Learning materials for the AWS Certified Cloud Practitioner Certification (AWS-CLF-C02).
Information on the exam can be found here.
Domains of material covered in the exam:
- Cloud Concepts
- Security and Compliance
- Cloud Technology & Services
- Billing, Pricing, & Support
| Icon | Name | Description |
|---|---|---|
 |
a service that enables users to model and manage infrastructure resources in an automated and secure manner, developers can define and provision AWS infrastructure resources using a JSON- or YAML-formatted infrastructure as code template | |
 |
open-source software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation | |
 |
PaaS, runs application code and handles deployment and serving to users | |
 |
automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises | |
 |
a scalable versioning control system for developers, similar to git (obsoleted 2024) | |
 |
a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy | |
 |
a continuous delivery service that enables you to model, visualize, and automate the steps required to release your software | |
 |
a secure, highly scalable, managed artifact repository service that helps organizations to store and share software packages for application development | |
 |
manage servers running on AWS and in your on-premises data center through a single interface | |
 |
manage your Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, on-premises servers, and virtual machines (VMs) | |
 |
provides secure, hierarchical storage for configuration data management and secrets management | |
 |
a highly available and scalable cloud Domain Name System (DNS) web service | |
 |
web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users | |
 |
shortens the distance between client applications and AWS servers that acknowledge PUTS and GETS to Amazon S3 using our global network of hundreds of CloudFront Edge Locations | |
 |
terminates TCP connections from clients at AWS edge locations and, almost concurrently, establishes a new TCP connection with the endpoints, maximizing the time that traffic is on the AWS network and ensureing that traffic is always routed over the optimum network path. | |
 |
a pool of AWS compute and storage capacity deployed at a customer site | |
 |
a type of AWS infrastructure designed to run workloads that require low latency or edge resiliency | |
 |
allow for the placement of resources near end users | |
 |
a service to send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available | |
 |
process real-time data, such as video, audio, application logs, website clickstreams, and IoT telemetry data, for machine learning (ML), analytics, and other applications | |
 |
a service that makes it easy to set up, operate, and send notifications from the cloud | |
 |
a managed message broker service for Apache ActiveMQ Classic and RabbitMQ that streamlines setup, operation, and management of message brokers on AWS | |
 |
a repository for metrics and logs | |
 |
essential for ensuring optimal performance and efficient resource utilization, provides insights to AWS Services allowing for real time tracking of health/performance/usage patterns | |
 |
a monitoring tool that helps you create alarms on your AWS Resouces and AWS Services | |
 |
centralizes the logs from all of your systems, applications, and AWS services that you use, in a single, highly scalable service | |
 |
a service that provides real-time access to changes in data in AWS services, your own applications, and software as a service (SaaS) applications without writing code | |
 |
a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account | |
 |
helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture | |
 |
analyzes the application runtime performance and using machine learning, provides recommendations on ways that could speed up the application | |
 |
can be used to learn about AWS Health events that affect AWS services or the AWS account | |
 |
a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define | |
| usecase: manage components of VPC (Subnet, Internet Gateway, NAT Gateways, Elastic IPs, Flow Logs, Peering); control the security of your VPC by configuring the Network ACLs and Security Groups | ||
 |
an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets | |
 |
provides private connectivity between VPCs, supported AWS services, and your on-premises networks without exposing your traffic to the public internet | |
 |
a fully-managed remote access VPN solution used by your remote workforce to securely access resources within both AWS and your on-premises network | |
 |
connects your Amazon VPCs and on-premises networks through a central hub, simplifies the network and prevents complex peering relationships, Transit Gateway acts as a highly scalable cloud router—each new connection is made only once | |
 |
||
 |
manage users access, controls, and permissions for users within the organization | |
 |
makes a user have multiple devices to prove their identity | |
| Long-term credentials for individual IAM accounts | ||
 |
tool to manage AWS tools, provides a command line interface to configure and control multiple services | |
| usecase: requires Access keys for users to access | ||
 |
contains tools to develop applications with AWS with different programming languages (eg JS, Java, React, Python, etc.) | |
 |
online command line shell environment, preloaded with tools and automatically updated | |
 |
protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define | |
 |
a managed distributed denial of service (DDoS) protection service that safeguards applications running on AWS | |
 |
a stateful, managed, network firewall and intrusion detection and prevention service for an Amazon VPC | |
 |
a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization | |
 |
gives you centralized control over the cryptographic keys used to protect your data | |
| a cryptographic service for creating and maintaining hardware security modules | ||
 |
a service that allows developers to provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and internal connected resources | |
 |
encrypts at rest using encryption keys owned and stored in AWS KMS | |
 |
contains compliance-related documents in AWS such as ISO certifications, Payment Card Industry (PCI), and Service Organization Control (SOC) reports | |
 |
automatically manage resource utilization based on the overall activity levels within AWS accounts, workloads, and data | |
 |
continually scans AWS workloads for software vulnerabilities and unintended network exposure | |
 |
helps user record configuration changes to software within EC2 instances in the AWS account and also virtual machines (VMs) or servers in the on-premises environment | |
 |
a data security service that discovers sensitive data using machine learning and pattern matching, provides visibility into data security risks, and enables automated protection against those risks | |
| allows organizations to create custom insights and compliance checks specific to their environment | ||
 |
helps analyze, investigate, and quickly identify the root cause of security findings or suspicious activities | |
| addresses many different types of potentially abusive activity such as phishing, malware, spam, and denial of service (DoS)/ distributed denial of service (DDoS) incidents | ||
| complete access to all AWS services and resources in your AWS account | ||
| usecase: should only be used when absolutely necessary | ||
 |
gives visibility into unused access across your AWS organization and recommendations to help you remediate unused access | |
 |
a tool that provides temporary access to IAM roles with their own permissions | |
 |
support federated authentication, profile data sync store and AWS access token distribution without writing any backend code | |
 |
provides multiple directory choices for customers who want to use existing Microsoft AD or Lightweight Directory Access Protocol (LDAP)–aware applications in the cloud | |
 |
streamlines and simplifies workforce user access to applications or AWS accounts | |
 |
cloud-based cloud computation service, regional service | |
| usecase: can launch a new database in AWS where the customer assumes the responsibility and management of the guest operating system, including updates and security patches | ||
| tool to connect to an EC2 instance | ||
| a physical server with EC2 instance capacity fully dedicated to your use | ||
 |
instances from unused EC2 capacity in the AWS cloud | |
| usecase: 90% cheaper with less performance than On-Demand Instances | ||
 |
||
| storage options to optimize performance vs. cost | ||
 |
block level storage volumes to EC2 instances, multiple EBS volumes can be attached to each EC2 instance | |
| usecase: rapidly changing data | ||
 |
creates images (templates) of AWS EC2 instances to be used as masters for instance pools | |
 |
auto-scaling file system that grows/shrinks as files are added/removed, regional service | |
 |
automatically balances application traffic to a different targets and appliances across multiple availabiliy zones | |
 |
best suited for load balancing of HTTP and HTTPS traffic and provides advanced request routing targeted at the delivery of modern application architectures, including microservices and containers | |
 |
best suited for load balancing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic where extreme performance is required | |
 |
provides both Layer 3 gateway and Layer 4 load balancing capabilities. It is a transparent bump-in-the-wire device that does not change any part of the packet | |
 |
each group contains multiple EC2 instances and provides autoscaling based on needs, only horizontal (number of instances, not performance of instances) | |
 |
object storage service, designed for 99.999999999% (11 9's) of durability and stores millions of customers data | |
| usecase: Bucket Policy allows specific users access to bucket | ||
| provides computation at the edge or migration from edge devices to the cloud | ||
 |
small, portable device for local transfer and physical shipment an AWS facility | |
 |
larger, portable device can be optimized for storage or compute | |
 |
an edge computing and data transfer device provided by the AWS Snowball service | |
| an exabyte-scale data transfer service that is used to move large volumes of data to Amazon Web Services | ||
 |
managed relational database service for MySQL, PostgreSQL, MariaDB, Oracle BYOL, or SQL server | |
| usecase: simplifies the management of time-consuming database administration tasks; Makes it easy to set up, operate, and scale a relational database | ||
| usecase: rapidly changing data | ||
 |
fast, in-memory data store for use as a database, cache, message broker | |
| usecase: store the results of I/O-intensive SQL database queries to improve application performance | ||
| usecase: lets you deploy and run Memcached or Redis cache server nodes in the cloud | ||
 |
fully managed proprietary NoSQL database | |
| usecase: highly scalable, used for nonrelational data | ||
 |
petabyte-scale data warehouse and exabyte-scale data lake analytics | |
| usecase: best used for OLAP (online analytical processing) workloads | ||
 |
petabyte data processing, interactive analytics and machine learning, uses open source frameworks including Apache Spark, Apache Hive, and Presto | |
 |
business analytics tool | |
 |
JSON document database | |
 |
graph database for billions of relationships | |
 |
time series database | |
 |
ledger database that provides transparent, immutable, and cryptographically verifiable transaction log | |
 |
allows user to build resilient Web3 application on both public and private blockchains | |
 |
serverless data integration service, allows users to discover, prepare, move, and integrate data from multiple sources | |
| usecase: create workflows in ETL | ||
 |
assists in moving databases and workloads into AWS | |
 |
A fully managed relational database engine that’s compatible with MySQL and PostgreSQL | |
| usecase: 5x faster than standard MySQL and 3x faster than PostgreSQL, highly scalable | ||
 |
an image recognition service that detects objects, scenes, activities, landmarks, faces, dominant colors, and image quality | |
 |
an automatic speech recognition service that uses machine learning models to convert audio to text | |
 |
a service that converts text into lifelike speech | |
 |
a service that translates text between languages | |
 |
a voice based virtual assitant or chat bot | |
 |
acts as a link between different Machine Learning services to to provide infrastructure | |
 |
sort or collect text documents by subjects or tags | |
 |
build, train and deploy ML models at scale using tools like notebooks, debuggers, profilers, pipelines, MLOps, and more – all in one integrated development environment (IDE) | |
 |
a service that handles time series data and predicts future trends | |
 |
a search service that uses Natural Language Processing and machine learning to return more complex queries | |
 |
uses your data to generate item recommendations for your users | |
 |
extracts content and context from text data | |
 |
allows for managed container orchestration to easliy deploy, manage, and scale containerized applications | |
 |
serveless computing, runs code in many different languages (Node.js, Python, Go, Java, etc) and manages resources, scaling to deploy the functions | |
 |
fully managed service to allow developers to create, publish, maintain, monitor, and secure API's at any scale | |
 |
plans, schedules, and runs containerized batch ML, simulation, and analytics workloads across the full range of AWS compute offerings | |
 |
a virtual private server used to store data, run code, build web-based applications | |
 |
a cloud-based virtual desktop that can act as a replacement for a traditional desktop | |
 |
a fully managed application streaming service that provides users instant access to their desktop applications from anywhere | |
 |
a fully integrated feature that enables IoT developers to easily provision, onboard, and monitor Amazon Sidewalk devices through AWS IoT Core | |
 |
media transcoding in the cloud and designed to be a highly scalable, easy to use and a cost effective way for developers and businesses to convert (or “transcode”) media files from their source format into versions that will playback on devices like smartphones, tablets and PCs | |
 |
allows applications to access exactly the data needed | |
| usecase: create a flexible API to securely access, manipulate, and combine data from multiple sources and pay only for requests to your API and for real-time messages delivered to connected clients | ||
 |
a unified development platform that provides a seamless bridge between front-end and back-end development | |
 |
streamline and accelerate the architecture, development, and iteration of modern applications | |
 |
an application testing service that lets you improve the quality of your web and mobile apps by testing them across an extensive range of desktop browsers and real mobile devices | |
 |
a fully-managed service that makes it easy to centralize and automate data protection across AWS services, in the cloud, and on premises | |
 |
automatically converts your servers to boot and run natively on AWS when you launch instances for drills or recovery | |
 |
a secure, online service that automates and accelerates moving data between on premises and AWS Storage services | |
| refactor, replatform, repurchase, rehost, relocate, retain, and retire | ||
 |
helps plan application migration projects by automatically identifying servers, virtual machines (VMs), and network dependencies in on-premises data centers | |
 |
allows you to migrate physical, virtual, and cloud source servers to AWS for a variety of supported operating systems (OS) | |
|
gives a clear baseline of what an organization is running at present and what its projected AWS costs will be, measured on-premises provisioning and utilization | |
 |
provides a single place to discover existing servers, plan migrations, and track the status of each application migration | |
 |
a systematic and controlled process of introducing faults or errors into a system to observe its behavior under adverse conditions | |
 |
a visual workflow service that helps developers use AWS services to build distributed applications, automate processes, orchestrate microservices, and create data and machine learning (ML) pipelines | |
 |
control satellite communications, process data, and scale your operations without having to worry about building or managing your own ground station infrastructure | |
 |
an AWS service that you can use to engage with your customers across multiple messaging channels | |
| network focused on helping partners build successful AWS-based businesses to drive superb customer experiences | ||
| professional services firms that help customers of all sizes design, architect, migrate, or build new applications on AWS | ||
| provide software solutions that are either hosted on or integrated with the AWS platform | ||
 |
||
 |
centrally manages and governs the environment as it grows and scales AWS resources | |
| one bill for multiple accounts, share the volume pricing and Reserved Instance discounts by combining the usage across all accounts in the organization | ||
 |
tool to create or manage multi-account AWS environments with best practices usecase: an easy way to establish a landing zone that implements an AWS well-architected, multi-account environment and applies the AWS best practices | |
 |
helps securely share resources across AWS accounts, within an organization or organizational units (OUs) in AWS Organizations, and with IAM roles and IAM users for supported resource types | |
 |
provides programmatic control over all end-user actions as an alternative to using the AWS Management Console | |
 |
a service that analyzes your AWS resources' configuration and utilization metrics to provide you with rightsizing recommendations | |
| estimate a bill by entering planned usages by service | ||
| allows you to view all previous payments, access AWS credits, and consolidate bills | ||
| organizes resources, cost allocation tags to track AWS costs on a detailed level | ||
| tracks your AWS usage and provides estimated charges associated with your account | ||
 |
a tool to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount | |
 |
lets you visualize, understand, and manage your AWS costs and usage over time | |
| monitors spending patterns to detect anomalous spend and provide root cause analysis | ||
| enables the view and manage your quotas from a central location | ||
 |
an online tool that provides you with real-time guidance to help you provision your resources following AWS best practices | |
| Cost Optimization, Performance, Security, Fault Tolerance, Service Limits | ||
| usecase: capable of inspecting your AWS environment and making recommendations to lower expenditures, improve system performance and reliability, and close security gaps | ||
 |
||
 |
provides a trusted framework for you to evaluate your cloud architecture and implement designs that will scale over time | |
| tool to analyze an organizations carbon footprint from its AWS service usage | ||
| a comprehensive guide designed to help organizations effectively plan and implement their cloud adoption strategies | ||
| Strategy Management, Product Management, Business Insights, Portfolio Management, Strategic Partnership, Data Science, Innovation Management, Data Monetization | ||
 |
||
 |
shares a collection of offerings to help you achieve specific outcomes related to enterprise cloud adoption | |
| the collection of all AWS services | ||
 |
a cloud knowledge service that helps builders remove technical roadblocks, accelerate innovation, and operate efficiently | |
| FAQ for AWS users | ||
 |
services containing third party tools as part of the AWS Managed Services Advanced operating plan | |