AWS Certified Developer Official Study Guide, Associate Exam E-Book

AWS®Certified DeveloperOfficial Study GuideAssociate (DVA-C01) Exam

Nick Alteen

Jennifer Fisher

Casey Gerena

Wes Gruver

Asim Jalis

Heiwad Osman

Marife Pagan

Santosh Patlolla

Michael Roth

Copyright © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Published by John Wiley & Sons, Inc., Indianapolis, Indiana.

Published simultaneously in Canada

ISBN: 978-1-119-50819-9 ISBN: 978-1-119-50821-2 (ebk.) ISBN: 978-1-119-50820-5 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750–8400, fax (978) 646–8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748–6011, fax (201) 748–6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or website is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or website may provide or recommendations it may make. Further, readers should be aware that Internet website listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762–2974, outside the U.S. at (317) 572–3993 or fax (317) 572–4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2019943088

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. AWS is a registered trademark of Amazon Technologies, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

About the Authors

Nick Alteen, technical training architect, Amazon Web Services

Nick specializes in designing and building training labs that educate the U.S. intelligence community on AWS best practices and design patterns. Before this, Nick worked as a cloud support engineer, assisting customers in resolving any number of issues related to AWS DevOps services, with a specific focus on configuration management and infrastructure as code. In his free time, he enjoys building LEGO models with his daughter and watching horror movies with his wife.

Jennifer Fisher, senior technical curriculum developer, Amazon Web Services

Jennifer started at AWS in 2014 as a technical trainer and was the lead instructor for Big Data on AWS. She holds multiple AWS certifications and currently leads a curriculum development team and develops technical curriculum and labs to support public sector customers. Before that, Jennifer spent 20 years as a software and data engineer in the financial services, defense, and healthcare industries. She holds a BS in programming and an MS in software engineering management.

Jennifer grew up on a farm in Northern Maine and bought her first computer, a Tandy TRS-80, with her potato-picking money at the age of 12. She began writing basic programs and role-playing games, not realizing at the time that her passion for coding would turn into a lifelong career. She now mentors female engineers and volunteers for K-12 students in STEM.

Jennifer is based in Herndon, Virginia, and lives with her husband Steve. She is a doting stepmother to Kate, Sophie, and Mason. In her free time, Jennifer enjoys hiking, geocaching, kayaking, mountain biking, weight lifting, and competing in obstacle course races.

Casey Gerena, senior technical trainer, Amazon Web Services

Casey is passionate about helping others learn about the AWS Cloud. He enjoys teaching others new technical skills to help them solve problems using serverless technologies such as AWS Lambda. Casey holds a BS in management information systems from the University of Central Florida and an MS in logistics and global supply chain management from Embry-Riddle Aeronautical University. He is pursuing a second master’s degree in computer science from the Georgia Institute of Technology. Casey holds several IT certifications, including the Certified Information Systems Security Professional (CISSP) and nine AWS certifications. Before joining Amazon, Casey was a software developer and cybersecurity consultant. In his free time, Casey enjoys spending time with his family, watching movies, playing video games, and running.

Wes Gruver, senior technical trainer, Amazon Web Services

Wes has been with AWS since 2015 and is a senior technical trainer with more than 20 years of experience and success in managing IT infrastructure and all aspects of application development and management. He is currently responsible for training AWS enterprise customers on how to use the AWS services best suited for their business and IT solutions. He teaches a broad range of classes, including basic to advanced architecture, DevOps on AWS, Big Data on AWS, and security operations. In his free time, Wes teaches scuba diving and loves to travel.

Asim Jalis, senior technical trainer, Amazon Web Services

Asim is a senior technical trainer at AWS. He has an MS in computer science from the University of Virginia and an MA in mathematics from the University of Wisconsin. When he is not working with AWS technologies, he likes to read and write fiction.

Heiwad Osman, senior manager, Solutions Builders, Amazon Web Services

Heiwad holds a BS in computer science and engineering from UCLA. In his role as an AWS trainer, he meets with AWS customers and teaches them to build resilient, scalable cloud applications. He has helped hundreds of software developers get started with AWS APIs through in-person training and online training videos. His current professional interests include user experience, web application development, and machine learning. In his free time, you can find him in New York City, trying new places to eat or relaxing in Central Park.

Marife Pagan, technical trainer, Amazon Web Services

Marife is a technical trainer for AWS, delivering training to AWS customers in North America. She has more than 15 years of experience in software and web development. Her experience brings a set of skills for multiple platforms, including .NET, Java, and Python. She holds a BS in information technology with a web design/development concentration from George Mason University, in addition to various leading industry certifications. She is currently working on her master’s degree and pursuing higher studies in machine learning.

Before working at AWS, Marife worked for various government contracting firms, including Lockheed Martin. She also serves in the U.S. military as a signal officer working on the setup and maintenance of LAN and WAN signal network footprints, supporting voice and data for various military operations. She currently lives in the Washington, DC, metro area, and in her spare time enjoys fitness, travel, and gardening.

Santosh Patlolla, technical curriculum architect, Amazon Web Services

Santosh is a technical curriculum architect for AWS. He has more than 18 years of experience in developing software applications, automated solutions, and migration projects with complex data conversions. Santosh has been instrumental in providing production-support solutions and managing application delivery programs for enterprises. He also designed cost-effective technical and business solutions for the banking and insurance industries. Santosh is passionate about applying this experience in using the broad range of AWS services for developing business automations. Outside of work, he coaches elementary school robotics, and enjoys watching basketball games and playing with his kids.

Michael Roth, technical trainer, Amazon Web Services

Michael is a technical trainer having joined Amazon in 2015. He is one of the authors of the SysOps Administrator Study Guide (also by Wiley). He is a Certified Cisco Network Academy Instructor, and he has taught Linux. Michael graduated from the University of Michigan with a BS in zoology and a BA in urban planning. He also has an MS in telecommunications management from Golden Gate University. Michael would like to thank his coworkers in the AWS Training and Certification organization—he is very proud to be a part of this amazing group of people. Finally, he would like to thank his spouse, Betsy, and son, Robert. Without their support and love, this book would not have been possible.

CONTENTS

Cover

About the Authors

Table of Exercises

Foreword

Introduction

What Does This Book Cover?

Interactive Online Learning Environment and Test Bank

Exam Objectives

Objective Map

Assessment Test

Answers to Assessment Test

Chapter 1 Introduction to AWS Cloud API

Introduction to AWS

Calling an AWS Cloud Service

Working with Regions

API Credentials and AWS Identity and Access Management

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 2 Introduction to Compute and Networking

Amazon Elastic Compute Cloud

Running Applications on Instances

Customizing the Network

Managing Your Resources

Developer Tools

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 3 Hello, Storage

Introduction to AWS Storage

Storage Fundamentals

AWS Block Storage Services

AWS Object Storage Services

AWS File Storage Services

Storage Comparisons

Cloud Data Migration

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 4 Hello, Databases

Introduction to Databases

Relational Databases

Nonrelational Databases

Data Warehouse

In-Memory Data Stores

Graph Databases

Cloud Database Migration

Running Your Own Database on Amazon Elastic Compute Cloud

Compliance and Security

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 5 Encryption on AWS

Introduction to Encryption

AWS Key Management Service

AWS CloudHSM

Controlling the Access Keys

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 6 Deployment Strategies

Deployments on the AWS Cloud

AWS Elastic Beanstalk

Deployment Strategies

Monitoring and Troubleshooting

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 7 Deployment as Code

Introduction to AWS Code Services

Using AWS CodePipeline to Automate Deployments

Using AWS CodeCommit as a Source Repository

Using AWS CodeBuild to Create Build Artifacts

Using AWS CodeDeploy to Deploy Applications

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 8 Infrastructure as Code

Introduction to Infrastructure as Code

Infrastructure as Code

Using AWS CloudFormation to Deploy Infrastructure

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 9 Configuration as Code

Introduction to Configuration as Code

Using AWS OpsWorks Stacks to Deploy Applications

Using Amazon Elastic Container Service to Deploy Containers

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 10 Authentication and Authorization

Introduction to Authentication and Authorization

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 11 Refactor to Microservices

Introduction to Refactor to Microservices

Amazon Simple Queue Service

Amazon Simple Notification Service

Amazon Kinesis Data Streams

Amazon Kinesis Data Firehose

Amazon Kinesis Data Analytics

Amazon Kinesis Video Streams

Amazon DynamoDB Streams

AWS IoT Device Management

Amazon MQ

AWS Step Functions

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 12 Serverless Compute

Introduction to Serverless Compute

AWS Lambda

AWS Lambda Functions

Inside the AWS Lambda Function

Configuring the AWS Lambda Function

Invoking AWS Lambda Functions

Monitoring AWS Lambda Functions

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 13 Serverless Applications

Introduction to Serverless Applications

Web Server with Amazon Simple Storage Service (Presentation Tier)

Dynamic Data with Amazon API Gateway (Logic or App Tier)

User Authentication with Amazon Cognito

Standard Three-Tier vs. the Serverless Stack

Amazon Aurora Serverless

AWS Serverless Application Model

AWS SAM CLI

AWS Serverless Application Repository

Serverless Application Use Cases

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 14 Stateless Application Patterns

Introduction to the Stateless Application Pattern

Amazon DynamoDB

Amazon ElastiCache

Amazon Simple Storage Service

Amazon Elastic File System

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 15 Monitoring and Troubleshooting

Introduction to Monitoring and Troubleshooting

Amazon CloudWatch

AWS CloudTrail

AWS X-Ray

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Chapter 16 Optimization

Introduction to Optimization

Cost Optimization: Everyone’s Responsibility

Right Sizing

Using Instance Reservations

Using Spot Instances

Using AWS Auto Scaling

Using Containers

Using Serverless Approaches

Optimizing Storage

Optimizing Data Transfer

Relational Databases and Amazon DynamoDB

Monitoring Costs

Monitoring Performance

Summary

Exam Essentials

Resources to Review

Exercises

Review Questions

Appendix

Answers to Review Questions

Chapter 1: Introduction to AWS Cloud API

Chapter 2: Introduction to Compute and Networking

Chapter 3: Hello, Storage

Chapter 4: Hello, Databases

Chapter 5: Encryption on AWS

Chapter 6: Deployment Strategies

Chapter 7: Deployment as Code

Chapter 8: Infrastructure as Code

Chapter 9: Configuration as Code

Chapter 10: Authentication and Authorization

Chapter 11: Refactor to Microservices

Chapter 12: Serverless Compute

Chapter 13: Serverless Applications

Chapter 14: Stateless Application Patterns

Chapter 15: Monitoring and Troubleshooting

Chapter 16: Optimization

Index

Comprehensive Online Learning Environment

End User License Agreement

List of Tables

Chapter 1

Table 1.1

Table 1.2

Table 1.3

Table 1.4

Chapter 2

Table 2.1

Table 2.2

Table 2.3

Table 2.4

Table 2.5

Table 2.6

Table 2.7

Table 2.8

Table 2.9

Table 2.10

Table 2.11

Table 2.12

Chapter 3

Table 3.1

Table 3.2

Table 3.3

Table 3.4

Table 3.5

Table 3.6

Table 3.7

Table 3.8

Table 3.9

Table 3.10

Table 3.11

Table 3.12

Table 3.13

Chapter 4

Table 4.1

Table 4.2

Table 4.3

Table 4.4

Table 4.5

Table 4.6

Table 4.7

Table 4.8

Table 4.9

Chapter 6

Table 6.1

Table 6.2

Table 6.3

Chapter 7

Table 7.1

Table 7.2

Table 7.3

Table 7.4

Table 7.5

Chapter 8

Table 8.1

Table 8.2

Table 8.3

Chapter 9

Table 9.1

Table 9.2

Table 9.3

Table 9.4

Chapter 10

Table 10.1

Chapter 11

Table 11.1

Table 11.2

Table 11.3

Table 11.4

Table 11.5

Table 11.6

Chapter 12

Table 12.1

Chapter 13

Table 13.1

Chapter 14

Table 14.1

Table 14.2

Table 14.3

Table 14.4

Table 14.5

Table 14.6

Chapter 15

Table 15.1

Table 15.2

Table 15.3

Table 15.4

Table 15.5

Table 15.6

Table 15.7

Table 15.8

Table 15.9

Table 15.10

Table 15.11

Table 15.12

Table 15.13

Table 15.14

Table 15.15

Chapter 16

Table 16.1

List of Illustrations

Chapter 1

Figure 1.1 AWS Management Console

Figure 1.2 Options for managing AWS resources

Figure 1.3 API request and authorization

Figure 1.4 Configuring API credentials

Figure 1.5 AWS Regions, Availability Zones, and planned regions (as of February 2019)

Figure 1.6 Regions and Availability Zones

Figure 1.7 A regional API endpoint and API action

Figure 1.8 IAM user long-term credentials

Figure 1.9 IAM groups and IAM users

Figure 1.10 IAM roles

Figure 1.11 IAM roles are distinct from IAM users and groups.

Figure 1.12 IAM policies and IAM identities

Figure 1.13 IAM policy elements

Chapter 2

Figure 2.1 Amazon EC2 storage

Figure 2.2 Amazon Machine Images

Figure 2.3 Amazon EC2 instance lifecycle

Figure 2.4 Using SSH with an Amazon EC2 instance

Figure 2.5 Decrypting a Windows password

Figure 2.6 Viewing a Windows password

Figure 2.7 Connecting to a Windows instance

Figure 2.8 Amazon EC2 metadata attributes

Figure 2.9 Querying Amazon EC2 user data

Figure 2.10 Instance profile and IAM role credentials

Figure 2.11 Amazon VPC overview

Figure 2.12 Amazon VPC with gateway connections

Figure 2.13 Amazon VPC with public and private subnets

Figure 2.14 Amazon VPC with public and private subnets with rules

Figure 2.15 Security groups

Figure 2.16 Network ACLs and security groups

Figure 2.17 Controlling network traffic within an Amazon VPC

Figure 2.18 Example of Amazon VPC with NAT

Figure 2.19 NAT gateway in Amazon VPC

Figure 2.20 Shared responsibility security model

Chapter 3

Figure 3.1 The AWS storage portfolio

Figure 3.2 A complete set of storage building blocks

Figure 3.3 The CIA model

Figure 3.4 Amazon S3 versioning

Figure 3.5 Amazon S3 object version IDs

Figure 3.6 CAP theorem

Figure 3.7 Consistency

example 1

Figure 3.8 Consistency

example 2

Figure 3.9 Consistency

example 3

Figure 3.10 Generating a data key

Figure 3.11 Encrypting the data

Figure 3.12 Encrypted data key

Figure 3.13 Encrypted data and key storage

Figure 3.14 Defense in depth on Amazon S3

Figure 3.15 MFA Delete

Figure 3.16 Data lakes

Figure 3.17 Using an AWS edge location

Figure 3.18 Amazon S3 lifecycle policies

Figure 3.19 Mount target

Figure 3.20 Mounting the file system

Figure 3.21 Using Amazon EFS

Figure 3.22 Using AWS Direct Connect with Amazon EFS

Figure 3.23 AWS Snowball

Figure 3.24 AWS Snowball Edge

Figure 3.25 AWS Snowmobile

Figure 3.26 Amazon Kinesis Data Firehose

Figure 3.27 Streaming to Amazon S3

Chapter 4

Figure 4.1 Amazon RDS database engines

Figure 4.2 Amazon RDS host responsibilities

Figure 4.3 Amazon RDS Databases console

Figure 4.4 Maintenance window

Figure 4.5 Taking an Amazon RDS snapshot

Figure 4.6 Amazon RDS with CloudWatch metrics

Figure 4.7 Amazon RDS with CloudWatch Logs

Figure 4.8 Amazon Aurora DB cluster

Figure 4.9 SQL versus NoSQL format comparison

Figure 4.10 Amazon DynamoDB tables and partitions

Figure 4.11 Amazon DynamoDB table with items and attributes

Figure 4.12 Amazon DynamoDB primary keys

Figure 4.13 Local secondary index

Figure 4.14 Global secondary index

Figure 4.15 Amazon DynamoDB table and secondary index

Figure 4.16 Example of Amazon DynamoDB Streams and AWS Lambda

Figure 4.17 Global tables

Figure 4.18 Replication flow in global tables

Figure 4.19 Object persistence model

Figure 4.20 Amazon Redshift architecture

Figure 4.21 Example of a social network diagram

Figure 4.22 Example of a graph database architecture running on Amazon Neptune

Figure 4.23 Homogenous database migrations using AWS DMS

Figure 4.24 AWS SCT action items

Chapter 5

Figure 5.1 Supported AWS services

Figure 5.2 Encryption options in AWS

Figure 5.3 Amazon S3 client-side encryption

Figure 5.4 Encryption in Amazon EBS using SafeNet ProtectV or Trend Micro SecureCloud

Figure 5.5 Deploying AWS CloudHSM in an Amazon VPC

Figure 5.6 Flow of envelope encryption

Chapter 6

Figure 6.1 Major phases of the release lifecycle

Figure 6.2 CI/DI pipeline

Figure 6.3 AWS Code services

Figure 6.4 Deploying highly available and scalable applications

Figure 6.5 Deployment and maintenance services

Figure 6.6 AWS Elastic Beanstalk underlying technologies

Figure 6.7 AWS Elastic Beanstalk responsibilities

Figure 6.8 Application running on AWS Elastic Beanstalk

Figure 6.9 Worker tier on AWS Elastic Beanstalk

Figure 6.10 Health dashboard on AWS Elastic Beanstalk

Figure 6.11 Metrics for monitoring on AWS Elastic Beanstalk

Figure 6.12 Events on AWS Elastic Beanstalk

Chapter 7

Figure 7.1 Branch view

Figure 7.2 AWS CodePipeline workflow

Figure 7.3 Pipeline structure

Figure 7.4 Source stage

Figure 7.5 Revision details

Figure 7.6 Artifact transition

Figure 7.7 Full pipeline

Figure 7.8 Creating a pull request

Figure 7.9 Reviewing changes

Figure 7.10 Selecting the commit ID

Figure 7.11 Split view

Figure 7.12 Select and compare

Figure 7.13 Branch view

Figure 7.14 Migrating from a Git repository

Figure 7.15 Migrating unversioned content

Figure 7.16 Source location

Figure 7.17 Using AWS CodeBuild in AWS CodePipeline

Figure 7.18 Build provider

Figure 7.19 Selecting instances with multiple tags

Figure 7.20 Lifecycle hook availability with load balancer

Figure 7.21 Lifecycle hook availability with blue/green deployments

Figure 7.22 Lifecycle hook availability for AWS Lambda deployments

Figure 7.23 Deployment provider

Chapter 8

Figure 8.1 AWS CloudFormation parameters

Figure 8.2 AWS CloudFormation Exports tab

Figure 8.3 Nested stack structure

Figure 8.4 AWS CloudFormation Stack Policy field

Figure 8.5 AWS CloudFormation StackSets structure

Figure 8.6 AWS CloudFormation StackSet actions

Figure 8.7 AWS CloudFormation StackSets permissions

Figure 8.8 CloudFormation as a deployment provider

Chapter 9

Figure 9.1 Cookbook repository structure

Figure 9.2 Enabling custom cookbooks

Figure 9.3 Running a command

Figure 9.4 Example stack structure

Figure 9.5 Creating a layer

Figure 9.6 Instance usage over time

Figure 9.7 AWS OpsWorks Stacks user permissions

Figure 9.8 Running command recipes to execute

Figure 9.9 Custom Chef recipes for lifecycle events

Figure 9.10 Monitoring all layers in a stack

Figure 9.11 Monitoring a single layer

Figure 9.12 Monitoring an instance

Figure 9.13 Using AWS OpsWorks Stacks with AWS CodePipeline

Figure 9.14 Amazon ECS architecture

Figure 9.15 AWS Fargate architecture

Figure 9.16 Amazon ECS as a deployment provider

Chapter 10

Figure 10.1 AWS SSO use cases model

Figure 10.2 AWS Directory Service chart

Chapter 11

Figure 11.1 Microservices in action

Figure 11.2 Avoiding single points of failure

Figure 11.3 Amazon Simple Queue Service (Amazon SQS) flow

Figure 11.4 Amazon SQS queue

Figure 11.5 Amazon Simple Queue Service

Figure 11.6 Log server

Figure 11.7 Amazon SQS queue

Figure 11.8 Amazon SNS

Figure 11.9 Amazon SNS workflow

Figure 11.10 Amazon SNS mobile endpoint subscriber

Figure 11.11 Amazon Kinesis Data Streams

Figure 11.12 Amazon Kinesis Data Analytics flow

Figure 11.13 Amazon DynamoDB Stream

Figure 11.14 AWS IoT Device Management

Figure 11.15 AWS Step Functions

Figure 11.16 State machine code and visual workflow

Figure 11.17 Amazon Function State Language

Figure 11.18 Parallel state visual workflow

Figure 11.19 Input and output processing

Chapter 12

Figure 12.1 AWS Lambda execution flow

Figure 12.2 AWS Management Console

Figure 12.3 Amazon S3 push model

Figure 12.4 Amazon Kinesis pull model

Figure 12.5 AWS X-Ray service map

Chapter 13

Figure 13.1 Amazon CloudFront cache

Figure 13.2 Sample dashboard for Amazon API Gateway using Amazon CloudWatch

Figure 13.3 Device tracking

Figure 13.4 Amazon Cognito prebuilt UI

Figure 13.5 Standard three-tier web infrastructure architecture

Figure 13.6 Serverless web application architecture

Chapter 14

Figure 14.1 Amazon DynamoDB indexes

Figure 14.2 Game scores

Figure 14.3 Forum thread table

Figure 14.4 Last post index

Figure 14.5 DynamoDB Streams endpoints

Figure 14.6 Stream and shard relationship

Figure 14.7 AWS Lambda Customers table

Figure 14.8 DynamoDB Auto Scaling

Figure 14.9 Data distribution and partition

Figure 14.10 Conditional write success

Figure 14.11 Conditional write success

Figure 14.12 Granting permissions on a table

Figure 14.13 Hiding information on a table

Figure 14.14 Lazy loading caching

Figure 14.15 Object with key and ID

Figure 14.16 Same key, different version

Figure 14.17 Delete marker

Figure 14.18 Permanent delete

Figure 14.19 VPC accessing an Amazon EFS

Chapter 15

Figure 15.1 Various monitoring services on AWS

Figure 15.2 Diagram of Amazon CloudWatch

Figure 15.3 Alarm evaluation

Figure 15.4 Amazon CloudWatch dashboard

Figure 15.5 Microservice example

Figure 15.6 Example service graph for an application

Guide

Cover

Table of Contents

Foreword

Pages

iii

iv

v

vi

vii

xxiii

xxiv

xxv

xxvii

xxix

xxx

xxxi

xxxii

xxxiii

xxxiv

xxxv

xxxvi

xxxvii

xxxviii

xxxix

xl

xli

xlii

xliii

xliv

xlv

xlvi

xlvii

xlviii

xlix

l

li

lii

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

528

529

530

531

532

533

534

535

536

537

538

539

540

541

542

543

544

545

546

547

548

549

550

551

552

553

554

555

556

557

558

559

560

561

562

563

564

565

566

567

568

569

570

571

572

573

574

575

576

577

578

579

580

581

582

583

584

585

586

587

588

589

590

591

592

593

594

595

596

597

598

599

600

601

602

603

604

605

606

607

608

609

610

611

612

613

614

615

616

617

618

619

620

621

622

623

624

625

626

627

628

629

630

631

632

633

634

635

636

637

638

639

640

641

642

643

644

645

646

647

648

649

650

651

652

653

654

655

656

657

658

659

660

661

663

664

665

666

667

668

669

670

671

672

673

674

675

676

677

678

679

680

681

682

683

684

685

686

687

688

689

690

691

692

693

694

695

696

697

698

699

700

701

702

703

704

705

706

707

708

709

710

711

712

713

714

715

716

717

718

719

720

721

722

723

724

725

726

727

728

729

730

731

732

733

734

735

736

737

738

739

740

741

742

743

744

745

746

747

748

749

750

751

752

753

754

755

756

757

758

759

760

761

762

763

764

765

766

767

768

769

770

771

772

773

774

775

776

777

778

779

780

781

782

783

784

785

786

787

788

789

790

791

792

793

794

795

797

798

799

800

801

802

803

804

805

806

807

808

809

810

811

812

813

814

815

816

817

818

819

820

821

822

823

824

825

826

827

828

829

830

831

833

834

835

836

837

838

839

840

841

842

843

844

845

846

847

848

849

850

851

852

853

854

855

856

857

858

859

860

861

862

863

864

865

866

867

868

869

870

871

872

873

874

875

876

877

878

879

880

881

882

883

884

885

886

887

888

889

890

891

892

893

894

895

896

897

898

899

900

901

902

903

904

905

906

907

908

909

910

911

912

913

914

915

916

917

918

919

920

921

922

923

924

925

926

927

928

929

930

931

932

933

934

935

936

937

938

939

940

Table of Exercises

Exercise 1.1 Sign Up for an Account

Exercise 1.2 Create an IAM Administrators Group and User

Exercise 1.3 Install and Configure the AWS CLI

Exercise 1.4 Download the Code Samples

Exercise 1.5 Run a Python Script that Makes AWS API Calls

Exercise 1.6 Working with Multiple Regions

Exercise 1.7 Working with Additional Profiles

Exercise 2.1 Create an Amazon EC2 Key Pair

Exercise 2.2 Create an Amazon VPC with Public and Private Subnets

Exercise 2.3 Use an IAM Role for API Calls from Amazon EC2 Instances

Exercise 2.4 Launch an Amazon EC2 Instance as a Web Server

Exercise 2.5 Connect to the Amazon EC2 Instance

Exercise 2.6 Configure NAT for Instances in the Private Subnet

Exercise 2.7 Launch an Amazon EC2 Instance into the Private Subnet

Exercise 2.8 Make Requests to Private Instance

Exercise 2.9 Launch an AWS Cloud9 Instance

Exercise 2.10 Perform Partial Cleanup

Exercise 2.11 (Optional) Complete Cleanup

Exercise 3.1 Create an Amazon Simple Storage Service (Amazon S3) Bucket

Exercise 3.2 Upload an Object to a Bucket

Exercise 3.3 Emptying and Deleting a Bucket

Exercise 4.1 Create a Security Group for the Database Tier on Amazon RDS

Exercise 4.2 Spin Up the MariaDB Database Instance

Exercise 4.3 Obtain the Endpoint Value for the Amazon RDS Instance

Exercise 4.4 Create a SQL Table and Add Records to It

Exercise 4.5 Query the Items in the SQL Table

Exercise 4.6 Remove Amazon RDS Database and Security Group

Exercise 4.7 Create an Amazon DynamoDB Table

Exercise 4.8 Add Users to the Amazon DynamoDB Table

Exercise 4.9 Look Up a User in the Amazon DynamoDB Table

Exercise 4.10 Write Data to the Table as a Batch Process

Exercise 4.11 Scan the Amazon DynamoDB Table

Exercise 4.12 Remove the Amazon DynamoDB Table

Exercise 5.1 Configure an Amazon S3 Bucket to Deny Unencrypted Uploads

Exercise 5.2 Create and Disable an AWS Key Management Service (AWS KMS) Key

Exercise 5.3 Create an AWS KMS Customer Master Key with the Python SDK

Exercise 6.1 Deploy Your Application

Exercise 6.2 Deploy a Blue/Green Solution

Exercise 6.3 Change Your Environment Configuration on AWS Elastic Beanstalk

Exercise 6.4 Update an Application Version on AWS Elastic Beanstalk

Exercise 7.1 Create an AWS CodeCommit Repository and Submit a Pull Request

Exercise 7.2 Create an Application in AWS CodeDeploy

Exercise 7.3 Create an AWS CodeBuild Project

Exercise 8.1 Write Your Own AWS CloudFormation Template

Exercise 8.2 Troubleshoot a Failed Stack Deletion

Exercise 8.3 Monitor Stack Update Activity

Exercise 9.1 Launch a Sample AWS OpsWorks Stacks Environment

Exercise 9.2 Launch an Amazon ECS Cluster and Containers

Exercise 9.3 Migrate an Amazon RDS Database

Exercise 9.4 Configure Auto Healing Event Notifications in AWS OpsWorks Stacks

Exercise 10.1 Setting Up a Simple Active Directory

Exercise 10.2 Setting Up an AWS Managed Microsoft AD

Exercise 10.3 Setting Up an Amazon Cloud Directory

Exercise 10.4 Setting Up Amazon Cognito

Exercise 11.1 Create an Amazon SQS Queue, Add Messages, and Receive Messages

Exercise 11.2 Send an SMS Text Message to Your Mobile Phone with Amazon SNS

Exercise 11.3 Create an Amazon Kinesis Data Stream and Write/Read Data

Exercise 11.4 Create an AWS Step Functions State Machine 1

Exercise 11.5 Create an AWS Step Functions State Machine 2

Exercise 12.1 Create an Amazon S3 Bucket for CSV Ingestion

Exercise 12.2 Create an Amazon S3 Bucket for Final Output JSON

Exercise 12.3 Verify List Buckets

Exercise 12.4 Prepare the AWS Lambda Function

Exercise 12.5 Create AWS IAM Roles

Exercise 12.6 Create the AWS Lambda Function

Exercise 12.7 Give Amazon S3 Permission to Invoke an AWS Lambda Function

Exercise 12.8 Add the Amazon S3 Event Trigger

Exercise 12.9 Test the AWS Lambda Function

Exercise 13.1 Create an Amazon S3 Bucket for the Swagger Template

Exercise 13.2 Edit the HTML Files

Exercise 13.3 Define an AWS SAM Template

Exercise 13.4 Define an AWS Lambda Function Locally

Exercise 13.5 Generate an Event Source

Exercise 13.6 Run the AWS Lambda Function

Exercise 13.7 Modify the AWS SAM template to Include an API Locally

Exercise 13.8 Modify Your AWS Lambda Function for the API

Exercise 13.9 Run Amazon API Gateway Locally

Exercise 14.1 Create an Amazon ElastiCache Cluster Running Memcached

Exercise 14.2 Expand the Size of a Memcached Cluster

Exercise 14.3 Create and Attach an Amazon EFS Volume

Exercise 14.4 Create and Upload to an Amazon S3 Bucket

Exercise 14.5 Create an Amazon DynamoDB Table

Exercise 14.6 Enable Amazon S3 Versioning

Exercise 14.7 Create an Amazon DynamoDB Global Table

Exercise 14.8 Enable Cross-Region Replication

Exercise 14.9 Create an Amazon DynamoDB Backup Table

Exercise 14.10 Restoring an Amazon DynamoDB Table from a Backup

Exercise 15.1 Create an Amazon CloudWatch Alarm on an Amazon S3 Bucket

Exercise 15.2 Enable an AWS CloudTrail Trail on an Amazon S3 Bucket

Exercise 15.3 Create an Amazon CloudWatch Dashboard

Exercise 16.1 Set Up a CPU Usage Alarm Using AWS CLI

Exercise 16.2 Modify Amazon EBS Optimization for a Running Instance

Exercise 16.3 Create an AWS Config Rule

Exercise 16.4 Create a Launch Configuration and an AWS Auto Scaling Group, and Schedule a Scaling Action

Foreword

Software development is changing. In today’s competitive market, customers demand low-latency, highly scalable, responsive applications that work—all the time. Customers expect to receive the same level of performance and consistency of applications regardless of their device. Whether they are on a mobile device, desktop, laptop, or Amazon Fire tablet, they expect that applications will behave similarly across platforms.

The goal of building working applications that respond to increasing expectations means that building applications on highly available architecture is now more important than ever. As developers, you can use AWS Cloud computing to build highly available architectures and services on which to deploy and run your applications.

AWS provides you with a broad set of tools to build and develop your applications. We empower you by providing the best tools to achieve your goals. To that end, you’ll learn about compute services, such as Amazon Elastic Compute Cloud (Amazon EC2), and file object storage services, such as Amazon Simple Storage Service (Amazon S3). You’ll also learn about the many types of applications that you can build on top of these services.

Historically, developers have been responsible for designing, creating, and running their applications. In the AWS Cloud, you can create your compute resources with one click using AWS CloudFormation, or you can fully automate the running of your containers using AWS Fargate.

AWS continually listens to customer feedback to understand your workloads and changing needs better. AWS also monitors market trends, understanding that you want to build and run applications on the cloud, but you don’t want to worry about managing the underlying infrastructure. You want infrastructure to scale automatically, you want services with a built-in high availability infrastructure, and you want to pay only for what you consume.

In response to these demands, AWS pioneered services such as AWS Lambda, which is based on serverless technology. It enables you to run compute programming logic in applications without having to worry about maintaining anything other than their code and core logic.

Today is the most exciting time to be a developer. With AWS services, you can focus on the core functionality of your application and allow the AWS Cloud to perform all of the administration of the resources, including server and operating system maintenance. This flexibility provides you with the unique ability to focus on what matters to you most—building, maintaining, and, most importantly, innovating your applications.

In this study guide, AWS experts coach you on how to develop and build applications that can run on and integrate with AWS services. This knowledge allows you, as a developer, to build your services and features quickly and get them running in the AWS Cloud for your customers to use. When you complete this guide and the test bank in the accompanying interactive online learning environment, you have gained the fundamental knowledge to succeed on the AWS Certified Developer – Associate certification exam.

So imagine, dream, and build, because on the AWS Cloud, the only limit is your imagination.

Werner VogelsVice President and Corporate Technology OfficerAmazon

Introduction

Developers are builders. They are responsible for imagining, designing, and building applications. This study guide is designed to help you develop, build, and create solutions by using AWS services and to provide you with the knowledge required to obtain the AWS Certified Developer – Associate certification.

The study guide covers relevant topics on the exam, with additional context to increase your understanding of how to build applications on AWS. This study guide references the exam blueprint throughout all of its chapters and content to provide a comprehensive view of the required knowledge to pass the exam. Furthermore, this study guide was designed to help you understand the key concepts required to earn the certification and for you to use as a reference for building highly available applications that run on the AWS Cloud. However, the study guide does not cover any prerequisite knowledge concerning software development; that is, the study guide does not cover how to program in Java, Python, .NET, and other platform languages. Instead, you will use these languages to build, manage, and deploy your resources on AWS.

The study guide begins with an introduction to the AWS Cloud and how you can interact with the AWS Cloud by using API calls. API calls are the heart of the AWS Cloud, as every interaction with AWS is an API call to the service. As such, the initial chapter provides you with the core knowledge on which the rest of the chapters are built. Because security is a top priority for all applications, the first chapter also describes how to create your API keys by using AWS Identity and Access Management (IAM). The rest of the chapters cover topics ranging from compute services, storage services, databases, encryption, and serverless-based applications.

The chapters were designed with the understanding that developers build. To enhance learning through hands-on experience, at the end of each chapter is an “Exercises” section with activities that help reinforce the main topic of the chapter. Each chapter also contains a “Review Questions” section to assess your understanding of the main concepts required to work with AWS. However, understand that the actual exam will test you on your ability to combine multiple concepts. The review questions at the end of each chapter focus only on the topics discussed in that chapter.

To help you determine the level of your AWS Cloud knowledge and aptitude before reading the guide, an assessment test with 50 questions is provided at the end of this introduction. Two practice exams with 75–100 questions each are also included to help you gauge your readiness to take the exam.

What Does This Book Cover?

This book covers topics that you need to know to prepare for the Amazon Web Services (AWS) Certified Developer – Associate Exam.

Chapter 1: Introduction to AWS Cloud API This chapter provides an overview of how to use AWS Cloud API calls. The chapter includes an introduction to AWS software development kits (AWS SDKs) and the AWS global infrastructure. A review of AWS API keys and how to manage them using AWS Identity and Access Management (IAM) is also included.

Chapter 2: Introduction to Compute and Networking This chapter reviews compute and networking environments in AWS. It provides an overview of resources, such as Amazon Elastice Compute Cloud (Amazon EC2), and the network controls exposed through Amazon Virtual Private Cloud (Amazon VPC).

Chapter 3: Hello, Storage In this chapter, you will learn about cloud storage with AWS. It provides a review of storage fundamentals and the AWS storage portfolio of services, such as Amazon Simple Storage Service (Amazon S3) and Amazon S3 Glacier. The chapter also covers how to choose the right type of storage for a workload.

Chapter 4: Hello, Databases This chapter provides an overview of the AWS database services. The chapter provides a baseline understanding of SQL versus NoSQL. It also introduces concepts such as caching with Amazon ElastiCache and business intelligence with Amazon Redshift. The chapter also covers Amazon Relational Database Service (Amazon RDS) and Amazon DynamoDB.

Chapter 5: Encryption on AWS In this chapter, you will explore AWS services that enable you to perform encryption of data at rest using both customer and AWS managed solutions. An overview of each approach and the use case for each is provided. Example architectures are included that show the differences between a customer and an AWS managed infrastructure.

Chapter 6: Deployment Strategies In this chapter, you will learn about automated application deployment, management, and maintenance by using AWS Elastic Beanstalk. You will also learn about the various deployment methodologies and options to determine the best approach for individual workloads.

Chapter 7: Deployment as Code This chapter describes the AWS code services used to automate infrastructure and application deployments across AWS and on-premises resources. You will learn about the differences among continuous integration, continuous delivery, and continuous deployment, in addition to how AWS enables you to achieve each.

Chapter 8: Infrastructure as Code This chapter focuses on AWS CloudFormation and how you can use the service to create flexible, repeatable templates for a cloud infrastructure. You will learn about the different AWS CloudFormation template components, supported resources, and how to integrate non-AWS resources into your templates using custom resources.

Chapter 9: Configuration as Code In this chapter, you will learn about AWS OpsWorks Stacks and Amazon Elastic Container Service (Amazon ECS). OpsWorks Stacks enables you to perform automated configuration management on resources in your AWS account and on-premises instances using Chef cookbooks. You will learn how to add a Chef cookbook to your stack, associate it with an instance, and perform configuration changes. Using Amazon ECS, you will learn how to create clusters and services and how to deploy tasks to your cluster in response to changes in customer demand.

Chapter 10: Authentication and Authorization This chapter explains the differences between authentication and authorization and how these differences apply to infrastructure and applications running on AWS. You will also learn about integrating third-party identity services, in addition to the differences between the control pane and data pane.

Chapter 11: Refactor to Microservices In this chapter, you will learn about microservices and how to refactor large application stacks into small, portable containers. You will also learn how to implement messaging infrastructure to enable communication between microservices running in your environment.

Chapter 12: Serverless Compute This chapter reviews AWS Lambda as a compute service that you can use to run code without provisioning or managing servers. In this chapter, you will learn about creating, triggering, and securing Lambda functions. You will also learn other features of Lambda, such as versioning and aliases.

Chapter 13: Serverless Applications This chapter expands on the serverless concepts you learned in Chapter 12, “Serverless Compute,” and shows you how to architect a full-stack serverless web application. You will learn how to map server-based application architectures to serverless application architectures.

Chapter 14: Stateless Application Patterns This chapter expands on the concepts you learned in Chapter 13, “Serverless Applications,” by explaining how to design stateless applications. You will learn how to develop applications that do not depend on state information stored on individual resources, allowing for additional portability and availability.

Chapter 15: Monitoring and Troubleshooting This chapter discusses AWS services that you can use to monitor the health of your applications, in addition to changes to AWS resources over time. You will learn how to use Amazon CloudWatch to perform log analysis and create custom metrics for ingestion by other tools and for creating visualizations in the dashboard. You will also learn how to use AWS CloudTrail to monitor API activity for your AWS account to ensure that changes are appropriately audited over time. You will also learn how to use AWS X-Ray to create visual maps of application components for step-by-step analysis.

Chapter 16: Optimization This chapter covers some of the best practices and considerations for designing systems to achieve business outcomes at a minimal cost and to maintain optimal performance efficiency. This chapter covers scenarios for compute and storage, how to use a serverless platform, and what to consider for efficient data transfer to optimize your solutions. The chapter describes key AWS tools for managing and monitoring the cost and performance of your infrastructure. It includes code snippets, samples, and exercises to develop monitoring solutions and designs that integrate other AWS services.

Interactive Online Learning Environment and Test Bank

The authors have worked hard to provide you with some great tools to help you with your certification process. The interactive online learning environment that accompanies the AWS Certified Developer – Associate Official Study Guide provides a test bank with study tools to help you prepare for the certification exam. This helps you increase your chances of passing it the first time! The test bank includes the following:

Sample Tests All of the questions in this book, including the 50-question assessment test at the end of this introduction and the review questions that are provided at the end of each chapter are available online. In addition, there are two practice exams available online with 75–100 questions each. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.

Flashcards The online test banks include more than 200 flashcards specifically written to quiz your knowledge of AWS operations. After completing all the exercises, review questions, practice exams, and flashcards, you should be more than ready to take the exam. The flashcard questions are provided in a digital flashcard format (a question followed by a single correct answer). You can use the flashcards to reinforce your learning and provide last-minute test prep before the exam.

Glossary A glossary of key terms from this book is available as a fully searchable PDF.

 Go to www.wiley.com/go/sybextestprep to register and gain access to this interactive online learning environment and test bank with study tools.

Exam Objectives

The AWS Certified Developer – Associate Exam is intended for individuals who perform in a developer role. Exam concepts that you should understand for this exam include the following:

Core AWS services, uses, and basic AWS architecture best practices

Developing, deploying, and debugging cloud-based applications using AWS

In general, certification candidates should understand the following:

AWS APIs, AWS CLI, and AWS SDKs to write applications

Key features of AWS services

AWS shared responsibility model

Application lifecycle management

CI/CD pipeline to deploy applications on AWS

Using or interacting with AWS services

Using cloud-native applications to write code

Writing code using AWS security best practices (for example, not using secret and access keys in the code, and instead using AWS Identity and Access Management (IAM) roles)

Authoring, maintaining, and debugging code modules on AWS

Writing code for serverless applications

Using containers in the development process

The exam covers five different domains, with each domain broken down into objectives and subobjectives.

Objective Map

The following table lists each domain and its weighting in the exam, along with the chapters in this book where that domain’s objectives and subobjectives are covered.

Domain

Percentage of Exam

Chapter

Domain 1: Deployment

22%

6, 7, 8, 9, 12, 13, 14

1.1 Deploy written code in AWS using existing CI/CD pipelines, processes, and patterns.

6, 7, 8, 9

1.2 Deploy applications using Elastic Beanstalk.

6, 8, 9

1.3 Prepare the application deployment package to be deployed to AWS.

7, 9, 12

1.4 Deploy serverless applications.

7, 12, 13, 14

Domain 2: Security

26%

1, 3, 4, 5, 6, 10, 12, 14

2.1 Make authenticated calls to AWS services.

1, 4, 10, 12, 13, 14

2.2 Implement encryption using AWS services.

3, 4, 5, 14

2.3 Implement application authentication and authorization.

3, 10, 13, 14

Domain 3: Development with AWS Services

30%

1, 2, 3, 4, 5, 7, 9, 12, 13, 14, 16

3.1 Write code for serverless applications.

9, 12, 13

3.2 Translate functional requirements into application design.

2, 3, 4, 13, 14

3.3 Implement application design into application code.

3, 4, 13, 14

3.4 Write code that interacts with AWS services by using APIs, SDKs, and AWS CLI.

1, 2, 3, 5, 7, 9, 12, 13, 14, 16

Domain 4: Refactoring

10%

2, 3, 4, 11,16

4.1 Optimize application to best use AWS services and features.

3, 4, 11, 16

4.2 Migrate existing application code to run on AWS.

2, 3, 11

Domain 5: Monitoring and Troubleshooting

12%

2, 4, 6, 8, 11, 12, 13, 15, 16

5.1 Write code that can be monitored.

8, 12, 13, 15, 16

5.2 Perform root cause analysis on faults found in testing or production.

2, 4, 12, 15

Assessment Test