AWS Certified DevOps Engineer - Professional (DOP-C02)
Build real cloud skills with guided labs on AWS and Google Cloud. Practice in live environments with instant access to real cloud resources. No cloud account required.
2 labs available
In this advanced lab, you will design and implement a cross-account continuous integration and deployment (CI/CD) pipeline using AWS CodePipeline and associated services. You'll follow best practices for cross-account roles, integrate with AWS CodeBuild for build automation, and execute deployments on AWS Lambda. This lab considers real-world scenarios where applications are deployed across various accounts to maintain security and isolation. You will begin by setting up cross-account roles to allow CodePipeline to operate across different accounts securely. Next, you'll integrate AWS CodeBuild to compile and test the code within these accounts. The pipeline will further connect to AWS CodeDeploy to manage the deployment of the Lambda functions in a controlled manner. This lab emphasizes automation, security, and the efficient management of resources across AWS accounts. By the end of this lab, you will have a working pipeline that automates the building, testing, and deployment process across separate AWS accounts. This exercise will enhance your understanding of CI/CD processes, security practices in AWS, and orchestration of AWS services for cross-account operations.
In this advanced lab, you will design and implement a robust CI/CD pipeline using AWS CodePipeline, interconnected with CodeBuild, CodeDeploy, and Amazon ECS to automate deployments of a containerized application. Through real-world scenarios derived from enterprise needs, you will build a pipeline capable of handling multiple environments and integrating automated testing processes. This lab is designed to prepare you for the AWS Certified DevOps Engineer - Professional exam by challenging you with tasks that mirror real-world enterprise application deployment.
3 labs available
In this complex lab, you'll build a high-availability e-commerce platform using a mixture of AWS compute services and automation tools. You will simulate a modern e-commerce backend capable of handling scalable transactions, integrating multiple AWS services such as AWS CodePipeline for CI/CD, Amazon ECS Fargate for compute, and Amazon RDS for database management. Following best practices for enterprise architectures, this lab involves setting up a multi-region deployment strategy ensuring fault tolerance and high availability. Throughout the lab, you’ll make strategic architectural decisions reflecting real-world requirements for disaster recovery and automation. You'll start by defining your stack using Infrastructure as Code (IaC) through AWS CloudFormation, which will allow you to create reusable components and manage changes efficiently. You will also configure a CI/CD pipeline that automatically deploys updates to your application, ensuring faster delivery and continuous feedback integration. Finally, you will implement monitoring and logging to maintain system health and identify potential bottlenecks, achieving a comprehensive view of your architecture's performance and resilience.
In this lab, you will create an automated CI/CD pipeline that spans multiple AWS accounts using AWS CodePipeline and AWS Organizations. You will orchestrate the deployment of a microservices application stored in Amazon ECR across various environments, highlighting best practices in multi-account governance and security. This scenario covers critical skills in account automation, permissions structuring with IAM, and leveraging advanced CodePipeline features for cross-account automation, equipping you for enterprise-level DevOps challenges.
In this lab, you will implement a multi-region infrastructure automation using AWS CloudFormation StackSets. This activity will help you understand how to manage and deploy cross-account and cross-region resources as you would in large enterprise environments. Through practical application, explore the intricacies of setting governance and security compliance at scale while studying the StackSets intricacies for regional infrastructure replication.
2 labs available
In this advanced hands-on lab, you will set up a multi-region architecture designed to ensure high availability and resiliency using AWS Lambda and DynamoDB. You'll implement a serverless application capable of automatic failover to another AWS region when a simulated outage occurs, leveraging Lambda functions for execution and DynamoDB global tables for replication. This lab guides you through configuring Route 53 for health checks and failover routing to maintain service continuity, ensuring users are unaffected by regional disruptions.
In this lab, you will architect and deploy a high availability e-commerce platform using multiple AWS services including Amazon ECS, AWS Fargate, Amazon RDS, and Amazon Elastic Load Balancing. You will simulate a production-level environment to manage varied loads seamlessly while ensuring minimal downtime and disaster recovery capabilities across AWS regions. Additionally, you will implement CloudWatch for monitoring and auto-scaling features to adapt to traffic spikes.
4 labs available
In this lab, you will develop a comprehensive understanding of how to automate monitoring of your AWS infrastructure using AWS Systems Manager and CloudWatch. The scenario involves a cloud services company, "InfraMetrics Inc.", that aims to improve the efficiency of their infrastructure monitoring processes. You will implement automation techniques to deploy monitoring agents, collect custom metrics, and set alarms. This lab focuses on integrating Systems Manager with CloudWatch for streamlined administration, using features like Parameter Store for configuration management, and State Manager for consistent deployment of monitoring agents across EC2 instances. You will also configure CloudWatch alarms and dashboards to provide insightful visualizations and notifications for operational metrics, ensuring high availability and maintaining optimal performance standards.
In this lab, you will design and implement an advanced monitoring and logging solution using AWS CloudWatch, X-Ray, and Athena. You will collect logs and metrics from various AWS services such as EC2, RDS, and ELB, and automate the visualization of these metrics in CloudWatch dashboards. Additionally, you will integrate AWS X-Ray to trace requests across your infrastructure, configure metric streams to S3, and use Athena for in-depth log analysis. This lab will guide you through creating and managing a secure and scalable logging strategy, critical for maintaining high availability and performance in production environments.
In this lab, you will learn how to configure and deploy a secure and scalable logging system using AWS CloudWatch and AWS Lambda. You will follow a scenario involving a growing startup "Data Insights" that needs to enhance its logging capabilities for both security and performance. The workshop will guide you through the creation of a logging architecture that aggregates logs from various AWS services, securely encrypts them, and provides real-time monitoring and alerts. This lab encapsulates advanced topics like Lambda triggers, log data encryption using AWS KMS, and the use of metric filters to monitor key performance metrics. You'll gain hands-on experience in handling the full lifecycle of logs, from ingestion to analysis, using CloudWatch and additional AWS services to ensure comprehensive observability, security compliance, and operational efficiency. This session simulates a production environment where real-time insights can drastically improve the company's decision-making.
In this lab, we will set up a comprehensive monitoring solution using AWS CloudWatch. Participants will learn to configure log and metric collection, aggregation, and storage to effectively monitor an application ecosystem. Key components will include CloudWatch Logs, Metrics, and Dashboards to visualize application performance and health. The lab simulates a real-world scenario where the user has to implement a monitoring strategy for a fictitious company, aiming for enhanced observability and incident response capabilities. This hands-on experience is tailored to prepare users for real-world challenges as well as the AWS Certified DevOps Engineer exam.
1 lab available
This advanced lab guides you through developing an automated incident response system using AWS CloudWatch Events and AWS Lambda. You will implement event-driven automation that responds to EC2 instance state changes by performing automated recovery actions. This lab simulates a scenario where a dynamic production environment requires resilient and automated monitoring mechanisms to maintain high availability and minimal downtime. You will explore integrated resources like SNS for alerts and SSM for executing management tasks, exercising vital skills for preventing and mitigating system failures.
3 labs available
This lab focuses on implementing a multi-layered security strategy using AWS services in a simulated enterprise environment. Participants will configure and automate security controls to protect sensitive data and comply with industry standards. The lab involves using IAM for access management, Secrets Manager for credential rotation, and AWS Config and Security Hub for compliance monitoring and alerts. Users will work on real-world scenarios that include service usage tracking, policy enforcement, and automated security assessments, preparing them for complex, security-focused challenges in a professional environment.
In this lab, you will configure AWS Identity and Access Management (IAM) at an enterprise scale. You will design and implement least-privilege policies, role-based access controls (RBAC), and attribute-based access controls (ABAC) across multiple projects. The lab will also guide you through automating the credential rotation process using AWS Secrets Manager and enforcing Multi-Factor Authentication (MFA) for access. Finally, to ensure governance and compliance, you will configure AWS Organizations with Service Control Policies (SCPs) and use CloudTrail for auditing and monitoring IAM actions.
In this hands-on lab, you will build a robust CI/CD pipeline using AWS CodePipeline that securely deploys applications across multiple AWS accounts. You will integrate AWS CodeBuild for build automation, AWS CodeDeploy for application deployment, and utilize IAM roles to manage permissions securely. You'll also incorporate AWS Secrets Manager for securely handling sensitive information such as API keys and credentials, and AWS Security Hub to maintain and monitor security compliance across your environments. This setup reflects real-world enterprise scenarios where applications need to be deployed across multiple accounts with stringent security controls in place. You will begin by setting up the foundational infrastructure, including creating IAM roles with the necessary permissions for each AWS service involved in the pipeline. Next, you will configure AWS CodeBuild to automate the build process, ensuring artifacts are securely stored in S3 with appropriate encryption policies. AWS CodeDeploy will be configured to deploy your application to an Amazon EC2 environment, with AWS Systems Manager used to automate post-deployment configuration tasks. To enhance security, you'll implement AWS Security Hub to ensure compliance and to automate security checks across your pipeline. This includes setting up AWS Config rules and AWS GuardDuty to detect, prevent, and respond to potential threats. The lab provides practical experience in managing complex AWS integrations, ensuring compliance with organizational security policies, and leveraging automation to simplify application management. This is ideal for students preparing for the AWS Certified DevOps Engineer - Professional exam who need to demonstrate proficiency in managing multi-account AWS environments with advanced security requirements.
