AWS DevOps Pro study notes

So I covered my eyes for a bit when I clicked ‘Finish’ (the test attempt), as this was the toughest exam I’d faced thus far, and I was maybe 70% satisfied with my body of work. Fortuitously, I passed, albeit with an overall score of 65%:-

Topic Level Scoring

1. Continuous Delivery and Process Automation: 47%
2. Monitoring, Metrics, and Logging: 93%
3. Security, Governance, and Validation: 75%
4. High Availability and Elasticity: 83%

I really need to backtrack, figure out this CI/CD thing, then.

Scratchpad

• ASG (lifecycle hooks {Terminating > Terminating:Wait}, span AZs evenly by default, Launch Configs cannot be edited, suspense AddToLoadBalancer and subsequent manual reg., Termination Policy {Default|OldestInstance});
• CI tooling (e.g., Jenkins) can perform syntax/build tests;
• CloudFormation (CreationPolicy {post-config}, ::CustomResource, {RDS} DeletionPolicy=Retain, nested stacks, UpdatePolicy=AutoScalingRollingUpdate);
• CloudTrail;
• CloudWatch (dimensions {per-ASG}, retention period, aggregation, Logs {agent}, Log Filters, subscriptions);
• DynamoDB (cache S3 object metadata);
• EB (Applications > Versions > Environments, Container Commands {leader-only}, Docker containers, Saved Configs., Swap URLs, .ebextensions);
• EBS (unencrypted to encrypted, pre-warming);
• ECS (Dockerrun.aws.json);
• ElastiCache;
• Elasticsearch?;
• IAM (Database Authentication {Aurora|MySQL}, Instance Profile > Role);
• Kinesis Streams (real time);
• OpsWorks; i.e., Chef+ (Configure {custom cookbook});
• RDS (Multi-AZ, Read Replicas, sharding);
• S3 (key-based naming scheme, store developer’s public keys, MFA Delete);
• SNS;
• SQS;
• WiF (via some IdP {e.g., Google});