#Aws
118 posts
AWS Certified CloudOps Engineer - Associate (SOA-C03) #6 Domain 2-2 Reliability — Backup, Restore, and Disaster Recovery (DR)
The sixth post of the SOA-C03 series covers data protection, the second axis of the reliability domain. It covers EBS snapshots and AMIs, RDS automated backups and snapshots, how to centrally manage backup policies with AWS Backup, the meaning of RPO and RTO, and the DR strategies that progress from backup to pilot light to warm standby to multi-site.
AWS Certified Developer - Associate (DVA-C02) #12 Domain 4-1 Troubleshooting and Optimization — Observability
The first post of the DVA-C02 troubleshooting domain. It covers, at the exam level, CloudWatch Logs (log groups,streams,Logs Insights) and Metrics (standard,custom,high-resolution), Alarms, X-Ray distributed tracing (segments,subsegments,service map,sampling), and how to extract metrics from logs with EMF (Embedded Metric Format). The key is the tools that trace failures and narrow down the cause.
AWS Certified CloudOps Engineer - Associate (SOA-C03) #5 Domain 2-1 Reliability: Multi-AZ, Auto Scaling, and ELB Health Checks
The fifth post of the SOA-C03 series covers availability operations, the first topic of the Reliability domain (22%). It covers redundancy across Availability Zones, Auto Scaling group capacity, policies, and lifecycle hooks, health checks and connection draining per ELB type, and Route 53 health-check-based failover.
AWS Certified Developer - Associate (DVA-C02) #11 Domain 3-3 Deployment — Deployment Strategies
The third post of the DVA-C02 deployment domain. It covers, at the exam level, the difference between in-place and blue/green deployment, traffic-shifting methods like canary,linear,all-at-once, weighted routing using Lambda aliases and versions, gradual deployment through API Gateway stages, and automatic rollback tied to CloudWatch alarms. The key is how to update safely with zero downtime.
AWS Certified CloudOps Engineer - Associate (SOA-C03) #4 Domain 1-3 Monitoring — Automated Recovery and Performance Optimization
The fourth post of the SOA-C03 series covers automated responses after detection. It covers how EventBridge reacts to events, how to automate recovery with Systems Manager Automation runbooks, EC2 automated recovery and Auto Scaling self-healing, and the flow of diagnosing performance bottlenecks with Compute Optimizer and CloudWatch while optimizing cost along the way.
AWS Certified Developer - Associate (DVA-C02) #10 Domain 3-2 Deployment — IaC and Serverless Deployment
The second post of the DVA-C02 deployment domain. It covers, at the exam level, CloudFormation's template structure (Resources,Parameters,Mappings,Outputs), stacks,change sets,drift, nested stacks, SAM's template and sam deploy,sam local that simplify serverless deployment, and Elastic Beanstalk's deployment policies (All at once,Rolling,Immutable) along with .ebextensions.
AWS Certified CloudOps Engineer - Associate (SOA-C03) #3 Domain 1-2 Monitoring — CloudWatch Logs, Logs Insights, Agent
The third post in the SOA-C03 series covers the log side of CloudWatch. It covers the structure of log groups and log streams, retention periods and cost, how to collect logs and OS metrics with the CloudWatch Agent, metric filters that extract metrics from logs, Logs Insights queries, and subscription filters that deliver logs in real time.
AWS Certified Developer - Associate (DVA-C02) #9 Domain 3-1 Deployment — CI/CD
The first post of the DVA-C02 deployment domain. It covers the division of roles among the AWS developer tools (CodeCommit,CodeBuild,CodeDeploy,CodePipeline,CodeArtifact), along with CodeBuild's buildspec.yml phases and environment variables, CodeDeploy's appspec.yml with deployment groups and lifecycle hooks, and CodePipeline's stage composition and artifact flow at the exam level. The key is knowing which tool does what.
AWS Certified CloudOps Engineer - Associate (SOA-C03) #2 Domain 1-1 Monitoring — CloudWatch Metrics, Alarms, and Dashboards
The second post of the SOA-C03 series covers CloudWatch, the first topic of the largest domain, Monitoring (22%). It covers how metrics are collected along with namespaces and dimensions, the difference between standard and custom metrics, alarm state transitions and evaluation-period design, composite alarms, and dashboard composition.
AWS Certified Developer - Associate (DVA-C02) #8 Domain 2-2 Security — Encryption and Secrets
The second post of the DVA-C02 security domain. It covers KMS key types and envelope encryption, at-rest and in-transit encryption, S3 server-side encryption options (SSE-S3, SSE-KMS, SSE-C) and Lambda environment variable encryption, and the difference between Secrets Manager and Parameter Store (automatic rotation, cost, hierarchy), all at the exam level. Keeping secrets out of code is the core.
AWS Certified CloudOps Engineer - Associate (SOA-C03) #1 Exam Introduction — Exam Structure and Study Roadmap
The first post in the AWS Certified CloudOps Engineer - Associate (SOA-C03) series. It covers the rename from SysOps Administrator to CloudOps Engineer, the 65-question / 130-minute / 720-point structure, the weight of the five domains (Monitoring 22% , Reliability 22% , Deployment Automation 22% , Networking 18% , Security 16%), and a study strategy that turns the hands-on experience from the [AWS practical track](/en/posts/aws-basics-1-account-region-az), [SAA-C03](/en/posts/aws-saa-1), and [DVA-C02](/en/posts/aws-dva-1) into operational judgment. This 15-part series is designed to help you pass SOA-C03, and it ends with a full-scale mock exam in #15.
AWS Certified Developer - Associate (DVA-C02) #7 Domain 2-1 Security — Authentication and Authorization
The first post of the DVA-C02 security domain. From a developer's perspective, it revisits IAM Roles (instance profile, ECS task role, Lambda execution role), STS temporary credentials and AssumeRole/federation, and the division of roles between a Cognito User Pool (authentication) and an Identity Pool (temporary AWS credentials), all at the exam level. The security domain is the second-largest at 26%.