Domain 1: Deployment

• Deploy written code in AWS using existing CI/CD pipelines, processes, and patterns.
• Commit code to a repository and invoke build, test and/or deployment actions
• Use labels and branches for version and release management
• Use AWS CodePipeline to orchestrate workflows against different environments
• Apply AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeStar, and AWS CodeDeploy for CI/CD purposes
• Perform a roll back plan based on application deployment policy
• Deploy applications using AWS Elastic Beanstalk.
• Utilize existing supported environments to define a new application stack
• Package the application
• Introduce a new application version into the Elastic Beanstalk environment
• Utilize a deployment policy to deploy an application version (i.e., all at once, rolling, rolling with batch, immutable)
• Validate application health using Elastic Beanstalk dashboard
• Use Amazon CloudWatch Logs to instrument application logging
• Prepare the application deployment package to be deployed to AWS.
• Manage the dependencies of the code module (like environment variables, config files and static image files) within the package
• Outline the package/container directory structure and organize files appropriately
• Translate application resource requirements to AWS infrastructure parameters (e.g., memory, cores)
• Deploy serverless applications.
• Given a use case, implement and launch an AWS Serverless Application Model (AWS SAM) template
• Manage environments in individual AWS services (e.g., Differentiate between Development,
• Test, and Production in Amazon API Gateway)

Domain 2: Security

• Make authenticated calls to AWS services.
• Communicate required policy based on least privileges required by application.
• Assume an IAM role to access a service
• Use the software development kit (SDK) credential provider on-premises or in the cloud to access AWS services (local credentials vs. instance roles)
• Implement encryption using AWS services.
• Encrypt data at rest (client side; server side; envelope encryption) using AWS services
• Encrypt data in transit
• Implement application authentication and authorization.
• Add user sign-up and sign-in functionality for applications with Amazon Cognito identity or user pools
• Use Amazon Cognito-provided credentials to write code that access AWS services.
• Use Amazon Cognito sync to synchronize user profiles and data
• Use developer-authenticated identities to interact between end user devices, backend authentication, and Amazon Cognito

Domain 3: Development with AWS Services

• Write code for serverless applications.
• Compare and contrast server-based vs. serverless model (e.g., micro services, stateless nature of serverless applications, scaling serverless applications, and decoupling layers of serverless applications)
• Configure AWS Lambda functions by defining environment variables and parameters (e.g., memory, time out, runtime, handler)
• Create an API endpoint using Amazon API Gateway
• Create and test appropriate API actions like GET, POST using the API endpoint
• Apply Amazon DynamoDB concepts (e.g., tables, items, and attributes)
• Compute read/write capacity units for Amazon DynamoDB based on application requirements
• Associate an AWS Lambda function with an AWS event source (e.g., Amazon API Gateway,
• Amazon CloudWatch event, Amazon S3 events, Amazon Kinesis)
• Invoke an AWS Lambda function synchronously and asynchronously
• Translate functional requirements into application design.
• Determine real-time vs. batch processing for a given use case
• Determine use of synchronous vs. asynchronous for a given use case
• Determine use of event vs. schedule/poll for a given use case
• Account for tradeoffs for consistency models in an application design
• Implement application design into application code.
• Write code to utilize messaging services (e.g., SQS, SNS)
• Use Amazon ElastiCache to create a database cache
• Use Amazon DynamoDB to index objects in Amazon S3
• Write a stateless AWS Lambda function
• Write a web application with stateless web servers (Externalize state)
• Write code that interacts with AWS services by using APIs, SDKs, and AWS CLI.
• Choose the appropriate APIs, software development kits (SDKs), and CLI commands for the code components
• Write resilient code that deals with failures or exceptions (i.e., retries with exponential back off and jitter)

Domain 4: Refactoring

• Optimize applications to best use AWS services and features.
• Implement AWS caching services to optimize performance (e.g., Amazon ElastiCache, Amazon API Gateway cache)
• Apply an Amazon S3 naming scheme for optimal read performance
• Migrate existing application code to run on AWS.
• Isolate dependencies
• Run the application as one or more stateless processes
• Develop in order to enable horizontal scalability Externalize state

Domain 5: Monitoring and Troubleshooting

• Write code that can be monitored.
• Create custom Amazon CloudWatch metrics
• Perform logging in a manner available to systems operators
• Instrument application source code to enable tracing in AWS X-Ray
• Perform root cause analysis on faults found in testing or production.
• Interpret the outputs from the logging mechanism in AWS to identify errors in logs
• Check build and testing history in AWS services (e.g., AWS CodeBuild, AWS CodeDeploy, AWS CodePipeline) to identify issues
• Utilize AWS services (e.g., Amazon CloudWatch, VPC Flow Logs, and AWS X-Ray) to locate a specific faulty component