Book Image

AWS Certified Cloud Practitioner Exam Guide

By : Rajesh Daswani
3 (1)
Book Image

AWS Certified Cloud Practitioner Exam Guide

3 (1)
By: Rajesh Daswani

Overview of this book

Amazon Web Services is the largest cloud computing service provider in the world. Its foundational certification, AWS Certified Cloud Practitioner (CLF-C01), is the first step to fast-tracking your career in cloud computing. This certification will add value even to those in non-IT roles, including professionals from sales, legal, and finance who may be working with cloud computing or AWS projects. If you are a seasoned IT professional, this certification will make it easier for you to prepare for more technical certifications to progress up the AWS ladder and improve your career prospects. The book is divided into four parts. The first part focuses on the fundamentals of cloud computing and the AWS global infrastructure. The second part examines key AWS technology services, including compute, network, storage, and database services. The third part covers AWS security, the shared responsibility model, and several security tools. In the final part, you'll study the fundamentals of cloud economics and AWS pricing models and billing practices. Complete with exercises that highlight best practices for designing solutions, detailed use cases for each of the AWS services, quizzes, and two complete practice tests, this CLF-C01 exam study guide will help you gain the knowledge and hands-on experience necessary to ace the AWS Certified Cloud Practitioner exam.

Related Content you might be interested in

Current Title:

Small book image
AWS Certified Cloud Practitioner Exam Guide
Rajesh Daswani
Jan, 2022 | 630 pages
Small book image
AWS for Solutions Architects
Neelanjali Srivastav | Alberto Artasanchez | Imtiaz Sayed | Saurabh Shrivastava
Apr, 2023 | 692 pages
Small book image
Mastering AWS Security
Albert Anthony
Oct, 2017 | 252 pages
Small book image
AWS Certified Solutions Architect - Associate Guide
Stuart Scott | Gabriel Isaias Ramirez Melgarejo
Oct, 2018 | 626 pages
Table of Contents (23 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Reviews
Share Your Thoughts
1
Section 1: Cloud Concepts
Section 1: Cloud Concepts
Free Chapter
2
Chapter 1: What Is Cloud Computing?
Chapter 1: What Is Cloud Computing?
What is cloud computing?
Exploring the basics of virtualization
Exploring cloud computing models
Understanding cloud deployment models
Summary
Questions
3
Chapter 2: Introduction to AWS and the Global Infrastructure
Chapter 2: Introduction to AWS and the Global Infrastructure
What is AWS?
Exploring the AWS Global Infrastructure
Choosing the right AWS support plan for your business
Overview of the AWS Service Health Dashboard
The AWS AuP
Summary
Questions
4
Chapter 3: Exploring AWS Accounts, Multi-Account Strategy, and AWS Organizations
Chapter 3: Exploring AWS Accounts, Multi-Account Strategy, and AWS Organizations
Why have a multi-account AWS environment?
AWS Landing Zone
AWS Control Tower
AWS Free Tier accounts
Exercise 3.1 – Setting up your first AWS Free Tier account
Exercise 3.2 – Setting up a billing alarm
Questions
5
Section 2: AWS Technologies
Section 2: AWS Technologies
6
Chapter 4: Identity and Access Management
Chapter 4: Identity and Access Management
Introduction to the AWS IAM service
The root user account and implementing Multi-Factor Authentication (MFA)
The importance of defining IAM password policies
Key differences between IAM users and IAM groups
Defining permissions with IAM policies
Reviewing credential reports
Exercise 4.1 – creating an IAM group
Exercise 4.2 – creating an IAM user
Exercise 4.3 – logging in to your AWS account as an IAM user
Accessing the AWS platform using the CLI
Exercise 4.4 – accessing the AWS platform using the AWS CLI on a Windows computer
Exercise 4.5 – creating an IAM user with administrative privileges
Summary
Questions
7
Chapter 5: Amazon Simple Storage Service (S3)
Chapter 5: Amazon Simple Storage Service (S3)
Technical requirements
Introduction to storage options on AWS
Introduction to Amazon S3
Learning about archiving solutions with Amazon S3 Glacier
Connecting your on-premises storage to AWS with Amazon Storage Gateway
Migrating large datasets to AWS with the AWS Snow Family
Exercise 5.1 – Setting up an Amazon S3 bucket
Exercise 5.2 – Configuring public access to S3 buckets
Exercise 5.3 – Enabling versioning on your bucket
Exercise 5.4 – Setting up static website hosting
Summary
Questions
8
Chapter 6: AWS Networking Services – VPCs, Route53, and CloudFront
Chapter 6: AWS Networking Services – VPCs, Route53, and CloudFront
Technical requirements
Introduction to on-premises networks
Fundamentals of IP addressing and CIDRs
Virtual Private Clouds (VPCs)
Learning about DNS and global routing with Amazon Route53
Implementing a robust CDN with Amazon CloudFront
Introduction to Amazon API Gateway
Exercise 6.1 – setting up a public subnet VPC
Summary
Questions
9
Chapter 7: AWS Compute Services
Chapter 7: AWS Compute Services
Introduction to Amazon EC2
Learning about Amazon EBS and instance backed store
Learning about EC2 pricing options
Implementing Shared File Storage with Amazon EFS
Learning about VPSes with Amazon Lightsail
Introduction to Amazon ECS and Kubernetes
Amazon Elastic Kubernetes Service (Amazon EKS)
Learning about additional compute services on AWS
Understanding additional storage options in AWS
Securing your VPC with bastion hosts
Exercise 7.1 – Expanding ProductionVPC so that it includes two public subnets and two private subnets
Exercise 7.2 – Creating a Bastion Host security group
Exercise 7.3 – Launching an EC2 instance
Exercise 7.4 – Launching an application on Amazon Fargate
Summary
Questions
10
Chapter 8: AWS Database Services
Chapter 8: AWS Database Services
Technical requirements
Managed databases versus unmanaged databases
Introduction to database concepts and models
Introduction to Amazon RDS
Learning about Amazon DynamoDB (NoSQL database solution)
Understanding the use cases for Amazon Redshift and data warehousing
Understanding the importance of in-memory caching options with Amazon Elasticache
Learning about additional database services for specific niche requirements
Database Migration Service
Exercise 8.1 – Extending your VPC to host database subnets
Exercise 8.2 – Creating a database subnet group
Exercise 8.3 – Launching your Amazon RDS database in ProductionVPC
Exercise 8.4 – Deploying an Amazon DynamoDB table
Summary
Questions
11
Chapter 9: High Availability and Elasticity on AWS
Chapter 9: High Availability and Elasticity on AWS
Technical requirements
Introduction to vertical and horizontal scaling concepts
Overview of the OSI model
Distributing web traffic with Amazon ELB
Implementing elasticity with Amazon Auto Scaling
Designing multi-Region HA solutions
Extended exercises – setting the scene
Summary
Questions
12
Chapter 10: Application Integration Services
Chapter 10: Application Integration Services
Technical requirements
Understanding notification services such as Amazon SNS
Decoupling your application architecture with Amazon SQS and Amazon MQ
Amazon MQ
Designing event-driven application workflows using AWS EventBridge
Coordinating multiple AWS services into serverless workloads with Amazon Step Functions and Amazon SWF
Exercise 10.1 – Amazon S3 event notification using Amazon SNS
Exercise 10.2 – cleaning up
Summary
Questions
13
Chapter 11: Analytics on AWS
Chapter 11: Analytics on AWS
Technical requirements
Learning about data streaming with Amazon Kinesis
Learning how to query data stored in Amazon S3 with Amazon Athena
Introduction to Amazon Elasticsearch
Overview of Amazon Glue and QuickSight
Additional analytics services
Exercise 11.1 – analyzing your sales report with Amazon Athena and AWS Glue
Exercise 11.2 – cleaning up
Summary
Questions
14
Chapter 12: Automation and Deployment on AWS
Chapter 12: Automation and Deployment on AWS
Technical requirements
Understanding application deployment with Amazon Elastic Beanstalk
Understanding the benefits of IaC using Amazon CloudFormation
Introduction to the orchestration of Chef and Puppet solutions using AWS OpsWorks
IT automation with Lambda
Exercise 12.1 – stopping and starting EC2 instances at regular intervals using AWS Lambda
Exercise 12.2 – cleaning up
Summary
Questions
15
Chapter 13: Management and Governance on AWS
Chapter 13: Management and Governance on AWS
Technical requirements
The basics of Amazon CloudWatch
Meeting compliance requirements with Amazon CloudTrail
Learning about change management with AWS Config
Learning how to use AWS Trusted Advisor
Understanding the AWS Well-Architected Framework
Exercise 13.1 – Reviewing the Trusted Advisor reports in your AWS account
Summary
Questions
16
Section 3: AWS Security
Section 3: AWS Security
17
Chapter 14: Implementing Security in AWS
Chapter 14: Implementing Security in AWS
Understanding the Shared Responsibility Model
Introduction to the AWS compliance programs and AWS Artifact
AWS vulnerability scanning
Overview of data encryption services on AWS
Protecting cloud resources and applications with AWS WAF and AWS Shield
Other AWS security services
Exercise 14.1 – preventing data leaks with Amazon Macie
Exercise 14.2 – cleaning up
Summary
Questions
18
Section 4: Billing and Pricing
Section 4: Billing and Pricing
19
Chapter 15: Billing and Pricing
Chapter 15: Billing and Pricing
Technical requirements
An overview of billing and pricing on AWS
Understanding AWS cost optimization
Learning about AWS billing and cost management tools
Learning how to use the AWS pricing and TCO calculators
Exercise 15.1 – setting up cost budgets on AWS
Summary
Questions
20
Chapter 16: Mock Tests
Chapter 16: Mock Tests
Mock test 1
Mock test 2
21
Answers
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
Chapter 12
Chapter 13
Chapter 14
Chapter 15
Chapter 16
Why subscribe?
22
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Understanding cloud deployment models

When it comes to deploying cloud services for your organization, you need to consider which deployment model will suit your business. The decision will be taken based on several factors, such as the industry you are in, compliance and regulatory issues, and also cost management and flexibility of configuration.

There are three primary models of deployment, listed as follows:

  • Public cloud
  • Private cloud
  • Hybrid cloud

These models are represented in the following diagram:

Figure 1.3 – Cloud deployment models

Figure 1.3 – Cloud deployment models

Let's look at each model in a little more detail.

Public cloud

A public cloud is a cloud deployment model in which a business consumes IT services from a third-party vendor, such as AWS, over the internet. This is the most popular model of cloud computing due to the vast array of services on offer. Public cloud providers such as AWS are in the business of delivering IT services across all industry verticals and for businesses of all sizes.

Public cloud services are generally paid for on a pay-as-you-go model and can help your organization move away from a CAPEX of mode of investment in IT to an OPEX mode. This frees up precious capital for more important investment opportunities. Services offered by public cloud vendors will include free services, subscription-based, or on-demand pay-as-you-go, where you are charged based on how much you consume. Providers of public cloud services are also able to offer greater scalability and agility that would otherwise have been too expensive to achieve on your own.

With a public cloud model, customers are offered a self-service capability and access to management consoles and command-line interfaces, as well as having API access to configure and consume the services on offer.

Private cloud

By contrast, a private cloud is a cloud deployment model in which your business procures, installs, configures, and manages all the necessary infrastructure and software components in-house. This may sound very similar to traditional on-premises IT. However, the cloud element of it comes from the fact that additional management software is usually deployed to allow different parts of the business to carry out self-service tasks in provisioning compute, storage, network, and software services from an available catalog of services.

While public cloud providers offer their services to all businesses across the globe and the services are therefore publicly available, a private cloud is designed solely for your business, where you will not be sharing underlying compute resources with anyone external to your organization.

A private cloud is highly customizable to suit the needs of your organization, giving maximum control on key areas such as designing security and infrastructure configuration options. This does not necessarily mean that a private cloud provider (for example, Red Hat OpenStack) is more secure than a public cloud provider. Public cloud providers such as AWS invest vast amounts of money to design security features for the services they offer—features that may be cost-prohibitive if an organization tried to implement them on its own.

Hybrid cloud

This is a combination of IT services deployed both on-premises (and managed solely by your business) and integrated with one or more third-party cloud providers.

Many companies that venture into the public cloud generally start with some form of hybrid model. Often, businesses will move/migrate services to the public cloud to reduce CAPEX investment as they opt for a pay-as-you-go model for the consumption of IT services. An example of this is where companies may need to increase the number of servers deployed for their applications, and rather than procuring more expensive physical hardware, they can set up network connectivity between on-premises infrastructure and the public cloud provider, where they would spin up those additional servers as required. Connectivity options between an on-premises environment and a cloud provider can include setting up a secure Internet Protocol Security (IPsec) virtual private network (VPN) tunnel over the public internet, or even establishing a dedicate fiber-based connection, bypassing the public internet altogether and benefiting from greater bandwidth.

A hybrid cloud is generally also used to help start off your disaster recovery (DR) projects, which often need network communication between the private cloud infrastructure and the services offered by public cloud vendors where the DR solution will be hosted. This enables replication of on-premises data and applications to the DR site, hosted with vendors such as AWS.

Hybrid cloud deployments can also help businesses to start testing out new cutting-edge technologies or adopt a phased migration approach to ensure minimum interruption to normal business functions while the migration is underway. In addition, HA solutions can also be implemented. To cite an example, if the on-premises infrastructure is experiencing downtime, consumers of those services can be redirected to replica services hosted with the public cloud provider.

Previous Section
End of Section 5
Next Section