Thank you for joining!

AWS Certified Cloud Practitioner Week 3 Content Review

• This session will be recorded

• Submit questions via the Q&A
function
• If you have other questions
please contact
[email protected]

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Certified Cloud Practitioner
Week 3 Content Review

Brady Smith
Sr. Partner Enablement Manager
Amazon Web Services
Programmatic Updates

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Training Calendar
Weekly Schedule
Week Dates Activity

1 09/06 – 09/09 Complete Technical Accreditation (3 hours)

2 09/12 – 09/16 Cloud Practitioner vILT (8 hours)

3 09/19 – 09/23 Cloud Practitioner Exam Prep (3 hours)

3+ 09/23 + Take the Certification Exam (1.5 hours)

5
 Reminder to Complete
Complete Week 1-3 Activities
• AWS Partner: Accreditation (Technical)
• Cloud Practitioner Essentials (vILT or Digital)

Be sure to complete the final course assessment module for credit.

6
 Next Steps

• Review Certification Study Guide

• Schedule your Certification exam
• Share with us your success and feedback!

For program related questions please reach out to

7 [email protected]
About the Exam

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 AWS Certified Cloud Practitioner
About the Exam

• 90 minutes
• 65 Questions
• Scored 100 to 1000 (700+ pass)
• $100/exam attempt
• Multiple Response & Individual response questions
• In-Person & remote proctoring available

9
AWS Certified Cloud Practitioner
Key Exam Topics

% of Exam Domain Focus Areas

26% Cloud Concepts Value proposition of the cloud
25% Security & Compliance Shared responsibility model, core security services
33% Technology AWS global infrastructure, AWS services
16% Billing & Pricing Pricing/cost analysis tools, service pricing models, billing

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 AWS Certified Cloud Practitioner
Helpful Resources

Training White Papers Exam Preparation

• AWS Partner Accreditation: • Overview of Amazon Web • Quiz Show 1
Business Services
• Quiz Show 2
• AWS Partner Accreditation: • AWS Well-Architected
Technical Framework • Quiz Show 3

• AWS Partner: Cloud Economics • How AWS Pricing Works: AWS • Quiz Show 4
Accreditation Pricing Overview • Sample Questions
• AWS Partner: AWS Cloud • Management and Governance • Schedule an Exam
Practitioner Essentials Lens
• AWS Global Infrastructure
• Compare AWS Support Plans
• AWS Acceptable Use Policy
• Shared Responsibility Model

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Cloud Concepts

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Articulate the Value Proposition of AWS
Cloud Concepts Domain Focus Areas

• Define the AWS Cloud and its value proposition

• Identify aspects of AWS Cloud economics
• Explain the different cloud architecture design principles

Amazon Confidential © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is Cloud?
The term "cloud computing" refers to the on-demand delivery of IT resources via the Internet with pay-as-
you-go pricing. Instead of buying, owning, and maintaining your own data centers and servers, organizations
can acquire technology such as compute power, storage, databases, and other services on an as-needed
basis

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Major Advantages of Cloud over On-Premises

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Global Infrastructure

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Regions
A physical location around the world where AWS clusters data centers

Each AWS Region consists of multiple,

isolated, and physically separate Availability
Zones.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Availability Zones (AZs)
One or more discrete data centers with redundant power, networking, and
connectivity in an AWS Region

AZs give customers the ability to operate

production applications and databases that
are more highly available, fault tolerant, and
scalable than would be possible from a single
data center.

AZs are connected to each other with fast,

private fiber-optic networking, enabling you
to easily architect applications that
automatically fail-over between AZs without
interruption.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Edge Locations
300+ Edge Locations and 13 regional mid-tier regional cache servers

Smaller endpoints used for hosting cached

data.

Points of Presence enable Amazon

CloudFront to securely deliver data, videos,
applications, and APIs to customers globally
with low latency and high transfer speeds, all
within a developer-friendly environment.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Security & Compliance

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Build with the Highest Security Standards
Security & Compliance Domain Focus Areas

• Define the AWS shared responsibility model

• Define AWS Cloud security and compliance concepts
• Identify AWS access management capabilities
• Identify resources for security support

Amazon Confidential © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Shared Responsibility Model

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS CloudTrail
Track user activity & API usage
Provides event history of your AWS account activity, including actions taken through the
AWS Management Console, AWS SDKs, command line tools, and other AWS services

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon CloudWatch
Observability of your AWS resources and applications on AWS and on-premises
Data and insights to monitor your applications, respond to system-wide performance
changes, optimize resource utilization, and get a unified view of operational health

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Config
Track resource inventory & changes
Enables you to assess, audit, and evaluate the configurations of your AWS resources.
Continuously monitors and records your AWS resource configurations and allows you to
automate the evaluation of recorded configurations against desired configurations

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Artifact
AWS Compliance Reports and Agreements
Central resource for compliance-related information that matters to you. It provides on-
demand access to AWS’ security and compliance reports and select online agreements

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Inspector
Analyze Application Security
Automates security vulnerability assessments throughout your development and
deployment pipelines or for static production systems - specifically for EC2

Inspector
Service

Report

Inspector Inspector
Agent Agent

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon GuardDuty
Intelligent Threat Detection to Protect Your AWS Accounts and Workloads
Threat detection service that continuously monitors for malicious activity and
unauthorized behavior to protect your accounts, workloads, and S3 data

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Shield
Managed DDoS protection
Managed Distributed Denial of Service (DDoS) protection service that safeguards
applications running on AWS

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Identity & Access Management (IAM)
Securely manage access to AWS services and resources
Using IAM, you can create and manage AWS users and groups, and use permissions to
allow and deny their access to AWS resources

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Technology

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Deploy Globally with Customer Focused Services
Technology Domain Focus Areas

• Define methods of deploying and operating in the AWS Cloud

• Define the AWS global infrastructure
• Identify the core AWS services
• Identify resources for technology support

Amazon Confidential © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compute Resources

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Compute Services
How will you deliver the application executables?

• Instances
• Amazon EC2

• Containers
• Amazon ECS
• Amazon EKS
• AWS Fargate

• Serverless
• AWS Lambda

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon EC2
Secure and resizable compute capacity to support virtually any workload
A web service that provides secure, resizable compute capacity in the cloud. It is
designed to make web-scale cloud computing easier for developers

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
EC2 Types
Use different EC2 instances for different applications
General Compute Storage and I/O GPU Memory
purpose optimized optimized enabled optimized

Mac M6g C7g P4 R6i & R6g

H1 D2
M5a M6i C6g P3 X1 & X1e
I3

M5 t4g C5 P2 R5 & R5d

M4 t3 G2 z1d
C4

A1 t2 F1 R4

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Machine Images (AMI)
Critical information needed when launching EC2 instances
An Amazon Machine Image (AMI) might include the following information at launch:
(Note: You must specify an AMI when you launch an instance)
• One or more EBS snapshots or a template for the root volume of an instance
• Launch permissions that control which AWS account can use the AMI to launch
instances
• A block device mapping that specifies the volumes to attach to the instance when
launch

EC2 AMI

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
EC2 Pricing
Instance Type Benefits When to Position Workload Type
On Demand • Billing by the hour or • Customer seeking to • Short-Term/Fluctuates
second avoid long contracts and • Desired to Run to
• Modify compute capacity upfront payments Completion
• Dev/Test
Standard – Reserved Instance • 50%-70% less than On- • Customer able to commit • Steady-state applications
Demand instances to 1yr, 3 year term
Spot Instance • Discounts compared to • When workloads can • Batch processing, Hadoop
on-demand pricing continue after workflow, HPC grid
• Run continuously for interruptions; for • Encoding, rendering,
a set duration at lower diversification across modeling, analysis, or
pricing multiple instance types continuous integration
and AZs
Dedicated Hosts • A physical EC2 instance • Existing/new software • Steady-state applications
assigned for your use licensing needs to be used that required enhanced
• Can help reduce costs by • Specific compliance or compliance requirements
allowing use of server- data-privacy requirements or software licensing
bound software licensing

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
EC2 Access
There are 3 ways to access an EC2 instance

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS CloudFormation
Speed up cloud provisioning with infrastructure as code
A CloudFormation template describes your desired resources and their dependencies so
you can launch and configure them together as a stack

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Auto Scaling
Automatically launch or terminate Amazon EC2 instances

• User-defined policies driven by CloudWatch

• Health status checks
• Schedules
• Manually using set-desired-capacity in the CLI

Scale out to meet demand, scale in to reduce costs.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Fargate
Serverless compute for containers
Serverless, pay-as-you-go compute engine that lets you focus on building applications
without managing servers

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Elastic Container Service
Highly secure, reliable, and scalable way to run containers
Fully managed container orchestration service that helps you easily deploy, manage, and
scale containerized applications

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Elastic Kubernetes Service
The most trusted way to run Kubernetes
Gives you the flexibility to start, run, and scale Kubernetes applications in the AWS Cloud
or on-premises. Runs upstream Kubernetes and is certified Kubernetes conformant

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Lambda
Run code without thinking about servers or clusters. Only pay for what you use.
Serverless compute service that lets you run code without provisioning or managing
servers, creating workload-aware cluster scaling logic, maintaining event integrations, or
managing runtimes

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Storage

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Managing Data Within AWS
Data Storage

EFS FSx EBS S3 S3 Glacier

File Block Object

Data Transfer

AWS Direct AWS S3 Transfer Storage Amazon Kinesis

Connect Snowball Acceleration Gateway Firehose
© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Data Storage Services on the
Exam

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Elastic File System
Simple, serverless, set-and-forget, elastic file system
Amazon Elastic File System (EFS) automatically grows and shrinks as you add and
remove files with no need for management or provisioning

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon FSx
Launch and run feature-rich and highly-performant file systems with just a few
clicks
Launch and run popular file systems that are fully managed by AWS

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Elastic Block Store (EBS)
Easy to use, high performance block storage at any scale
Provides block level storage volumes for use with EC2 instances

EC2
instance

EBS
Availability Zone
volume

AWS region
© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Amazon S3
Object storage built to store and retrieve any amount of data from anywhere
Object storage service that offers industry-leading scalability, data availability, security,
and performance

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon S3 Glacier & S3 Glacier Deep Archive
Long-term, secure, durable Amazon S3 object storage classes for data archiving
Secure, durable, and extremely low-cost Amazon S3 cloud storage classes for data
archiving and long-term backup

Ready to download!

✓ Object ID 001
✓ Object ID 025 ID ID
ID 150
✓ Object ID 150 001 025
✓ Object ID 400 Archive retrieval job
….
❑ Expedited: 1~5min
ID 400
❑ Standard: 3~5hs
❑ Bulk: 5~12hs

99.999999999% durability of objects over a given year

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Data Transfer Services on the
Exam

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Direct Connect
Use AWS Direct Connect to securely link your on-premise environment to AWS
Directly connect your data center to AWS over a standard 1 gigabit or 10 gigabit
Ethernet fiber-optic connection

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Snowball
Petabyte-scale data transport with on-board storage and compute capabilities
Learn more about the entire AWS Snow family for your exam!

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
S3 Transfer Acceleration
Faster long-distance S3 uploads & downloads
Reduces the variability in Internet routing, congestion and speeds that can affect
transfers, and logically shortens the distance to S3 for remote applications

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Storage Gateway
On-premises access to virtually unlimited cloud storage
Integrate AWS Cloud storage with existing on-site workloads to simplify storage
management and reduce costs for key hybrid cloud storage use cases

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Kinesis Data Firehose
Prepare and load real-time data streams into data stores and analytics services
Fully managed service that automatically scales to match the throughput of your data
and requires no ongoing administration. Can batch, compress, transform, and encrypt.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Networking

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon VPC
Provision a Logically Isolated Section of the AWS Cloud
• Control your virtual networking environment
• Subnets
• Route tables
• Security Groups
• Network ACLs
• Connect to your on-premises network via VPN or
Direct Connect
• Control if and how your instances access the
internet

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Elastic Load Balancing
Distribute network traffic to improve the scalability of your applications
Automatically distributes incoming application traffic across multiple targets, such as
Amazon EC2 instances, containers, IP addresses, Lambda functions, and virtual
appliances

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Route 53
A reliable and cost-effective way to route end users to Internet applications
Connects user requests to infrastructure running in AWS. Highly available and scalable
cloud Domain Name System (DNS) web service

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Database

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Relational Database Service (RDS)
Set up, operate, and scale a Relational (SQL) database in the cloud
Cost-efficient and resizable capacity while automating time-consuming administration
tasks such as hardware provisioning, database setup, patching and backups

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Aurora
Delivered as a Managed Service on Top of RDS
MySQL and PostgreSQL-compatible relational database built for the cloud. Performance
and availability of commercial-grade databases at 1/10th the cost

 Speed and availability of high-end commercial databases

 Up to 64TiB of auto-scaling SSD storage
 Automatic backup (1 – 35 days)
 Automatic upgrade
 Drop-in compatibility with MySQL and PostgreSQL
 Simple pay as you go pricing

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon DynamoDB
Fast and flexible NoSQL database service for any scale
Key-value and document database that delivers single-digit millisecond performance at
any scale

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon ElastiCache
Fully managed in-memory data store
Power real-time applications with sub-millisecond latency

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Billing & Pricing

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Deploy Globally with Customer Focused Services
Billing & Pricing Domain Focus Areas

• Compare and contrast the various pricing models for AWS

• Recognize the various account structures in relation to
AWS billing and pricing
• Identify resources available for billing support
• Identify resources for technology support

Amazon Confidential © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Available AWS Cost Management Services
Know and understand when to use each of the available AWS services

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Budgets
Set Custom Budgets and Receive Alerts
Set custom budgets to track your cost and usage from simple, monthly reminders to
customized budgets by service.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Cost Explorer
Visualize and Explore Your AWS Costs and Usage
Visualize, understand, and manage your AWS costs and usage over time by creating
custom reports

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Savings Plans (Cost Explorer Feature)
Flexible pricing model that can provide savings of up to 72% on AWS usage
This model offers prices on Amazon EC2 instances usage, regardless of instance family, size, OS,
tenancy or AWS Region, and also applies to AWS Fargate Usage. AWS Cost Explorer will help you
choose a Savings Plan, and will guide you through the purchase process

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Organizations
Central Governance and Management Across AWS Accounts
Programmatically create new AWS accounts and allocate resources, group accounts to
organize your workflows, apply policies to accounts or groups for governance, and
simplify billing by using a single payment method for all of your accounts

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Pricing Calculator (formerly TCO Calculator)
Configure a cost estimate that fits your unique business needs with AWS

Explore AWS services and create an estimate for the cost of your use cases on AWS

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Trusted Advisor
Reduce costs, improve performance, improve security

Provides recommendations that help you follow AWS best practices

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Well-Architected

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Well-Architected Framework
Build secure, high-performing, resilient, and efficient infrastructure

Pillar focused on running and

monitoring systems, and continually
improving processes and procedures.
Key topics include change automation,
event response, and standards for
managing daily operations.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank You!
Questions or Support, please reach out:
[email protected]

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Session Q&A

• Please review the Study Guide

• Register for Certification Exam
• [email protected]
Appendix

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Security ‘Best Practices’ on the Exam
Exam specific topics (not a consultative security recommendation)
• You can control access to buckets and objects with:
• Access Control Lists (ACLs)

• Bucket policies

• Identity and Access Management (IAM) policies

• You can upload or download data to Amazon S3 via SSL encrypted endpoints.
• You can encrypt data using AWS SDKs.
• Encrypt data in transit & at rest Admin Group SupportGroup Policy
Rotate encryption keys "Action": [
• ✓ Mike "support:*",
• IAM ✓ TravisSupport Group "acm:DescribeCertificate",
"acm:GetCertificate",
• Follow principal of least privilege ✓ John
✓ Mike "acm:List*",
"apigateway:GET",
• Do not use the root user for your everyday tasks ✓ Sup1 "appstream:Get*",
AdministratorAccess
• Securely lock away the root user credentials ✓ Theresa "autoscaling:Describe*",
"aws-marketplace:ViewSubscriptions",
• Delete any programmatic keys "cloudformation:Describe*",
SupportUsers ...
• Enable MFA on Root Account

• Change the Root password to a strong password

• Use temporary security credentials

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Systems Manager
Gain operational insights and take action on AWS resources

Operations hub for AWS. provides a unified user interface so you can track and resolve
operational issues across your AWS applications and resources from a central place

AWS Systems Manager helps maintain

security and compliance by scanning your
instances against your patch, configuration,
and custom policies.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Kinesis Data Firehose
Prepare and load real-time data streams into data stores and analytics services
Fully managed service that automatically scales to match the throughput of your data
and requires no ongoing administration. Can batch, compress, transform, and encrypt.

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon FSx
Launch and run feature-rich and highly-performant file systems with just a few
clicks
Launch and run popular file systems that are fully managed by AWS

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The EC2 Platform
Powering cloud applications
• Virtual machine instance
• Linux and Microsoft Windows AMI’s
• Amazon Machine Image: is the image of the Operating System that will be
loaded in the instance.
• Client has full control of the Operating System and its applications as admin
• Multiple types and sizes of instances
• Remote access via SSH or Remote Desktop Window Svr

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.