AWS Developer Associate Exam Topics Deep Dive: DVA-C02 Domains Explained

The AWS Certified Developer Associate (DVA-C02) exam covers four interconnected domains that progressively build from core development concepts to advanced troubleshooting. Understanding each domain in detail is essential for targeted preparation.

Domain 1: Development with AWS Services (32%)

This largest domain focuses on writing and deploying code that leverages AWS services. It represents one-third of the exam and requires hands-on proficiency with AWS SDKs and APIs.

1.1 AWS Lambda

Lambda is serverless compute that runs code without provisioning servers. Key topics include:

Function Basics:

• Creating and deploying Lambda functions
• Understanding handlers and execution context
• Function configuration (memory, timeout, environment variables)
• Lambda runtime environments (Python, Node.js, Java, etc.)

Advanced Concepts:

• Layers for code reuse
• VPC integration and networking
• Concurrency and reserved concurrency
• Cold starts and optimization
• Lambda versions and aliases

Exam Focus: Lambda is tested extensively throughout all domains. You must understand function structure, execution flow, and integration patterns deeply.

1.2 AWS SDK Operations

The AWS SDK allows developers to interact with AWS services programmatically. Key areas:

SDK Fundamentals:

• Initializing SDK clients
• Making API calls and handling responses
• Error handling and retries
• Request/response format understanding

Common Operations:

• S3 operations (GetObject, PutObject, DeleteObject)
• DynamoDB operations (GetItem, PutItem, Query, Scan)
• Lambda invocation patterns
• CloudFormation template management

1.3 DynamoDB

DynamoDB is AWS’s managed NoSQL database. Deep understanding is crucial:

Table Design:

• Partition keys and sort keys
• Choosing effective key schemas
• Understanding access patterns

Query Operations:

• GetItem for single item retrieval
• Query for range operations
• Scan for filtering multiple items
• FilterExpression and ProjectionExpression

Advanced Features:

• Global Secondary Indexes (GSI)
• Local Secondary Indexes (LSI)
• DynamoDB Streams for real-time data capture
• Time-to-live (TTL) for automatic expiration

Performance:

• Read and write capacity units
• On-demand vs. provisioned billing
• Throttling and backoff strategies

1.4 Amazon S3

Simple Storage Service provides object storage with multiple use cases:

Core Operations:

• Creating and managing buckets
• Uploading, downloading, and deleting objects
• Object metadata and tags
• Public vs. private access

S3 Features:

• Versioning for object history
• Lifecycle policies for cost optimization
• S3 Transfer Acceleration
• Presigned URLs for temporary access
• Server-side encryption options

Integration Patterns:

• S3 as Lambda event source
• Cross-origin resource sharing (CORS)
• S3 event notifications
• Application file storage and retrieval

1.5 SQS and SNS

Message services for asynchronous communication:

SQS (Simple Queue Service):

• Standard and FIFO queues
• Message visibility and processing
• Dead-letter queues (DLQ)
• Long polling vs. short polling
• Message deduplication

SNS (Simple Notification Service):

• Topics and subscriptions
• Message filtering
• SNS to SQS fan-out pattern
• Email and SMS notifications

1.6 API Gateway

Create, publish, and manage REST and WebSocket APIs:

API Development:

• Creating resources and methods
• Request/response transformation
• Integration types (Lambda, HTTP, AWS service)
• CORS configuration
• API models and validation

Advanced Topics:

• API keys and usage plans
• Request throttling
• Caching for performance
• Logging and monitoring

1.7 Application Integration

Additional integration services appear in exams:

Other Services:

• CloudFormation for IaC
• CodeDeploy for application deployment
• EventBridge for event routing
• Step Functions for workflow orchestration (lighter coverage)

Domain 2: Security (26%)

Security is woven throughout the DVA-C02 exam and receives significant emphasis. This domain covers authentication, authorization, encryption, and secure coding practices.

2.1 IAM Fundamentals

Identity and Access Management is the foundation of AWS security:

Core Concepts:

• Users, groups, and roles
• Policies and permissions
• Trust relationships and role assumption
• Temporary security credentials

Policy Structure:

• Effect (Allow/Deny)
• Principal (who is affected)
• Action (what operations)
• Resource (on what resources)
• Condition (when the policy applies)

Exam Focus: You must write IAM policies from scratch. Understand how to grant minimum required permissions and recognize overly permissive policies.

2.2 API Authentication

Different authentication mechanisms protect APIs:

Key Concepts:

• API keys for public API identification
• Authorization headers
• Signature Version 4 (SigV4) signing
• OAuth 2.0 for third-party authorization
• Lambda authorizers (custom authorizers)
• API Gateway IAM authorization

Secure Patterns:

• Using temporary credentials
• Rotating API keys
• Scope limitation

2.3 Encryption

Protecting data in transit and at rest:

At-Rest Encryption:

• S3 server-side encryption options
• DynamoDB encryption
• Database encryption
• KMS (Key Management Service) overview

In-Transit Encryption:

• HTTPS/TLS for data in flight
• VPC endpoints for private connectivity
• Lambda environment variable encryption
• API security

Key Management:

• KMS key creation and usage
• AWS Secrets Manager for credential storage
• Parameter Store for configuration
• Encryption key rotation

2.4 Secrets Management

Secure credential storage and retrieval:

AWS Secrets Manager:

• Creating and retrieving secrets
• Lambda integration for automatic rotation
• Cross-account secret access
• Secret versions

Systems Manager Parameter Store:

• Standard and secure string parameters
• Parameter policies
• Hierarchical parameter organization

Best Practices:

• Never hardcode credentials
• Use temporary credentials
• Rotate credentials regularly
• Limit secret access with IAM policies

2.5 VPC Security

Network-level security concepts:

Key Topics:

• Security groups and network ACLs
• Private subnets and NAT gateways
• VPC endpoints for AWS service access
• Lambda VPC integration implications

Domain 3: Deployment (24%)

Deployment knowledge covers getting applications from development to production:

3.1 CloudFormation

Infrastructure as Code for AWS resources:

Template Structure:

• AWSTemplateFormatVersion
• Description
• Parameters
• Resources
• Outputs
• Metadata

Key Features:

• Intrinsic functions (Ref, Fn::Sub, Fn::Join)
• Pseudo parameters
• Resource creation order
• Stack policies for protection

Advanced Concepts:

• Change sets for previewing changes
• Stack rollback behavior
• Nested stacks
• Custom resources
• DeletionPolicy for resource retention

Exam Focus: You must understand CloudFormation template syntax and resource creation patterns.

3.2 Serverless Application Model (SAM)

SAM simplifies serverless application development:

SAM Basics:

• SAM template syntax
• Implicit API Gateway creation
• Lambda function definition
• Policy templates

Deployment:

• sam build process
• sam deploy for CloudFormation creation
• Local testing with sam local

3.3 Elastic Beanstalk

Platform as a Service for application deployment:

Core Concepts:

• Environments and configurations
• Deployment options (All at once, Rolling, Blue/green)
• Environment tiers (Web server, Worker)
• Logging and monitoring

Lighter Coverage: Elastic Beanstalk receives less emphasis than Lambda and CloudFormation but still appears on the exam.

3.4 CodeDeploy

Application deployment automation:

Key Concepts:

• Application revisions
• Deployment groups and configurations
• Deployment strategies
• AppSpec files

On-Premises and EC2: CodeDeploy can deploy to EC2 instances or on-premises servers.

3.5 Deployment Strategies

Understanding different deployment approaches:

Strategies:

• All-at-once: Fastest but risky
• Rolling: Gradual replacement with minimum downtime
• Blue/Green: Two identical environments with instant switching
• Canary: Gradual traffic shift to new version

Rollback: Understanding automatic rollback mechanisms and manual rollback procedures.

Domain 4: Troubleshooting and Optimization (18%)

The smallest but important domain covers observability and performance:

4.1 CloudWatch Monitoring

Monitoring and observability for AWS applications:

Metrics:

• AWS CloudWatch Metrics
• Custom metrics from applications
• Metric math for derived metrics
• Dashboards for visualization

Alarms:

• Creating alarms on metrics
• SNS notifications
• Alarm states (OK, ALARM, INSUFFICIENT_DATA)
• Composite alarms

Logs:

• CloudWatch Logs Insights for querying
• Log groups and streams
• Log retention
• Metric filters for creating metrics from logs

4.2 AWS X-Ray

Distributed tracing for application analysis:

Core Concepts:

• X-Ray daemon
• Segments and subsegments
• Annotations and metadata
• Service map visualization

Use Cases:

• Identifying bottlenecks
• Tracing across services
• Error analysis
• Latency investigation

4.3 Performance Analysis

Understanding application performance:

Topics:

• Identifying bottlenecks
• Database query optimization
• Lambda optimization
• API response time analysis
• Cost analysis through CloudWatch and X-Ray

4.4 Troubleshooting Common Issues

Practical problem-solving approaches:

Common Problems:

• Lambda execution timeouts
• Insufficient DynamoDB capacity
• IAM permission errors
• API throttling
• Memory-related issues
• Network connectivity problems

Troubleshooting Steps:

1. Check CloudWatch Logs for error messages
2. Review X-Ray traces for service calls
3. Verify IAM permissions
4. Check service quotas and limits
5. Review recent changes through CloudFormation
6. Test with simplified scenarios

Domain Coverage Strategies

High-Weight Domains (Development and Security: 58%)

• Dedicate most study time here
• Complete multiple hands-on labs
• Master core services deeply
• Take numerous practice questions

Mid-Weight Domains (Deployment: 24%)

• Understand CloudFormation thoroughly
• Practice writing templates
• Know deployment strategies

Lighter Domain (Troubleshooting: 18%)

• Understand monitoring and tracing concepts
• Know how to investigate problems
• Less depth required

Service Frequency in Exams

Appears in Most Exams:

• Lambda and DynamoDB
• IAM and authentication
• CloudFormation
• CloudWatch Logs

Appears Frequently:

• S3, SQS, SNS
• API Gateway
• Secrets Manager
• X-Ray

May Appear:

• Elastic Beanstalk
• CodeDeploy
• Parameter Store
• VPC concepts

FAQ

Q: Do I need to memorize all CloudFormation properties? A: No, but understand the structure and common resource types. Exam questions test understanding, not memorization.

Q: How deep should I understand VPC? A: Know VPC basics, security groups, and private subnets. Deep VPC knowledge is more important for Solutions Architect certification.

Q: Are specific programming languages tested? A: No. Questions focus on AWS service knowledge, not language-specific syntax.

Q: How are the domains weighted in practice exams? A: Reputable mock exams follow official domain percentages. Take exams that match this distribution.

Q: Should I focus on one domain at a time? A: It depends. Some prefer deep domain expertise; others prefer breadth. Both approaches work with consistent practice.

Conclusion

The DVA-C02 exam covers four distinct domains that work together to validate complete AWS developer competency. By understanding what each domain covers and dedicating study time proportionally to domain weights, you’ll be well-prepared for exam success.

Focus especially on Development with AWS Services and Security—these two domains represent 58% of the exam. Combine theoretical knowledge with hands-on practice using our comprehensive mock exams to ensure you’re ready for test day.