Shipping and Running on AWS

Priya wrote a Lambda function on a Friday afternoon. It worked perfectly on her laptop. The next morning, the questions started piling up: How does this get to production without copy-paste from the Console? When it breaks at 3am, who knows? Where do the database credentials live? When the team grows to three engineers, how do they ship without overwriting each other?

This course is about all of those questions. You've spent three courses learning to build on AWS. This one is about shipping what you build and keeping it running.

What This Course Covers

Across 10 chapters, you will cover the four pillars that turn a working Lambda into a production app:

• Deployment — the AWS Code suite (CodeCommit, CodeBuild, CodeDeploy, CodePipeline) for getting code from Git to running services;
• Strategies — Rolling, Blue/Green, and Canary deployments, plus the platforms that automate them (Elastic Beanstalk, ECS, Fargate, EKS);
• Observability — CloudWatch for metrics and logs, AWS X-Ray for tracing requests across services;
• Security — AWS KMS for encryption, Secrets Manager and Parameter Store for credentials. The course closes with refactoring patterns for migrating existing apps to AWS, final exam prep, and a track-level capstone.

The Shape of a Production AWS App

If Course 1 was about identity and definition, Course 2 about storage, and Course 3 about compute and integration — this course is about the operational glue. A production-ready AWS app has:

• A Git repository with branch protection and code review;
• A pipeline that builds, tests, and deploys on every merge;
• A deployment strategy that lets you ship without downtime and roll back in one click;
• Metrics, logs, and traces flowing into a central observability layer;
• Alarms that wake the right person when something breaks;
• Encryption at rest, encryption in transit, and credentials in a vault. Most outages in real companies are not about the code — they are about missing one of these six.

A Note on the Exam

This course covers the remaining 20% of DVA-C02 material. The exam tests heavily on:

• CodeDeploy deployment configurations and lifecycle hooks;
• CloudWatch Logs structure (log groups, log streams, retention);
• X-Ray segments, sub-segments, and the X-Ray SDK;
• KMS key types (customer-managed vs AWS-managed) and envelope encryption;
• Secrets Manager rotation and Parameter Store free tier limits. Pay extra attention to the difference between similar-sounding services — Parameter Store vs Secrets Manager is the most-tested confusion in the course.

Let's start with how code gets to production in the first place.