Book Image

AWS Certified Cloud Practitioner Exam Guide

By : Rajesh Daswani

3 (1)

Book Image

AWS Certified Cloud Practitioner Exam Guide

3 (1)

By: Rajesh Daswani

Overview of this book

Amazon Web Services is the largest cloud computing service provider in the world. Its foundational certification, AWS Certified Cloud Practitioner (CLF-C01), is the first step to fast-tracking your career in cloud computing. This certification will add value even to those in non-IT roles, including professionals from sales, legal, and finance who may be working with cloud computing or AWS projects. If you are a seasoned IT professional, this certification will make it easier for you to prepare for more technical certifications to progress up the AWS ladder and improve your career prospects. The book is divided into four parts. The first part focuses on the fundamentals of cloud computing and the AWS global infrastructure. The second part examines key AWS technology services, including compute, network, storage, and database services. The third part covers AWS security, the shared responsibility model, and several security tools. In the final part, you'll study the fundamentals of cloud economics and AWS pricing models and billing practices. Complete with exercises that highlight best practices for designing solutions, detailed use cases for each of the AWS services, quizzes, and two complete practice tests, this CLF-C01 exam study guide will help you gain the knowledge and hands-on experience necessary to ace the AWS Certified Cloud Practitioner exam.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Share Your Thoughts

Section 1: Cloud Concepts

Section 1: Cloud Concepts

Free Chapter

Chapter 1: What Is Cloud Computing?

Chapter 1: What Is Cloud Computing?

What is cloud computing?

Exploring the basics of virtualization

Exploring cloud computing models

Understanding cloud deployment models

Chapter 2: Introduction to AWS and the Global Infrastructure

Chapter 2: Introduction to AWS and the Global Infrastructure

Exploring the AWS Global Infrastructure

Choosing the right AWS support plan for your business

Overview of the AWS Service Health Dashboard

Chapter 3: Exploring AWS Accounts, Multi-Account Strategy, and AWS Organizations

Chapter 3: Exploring AWS Accounts, Multi-Account Strategy, and AWS Organizations

Why have a multi-account AWS environment?

AWS Landing Zone

AWS Control Tower

AWS Free Tier accounts

Exercise 3.1 – Setting up your first AWS Free Tier account

Exercise 3.2 – Setting up a billing alarm

Section 2: AWS Technologies

Section 2: AWS Technologies

Chapter 4: Identity and Access Management

Chapter 4: Identity and Access Management

Introduction to the AWS IAM service

The root user account and implementing Multi-Factor Authentication (MFA)

The importance of defining IAM password policies

Key differences between IAM users and IAM groups

Defining permissions with IAM policies

Reviewing credential reports

Exercise 4.1 – creating an IAM group

Exercise 4.2 – creating an IAM user

Exercise 4.3 – logging in to your AWS account as an IAM user

Accessing the AWS platform using the CLI

Exercise 4.4 – accessing the AWS platform using the AWS CLI on a Windows computer

Exercise 4.5 – creating an IAM user with administrative privileges

Chapter 5: Amazon Simple Storage Service (S3)

Chapter 5: Amazon Simple Storage Service (S3)

Technical requirements

Introduction to storage options on AWS

Introduction to Amazon S3

Learning about archiving solutions with Amazon S3 Glacier

Connecting your on-premises storage to AWS with Amazon Storage Gateway

Migrating large datasets to AWS with the AWS Snow Family

Exercise 5.1 – Setting up an Amazon S3 bucket

Exercise 5.2 – Configuring public access to S3 buckets

Exercise 5.3 – Enabling versioning on your bucket

Exercise 5.4 – Setting up static website hosting

Chapter 6: AWS Networking Services – VPCs, Route53, and CloudFront

Chapter 6: AWS Networking Services – VPCs, Route53, and CloudFront

Technical requirements

Introduction to on-premises networks

Fundamentals of IP addressing and CIDRs

Virtual Private Clouds (VPCs)

Learning about DNS and global routing with Amazon Route53

Implementing a robust CDN with Amazon CloudFront

Introduction to Amazon API Gateway

Exercise 6.1 – setting up a public subnet VPC

Chapter 7: AWS Compute Services

Chapter 7: AWS Compute Services

Introduction to Amazon EC2

Learning about Amazon EBS and instance backed store

Learning about EC2 pricing options

Implementing Shared File Storage with Amazon EFS

Learning about VPSes with Amazon Lightsail

Introduction to Amazon ECS and Kubernetes

Amazon Elastic Kubernetes Service (Amazon EKS)

Learning about additional compute services on AWS

Understanding additional storage options in AWS

Securing your VPC with bastion hosts

Exercise 7.1 – Expanding ProductionVPC so that it includes two public subnets and two private subnets

Exercise 7.2 – Creating a Bastion Host security group

Exercise 7.3 – Launching an EC2 instance

Exercise 7.4 – Launching an application on Amazon Fargate

Chapter 8: AWS Database Services

Chapter 8: AWS Database Services

Technical requirements

Managed databases versus unmanaged databases

Introduction to database concepts and models

Introduction to Amazon RDS

Learning about Amazon DynamoDB (NoSQL database solution)

Understanding the use cases for Amazon Redshift and data warehousing

Understanding the importance of in-memory caching options with Amazon Elasticache

Learning about additional database services for specific niche requirements

Database Migration Service

Exercise 8.1 – Extending your VPC to host database subnets

Exercise 8.2 – Creating a database subnet group

Exercise 8.3 – Launching your Amazon RDS database in ProductionVPC

Exercise 8.4 – Deploying an Amazon DynamoDB table

Chapter 9: High Availability and Elasticity on AWS

Chapter 9: High Availability and Elasticity on AWS

Technical requirements

Introduction to vertical and horizontal scaling concepts

Overview of the OSI model

Distributing web traffic with Amazon ELB

Implementing elasticity with Amazon Auto Scaling

Designing multi-Region HA solutions

Extended exercises – setting the scene

Chapter 10: Application Integration Services

Chapter 10: Application Integration Services

Technical requirements

Understanding notification services such as Amazon SNS

Decoupling your application architecture with Amazon SQS and Amazon MQ

Designing event-driven application workflows using AWS EventBridge

Coordinating multiple AWS services into serverless workloads with Amazon Step Functions and Amazon SWF

Exercise 10.1 – Amazon S3 event notification using Amazon SNS

Exercise 10.2 – cleaning up

Chapter 11: Analytics on AWS

Chapter 11: Analytics on AWS

Technical requirements

Learning about data streaming with Amazon Kinesis

Learning how to query data stored in Amazon S3 with Amazon Athena

Introduction to Amazon Elasticsearch

Overview of Amazon Glue and QuickSight

Additional analytics services

Exercise 11.1 – analyzing your sales report with Amazon Athena and AWS Glue

Exercise 11.2 – cleaning up

Chapter 12: Automation and Deployment on AWS

Chapter 12: Automation and Deployment on AWS

Technical requirements

Understanding application deployment with Amazon Elastic Beanstalk

Understanding the benefits of IaC using Amazon CloudFormation

Introduction to the orchestration of Chef and Puppet solutions using AWS OpsWorks

IT automation with Lambda

Exercise 12.1 – stopping and starting EC2 instances at regular intervals using AWS Lambda

Exercise 12.2 – cleaning up

Chapter 13: Management and Governance on AWS

Chapter 13: Management and Governance on AWS

Technical requirements

The basics of Amazon CloudWatch

Meeting compliance requirements with Amazon CloudTrail

Learning about change management with AWS Config

Learning how to use AWS Trusted Advisor

Understanding the AWS Well-Architected Framework

Exercise 13.1 – Reviewing the Trusted Advisor reports in your AWS account

Section 3: AWS Security

Section 3: AWS Security

Chapter 14: Implementing Security in AWS

Chapter 14: Implementing Security in AWS

Understanding the Shared Responsibility Model

Introduction to the AWS compliance programs and AWS Artifact

AWS vulnerability scanning

Overview of data encryption services on AWS

Protecting cloud resources and applications with AWS WAF and AWS Shield

Other AWS security services

Exercise 14.1 – preventing data leaks with Amazon Macie

Exercise 14.2 – cleaning up

Section 4: Billing and Pricing

Section 4: Billing and Pricing

Chapter 15: Billing and Pricing

Chapter 15: Billing and Pricing

Technical requirements

An overview of billing and pricing on AWS

Understanding AWS cost optimization

Learning about AWS billing and cost management tools

Learning how to use the AWS pricing and TCO calculators

Exercise 15.1 – setting up cost budgets on AWS

Chapter 16: Mock Tests

Chapter 16: Mock Tests

Answers

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

3 (1)

5 star

0

4 star

0

3 star

100%

2 star

0

1 star

0

Exercise 13.1 – Reviewing the Trusted Advisor reports in your AWS account

In this exercise, you will log into your AWS account and review the Trusted Advisor service:

Log in to your AWS Management Console as the IAM user Alice.
Navigate to the Trusted Advisor console, which is located under the Management & Governance category in your list of services.
You will be redirected to the Trusted Advisor dashboard.
Because you may only have subscribed to the Basic Support plan, you will note that only a few checks are visible. From the main dashboard, note the Checks Summary section on the main pane of the dashboard.
From the right-hand pane, click on the Security category.
In the right-hand pane, you will note various checks, such as the one for MFA being enabled on your root account.
Expand the check labeled Security Groups - Specific Ports Unrestricted. This check analyzes how your security groups have been configured, highlighting specific ports...