I’m super happy to share that I passed the AWS Certified Cloud Practitioner exam! In this post, I’ll go over the resources I used and my personal experience preparing for it. Plus, I’ll share my cheat sheet (which I put together myself) to help anyone else studying for the exam.
My Background
Before taking the exam, I was a graduate IT student and had been working as a full-stack engineer at a startup for about six months. I had some experience with CI/CD and had used AWS services like EC2 and S3, but not extensively. Because of this background, I was able to understand most of the concepts covered in online lectures, but I still had to memorize a lot of AWS services and details.
Study Materials
I used Stephane Maarek’s "Ultimate AWS Certified Cloud Practitioner" course on Udemy, along with his practice exams.
This course covers everything you need for the exam. In my opinion, the practice exams were actually harder than the real exam. If you can pass those, you’ll probably be fine in the actual test. The practice questions also cover all the critical topics, and I even saw a few questions that were exactly the same in the real exam!
My Study Plan
✅ 10 days – Studied for about 3 hours per day
- Watched the online course
- Took notes
✅ 3 days before the exam
- Focused on practice exams
My Cheat Sheet
AWS Services
1. Compute Services
| Service Name | Purpose | Important Notes |
|---|---|---|
| EC2 | Virtual servers in AWS | Supports different instance types (General, Compute, Memory, Storage optimized) |
| ECS | Docker container orchestration | Requires EC2 instances |
| EKS | Managed Kubernetes | Supports Kubernetes workloads |
| Fargate | Serverless containers | No need to manage EC2 instances |
| Lambda | Serverless computing | Event-driven, max execution time of 30 min |
| Batch | Batch processing at scale | Manages EC2 & ECS for processing |
| Lightsail | Simplified cloud computing | Good for beginners, no auto-scaling |
| AWS WaveLength | AWS infrastructure at edge of 5G networks | Low-latency applications at the edge |
2. Storage Services
| Service Name | Purpose | Important Notes |
|---|---|---|
| S3 | Object storage | Supports versioning, lifecycle policies, replication |
| EBS | Block storage for EC2 | Network drive for EC2, locked to AZ |
| EFS | Shared file system | Works across multiple EC2 instances |
| Amazon FSx | Managed file system | Supports Windows File Server and Lustre |
| Glacier | Archive storage | Designed for long-term backup |
| AWS Backup | Centralized backup solution | Supports cross-region and cross-account backup |
| AWS Storage Gateway | Hybrid storage solution | Bridges on-premises data with AWS |
3. Networking & Content Delivery
| Service Name | Purpose | Important Notes |
|---|---|---|
| VPC | Virtual Private Cloud | Defines networking boundaries |
| Security Groups | EC2 firewall | Controls inbound/outbound traffic |
| NACL | Network Access Control List | Stateless, works at subnet level |
| Route 53 | DNS management | Supports routing policies: Simple, Weighted, Latency-based, Failover |
| CloudFront | Content Delivery Network (CDN) | Caches content at edge locations |
| Global Accelerator | Traffic routing optimization | Uses AWS backbone for low latency |
| Elastic Load Balancer (ELB) | Distributes traffic | Application, Network, and Gateway Load Balancer types |
| Direct Connect | Private network connection | Secure connection between on-premises and AWS |
| Transit Gateway | Connect multiple VPCs | Scales better than VPC Peering |
| AWS PrivateLink | Private access to AWS services | Avoids public internet |
| Site-to-Site VPN | Connects on-premises network to AWS | Uses a VPN tunnel |
| AWS Client VPN | Securely connect remote users | Uses OpenVPN |
| AWS Certificate Manager (ACM) | Provision and manage SSL/TLS certificates | Simplifies certificate management for AWS resources |
4. Security, Identity & Compliance
| Service Name | Purpose | Important Notes |
|---|---|---|
| IAM | Identity and Access Management | Controls user permissions, supports MFA |
| IAM Identity Center (SSO) | Single Sign-On | One login for multiple AWS accounts |
| AWS KMS | Key Management Service | Encrypts data using managed keys |
| AWS Secrets Manager | Securely store secrets | Supports automatic rotation |
| WAF | Web Application Firewall | Protects against Layer 7 attacks |
| Shield | DDoS protection | Standard is free, Advanced is paid |
| GuardDuty | Threat detection | Uses machine learning for anomaly detection |
| Macie | Sensitive data discovery | Finds PII data in S3 |
| AWS Config | Compliance tracking | Monitors AWS resource configurations |
| AWS Security Hub | Central security tool | Aggregates findings from GuardDuty, Macie, etc. |
| AWS Artifact | Compliance documentation | Provides compliance reports |
| AWS Abuse | Report AWS misuse | Detects suspicious activity |
| AWS Audit Manager | Automated compliance assessments | Tracks security audits |
| AWS Detective | Security investigation and forensic analysis | To identify root cause |
| AWS Firewall Manager | Centrally manages security rules | Works across multiple AWS accounts |
| AWS Incident Manager | Manages and automates incident response | Coordinates response to operational incidents |
5. Databases
| Service Name | Purpose | Important Notes |
|---|---|---|
| RDS | Managed relational database | Supports MySQL, PostgreSQL, Aurora, etc. |
| Aurora | High-performance RDS | AWS version of MySQL/PostgreSQL |
| DynamoDB | NoSQL key-value database | Serverless, auto-scaling |
| ElastiCache | In-memory caching | Supports Redis & Memcached |
| Redshift | Data warehousing | OLAP, columnar storage, MPP |
| Neptune | Graph database | Used for social networks |
| Timestream | Time-series database | Optimized for IoT data |
| QLDB | Immutable ledger database | Tracks changes over time |
| DocumentDB | Managed MongoDB | Compatible with MongoDB API |
| DMS | Database Migration Service | Supports homogeneous and heterogeneous migrations |
6. Analytics & AI/ML
| Service Name | Purpose | Important Notes |
|---|---|---|
| Athena | Query S3 data with SQL | Serverless, pay-per-query |
| Glue | ETL service | Extract, transform, load data |
| Kinesis | Real-time big data streaming | Supports logs, video streaming |
| QuickSight | Business Intelligence | Dashboards and visualizations |
| Rekognition | Image and video analysis | Detects faces, objects, and text |
| Comprehend | Natural Language Processing (NLP) | Analyzes text sentiment |
| Lex | Chatbot service | Powers Amazon Alexa |
| Polly | Text-to-speech | Converts text into human-like speech |
| SageMaker | Machine Learning platform | Train, deploy ML models |
| Kendra | Document search service | Enterprise search service |
| Personalize | Real-time personalized recommendations | Customized user experiences |
| Amazon EMR | Managed Hadoop framework | For Big Data processing |
7. Developer & Management Tools
| Service Name | Purpose | Important Notes |
|---|---|---|
| CloudFormation | Infrastructure as Code | Uses YAML/JSON templates |
| CodeCommit | AWS version of GitHub | Stores source code |
| CodeBuild | CI/CD build service | Compiles source code, runs tests |
| CodeDeploy | Automated deployments | Deploys code to EC2, Lambda, etc. |
| CodePipeline | CI/CD automation | Orchestrates software deployment |
| CloudWatch | Monitoring & logging | Tracks metrics and logs |
| CloudTrail | API activity logging | Tracks user actions for auditing, regional and organization trail options |
| X-Ray | Visual analysis distributed system | For debugging microservices |
| CodeGuru | Code review | ML-powered service |
| Step Functions | Serverless workflow automation | Coordinates Lambda executions |
8. Migration & Hybrid Services
| Service Name | Purpose | Important Notes |
|---|---|---|
| AWS Migration Hub | Centralized migration tracking | Integrates with DMS and MGN |
| Application Migration Service (MGN) | Lift-and-shift migration | Continuous replication |
| AWS DataSync | Transfer data to AWS | Supports S3, EFS, FSx |
| AWS Snowball | Physical data transfer | Large-scale data migration |
| AWS Outposts | Hybrid cloud infrastructure | AWS services on-premises |
| AWS Ground Station | Satellite data processing | Management and control of satellite communications |
9. Communication & Messaging
| Service Name | Purpose | Important Notes |
|---|---|---|
| SNS | Notification service | Pub/Sub model, supports SMS, email |
| SQS | Queueing service | FIFO and Standard queues |
| MQ | Managed message broker | Supports RabbitMQ, ActiveMQ |
10. Business & Productivity
| Service Name | Purpose | Important Notes |
|---|---|---|
| WorkSpaces | Virtual desktop infrastructure | Windows & Linux remote desktops |
| AppStream 2.0 | Application streaming | Runs applications via web browser |
| Chime | Video conferencing | AWS alternative to Zoom |
| Amazon Pinpoint | Customer communication | Sends targeted notifications |
| SES | Simple Email Service | Sends transactional and marketing emails |
| AWS IQ | Freelancer platform | Connects customers with AWS experts |
11. Cost Management
| Service Name | Purpose | Important Notes |
|---|---|---|
| AWS Cost Explorer | Cost tracking & forecasting | Analyzes spending trends |
| AWS Budgets | Budget alerts | Monitors cost thresholds |
| AWS Pricing Calculator | Estimates AWS costs | Provides cost projections |
| AWS Compute Optimizer | Resource optimization | Suggests efficient instance types |
12. Governance & Account Management
| Service Name | Purpose | Important Notes |
|---|---|---|
| AWS Organizations | Multi-account management | Supports consolidated billing |
| AWS Service Catalog | Pre-approved cloud services | Helps manage access to services |
| AWS Control Tower | Multi-account governance | Automates account setup |
AWS & Cloud Concepts
1. Global Infrastructure
| Component | Description | Key Points |
|---|---|---|
| Regions | Geographic areas | Isolated from each other, each with multiple AZs |
| Availability Zones (AZs) | Physically separated data centers | Connected with low-latency links, isolated from failures |
| Edge Locations | CDN endpoints | Used by CloudFront, closer to users than regions |
| Local Zones | Infrastructure extensions | Brings select services closer to population centers |
| Wavelength Zones | 5G infrastructure | Embedded in telecom provider networks |
| Outposts | On-premises AWS | Brings AWS to your data center |
2. Cloud Computing Models
- IaaS (Infrastructure as a Service): EC2, EBS, VPC
- PaaS (Platform as a Service): Elastic Beanstalk
- SaaS (Software as a Service): AWS WorkSpaces, Amazon Connect
3. AWS Pricing Models
- On-Demand: Pay for what you use (EC2, RDS, Lambda)
- Reserved Instances: Commit to a certain period for discounts
- Spot Instances: Low-cost, can be terminated anytime
- Savings Plans: Flexible pricing for compute usage
4. AWS Shared Responsibility Model
- AWS is responsible for: Security of the cloud (infrastructure, hardware)
- Customer is responsible for: Security in the cloud (IAM, app data, OS updates)
5. Scalability & Availability
- Vertical Scaling: Increasing instance size (CPU, RAM)
- Horizontal Scaling: Increasing the number of instances
- High Availability: Deploying across multiple AZs/Regions
6. Networking in AWS
- Public Subnet: Accessible from the internet
- Private Subnet: No direct internet access
- Internet Gateway: Enables internet access for public subnet
- NAT Gateway: Enables internet access for private subnet
- Transit Gateway: Centralized network hub for multiple VPCs
7. Disaster Recovery Strategies
- Backup & Restore: Store backups in S3 or Glacier
- Pilot Light: Minimal infrastructure running at all times
- Warm Standby: Running infrastructure at reduced capacity
- Multi-Site: Full replication across regions
8. Well-Architected Framework (6 Pillars)
| Pillar | Focus |
|---|---|
| Operational Excellence | Effective system operations and continuous improvement |
| Security | Protecting assets while delivering business value |
| Reliability | System recovery and disruption mitigation |
| Performance Efficiency | Optimal resource utilization |
| Cost Optimization | Maximum value at minimum cost |
| Sustainability | Reducing environmental impact |
9. Cloud Adoption Framework (6 Perspectives)
| Perspective | Focus |
|---|---|
| Business | Aligning cloud investments with business transformation |
| People | Culture, leadership, and workforce considerations |
| Governance | Managing cloud initiatives effectively |
| Platform | Building scalable cloud infrastructure |
| Security | Ensuring data protection and compliance |
| Operations | Delivering reliable cloud services |
10. Support Plans
| Support Plan | Intended For | AWS Trusted Advisor | Cloud Support Engineers | Infrastructure Event Management |
|---|---|---|---|---|
| Basic | Individual users | Basic checks only | No access | Not included |
| Developer | Testing & development | Basic checks only | Business hours email | Not included |
| Business | Production workloads | Full access | 24/7 phone, email & chat | Not included |
| Enterprise | Mission-critical workloads | Full access | 24/7 support with TAM | Included |
11. S3 Storage Classes
| Storage Class | Purpose | Min Storage Duration | Use Cases |
|---|---|---|---|
| S3 Standard | General purpose | None | Frequent access, websites, content |
| S3 Intelligent-Tiering | Unknown access patterns | None | Unpredictable access patterns |
| S3 Standard-IA | Infrequent access | 30 days | Backups, disaster recovery |
| S3 One Zone-IA | Non-critical data | 30 days | Secondary backups, recreatable data |
| S3 Glacier Instant Retrieval | Archive with instant access | 90 days | Archives needing immediate retrieval |
| S3 Glacier Flexible Retrieval | Archive with flexible retrieval | 90 days | Archives with minutes to hours retrieval |
| S3 Glacier Deep Archive | Long-term archive | 180 days | Compliance, long-term retention |
12. EC2 Instance Types
| Pricing Model | Description | Best For | Commitment | Savings |
|---|---|---|---|---|
| On-Demand | Pay per use | Short-term workloads | None | None |
| Reserved | Reserved capacity | Steady applications | 1 or 3 years | Up to 72% off |
| Spot | Unused capacity | Batch processing | None (2 min notice) | Up to 90% off |
| Dedicated Host | Physical server | Complex licensing | On-Demand/Reserved | Varies |
| Savings Plans | Committed usage | Flexible compute | 1 or 3 years | Up to 72% off |
Final Thoughts
If you’re preparing for the AWS Certified Cloud Practitioner, here is my tips for you:
- Follow a structured course
- Take practice exams
- Don't overthink it — The exam is designed to test your foundational knowledge, not trick you with super technical details
- Take breaks — Information overload is real. I found that taking short breaks helped me retain more than continuous studying.
Hope this helps, and good luck to anyone taking the exam!
Top comments (0)