elasticsearch Service. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/security/how-to-visualize-multi-account-amazon-inspector-findings-with-amazon-elasticsearch-service/ [Accessed 1 August 2021].
  38. Sato, D., 2014. bliki: CanaryRelease. [online] martinfowler.com. Available at: https://martinfowler.com/bliki/CanaryRelease.html [Accessed 31 July 2021].
  39. Sharma, A., Cowan, J., Sosiak, Y., Dalbhanjan, P. and Siri, J., 2017. Reference architecture for doing blue green deployments on ECS. [online] GitHub. Available at: https://github.com/aws-samples/ecs-blue-green-deployment [Accessed 31 July 2021].
  40. Wagner, A., 2017. Automatically Archive Items to S3 Using DynamoDB Time to Live (TTL) with AWS Lambda and Amazon Kinesis Firehose. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/database/automatically-archive-items-to-s3-using-dynamodb-time-to-live-with-aws-lambda-and-amazon-kinesis-firehose/ [Accessed 8 August 2021].
  41. White, E., Horsfield, S. and Sethi, A., 2021. Introducing Native Support for Predictive Scaling with Amazon EC2 Auto Scaling. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/compute/introducing-native-support-for-predictive-scaling-with-amazon-ec2-auto-scaling/ [Accessed 8 August 2021].
  42. Wikipedia, 2021. Conway’s law. [online] En.wikipedia.org. Available at: https://en.wikipedia.org/wiki/Conway's_law [Accessed 31 July 2021].
  43. Wiggins, A., 2017. The Twelve-Factor App. [online] 12factor.net. Available at: https://12factor.net/ [Accessed 31 July 2021].
💖 💪 🙅 🚩
fantastichsieh
Scott Hsieh 🇹🇼

Posted on October 3, 2021

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related