Are you looking to achieve AWS Certification in just 2 weeks or less? If the answer is yes, then this repository is tailor-made for you!
Good Luck with the AWS Cloud Practitioner Certification Exam!
I passed the AWS CCP on October, 2023, with few days of review and without spending any money other than the exam cost. I developed these notes for those who are trying to get into Cloud. If you're on github and looking for this type of content - that's great!
These are great certification preparation notes for the AWS Cloud Practitioner Certification CLF-C02 in 2023. However, to make the text more engaging and informative, let's rephrase and structure it:
The AWS Cloud Practitioner Certification (CLF-C02) is a valuable accreditation for anyone looking to gain comprehensive knowledge about the multitude of AWS offerings. AWS boasts a staggering array of over 200 fully-featured services that cater to a wide spectrum of technologies, industries, and use cases. This diversity makes it an indispensable component of any organization's digital transformation journey.
AWS Certified Cloud Practitioner Exam CLF-C02
This contains all the relevant information on the new AWS Certified Cloud Practitioner CLF-C02 exam
CLF-C02 Exam Domains for AWS Certified Cloud Practitioner
The new exam domains for the AWS Certified Cloud Practitioner (CLF-C02) test are as follows:
- Domain 1: Cloud Concepts 24%
- Domain 2: Security and Compliance 30%
- Domain 3: Cloud Technology and Services 34%
- Domain 4: Billing, Pricing, and Support 12%
Take note that the Cloud Practitioner exam significantly increased its coverage in Security & Compliance domain. This seems to be the trend in the previously iterated AWS certification exam, where the security-related component of the test is increased. From 25%, the CLF-C02 exam now constitutes 30% of security-related topics.
There are also 2 previous CLF-C01 exam domains that were renamed. The “Technology” domain is now called “Cloud Technology & Services” while “Billing and Pricing” has been modified to “Billing, Pricing and Support”
CLF-C02 Exam Topics for AWS Certified Cloud Practitioner
The list of the AWS Certified Cloud Practitioner exam topics can be found in the official CLF-C02 exam guide. These topics are divided into domains and per task statement:
CLF-C02 DOMAIN #1: CLOUD CONCEPTS
Task Statement 1.1: Define the benefits of the AWS Cloud.
Knowledge of:
- Value proposition of the AWS Cloud
Skills in:
- Understanding the economies of scale (for example, cost savings)
- Understanding the benefits of global infrastructure (for example, speed of deployment, global reach)
- Understanding the advantages of high availability, elasticity, and agility
Task Statement 1.2: Identify design principles of the AWS Cloud.
Knowledge of:
- AWS Well-Architected Framework
Skills in:
- Understanding the pillars of the Well-Architected Framework (for example, operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability)
- Identifying differences between the pillars of the Well-Architected Framework
Task Statement 1.3: Understand the benefits of and strategies for migration to the AWS Cloud.
Knowledge of:
- Cloud adoption strategies
- Resources to support the cloud migration journey
Skills in:
- Understanding the benefits of the AWS Cloud Adoption Framework (AWS CAF) (for example, reduced business risk; improved environmental, social, and governance [ESG]performance; increased revenue; increased operational efficiency)
- Identifying appropriate migration strategies (for example, database replication, use of AWS Snowball)
Task Statement 1.4: Understand concepts of cloud economics.
Knowledge of:
- Aspects of cloud economics
- Cost savings of moving to the cloud
Skills in:
- Understanding the role of fixed costs compared with variable costs
- Understanding costs that are associated with on-premises environments
- Understanding the differences between licensing strategies (for example, Bring Your Own License [BYOL] model compared with included licenses)
- Understanding the concept of rightsizing
- Identifying benefits of automation (for example, provisioning and configuration management with AWS CloudFormation)
- Identifying managed AWS services (for example, Amazon RDS, Amazon Elastic Container Service [Amazon ECS], Amazon Elastic Kubernetes Service [Amazon EKS], Amazon DynamoDB)
CLF-C02 EXAM DOMAIN #2: SECURITY & COMPLIANCE
Task Statement 2.1: Understand the AWS shared responsibility model.
Knowledge of:
- AWS shared responsibility model
Skills in:
- Recognizing the components of the AWS shared responsibility model
- Describing the customer’s responsibilities on AWS
- Describing AWS responsibilities
- Describing responsibilities that the customer and AWS share
- Describing how AWS responsibilities and customer responsibilities can shift, depending on the service used (for example, Amazon RDS, AWS Lambda, Amazon EC2)
Task Statement 2.2: Understand AWS Cloud security, governance, and compliance concepts.
Knowledge of:
- AWS compliance and governance concepts
- Benefits of cloud security (for example, encryption)
- Where to capture and locate logs that are associated with cloud security
Skills in:
- Identifying where to find AWS compliance information (for example, AWS Artifact)
- Understanding compliance needs among geographic locations or industries (for example, AWS Compliance)
- Describing how customers secure resources on AWS (for example, Amazon Inspector, AWS Security Hub, Amazon GuardDuty, AWS Shield)
- Identifying different encryption options (for example, encryption in transit, encryption at rest)
- Recognizing services that aid in governance and compliance (for example, monitoring with Amazon CloudWatch; auditing with AWS CloudTrail, AWS Audit Manager, and AWS Config; reporting with access reports)
- Recognizing compliance requirements that vary among AWS services
Task Statement 2.3: Identify AWS access management capabilities.
Knowledge of:
- Identity and access management (for example, AWS Identity and Access Management [IAM])
- Importance of protecting the AWS root user account
- Principle of least privilege
- AWS IAM Identity Center (AWS Single Sign-On)
Skills in:
- Understanding access keys, password policies, and credential storage (for example, AWS Secrets Manager, AWS Systems Manager)
- Identifying authentication methods in AWS (for example, multi-factor authentication [MFA], IAM Identity Center, cross-account IAM roles)
- Defining groups, users, custom policies, and managed policies in compliance with the principle of least privilege
- Identifying tasks that only the account root user can perform
- Understanding which methods can achieve root user protection
- Understanding the types of identity management (for example, federated)
Task Statement 2.4: Identify components and resources for security.
Knowledge of:
- Security capabilities that AWS provides
- Security-related documentation that AWS provides
Skills in:
- Describing AWS security features and services (for example, security groups, network ACLs, AWS WAF)
- Understanding that third-party security products are available from AWS Marketplace
- Identifying where AWS security information is available (for example, AWS Knowledge Center, AWS Security Center, AWS Security Blog)
- Understanding the use of AWS services for identifying security issues (for example, AWS Trusted Advisor)
CLF-C02 EXAM DOMAIN #3: CLOUD TECHNOLOGY AND SERVICES
Task Statement 3.1: Define methods of deploying and operating in the AWS Cloud.
Knowledge of:
- Different ways of provisioning and operating in the AWS Cloud
- Different ways to access AWS services
- Types of cloud deployment models
- Connectivity options
Skills in:
- Deciding between options such as programmatic access (for example, APIs, SDKs, CLI), the
- AWS Management Console, and infrastructure as code (IaC)
- Evaluating requirements to determine whether to use one-time operations or repeatable processes
- Identifying different deployment models (for example, cloud, hybrid, on-premises)
- Identifying connectivity options (for example, AWS VPN, AWS Direct Connect, public internet)
Task Statement 3.2: Define the AWS global infrastructure.
Knowledge of:
- AWS Regions, Availability Zones, and edge locations
- High availability
- Use of multiple Regions
- Benefits of edge locations
- AWS Wavelength Zones and AWS Local Zones
Skills in:
- Describing relationships among Regions, Availability Zones, and edge locations
- Describing how to achieve high availability by using multiple Availability Zones
- Recognizing that Availability Zones do not share single points of failure
- Describing when to use multiple Regions (for example, disaster recovery, business continuity, low latency for end users, data sovereignty)
- Describing at a high level the benefits of edge locations (for example, Amazon CloudFront, AWS Global Accelerator)
Task Statement 3.3: Identify AWS compute services.
Knowledge of:
- AWS compute services
Skills in:
- Recognizing the appropriate use of different EC2 instance types (for example, compute optimized, storage optimized)
- Recognizing the appropriate use of different container options (for example, Amazon ECS, Amazon EKS)
- Recognizing the appropriate use of different serverless compute options (for example, AWS Fargate, Lambda)
- Recognizing that auto scaling provides elasticity
- Identifying the purposes of load balancers
Task Statement 3.4: Identify AWS database services.
Knowledge of:
- AWS database services
- Database migration
Skills in:
- Deciding when to use EC2 hosted databases or AWS managed databases
- Identifying relational databases (for example, Amazon RDS, Amazon Aurora)
- Identifying NoSQL databases (for example, DynamoDB)
- Identifying memory-based databases
- Identifying database migration tools (for example AWS Database Migration Service [AWS DMS], AWS Schema Conversion Tool [AWS SCT])
Task Statement 3.5: Identify AWS network services.
Knowledge of:
- AWS network services
Skills in:
- Identifying the components of a VPC (for example, subnets, gateways)
- Understanding security in a VPC (for example, network ACLs, security groups)
- Understanding the purpose of Amazon Route 53
- Identifying edge services (for example, CloudFront, Global Accelerator)
- Identifying network connectivity options to AWS (for example, AWS VPN and Direct Connect)
Task Statement 3.6: Identify AWS storage services.
Knowledge of:
- AWS storage services
Skills in:
- Identifying the uses for object storage
- Recognizing the differences in Amazon S3 storage classes
- Identifying block storage solutions (for example, Amazon Elastic Block Store [Amazon EBS], instance store)
- Identifying file services (for example, Amazon Elastic File System [Amazon EFS], Amazon FSx)
- Identifying cached file systems (for example, AWS Storage Gateway)
- Understanding use cases for lifecycle policies
- Understanding use cases for AWS Backup
Task Statement 3.7: Identify AWS artificial intelligence and machine learning (AI/ML) services and analytics services.
Knowledge of:
- AWS AI/ML services
- AWS analytics services
Skills in:
- Understanding the different AI/ML services and the tasks that they accomplish (for example, Amazon SageMaker, Amazon Lex, Amazon Kendra)
- Identifying the services for data analytics (for example, Amazon Athena, Amazon Kinesis, AWS Glue and Amazon QuickSight)
Task Statement 3.8: Identify services from other in-scope AWS service categories.
Knowledge of:
- Application integration services of Amazon EventBridge, Amazon Simple Notification Service (Amazon SNS), and Amazon Simple Queue Service (Amazon SQS)
- Business application services of Amazon Connect and Amazon Simple Email Service (Amazon SES)
- Customer engagement services of AWS Activate for Startups, AWS IQ, AWS Managed Services(AMS), and AWS Support
- Developer tool services and capabilities of AWS AppConfig, AWS Cloud9, AWS CloudShell, AWS CodeArtifact, AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, AWS CodePipeline, AWS CodeStar, and AWS X-Ray
- End-user computing services of Amazon AppStream 2.0, Amazon WorkSpaces, and Amazon WorkSpaces
- Web Frontend web and mobile services of AWS Amplify and AWS AppSync
- IoT services of AWS IoT Core and AWS IoT Greengrass
Skills in:
- Choosing the appropriate service to deliver messages and to send alerts and notifications
- Choosing the appropriate service to meet business application needs
- Choosing the appropriate service for AWS customer support
- Choosing the appropriate option for business support assistance
- Identifying the tools to develop, deploy, and troubleshoot applications
- Identifying the services that can present the output of virtual machines (VMs) on end-user machines
- Identifying the services that can create and deploy frontend and mobile services
- Identifying the services that manage IoT devices
EXAM DOMAIN #4: BILLING, PRICING & SUPPORT
Task Statement 4.1: Compare AWS pricing models.
Knowledge of:
- Compute purchasing options (for example, On-Demand Instances, Reserved Instances, Spot Instances, Savings Plans, Dedicated Hosts, Dedicated Instances, Capacity Reservations)
- Data transfer charges
- Storage options and tiers
Skills in:
- Identifying and comparing when to use various compute purchasing options
- Describing Reserved Instance flexibility
- Describing Reserved Instance behavior in AWS Organizations
- Understanding incoming data transfer costs and outgoing data transfer costs (for example, from one Region to another Region, within the same Region)
- Understanding different pricing options for various storage options and tiers
Task Statement 4.2: Understand resources for billing, budget, and cost management.
Knowledge of:
- Billing support and information
- Pricing information for AWS services
- AWS Organizations
- AWS cost allocation tags
Skills in:
- Understanding the appropriate uses and capabilities of AWS Budgets, AWS Cost Explorer, and
- AWS Billing Conductor
- Understanding the appropriate uses and capabilities of AWS Pricing Calculator
- Understanding AWS Organizations consolidated billing and allocation of costs
- Understanding various types of cost allocation tags and their relation to billing reports (for example, AWS Cost and Usage Report)
Task Statement 4.3: Identify AWS technical resources and AWS Support options.
Knowledge of:
- Resources and documentation available on official AWS websites
- AWS Support plans
- Role of the AWS Partner Network, including independent software vendors and system integrators
- AWS Support Center
Skills in:
- Locating AWS whitepapers, blogs, and documentation on official AWS websites
- Identifying and locating AWS technical resources (for example AWS Prescriptive Guidance, AWS Knowledge Center, AWS re:Post)
- Identifying AWS Support options for AWS customers (for example, customer service and communities, AWS Developer Support, AWS Business Support, AWS Enterprise On-Ramp Support, AWS Enterprise Support)
- Identifying the role of Trusted Advisor, AWS Health Dashboard, and the AWS Health API to help manage and monitor environments for cost optimization
- Identifying the role of the AWS Trust and Safety team to report abuse of AWS resources
- Understanding the role of AWS Partners (for example AWS Marketplace, independent software vendors, system integrators)
- Identifying the benefits of being an AWS Partner (for example, partner training and certification, partner events, partner volume discounts)
- Identifying the key services that AWS Marketplace offers (for example, cost management, governance and entitlement)
- Identifying technical assistance options available at AWS (for example, AWS Professional Services, AWS Solutions Architects)
CLF-C02 AWS Cloud Practitioner Exam Resources
- Official CLF-C02 Exam Guide
- Official CLF-C02 Question Set via AWS Skill Builder
- Free AWS Cloud Practitioner Essentials course
- Free AWS Cloud Practitioner Practice Exam
- AWS Certified Cloud Practitioner Video Course
- AWS Certified Cloud Practitioner Practice Exams
More Resources
- AWS Certified Cloud Practioner AWS Homepage for CPC certification. Download sample questions and the exam guide.
- AWS Web Services Overiew : Whitepaper that describes the full offering from AWS. This is an important paper to read and remember before the test.
- Crushing the aws ccp exam An amazing article on
crushing the aws cpc exam
recommended resources linked. - YouTube freeCodeCamp freeCodeCamp video is good to review to ensure a full understanding of the broader scope.
- AWS training and certification has CLF-001 sample exam questions here
Out of scope: Business Applications, design, code, implementation, troubleshooting, migration, load testing etc.
Image Source: Prateek Katyal (Paypal support link)
AWS Cloud Practitioner 2023 Study Notes
A few questions to get you warmed up!
- What is the value of the cloud?
- What is the AWS shared responsibility model?
- What are AWS security best practices?
- How would you estimate AWS Cloud for your workloads before migration?
- What are the economics of the cloud?
- What are AWS billing practices?
- What are the core AWS services offered?
- What are the compute options offered by AWS ?
- What are the network options offered by AWS?
- What are the database technologies offered by AWS?
- What are the various storage options on AWS?
- What are the common use-cases that AWS can support?
- What is a Service Control Policy?
- What is a Security Group?
- What is a NACL?
- What is EC2?
- What is an IG?
- What is a Subnet?
- What is a VPC?
- How do you access an EC2 instance?
- How to ensure high availability across EC2 instances?
- How to create a hybrid cloud architecture?
- What is a storage gateway?
- What is ELB?
- What is EFS?
- What is S3?