The relevance of the AWS Certified DevOps Engineer - Professional certification

Andrew May - Feb 21 '21 - - Dev Community

I recently passed the AWS Certified DevOps Engineer - Professional certification, and honestly I did it more to get a sense of completion (and to finally add the sticker I picked up at re:Invent 2018) than an expectation that I would learn a lot, but I was surprised how many gaps in my knowledge it filled in and how relevant they would end up being.

Certification topics

The certification focuses on a number of services that I haven't used a great deal, and aren't necessarily the ones I would use for green-fields development, but have an important role when it comes to cloud migrations of existing applications. In particular you can expect to see a lot of questions about Elastic Beanstalk and CodeDeploy, and learning their different deployment options is a large part of preparing for this certification.

You also need to learn about CodeCommit, CodeBuild and CodePipeline, but while these services have their uses (and generally fairly attractive pay-as-you-go pricing), their functionality and ease of use is unfortunately far behind other CI/CD solutions (e.g. Azure DevOps, GitHub Actions, GitLab).

As part of my certification prep, I used CodeBuild to deploy the container image for stackmanager to the new Amazon ECR public gallery. Having to configure some elements within AWS (using CloudFormation) and others within the stackmanager repository (in GitHub) made configuring the build much more complicated and error prone than solutions where everything can be configured in one place.

A large part of the certification focuses on deployments to EC2 instances within Auto-Scaling Groups, or best practices around migrating on-premises applications to EC2. Understanding some of the details of ASGs, in particular lifecycle hooks is important to be able to pass the exam.

Honestly, I got tired of the repetition within the practice tests and the actual exam and the questions started to blur together. I had to take a brief break during the exam to take my hands away from the keyboard and close my eyes for a few minutes to re-focus - it would have been nice to get up and stretch, but that was not possible in the proctored exam.

One other service that I really needed to focus on was EventBridge (aka CloudWatch events). I've used CloudWatch events for triggering other services (mostly Lambda functions and Step Functions) based upon a schedule or something occurring within the AWS account, but it wasn't until studying for this certification that I really appreciated the difference between services that natively create events, and those where events are available via CloudTrails. It's also interesting that there are a small number of API calls you can make directly from an event (e.g. Create an EC2 snapshot) that probably predate Lambda functions. There are also a lot more targets for events than I was aware of.

There is a focus on monitoring and governance, with AWS Config and Trusted advisor being used to trigger remediations for different types of issues.

One of the hardest parts of the certification is remembering exactly what mechanisms the different services have for triggering other activities - whether it's AWS Config directly triggering SSM Automation, or the types of notifications CodePipeline supports.

It's also important to be familiar with Lambda, ECS, CloudFormation and a number of other services, but these are services I use on a regular basis and were not a large part of the exam.

Relevance

OK, so that's a lot about what the certification covers, but by itself that doesn't make a convincing case for relevance.

Leading EDJE is an AWS Select Consulting Partner, and as I become more involved in our partnership and work on projects at our clients, it has become clear how early many companies are in the overall cloud adoption process.

The migration path can vary a lot, but it is common for enterprises to have applications that are moved to the cloud but are not immediately rearchitected to take full advantage of cloud functionality. These may be applications that are due to be retired or replaced but are still business critical and may still be updated on a regular basis.

These applications will run on EC2 instances, either managed directly or using Elastic Beanstalk. Understanding the different deployment options as covered by this certification is essential to knowing how best to configure and manage applications that may have restrictions due to their architecture or licensing.

Recently I've been able to offer advice on where CodeDeploy might be an appropriate tool for deployments, and some of the limitations it has (for example it is not recommended to have multiple deployment groups targeting a single ASG).

A convincing case?

I learned quite a lot while studying for this certification, and there was less overlap with the other certifications than I expected. I was familiar with the services covered, but had never gone into this much depth with most of them before.

Most of my preparation was a combination of practice tests and going through the AWS documentation for the services included in the tests and making notes, plus my experimentation with CodeBuild mentioned above.

If you are coming from a System Administrator background and are learning about AWS, there is a lot of important information here and it is the obvious choice after the AWS Certified SysOps Administrator - Associate certification.

Let me know in the comments if you've taken this certification and felt it was worthwhile (or not).

Leading EDJE dev.to

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .