Target Score: 1000/1000 | Exam Code: DVA-C02 | Format: 65 questions, 130 minutes
| Domain | Weight | Topics |
|---|---|---|
| 1. Development with AWS Services | 32% | Lambda, API Gateway, DynamoDB, S3, SQS, SNS, Kinesis, Step Functions |
| 2. Security | 26% | IAM, Cognito, KMS, Secrets Manager, STS |
| 3. Deployment | 24% | Elastic Beanstalk, ECS, CodeDeploy, CodePipeline, CloudFormation, SAM |
| 4. Troubleshooting & Optimization | 18% | CloudWatch, X-Ray, CloudTrail, performance tuning |
- 01 — IAM (Identity & Access Management)
- 02 — EC2 (Elastic Compute Cloud)
- 03 — VPC (Virtual Private Cloud)
- 13 — SQS (Simple Queue Service)
- 14 — SNS (Simple Notification Service)
- 15 — Kinesis
- 16 — EventBridge
- 17 — Step Functions
- 22 — CodeCommit, CodeBuild, CodeDeploy, CodePipeline
- 23 — CloudFormation
- 24 — SAM (Serverless Application Model)
- 25 — CDK (Cloud Development Kit)
| Where | At Rest | In Transit |
|---|---|---|
| S3 | SSE-S3, SSE-KMS, SSE-C | HTTPS/TLS |
| RDS | KMS | SSL |
| DynamoDB | KMS | TLS |
| EBS | KMS | N/A |
| Service | Rolling | Blue/Green | Canary |
|---|---|---|---|
| Elastic Beanstalk | Yes | Yes | No |
| CodeDeploy (EC2) | Yes | Yes | No |
| CodeDeploy (Lambda) | N/A | Yes | Yes |
| ECS | Yes | Yes | No |
Client → CloudFront → API Gateway → Lambda → DynamoDB
↓
SQS/SNS/EventBridge
- Lambda: max 15 min timeout, 10GB memory, 1000 concurrent default
- SQS: standard max 256KB msg, 14-day retention, 12hr visibility timeout
- DynamoDB: 400KB item limit, partition key = 10GB limit per value
- S3: 5TB max object, multipart for >100MB, presigned URL max 7 days (SigV4)
- API Gateway: 29s timeout (can't change), 10MB payload limit
- Read every option — AWS questions often have 2 "correct" answers but one is MORE correct
- Cost + Simplicity wins in serverless questions
- Managed > Self-managed unless the question asks for specific control
- Security: always use IAM roles over access keys, KMS over manual encryption
- Decoupling: when you see "tight coupling" problem → SQS/SNS/EventBridge