Study Note Material for AWS Cloud Practitioner Exam

Hi! I'm Rahmat, in here I will share my Study Note Material for Preparation on Exam AWS Cloud Practitioner CLF-C02. This note base on AWS Skill Builder

1. Introduction to AWS Cloud Practitioner

AWS (Amazon Web Services) is a cloud computing platform. The three cloud computing deployment models are cloud-based, on-premises, and hybrid.

• Cloud Based Deployment, this design run all application on cloud. There are different level managed shared model IaaS, PaaS, and SaaS.
• On Premises Deployment, this also known as private cloud, resources are deployed on premises by using virtualization and resource management.
• Hybrid Deployment, this design connect between cloud and on premises based, this application where the legacy application require under specific government regulation.

• Client is request information to server, it can be browser, email application and others.
• Server is answer the request by giving information to client, server can be service like AWS Amazon EC2, VPC and others.

Benefit of Cloud Computing in categories

• Cost saving
• Security
• Scalability
• Flexibility

If we learn about the benefits, it will describe in

• Trade upfront expense for variable expense
• Stop spending money to run and maintain data center
• Stop guessing capacity
• Benefit from massive economies of scale
• Increase speed and agility

# 2. Compute In The Cloud

Amazon Elastic Compute Cloud (Amazon EC2)

Amazon Elastic Compute Cloud (Amazon EC2)(opens in a new tab)a virtual server provides secure, resizable compute capacity in the cloud as Amazon EC2 instances. How amazon EC2 Works by Launch, Connect and Use it on the cloud

Amazon EC2 instance type

• General Purpose Instance, balance for computing, memory, storage and network.
• Compute Optimized Instances, great compute, ideal for compute-bound application like web, gaming.
• Memory Optimized Instances, great memory capacity, this are best when huge amounts of data need to be preloaded before running the app.
• Storage Optimized Instances, great large storage, optimized for delivery IOPS input/output operations per second for online transaction processing (OLTP) systems.
• Accelerated Computing Instance, great hardware accelerator, this are best and boost for graphics applications and streaming

EC2 Pricing

• Dedicated Host, physical servers fully dedicated to you. The Dedicated Host is the most expensive model.
• On Demand, ideal for short-term, irregular workloads that cannot be interrupted. No upfront costs or minimum contracts apply. The instances run continuously until you stop them, and you pay for only the compute time you use.
• Reserved Instances, used to reserve instances for an agreed period, the options are for 1-year or 3-years.
• Saving Plans, a commitment for usage over a 1-year or 3-year term, committing to a period gives a discounted price.
• Spot Instance, this pricing model is best for workloads with flexible start and end times, which can take interruptions, spot instances can give up to a 90% cost savings.

Amazon EC2 Scaling, scaling is about only using the resources that you need. Amazon EC2 Auto Scaling
have two approaches: dynamic scaling and predictive scaling.

• Dynamic scaling responds to changing demand.
• Predictive scaling automatically schedules the right number of Amazon EC2 instances based on predicted demand.

In Amazon EC2 Auto Scaling Group, you need to define:

• Minimum capacity
• Desired capacity
• Maximum capacity

Amazon Elastic Load Balancing (Amazon ELB)

Elastic Load Balancing is the AWS service that automatically distributes incoming application traffic across multiple resources. The Load Balancer is a single point of contact for incoming web traffic. The balancer accepts requests and directs them to the appropriate instances. It ensures that one resource won't get overloaded, and that the traffic is spread out. AWS EC2 and Elastic Load Balancing are two different services that work well together.

Messaging and Queuing

• Monolithic application
  This is where application are made of multiple components (tightly coupled architecture). The components communicate with each other to transmit data, fulfill requests, and keep the application running.

• Microservices application
  This is where application are made of single components (loosely coupled architecture). Microservices can help to maintain the service if one component fails and each component independent and isolate and can be integrated use Amazon Simple Notification Service (Amazon SNS) and Amazon Simple Queue Service (Amazon SQS).

• Amazon Simple Notification Service (Amazon SNS) is a publish/subscribe service. It is a fully managed publish-subscribe messaging and mobile communication service. It can be event-driven, with automated services responding to triggers. In Amazon SNS, subscribers can be web servers, email addresses, AWS Lambda functions, or several other options.

• Amazon Simple Queue Service (Amazon SQS) is a message queuing service. SQS is a queuing system, and the receivers have to pull the messages to be processed and deleted from the queue.

Additional Compute Service

• Serverless computing
  AWS Lambda, service that lets you run code without needing to provision or manage servers.

  • Container Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance container management system that enables you to run and scale containerized applications on AWS.
  • Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed service that you can use to run Kubernetes on AWS.
  • AWS Fargate is a serverless compute engine for containers it remove the needed of Amazon EC2. It works with both Amazon ECS and Amazon EKS.

3. Global Infrastructure and Reliability

Region are geographically isolated areas. Inside each Region, we have multiple Availability Zone and have multiple data centers. Each region is isolated from other region, no data goes in or out of your environment in that region without you explicitly granting permission for data to be moved.

Selecting a Region

There are different reasons to choose a specific region. Those reasons could be:

• Data regulations compliance
• Customer proximity
• Service feature availability
• Pricing

Availability Zone

Availability Zone is a single data center or a group of data centers within a Region. Availability Zones are located tens of miles apart from each other. Having them apart reduces the risk of them all going down if a disaster happens in the region.

Edge Locations

Edge Location is the Data Center used to deliver content fast to your users. It is the site that is nearest your users. An edge location is a site that Amazon CloudFront uses to store cached copies of your content closer to your customers for faster delivery.

Amazon CloudFront is a service that helps deliver data, video, applications, and APIs to customers around the world with low latency and high transfer speeds. CloudFront is used to store cached copies of your content. Caching helps the software to deliver content faster and cheaper (Content Delivery Networks). Cache is fast storage that copies and stores parts of data.

The content is delivered faster because the data is no longer requested from the primary location. It is delivered from the Edge Location. The location nearest to the user.

AWS Cloud Resource Provisioning

• AWS Management Console
  The AWS Management Console is a web-based interface for accessing and managing AWS services. You can quickly access recently used services and search for other services by name, keyword, or acronym. The console includes wizards and automated workflows that can simplify the process of completing tasks.

• AWS Command Line Interface
  AWS CLI enables you to control multiple AWS services directly from the command line within one tool. AWS CLI is available for users on Windows, macOS, and Linux.

• AWS Software Development Kit
  SDKs make it easier for you to use AWS services through an API designed for your programming language or platform. SDKs enable you to use AWS services with your existing applications or create entirely new applications that will run on AWS.

  • AWS Elastic Beanstalk With AWS Elastic Beanstalk, you provide code and configuration settings. Elastic Beanstalk deploys the resources necessary to perform the following tasks:
  • Adjust capacity
  • Load balancing
  • Automatic scaling
  • Application health monitoring
  • AWS CloudFormation AWS CloudFormation is an infrastructure as code tool that allows you to define a wide variety of AWS resources in a declarative way using JSON or YAML text-based documents called CloudFormation templates.

4. Networking

Amazon VPC

Amazon VPC enables you to provision an isolated section of the AWS Cloud. The boundaries created around the resources let AWS restrict the network traffic. Resources can be organized in subnets. A subnet is a section in the VPC that can contain specific resources.

Internet Gateway

An internet gateway is a connection between a VPC and the internet. Without the Internet Gateway, you cannot access the resources in the VPC.

Virtual Private Gateway

A Virtual Private Gateway is used to access private resources in the VPC. A virtual private gateway enables you to establish a virtual private network (VPN) connection between your VPC and a private network, such as an on-premises data center or internal corporate network. A virtual private gateway allows traffic into the VPC only if it is coming from an approved network.

AWS Direct Connect

AWS Direct Connect lets you make a dedicated private connection between the Data Center and a VPC.

Subnet

A Subnet is a section of a VPC. The Subnet allows you to group resources. The groupings can have different security or operations needs. You can have both public and private Subnets.

• Public subnets, contain resources that need to be accessible by the public, such as an online store’s website
• Private subnets, have resources that can only be accessed through the private network. For example, databases holding customer data.

Network Access Control List

Requested data are sent as a Packet. A Packet is a package of data sent over a network or the internet. It enters the VPC through an Internet Gateway. Every packet that crosses the subnet boundaries gets checked against something called a network access control list or network ACL.
A network ACL is a virtual firewall that controls inbound and outbound traffic at the subnet level.

• Subnet boundaries
• Stateless (not remember state / always check in and out)
• Default sate is allow inbound and outbound traffic

Security Groups

A security group is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance.

• EC2 boundaries
• Stateful (recognize the state / the state is for both in and out)
• Default state is denies all inbound and allow all outbound traffic

Domain Name System (DNS) & Amazon Route 53

DNS is the service that lets someone access your website from their browser. The DNS is like a phone book. It connects the IP address to the domain name.

Amazon Route 53 is a AWS's domain name service, or DNS, and it's highly available and scalable. It routes end users to internet apps hosted in AWS. Route 53 connects users and their requests to AWS resources and external resources. You can register new domain names directly in Route53.

5. Storage and Databases

Instance Stores

Temporary block level storage for EC2 Instance attach on the host computer directly, will be lose data went EC2 Instance hibernates or terminates. The data in an instance store persists during the lifetime of its instance. It is recommended to avoid storing valuable data in the store instance.

Amazon Elastic Block Store

A service that provides block-level storage volumes that you can use with Amazon EC2 instances. (Virtual hard drive is EBS volumes). To create an EBS volume, you define the configuration (such as volume size and type) and provision it. After you create, it can attach to an Amazon EC2 instance. Because EBS volumes are for data that needs to persist, it's important to back up the data (snapshots). You can take incremental backups of EBS volumes by creating Amazon EBS snapshots.

Amazon Simple Storage Service S3

A service that provides object-level storage. Amazon S3 stores data as objects in buckets. In object storage, each object consists of data, metadata, and a key.
You can upload any type of file to Amazon S3, such as images, videos, text files, and so on. Amazon S3 offers unlimited storage space. The maximum file size for an object in Amazon S3 is 5 TB.
Amazon S3 Storage Classes, two factor : how frequent and how availability for the data

• S3 Standard
  Designed for frequently accessed data, stores data in a minimum of three Availability Zones. Provides high availability for stored objects. It is the most expensive class.

• S3 Standard-Infrequent Access (S3 Standard - IA)
  Ideal for data that is infrequently accessed. Similar to Amazon S3 Standard but has a lower storage price and higher retrieval price.

• S3 One Zone-IA (S3 One Zone-Infrequent Access)
  Stores data in a single Availability Zone. Has a lower storage price than Amazon S3 Standard-IA.

• S3 Intelligent-Tiering
  Ideal for data with unknown or changing access patterns. Requires a small monthly monitoring and automation fee per object.

• S3 Glacier Instant Retrieval
  Works well for archived data that requires immediate access. Can retrieve objects within a few milliseconds.

• S3 Glacier Flexible Retrieval
  Low-cost storage designed for data archiving. Able to retrieve objects within a few minutes to hours.

• S3 Glacier Deep Archive
  Lowest-cost object storage class ideal for archiving. Able to retrieve objects within 12 hours.

• S3 Outposts
  Creates S3 buckets on Amazon S3 Outposts. Makes it easier to retrieve, store, and access data on AWS Outposts

Comparing Amazon EBS and Amazon S3

• Amazon EBS
  Data is stored as blocks
  Store block can size up to 16 tebibytes each (17.6 terabytes)
  Faster performance than AWS S3
  Data can be modified

• Amazon S3
  Data is stored as objects
  Individual object size can be up to 5,000 gigabytes (5 terabytes)
  Data does not suffer loss, degradation, or a corruption for a very long time
  Data can not be modified, unless reuploaded

Amazon Elastic File Storage

A scalable file system used with AWS Cloud services and on-premises resources. As you add and remove files, Amazon EFS grows and shrinks automatically. It can scale on demand to petabytes without disrupting applications.

In file storage, multiple clients (such as users, applications, servers, and so on) can access data that is stored in shared file folders. In this approach, a storage server uses block storage with a local file system to organize files. Clients access data through file paths.

Comparing Amazon EBS and Amazon EFS

• Amazon EBS
  Volume attach to one EC2
  Single Availability zone level resources
  Same region as EC2 Instance
  Volume not automatically scale

• Amazon EFS
  Multiple instance can read and write simultaneously
  Linux file system
  Regional resource
  Automatically scale

Amazon RDS

AWS RDS is also called AWS Relational Database Service. RDS is a managed service that automates tasks such as hardware provisioning, database setup, patching, and backups. It enables running relational databases in AWS Cloud. It supports these database engines:

• AWS Aurora
• PostgreSQL
• MySQL
• MariaDB
• Oracle Database
• Microsoft SQL Server

AWS Aurora

An enterprise-class relational database. It is excellent for managing large amounts of data.

• Compatible with MySQL and PostgreSQL.
• Five time faster than standard MySQL and three times faster than PostgreSQL.
• Reduce unnecessary I/O operations.
• Replicates six copies of your data across three availability zones.
• Continuously backs up your data and point in time recovery.

Amazon DynamoDB

DynamoDB is a high performance service, a serverless database, NoSQL key-value database service, purpose built, single digit milliseconds response time, fully managed and highly scalable.

Non Relational databases: One type of structural approach for non-relational databases is key-value pairs. With key-value pairs, data is organized into items (keys), and items have attributes (values). You can add or remove attributes from items in the table at any time. Not every item has to have the same attributes.

Comparing Amazon RDS and Amazon DynamoDB

• Amazon RDS
  Automatic high availability
  Customer ownership of data in database tables
  Customer ownership the schema
  Customer control of network
  Best for business analytic (OLAP)
  Supports complex data
  More expensive than AWS DynamoDB
  Slower than AWS DynamoDB

• Amazon DynamoDB
  Key-value Stores data in documents
  Massive throughput capabilities
  PB size potential
  Granular API access
  Best for transactional OLTP
  Cheaper than AWS RDS
  Faster than AWS RDS

Amazon Cloud Redshift

AWS Redshift is a data warehousing service that you can use for big data analytics. It offers the ability to collect data from many sources and helps you to understand relationships and trends across your data. AWS Redshift is powered by SQL, AWS-designed hardware, and machine learning.

AWS Database Migration Service

Enables you to migrate relational databases, non-relational databases, and other types of data store. There is a source database and a target database. During the migration, your source database remains operational, reducing downtime for any applications that rely on the database.

Use case for AWS DMS

• Database migration
• Development and test database migrations
• Database consolidation
• Continuous replication

a) The source and target database can be of the same type or different types. b) During the migration, your source database remains operational. c) Other uses cases: --- Development and test database migration. --- Database consolidation. --- Continuous replication.

Additional database services

• Amazon Document DB: a document database that supports MongoDB workloads.
• Amazon Neptune: a graph database service. You can use it to build and run applications that work with highly connected datasets, such as recommendations engines, fraud detection, and knowledge graphs.
• Amazon Quantum Ledger Database (QLDB): is a ledger database service, you can use it to review a complete history of all the changes that have been made to your application data.
• Amazon Managed Blockchain: you can use it to create and manage blockchain networks with open-source frameworks. Blockchain is a distributed ledger system that lets multiple parties run transactions and share data without a central authority.
• Amazon ElastiCache: add caching layers on top of your databases to help improve the read times of common requests. Supports Redis and Memcached.
• Amazon DynamoDB Accelerator (DAX): is an in-memory cache for DynamoDB, it helps to improve response times from single-digit milliseconds to microseconds.

6. Security

AWS Shared Responsibility Model

The AWS shared responsibility model is a concept of dividing responsibilities between AWS and a Customer.

AWS's responsibilities are the security of the cloud.
AWS manages all infrastructure layers. Some of the infrastructure layers are:

• Data centers
• Hardware and software
• Virtualization
• Networking

Customer responsibilities are security in the cloud.
Customers' responsibility is the security of everything they make in AWS Cloud. Customers (you) have complete control over your content. Customer manages AWS services, software, and access to the data. You also control how access rights are granted, managed, and revoked.

User Permissions and Access

AWS Identity and Access Management (IAM)

Gives you the flexibility to configure access based on your company's specific operational and security needs.
- IAM users,
- IAM groups
- IAM roles.
- IAM policies.

• Root user, when you create an AWS account, you begin with an identity known as the root user, it has access to all the AWS services and resources in the account.
  

• IAM users, is an identity that you create in AWS, it represents the person or application that interacts with AWS services and resources. It consists of a name and credentials. By default when you create a new IAM user, it has no permissions associated with it.

• IAM group, is a collection of IAM users. When you assign an IAM policy to a group, all users in the group are granted permissions specified by the policy.

• IAM policies, is a document that allows or denies permissions to AWS services and resources. IAM policies enable you to customize users’ levels of access to resources.

• IAM roles, is an identity that you can assume to gain temporary access to permissions. Before an IAM user, application, or service can assume an IAM role, they must be granted permissions to switch to the role.

• Identity federation. If you have an existing corporate identity store, you can federate those users to AWS, using role based access, which allows your users to use one login for both your corporate systems as well as AWS.

• Multi-Factor authentication, provides an extra layer of security for your AWS account.

AWS Organizations

You can use it to consolidate multiple AWS accounts and manage within a central location. AWS Organizations automatically creates a root, which is the parent container for all the accounts in your organization.
- Centrally control permissions for the accounts in your organization by using service control policies (SCPs).In AWS Organizations, you can apply service control policies (SCPs) to the organization root, an individual member account, or an OU. An SCP affects all IAM users, groups, and roles within an account, including the AWS account root user.
- Consolidated billing and bulk discounts
- Organizations Units (OUs), you can group accounts into organization units to make it easier to manage accounts with similar business, permission or security requirements.

Compliance

AWS Artifacts

A service that provides on-demand access to AWS security and compliance reports and select online agreements.

• AWS Artifacts Agreement, you can review, accept, and manage agreements for an individual account and for all your accounts in AWS Organizations.

• AWS Artifacts Reports, provide compliance reports from third-party auditors.
  

• Customer Compliance Center, contains resources to help you learn more about AWS compliance.

DDOS

Denial-of-service attacks (DoS) attack is an effort to make an application or a website inaccessible. DoS attack comes from a single source. Distributed denial-of-service attacks (DDoS) attack comes from different sources.

AWS Shield

A service that protects applications against DDoS attacks.

• Standard, automatically protects all AWS customers at no cost, protects your AWS resources from the most common, frequently occurring types of DDoS attacks.

• Advanced a paid service that provides detailed attacks diagnostics and the ability to detect and mitigate sophisticated DDoS attacks.

Additional Security Services

AWS Key Management Service (KMS)

Enables you to perform encryption operations through the use of cryptographic keys. You can use KMS to create, manage and use cryptographic keys. You can also control the use of keys across a wide range of services and in your applications.

AWS WAF

A web application firewall that lets you monitor network requests that come into your web applications. It can allow or block network traffic. To allow or block network traffic, AWS WAF uses ACL (web access control list).

Amazon Inspector

Helps to improve security and compliance of applications by running automated security assessments. It also helps improve applications compliance. It checks applications for security vulnerabilities and deviations from security best practices. Provides you with a list of security findings prioritized by severity level, including a detailed description of each security issue and a recommendation for how to fix it.

Amazon Guard Duty

A service that provides intelligent threat detection for your AWS infrastructure and resources. Identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.

7. Monitoring and Analytics

Amazon CloudWatch

CloudWatch lets you monitor your resources AWS infrastructure and the applications you run on AWS in real time. Web based service and you can configure the service to monitor and set alarms based on your metrics.

• CloudWatch Alarms, you can create that automatically perform actions if the value of your metric has gone above or below a predefined threshold.
• CloudWatch Dashboard, enables you to access all the metrics for your resources from a single location.

AWS CloudTrail

CloudTrail logs actions inside your AWS environment. It records API calls on your account. You can think of CloudTrail as a “trail” of breadcrumbs (or a log of actions) that someone has left behind them. Records API calls for your account. The record information includes the identity of the API caller, the time, source IP address, and more.

• Events are typically updated in CloudTrail within 15 minutes after an API call. Events are set up to understand what has happened.
• CloudTrail Insights, this optional feature allows CloudTrail to automatically detect unusual API activities.

AWS Trusted Advisor

A web service that inspects your AWS environment and provides real-time recommendations in accordance with AWS best practices. Five pillar best practice:
- Cost optimization

- Performance

- Security
- Fault tolerance
- Service limits

Status in AWS Trusted Advisor

• Green check indicates the number of items for which it detected no problems.
• Orange triangle represents the number of recommended investigations.
• Red circle represents the number of recommended actions.

8. Pricing and Support

AWS Free Tier

The AWS Free Tier lets you try services for free for the specified period. the Free Tier offers three different ways to try out a service.

• Always Free.
  The offers in Always Free do not expire. Always Free is available to everyone. You need to have an account to get started. For example, Amazon DynamoDB allows 25 GB of free storage per month.

• 12 Months Free
  This offer is free for the first 12 months. It starts to count when you sign up with an account. With 12 Months Free, you get more data to play with.

• Trials
  Trials are short-term offers. It is for specific services. The trial period starts when you activate the service. The period length differs from service to service. Examples: 30 days, 90 days, or 150 free hours of consumption.

AWS Pricing Concepts

AWS offers a range of cloud computing services with pay-as-you-go pricing.

• Pay for what you use
  For each service, you pay for exactly the amount of resources that you actually use, without requiring long-term contracts or complex licensing.

• Pay less when you reserve
  Some services offer reservation options that provide a significant discount compared to On-Demand Instance pricing. You need to pay no matter if you use the services or not.

• Pay less with volume-based discounts when you use more
  
  Some services offer tiered pricing, so the per-unit cost is incrementally lower with increased usage.

AWS Pricing Calculator

The Pricing Calculator lets you create a cost estimate for the use of AWS resources of your use cases on AWS. Organize the estimates into groups. Use the groups to simulate how your business is organized. For example, by cost centers. The estimates can be shared with others by links.

AWS Billing Dashboard

The Billing Dashboard lets you pay your AWS bill, monitor usage, and analyze and control your costs.

• Compare your current month-to-date balance with the previous month, and get a forecast of the next month based on current usage.
• View spending, for example: daily, monthly, or year-to-date
• Find out how much use you have left on the Free Tier
• Access Cost Explorer and create budgets.
• Purchase and manage Savings Plans.
• Publish AWS Cost and Usage Reports.

Consolidated Billing

AWS lets you manage several accounts from a central location. The central location allows you to have one bill cross all the accounts. Many accounts, one single bill. Merging bills is the core of Consolidated Billing. Another benefit of consolidated billing is the ability to share bulk discount pricing, Savings Plans, and Reserved Instances across the accounts in your organization.

AWS Budgets

AWS Budget lets you plan usage, service cost, and instance reservations. The information in AWS Budget is updated three times a day. In AWS Budgets, you can also set custom alerts when your usage exceeds (or is forecasted to exceed) the budgeted amount. The Budget lets you compare actual vs. budgeted use.

AWS Cost Explorer

Cost Explorer lets you visualize, understand, and manage your AWS costs. The tool is used to create reports and analyze expenses. AWS Cost Explorer includes a default report of the costs and usage for your top five cost-accruing AWS services. You can apply custom filters and groups to analyze your data.

AWS Support

AWS offers four different Support plans to help you troubleshoot issues, lower costs, and efficiently use AWS services.

• Basic
  Free for all AWS customers. It includes access to whitepapers, documentation, and support communities. There are limitations for what you can contact AWS for.
  Limited selection of AWS Trusted Advisor checks. Additionally, you can use the AWS Personal Health Dashboard.

• Developer
  Best practice guidance. Client-side diagnostic tools. Building-block architecture support on how to use AWS services together. Email customer support directly with 24h response time on question and 12h in case your system impaired.

• Business
  Use-case guidance to identify AWS offerings, features, and services that can best support your specific needs. All AWS TrustedAdvisor checks. Limited support for third-party software. Direct phone to support team 4hr SLA.

• Enterprise On-Ramp
  A pool of Technical Account Managers to provide proactive guidance and coordinate access to programs and AWS experts. A Cost Optimization workshop (one per year). A Concierge support team for billing and account assistance. Tools to monitor costs and performance through Trusted Advisor and Health API/Dashboard. 30 minutes or less response time for business-critical issues.

• Enterprise
  A designated Technical Account Manager to provide proactive guidance and coordinate access to programs and AWS experts. A Concierge support team for billing and account assistance. Operations Reviews and tools to monitor health. Training and Game Days to drive innovation. Tools to monitor costs and performance through Trusted Advisor and Health API/Dashboard. 15 minutes or less response time for business-critical issues

• Technical Account Manager (TAM)
  The Enterprise On-Ramp and Enterprise Support plans include access to a Technical Account Manager (TAM). The TAM is the primary point of contact. TAM educates, empowers, and evolves your cloud journey across the full range of AWS services.

AWS Marketplace

A digital catalogue that includes thousands of software listings from independent software vendors. You can find, test, and buy software that runs on AWS. It gives detailed product information on listings such as:

• Pricing
• Support options
• Customer reviews

9. Migration and Innovation

Amazon CAF

AWS Cloud Adoption Framework (CAF) Organize guidance into six areas of focus, called perspectives. In general, the Business, People, and Governance Perspectives focus on business capabilities, whereas the Platform, Security, and Operations Perspectives focus on technical capabilities.

1. Business Ensures that IT aligns with business needs and that IT investments link to key business results.
2. People Supports development of an organization-wide change management strategy for successful cloud adoption.
3. Governance Focuses on the skills and processes to align IT strategy with business strategy. The Governance Perspective is about minimizing the risk.
4. Platform Includes principles and patterns for implementing new solutions on the cloud, and migrating on-premises workloads to the cloud.
5. Security Ensures that the organization meets security objectives for visibility, auditability, control, and agility.
6. Operations Helps you to enable, run, use, operate, and recover IT workloads to the level agreed upon with your business stakeholders.

Migration Strategies

1. Rehosting, also known as 'lift-and-shift' involves moving applications without changes. It's migration and scale quickly to meet a business case.
2. Replatforming, also known as 'lift, tinker, and shift', involves making a few cloud optimizations to realize a tangible benefit. Optimization is achieved without changing the core architecture of the application.
3. Refactoring/Re-architecting, involves reimagining how an application is architected and developed by using cloud-native features.
4. Repurchasing, involves moving from a traditional license to a Software-as-a-Service model.
5. Retaining, consist of keeping applications that are critical for the business in the source environment.
6. Retiring, removing applications/part that are no longer needed.

Amazon Snow Family

AWS Snow Family A collection of physical devices that help to physically transport up to exabytes of data into and out of AWS. AWS Snow Family is composed of AWS Snowcone, AWS Snowball, and AWS Snowmobile.

• AWS Snowcone, small, rugged, and secure edge computing and data transfer device. 2 CPUs, 4 GB of memory and 8 TB of usable storage.

• AWS Snowball Edge Storage optimized, suited for large-scale data migrations with higher capacity needs. 80 TB of the hard disk drive, 40 vCPUs, 80 GiB of memory.

• AWS Snowball Edge Compute optimized: powerful computing resources. Storage 80 TB HDD, 104 vCPUs, 416 GiB of memory and optional NVIDIA Tesla V100 GPU run Amazon EC2 sbe-c and sbe-g instances, which are equivalent to C5, M5a, G3, and P3 instances.

• AWS Snowmobile: an exabyte-scale data transfer service used to move large amounts of data to AWS up to 100 PB. A 45-foot long ruggedized shipping container, pulled by a semi trailer truck.

Innovation with AWS

When examining how to use AWS services, it is important to focus on the desired outcomes. You are properly equipped to drive innovation in the cloud if you can clearly articulate the following conditions:

• The current state
• The desired state
• The problems you are trying to solve

Serverless Applications

AWS serverless refers to applications that don’t require you to provision, maintain, or administer servers. Example is AWS Lambda.

Artificial Intelligence

AWS offers a variety of services powered by artificial intelligence (AI). For example, you can perform the following tasks:

• Convert speech to text with Amazon Transcribe.
• Discover patterns in text with Amazon Comprehend.
• Identify potentially fraudulent online activities with Amazon Fraud Detector.
• Build voice and text chatbots with Amazon Lex.

Machine Learning

Traditional machine learning (ML) development is complex, expensive, time consuming, and error prone. AWS offers Amazon SageMaker to remove the difficult work from the process and empower you to build, train, and deploy ML models quickly.

10. The Cloud Journey

AWS Well-Architected Framework

AWS Well-Architected Framework is a tool that uses best practices and design principles to find improvements for your applications in the cloud. Helps you to understand how to design and operate reliable, secure, efficient, and cost-effective systems in the AWS Cloud. Five pillars of AWS Well-Architected Framework.

• Operational excellence
  The ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures. It improves supporting systems processes and procedures.

• Security
  The ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.

• Reliability
  Reliability includes testing recovery procedures, scaling horizontally to increase aggregate system availability, and automatically recovering from failure.

• Performance efficiency
  The ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve.

• Cost optimization
  The ability to run systems to deliver business value at the lowest price point.

• Sustainability
  The ability to continually improve sustainability impacts by reducing energy consumption and increasing efficiency across all components of a workload by maximizing the benefits from the provisioned resources and minimizing the total resources required.

Benefits of The AWS Cloud

There are six crucial benefits of the AWS Cloud:

• Trade upfront expense for variable expense
• Benefit from massive economies of scale
• Stop guessing capacity
• Increase speed and agility
• Stop spending money running and maintaining data centers
• Go global in minutes

11. AWS Certified Cloud Practitioner Basic

The AWS Certified Cloud Practitioner exam includes four domains for CLF-C02:

• Cloud concepts (26%)
• Security and Compliance (25%)
• Technology (33%)
• Billing and Pricing (16%)

Recommended experience

Candidates for the AWS Certified Cloud Practitioner exam should have a basic understanding of IT services and their uses in the AWS Cloud platform. We recommend that you have at least six months of experience with the AWS Cloud in any role.

Exam details

The AWS Certified Cloud Practitioner exam consists of 65 questions to be completed in 90 minutes. The minimum passing score is 700 (the maximum score is 1,000).

Two types of questions are included on the exam: multiple choice and multiple response.

• A multiple-choice question has one correct response and three incorrect responses, or distractors.
• A multiple-response question has two or more correct responses out of five or more options. Thanks for reading.

Exam strategies

• Read the full question
• Predict the answer before reviewing the response options
• Eliminate the incorrect response options
• Test your knowledge by exercise practice exam in any source
• Schedule your exam when ready

Whitepapers and resources

• Overview of Amazon Web Services(opens in a new tab)
• How AWS Pricing Works(opens in a new tab)
• Compare AWS Support Plans