AWS Certified DevOps Engineer - Professional (DOP-C02) Domain 2

Configuration Management and IaC

Official Exam Guide: Domain 2: Configuration Management and IaC

Skill Builder: AWS Certified DevOps Engineer - Professional Exam Prep

---

Domain Overview

Domain 2 (17%) focuses on defining cloud infrastructure with IaC, deploying automation for multi-account environments, and building automated solutions for complex tasks.

---

Task 2.1: Define cloud infrastructure and reusable components

Essential Documentation:

• AWS CloudFormation User Guide
• AWS CDK Developer Guide
• AWS SAM Developer Guide
• CloudFormation StackSets
• AWS Service Catalog
• AWS Systems Manager
• AWS Config

---

Task 2.2: Deploy automation for multi-account environments

Essential Documentation:

• AWS Organizations User Guide
• AWS Control Tower User Guide
• IAM Permissions Boundaries
• Service Control Policies (SCPs)
• AWS Security Hub

---

Task 2.3: Design and build automated solutions

Essential Documentation:

• Systems Manager Automation
• Systems Manager Patch Manager
• Systems Manager State Manager
• AWS Lambda Developer Guide
• AWS Step Functions Developer Guide

---

AWS Service FAQs

• AWS CloudFormation FAQs
• AWS Organizations FAQs
• AWS Systems Manager FAQs

---

Study Tips

1. Master CloudFormation - Stacks, nested stacks, StackSets for multi-account/region, drift detection, change sets, macros.

2. Learn multi-account automation - Organizations with SCPs, Control Tower landing zones, automated account provisioning.

3. Understand Systems Manager - Automation documents, State Manager for configuration compliance, Patch Manager, Session Manager.

4. Practice IaC patterns - Reusable templates, Service Catalog for governance, CloudFormation modules, CDK constructs.

5. Study compliance automation - AWS Config rules with remediation, Security Hub findings, automated compliance reporting.

---

Note: This is Domain 2 of 6, representing 17% of exam content.