How I passed the AWS Certified Developer - Associate exam
This guide shares the hands-on experience of passing the exam and examples of AWS developer associate exam questions.
career development
Challenges drive people. Most of us like to master complexities and savor our victory. In the IT field, exams from tech giants like AWS (Amazon Web Services), Google, and Microsoft are examples of the kinds of challenges that motivate us and contribute to career development.
I passed the AWS Certified Developer - Associate Exam recently, so now I’d like to share some valuable insights with our EPAM community about how to prepare for the AWS developer certification, including the key competencies tested, examples of real questions asked during the exam, and useful resources to study.
AWS developer certification: preparation steps
The first step toward taking the exam is registration. Go to the AWS Training and Certification page and follow the instructions. If your company reimburses your tuition and certifications, my congratulations, because the certification is quite pricey.
Luckily, AWS offers the option of an online format. An online exam is scheduled via the Pearson VUE portal. That means you must download the System Test to determine if your hardware meets the minimum technical requirements. Before the exam, an examinee must prove to coordinators via a call that they are alone in a room.
Eventually, the exam starts. Your score must be at least 700 (70%) to pass it successfully.
The AWS developer certification questions for the associate level are divided among major categories:
- Deployment – 22%
- Development with AWS Services – 30%
- Security – 26%
- Refactoring – 10%
- Monitoring and Troubleshooting – 12%
Let’s look at each of them.
Deployment
Typical topics in this category include:
- Deploying written code in AWS using CD/CI pipelines and patterns
- Elastic Beanstalk, EC2, Serverless applications deployments
- CI/CD: Code Commit, Code Pipeline, Code Deploy, Code Build, Code Start
- Containerization on AWS: ECR, ECS
Some people say that there are questions about AWS Fargate, but I didn’t have any of them on my exam.
Question:
Your project is using Elastic Beanstalk for an application. The team needs to configure the Elastic Beanstalk environment with a deployment strategy to create new instances and deploy the code. Which methods will deploy code to new instances only?
- Immutable deployment
- Rolling deployment
- Linear deployment
- Blue/Green deployment
Answer: Immutable deployment ensures that configuration changes that require replacing instances are applied efficiently and safely. With Blue/Green deployments, you can also have a separate deployment environment.
Find more information on these resources:
Deployment policies and settings - AWS Elastic Beanstalk
Development with AWS Services
In this part of an exam, you'll see questions about any solutions that can be implemented with AWS services, including API Gateway, Lambda (SAM), AWS SDK, DynamoDB, S3, Elastic Cache (Redis, Memcached), RDS, EBS and EFS, Redshift, SQS, SNS, CloudFront, Kinesis, and Data Pipeline.
Usually, the questions in this category are straightforward and present functional requirements that must be translated to application design.
Question:
You were hired as a developer for a company. You must develop an app to transfer the logs from several instances to an S3 bucket. What service should you use for that?
- AWS Database Migration Service
- AWS Athena
- AWS RDS
- AWS Data Pipeline
Answer: According to the AWS Data Pipeline Developer Guide, “AWS Data Pipeline is a web service that you can use to automate the movement and transformation of data. [...] For example, you can use AWS Data Pipeline to archive your web server's logs to Amazon Simple Storage Service (Amazon S3)."
See more on AWS Data Pipeline
Security
Be ready to answer AWS Certified Developer - Associate exam questions about any kind of access management, authentication and authorization (IAM, Cognito), proper configuration of the services, encryption (KMS), secrets management (AWS System Manager Parameters Store, Secrets Manager), and other security topics.
Question:
Your team is developing an app that’s going to be deployed to AWS Lambda that should have access to a database. The database connection string should be secured. What’s the most secure way to meet this requirement?
- Store it inside the app.json file in a Git repository
- Store it in the Lambda code since nobody has access to that
- Store it in CloudFormation template as a string
- Store it in AWS Systems Manager Parameter Store as an encrypted string and request it from the function by reference
Answer: According to the AWS Systems Manager User Guide, “you can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs, and license codes as parameter values. You can store values as plain text or encrypted data.”
Learn more on AWS Systems Manager Parameter Store
Refactoring
Questions in this section might concern migrating an existing application to the cloud provider or improving applications in the cloud according to the best practices and features.
Question:
An application hosted in AWS has been configured to use a DynamoDB table. Some items are written on the DynamoDB table. The items should only be accessed in a particular time range and then can be removed. Which of the following is an ideal solution to handle the deletion of stale items?
- Enable versioning for the items in DynamoDB and remove the last accessed version
- Enable TTL for the items in DynamoDB
- Create a column to store the date and create a job to run a query for the stale objects with the Delete operation
- Perform a full scan on the table for the stale items and perform a Delete operation
Answer: Time to Live (TTL) for DynamoDB allows you to define when items in a table expire so that they can be automatically removed from the database.
More on Expiring Items By Using DynamoDB Time to Live (TTL)Monitoring and Troubleshooting
This section includes questions related to root cause analysis, usual faults in AWS, and the services like X-Ray, CloudWatch, and CloudTrail.
Question:
Imagine your team is going to deploy a built application onto an EC2 Instance. You want the ability to gather logs from the server to help diagnose any issues that arise. What should you do first?
- Enable CloudTrail for the whole region
- Use VPC Flow logs
- Create a CloudWatch dashboard for the key metrics
- Install CloudWatch agent on your instances
Answer: You should install the CloudWatch agent first on the machine and then configure it to send the server's logs to the CloudWatch.
Find more in the Amazon CloudWatch User GuideStudy materials
The best study choice is the official documentation, but if you occasionally find it boring or challenging to comprehend, you can combine the official resources with other available videos and online tests.
Official documentation:
AWS Certified Developer - Associate Certification
AWS-Certified-Developer - Associate_Exam Guide.pdf
Video courses:
AWS Certified Developer - Associate 2020 (PASS THE EXAM!)
Ultimate AWS Certified Developer Associate 2022 - NEW! | Udemy
Practice tests:
Closing thoughts
My main advice is not to be nervous during the exam. Give yourself 10 minutes to calm down, and then start. Don't rush; the amount of time allowed is more than enough to complete the exam twice!
Regarding the best approach to the questions, please don’t try to find the correct answer first. Instead, use the elimination method. Identify the wrong answers first and exclude them. Finally, pay attention to the questions. All of them contain keywords that will help you find the correct answer.
Also, feel free to explore our remote AWS developer jobs to find more opportunities to develop professionally.
Thanks for reading, and good luck with your exam!