AWS Certified Developer Associate Exam Guide Study Path DVA-C02

Home » AWS Certified Developer Associate » AWS Certified Developer Associate Exam Guide Study Path DVA-C02

AWS Certified Developer Associate Exam Guide Study Path DVA-C02

Last updated on February 16, 2024

The AWS Certified Developer Associate DVA-C02 certification is for those who are interested in handling cloud-based applications and services. Typically, applications developed in AWS are sold as products in the AWS Marketplace. This allows other customers to use the customized, cloud-compatible application for their own business needs. Because of this, AWS developers should be proficient in using the AWS CLI, APIs and SDKs for application development.

The AWS Certified Developer Associate exam (or AWS CDA for short) will test your ability to:

  • Demonstrate an understanding of core AWS services, uses, and basic AWS architecture best practices.
  • Demonstrate proficiency in developing, deploying, and debugging cloud-based applications using AWS.

Having prior experience in programming and scripting for both standard, containerized, and/or serverless applications will greatly make your review easier. Additionally, we recommend having an AWS account available for you to play around with to better visualize parts in your review that involve code. For more details regarding your exam, you can check out this AWS exam blueprint and official sample DVA-C02 questions for the AWS Certified Developer Associate exam.

AWS Certified Developer DVA-C02 Study Materials

If you are not well-versed in the fundamentals of AWS, we suggest that you visit our AWS Certified Cloud Practitioner review guide to get started. AWS also offers a free virtual course called AWS Cloud Practitioner Essentials that you can take in their AWS SkillsBuilder training portal or via their AWS APN sites like the https://portal.tutorialsdojo.com website. Knowing the basic concepts and services of AWS will make your understanding of these challenging concepts more coherent and understandable.

The primary study materials you’ll be using for your review are the: FREE AWS Exam Readiness video course, official AWS sample questions, AWS whitepapers, FAQs, AWS cheat sheets, and AWS practice exams.

Exam Readiness AWS Certified Developer Associate Exam DVA-C02

For whitepapers, they include the following:

  1. Microservices on AWS – This paper introduces the ways you can implement a microservice system on different AWS Compute platforms. You should study how these systems are built and the reasoning behind the chosen services for that system.
  2. Running Containerized Microservices on AWS – This paper talks about the best practices in deploying a containerized microservice system in AWS. Focus on the example scenarios where the best practices are applied, how they are applied, and using which services to do so.
  3. Tutorials dojo strip
  4. Optimizing Enterprise Economics with Serverless Architectures – Read upon the use cases of serverless in different platforms. Understand when it is best to use serverless vs maintaining your own servers. Also, familiarize yourself with the AWS services that are under the serverless toolkit.
  5. AWS Serverless Multi-Tier Architectures with Amazon API Gateway and AWS Lambda – Learn how to implement common Serverless patterns on applications such as microservices, mobile backends, and single-page applications. You can use API Gateway, AWS Lambda, and other services to reduce the development and operations cycles required to create and
    manage multi-tiered applications.

  6. Practicing Continuous Integration and Continuous Delivery on AWS Accelerating Software Delivery with DevOps – If you are a developer aiming for the DevOps track, then this whitepaper is packed with practices for you to learn. CI/CD involves many stages that allow you to deploy your applications faster. Therefore, you should study the different deployment methods and understand how each of them works. Also, familiarize yourself with the implementation of CI/CD in AWS. We recommend performing a lab of this in your AWS account.
  7. Blue/Green Deployments on AWS – Blue/Green Deployments is a popular deployment method that you should learn as an AWS Developer. Study how blue/green deployments are implemented and using what set of AWS services. It is also crucial that you understand the scenarios where blue/green deployments are beneficial and where they are not. Do NOT mix up your blue environment with your green environment.
  8. AWS Security Best Practices – Understand the security best practices and their purpose in your environment. Some services offer more than one form of security feature, such as multiple key management schemes for encryption. It is important that you can determine which form is most suitable to the given scenarios in your exam.
  9. AWS Well-Architected Framework This whitepaper is one of the most important papers that you should study for the exam. It discusses the different pillars that make up a well-architected cloud environment. Expect the scenarios in your exam to be heavily based on these pillars. Each pillar will have a corresponding whitepaper of its own that discusses the respective pillar in more detail.

Also, check out this article: Top 5 FREE AWS Review Materials.

 

AWS Services For DVA-C02 to Focus On 

AWS offers extensive documentation and well-written FAQs for all of its services. These two will be your primary source of information when studying AWS. You need to be well-versed in a number of AWS products and services since you will almost always be using them in your work. I recommend checking out Tutorials Dojo’s AWS Cheat Sheets which provides a summarized but highly informative set of notes and tips for your review of these services.

 

Services to study for:

  1. Amazon EC2 / ELB / Auto Scaling – Be comfortable with integrating EC2 to ELBs and Auto Scaling. Study the commonly used AWS CLI commands, APIs, and SDK code under these services. Focus as well on security, maintaining high availability, and enabling network connectivity from your ELB to your EC2 instances.
  2. AWS Elastic Beanstalk – Know when Elastic Beanstalk is more appropriate to use than other compute solutions or infrastructure as a code solution like CloudFormation or OpsWorks. Experiment with the service yourself in your AWS account, and understand how you can deploy and maintain your own application in Beanstalk.
  3. Amazon ECS – Study how you can manage your own cluster using ECS. Also, figure out how ECS can be integrated to a CI/CD pipeline. Be sure to read the FAQs thoroughly since the exam includes multiple questions about containers.
  4. AWS Lambda – The best way to learn Lambda is to create a function yourself. Also, remember that Lambda allows custom runtimes that a customer can provide himself. Figure out what services can be integrated with Lambda, and how Lambda functions can capture and manipulate incoming events. Lastly, study the Serverless Application Model (SAM).
  5. Amazon RDS / Amazon Aurora – Understand how RDS integrates with your application through EC2, ECS, Elastic Beanstalk and more. Compare RDS to DynamoDB and Elasticache and determine when RDS is best used. Also know when it is better to use Amazon Aurora than Amazon RDS, and when RDS is more useful than hosting your own database inside an EC2 instance.
  6. Amazon DynamoDB – You should have a complete understanding of the DynamoDB service as this is very crucial in your exam. Read the DynamoDB documentation since it is more detailed and informative than the FAQ. As a developer, you should also know how to provision your own DynamoDB table, and you should be capable of tweaking its settings to meet application requirements.
  7. Amazon Elasticache – Elasticache is a caching service that you’ll be encountering often in the exam. Compare and contrast Redis from Memcached. Determine when Elasticache is more suitable than DynamoDB or RDS.
  8. Amazon S3 – S3 is usually your go-to storage for objects. Study how you can secure your objects through KMS encryption, ACLs, and bucket policies. Know how S3 stores your objects to keep them highly durable and available. Also, learn about lifecycle policies. Compare S3 to EBS and EFS to know when is S3 more preferred than the other two.
  9. Amazon EFS – EFS is used to set up file systems for multiple EC2 instances. Compare and contrast S3 to EFS and EBS. Also, study on file encryption and optimizing EFS performance.
  10. Amazon Kinesis– There are usually tricky questions on Kinesis so you should read its documentation too. Focus on Kinesis Data Streams. Also, have an idea of the other Kinesis services. Familiarize yourself with Kinesis APIs, Kinesis Sharding, and integration with storage services such as S3 or compute services such as Lambda.
  11. Amazon API Gateway – API gateway is usually used together with AWS Lambda as part of the serverless application model. Understand API Gateway’s structure such as resources, stages, and methods. Learn how you can combine API Gateway with other AWS services such as Lambda or CloudFront. Determine how you can secure your APIs so that only a select number of people can execute them.
  12. Amazon Cognito – Cognito is used for mobile and web authentication. You usually encounter Cognito questions in the exam along with Lambda, API Gateway, and DynamoDB. This usually involves some mobile application requiring an easy sign up/sign in feature from AWS. It is highly suggested that you try using Cognito to better understand its features.
  13. Amazon SQS – Study the purpose of different SQS queues, timeouts, and how your messages are handled inside queues. Messages in an SQS queue are not deleted when polled, so be sure to read on that as well. There are different polling mechanisms in SQS, so you should compare and contrast each one.
  14. Amazon CloudWatch – CloudWatch is your primary monitoring tool for all your AWS services. Be sure to know what metrics can be found under CloudWatch monitoring, and what metrics require a CloudWatch agent installed. Also study CloudWatch Logs, CloudWatch Alarms, and Billing monitoring. Differentiate the kinds of logs stored in CloudWatch vs logs stored in CloudTrail.
  15. AWS IAM – IAM is the security center of your cloud. Therefore, you should familiarize yourself with the different IAM features. Study how IAM policies are written, and what each section in the policy means. Understand the usage of IAM user roles and service roles. You should have read upon the best practices whitepaper in securing your AWS account through IAM.
  16. AWS KMS – KMS contains keys that you use to encrypt EBS, S3, and other services. Know what these services are. Learn the different types of KMS keys and in which situations is each type of key used.
  17. AWS CodeBuild / AWS CodeCommit / AWS CodeDeploy / AWS CodePipeline – These are your tools in implementing CI/CD in AWS. Study how you can build applications in CodeBuild (buildspec), and how you’ll prepare configuration files (appspec) for CodeDeploy. CodeCommit is a git repository so having knowledge in Git will be beneficial. I suggest to build a simple pipeline of your own in CodePipeline to see how you should manage your code deployments. It is also important to learn how you can rollback to your previous application version after a failed deployment. The whitepapers above should have explained in-place deployments and blue/green deployments, and how to perform automation. 
  18. AWS CloudFormation – Study the structure of CloudFormation scripts and how you can use them to build your infrastructure. Be comfortable with both json and yaml formats. Read a bit about stacksets. List down the services that use CloudFormation in the backend for provisioning AWS resources, such as AWS SAM, and processes such as in CI/CD.

Aside from the concepts and services, you should study about the AWS CLI, the different commonly used APIs (for services such as EC2, EBS or Lambda), and the AWS SDKs. Read up on the AWS Serverless Application Model (AWS SAM) and AWS Server Migration Services as well as these may come up in the exam. It will also be very helpful to have experience interacting with AWS APIs and SDKs, and troubleshooting any errors that you encounter while using them.

 

DVA-C02 Common Exam Scenarios

Scenario

Solution

DVA-C02 Domain 1: Development with AWS Services

An application running on a local server is converted to a Lambda function. When the function was tested, an Unable to import module error shows.

Install the missing modules in your application’s folder and package the folder into a ZIP file. Upload the ZIP file to AWS Lambda.

A Lambda function needs temporary storage to store files while executing.

Store the files in the /tmp directory

A Lambda function needs to read from an RDS database inside a private subnet

Configure the function to connect to the VPC where the database is hosted

A Developer has an application that uses a RESTful API hosted in API Gateway. The API requests are failing with a "No 'Access-Control-Allow-Origin' header is present on the requested resource" error message.

Enable CORS in the API Gateway Console.

A developer needs to expose a Lambda function publicly via HTTP

Create a function URL for the Lambda function and use the NONE auth type

A website integrated with API Gateway requires user requests to reach a Lambda function backend without intervention from API Gateway. Which integration type should be used?

AWS_PROXY

Which Amazon ElastiCache data store supports set sorting and ranking of cached datasets?

Redis

DVA-C02 Domain 2: Security

A developer wants to redact Personal Identifiable Information (PII) from files retrieved from S3 on the fly

Use S3 Object Lambda

A company has two AWS accounts. IAM users from Account A need to access resources in Account B.

1. In Account B, create an IAM role with a trust policy for the Developers in Account A.

2. Update the IAM role’s permission to access the resources in Account B

3. In Account A, update the permission of the IAM users to assume the IAM role in Account B

You need to authenticate website users using their social media identity profiles.

Use Amazon Cognito Identity Pools

How do you deny non-HTTPS requests to an S3 bucket?

In the bucket policy, create a statement that denies a request when the aws:SecureTransport condition is set to false.

A developer wants to retrieve RDS database credentials from central storage. The storage service must support automatic rotation.

Store the database credentials in AWS Secrets Manager

A developer wants to grant users from other accounts permission to invoke a Lambda function.

Update the Lambda function’s resource-based policy

DVA-C02 Domain 3: Deployment

A developer needs a reliable framework for building serverless applications in AWS

AWS SAM

What section must be added to a CloudFormation template to include resources defined by AWS SAM?

Transform

A CloudFormation stack creation process failed unexpectedly

CloudFormation will roll back by deleting resources that it has already created.

A CloudFormation template will be used to create resources across multiple AWS accounts

Use CloudFormation StackSets

A developer is deploying a new feature for an application. 10% of the traffic must be shifted to the new version in the first increment, and the remaining 90% should be redirected after some minutes.

Canary

In AWS Amplify Hosting, in which file do you add commands for unit tests?

amplify.yml

A developer wants to release a new AWS ElasticBeanstalk application to 2 EC2 instances at a time while keeping full capacity.

Use Rolling with additional batch

DVA-C02 Domain 4: Troubleshooting and Optimization

A developer wants to use AWS X-Ray to trace requests made by an application in an EC2 instance. How can the developer enable AWS X-Ray on the instance?

Install the AWS X-Ray daemon on the EC2 instance

An application uses Amazon CloudFront to distribute a static website. The developer wants to redirect requests to specific URLs based on the user’s location.

  1. Create a CloudFront URL that redirects requests based on the CloudFront-Viewer-Country header’s value.
  2. Associate the CloudFront URL with the distribution’s Viewer Request event.

An application is running in a fleet of EC2 instances. How can the developer aggregate the application logs in a central location?

Install the CloudWatch agent in the EC2 instances and send the application logs to CloudWatch Logs

An application uses a DynamoDB table with Global Secondary Index. DynamoDB requests are returning an ProvisionedThroughputExceededException error even though the table has sufficient capacity. Why is this happening?

The write capacity of the GSI is less than the base table.

A serverless application is composed of AWS Lambda, DynamoDB, and API Gateway. Users are complaining about getting HTTP 504 errors.

The API requests are reaching the maximum integration timeout for API Gateway (29 seconds)

Relevant API/CLI commands

A Developer needs to decode an encoded authorization failure message.

Use the aws sts decode-authorization-message command.

How can a Developer verify permission to call a CLI command without actually making a request?

Use the --dry-run parameter along with the CLI command.

A Developer needs to deploy a CloudFormation template from a local computer.

Use the aws cloudformation package and aws cloudformation deploy command

A Developer has to ensure that no applications can fetch a message from an SQS queue that’s being processed or has already been processed.

Increase the VisibilityTimeout value using the ChangeMessageVisibility API and delete the message using the DeleteMessage API.

A Developer has created an IAM Role for an application that uploads files to an S3 bucket. Which API call should the Developer use to allow the application to make upload requests?

Use the AssumeRole API

 

AWS Certified Developer Associate Video Course

This is a succinct and straight-to-the-point Developer Associate video training course that will equip you with the exam-specific knowledge that you need to understand in order to pass the AWS Certified Developer exam. It’s ideal for learners who don’t have much time to prepare for the exam. Click here to enroll. Here is a sneak peek of our video course introduction:

 

Validate Your DVA-C02 Knowledge

The AWS CDA exam will be packed with tricky questions. It would be great if you could get a feel of how the questions are structured through practice tests. Luckily, Tutorials Dojo offers a great set of practice questions for you to try out here. These practice tests will help validate your knowledge of what you’ve learned so far and fill in any missing details that you might have skipped in your review. You can also pair our practice exams with our AWS Certified Developer Associate Exam Study Guide eBook to further help in your exam preparations.

 

AWS Certified Developer Sample Practice Test Questions:

Question 1

A programmer is developing a Node.js application that will be run on a Linux server in their on-premises data center. The application will access various AWS services such as S3, DynamoDB, and ElastiCache using the AWS SDK.

Which of the following is the MOST suitable way to provide access for the developer to accomplish the specified task?

  1. Create an IAM role with the appropriate permissions to access the required AWS services. Assign the role to the on-premises Linux server.
  2. Go to the AWS Console and create a new IAM user with programmatic access. In the application server, create the credentials file at ~/.aws/credentials with the access keys of the IAM user.
  3. Create an IAM role with the appropriate permissions to access the required AWS services and assign the role to the on-premises Linux server. Whenever the application needs to access any AWS services, request temporary security credentials from STS using the AssumeRole API.
  4. Go to the AWS Console and create a new IAM User with the appropriate permissions. In the application server, create the credentials file at ~/.aws/credentials with the username and the hashed password of the IAM User.

Correct Answer: 2

If you have resources that are running inside AWS that need programmatic access to various AWS services, then the best practice is always to use IAM roles. However, applications running outside of an AWS environment will need access keys for programmatic access to AWS resources. For example, monitoring tools running on-premises and third-party automation tools will need access keys.

Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK).

In order to use the AWS SDK for your application, you have to create your credentials file first at ~/.aws/credentials for Linux servers or at C:\Users\USER_NAME\.aws\credentials for Windows users and then save your access keys.

Hence, the correct answer is: Go to the AWS Console and create a new IAM user with programmatic access. In the application server, create the credentials file at ~/.aws/credentials with the access keys of the IAM user.

The option that says: Create an IAM role with the appropriate permissions to access the required AWS services and assign the role to the on-premises Linux server. Whenever the application needs to access any AWS services, request for temporary security credentials from STS using the AssumeRole API is incorrect because the scenario says that the application is running in a Linux server on-premises and not on an EC2 instance. You cannot directly assign an IAM Role to a server on your on-premises data center. Although it may be possible to use a combination of STS and IAM Role, the use of access keys for AWS SDK is still preferred, especially if the application server is on-premises.

The option that says: Create an IAM role with the appropriate permissions to access the required AWS services. Assign the role to the on-premises Linux server is also incorrect because, just as mentioned above, the use of an IAM Role is not a suitable solution for this scenario.

The option that says: Go to the AWS Console and create a new IAM User with the appropriate permissions. In the application server, create the credentials file at ~/.aws/credentials with the username and the hashed password of the IAM User is incorrect. An IAM user’s username and password can only be used to interact with AWS via its Management Console. These credentials are intended for human use and are not suitable for use in automated systems, such as applications and scripts that make programmatic calls to AWS services.

References:
https://aws.amazon.com/developers/getting-started/nodejs/
https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys
https://aws.amazon.com/blogs/security/guidelines-for-protecting-your-aws-account-while-using-programmatic-access/

AWS Exam Readiness Courses

Check out this AWS IAM Cheat Sheet:
https://tutorialsdojo.com/aws-identity-and-access-management-iam/

Question 2

A developer is moving a legacy web application from their on-premises data center to AWS. The application is used simultaneously by thousands of users, and their session states are stored in memory. The on-premises server usually reaches 100% CPU Utilization every time there is a surge in the number of people accessing the application.

Which of the following is the best way to re-factor the performance and availability of the application’s session management once it is migrated to AWS?

  1. Use an ElastiCache for Redis cluster to store the user session state of the application.
  2. Store the user session state of the application using CloudFront.
  3. Use an ElastiCache for Memcached cluster to store the user session state of the application.
  4. Use Sticky Sessions with Local Session Caching.

Correct Answer: 1

Amazon ElastiCache for Redis is a blazing fast in-memory data store that provides sub-millisecond latency to power internet-scale real-time applications. Built on open-source Redis and compatible with the Redis APIs, ElastiCache for Redis works with your Redis clients and uses the open Redis data format to store your data. Your self-managed Redis applications can work seamlessly with ElastiCache for Redis without any code changes. ElastiCache for Redis combines the speed, simplicity, and versatility of open-source Redis with manageability, security, and scalability from Amazon to power the most demanding real-time applications in Gaming, Ad-Tech, E-Commerce, Healthcare, Financial Services, and IoT.

In order to address scalability and provide a shared data storage for sessions that can be accessible from any individual web server, you can abstract the HTTP sessions from the web servers themselves. A common solution to for this is to leverage an In-Memory Key/Value store such as Redis and Memcached. While Key/Value data stores are known to be extremely fast and provide sub-millisecond latency, the added network latency and added cost are the drawbacks. An added benefit of leveraging Key/Value stores is that they can also be utilized to cache any data, not just HTTP sessions, which can help boost the overall performance of your applications.

With Redis, you can keep your data on disk with a point in time snapshot which can be used for archiving or recovery. Redis also lets you create multiple replicas of a Redis primary. This allows you to scale database reads and to have highly available clusters. Hence, the correct answer for this scenario is to use an ElastiCache for Redis cluster to store the user session state of the application.

The option that says: Store the user session state of the application using CloudFront is incorrect because CloudFront is not suitable for storing user session data. It is primarily used as a content delivery network.

The option that says: Use an ElastiCache for Memcached cluster to store the user session state of the application is incorrect. Although using ElastiCache is a viable answer, Memcached is not as highly available as Redis.

The option that says: Use Sticky Sessions with Local Session Caching is incorrect. Although this is also a viable solution, it doesn’t offer durability and high availability compared to a distributed session management solution. The best solution for this scenario is to use an ElastiCache for Redis cluster.

References:
https://aws.amazon.com/caching/session-management
https://aws.amazon.com/elasticache/redis-vs-memcached/
https://aws.amazon.com/elasticache/redis/

Check out this Amazon Elasticache Cheat Sheet:
https://tutorialsdojo.com/amazon-elasticache/

Click here for more AWS Certified Developer Associate practice exam questions.

Check out our other AWS practice test courses here:

AWS Certification

 

To increase your chances of passing the AWS Certified Developer Associate exam, we recommend using a combination of our video course, our practice tests, and our study guide eBook. You can view our triple bundles here.

 

The AWS Certified Developer certification is one of the most sought-after certifications in the DevOps industry. It validates your knowledge of the AWS Cloud and foundational DevOps practices. It is an achievement of its own if you become AWS certified. Hence, it will be best if you could get proper sleep the day before your exam. Review any notes that you have written down, and go over the incorrect items in your practice tests if you took it. You should also check again the venue, the time, and the things needed for your exam. As so, we wish you the best of luck and the best of outcomes!

Tutorials Dojo portal

Be Inspired and Mentored with Cloud Career Journeys!

Tutorials Dojo portal

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

FREE AWS Exam Readiness Digital Courses

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Recent Posts

Written by: Adrian Formaran

As a Computer Scientist and a proud Iskolar ng Bayan (university scholar), Adrian has a passion for learning cutting edge technologies, such as blockchain, cloud services, and information security, and is passionate about teaching these to others as well. He also has a deep love for mathematics, sciences, and philosophy. A gamer at heart.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?