AWS Cloud Practitioner Essentials

Module 1: Introduction to
Amazon Web Services

1
Module Objectives On completion, you will be able to:
• Describe three cloud computing deployment models
• Describe six benefits of cloud computing

2
Module Topics Topics:
• Topic A: Cloud computing deployment models
• Topic B: Benefits of cloud computing
• Knowledge Check

3
Topic A: Cloud computing deployment
models

4
Welcome to the coffee shop

Customer Barista

A customer makes a A barista fulfills the

request. customer’s request.
5
Client and server model

Client Server

A client makes a A server fulfills the

request. client’s request.

6
Cloud computing

What is cloud computing?

Access services on Avoid large upfront Provision computing Pay only for what you
demand investments resources as needed use

7
Cloud computing deployment models

Cloud On premises Hybrid

8
Cloud-based deployment

• Run all parts of the application in

the cloud
• Migrate existing applications to the
cloud
• Design and build new application in
the cloud

9
On-premises deployment

• Use virtualization and resource

management tools to deploy
resources
• Use application management and
virtualization technologies to
increase resource usage

10
Hybrid deployment

• Connect cloud-based resources to

on-premises infrastructure
• Integrate cloud-based resources
with legacy IT applications

11
AWS Cloud

12
Topic B: Benefits of cloud computing

13
Variable expenses
Upfront expenses Variable expenses

Invest in technology resources before

Pay only for what you use
using them
14
Cost optimization
More time building Less time managing cost

Focus on applications and customers Run data centers

15
Capacity
Access only the capacity necessary Scalability

Stop guessing on your infrastructure

Scale in and scale out as needed
capacity needs

16
Economies of scale
Smaller scale Economies of scale

Pay higher prices based on only your Benefit from customers’ aggregated
own usage usage

17
Speed and agility
Data centers Cloud computing

Weeks between wanting resources Minutes between wanting resources

and having resources and having resources

18
Global in minutes
Low latency Global infrastructure

Quickly deploy applications

Use the AWS global infrastructure
worldwide

19
AWS core service categories

Compute Network & Content Deliver Storage

Security, Identity, &

Database Management & Governance
Compliance
20
Knowledge Check

21
Knowledge check 1 - question
What is cloud computing? Choice Response
Backing up files that are stored on desktop and mobile devices
A
to prevent data loss

Deploying applications that are connected to an on-premises

B
infrastructure

Using on-demand delivery of IT resources and applications

C
through the internet

D Running code without needing to manage or provision servers

22
Knowledge check 1 – answer
What is cloud computing? The correct response is C.

23
Knowledge check 2 - question
What is another name for on- Choice Response

premises deployment? A Cloud-based application

B Hybrid deployment

C Private cloud deployment

D AWS Cloud

24
Knowledge check 2 – answer
What is another name for on- The correct response is C.
premises deployment?

25
Knowledge check question - 3
How does the scale of cloud Choice Response

computing help to save costs? Practitioners do not have to invest in technology resources
A
before using them.

The aggregated cloud usage from a large number of customers

B
results in lower pay-as-you-go prices.

Accessing services on-demand helps prevent excess or limited

C
capacity.

Practitioners can quickly deploy applications to customers and

D
provide low latency.

26
Knowledge check 3 – answer
How does the scale to cloud The correct response is B.
computing help to save costs?

27
Module summary Covered in this module:
• Three cloud computing deployment models
• Six benefits of cloud computing

28
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

29
AWS Cloud Practitioner Essentials
Module 2: Compute in the
Cloud

30
Module Objectives On completion, you will be able to:
• Describe Amazon EC2 benefits
• Identify the Amazon EC2 instance types
• Differentiate among Amazon EC2 billing options
• Summarize Amazon EC2 Auto Scaling benefits
• Summarize Elastic Load Balancing benefits
• Provide examples of Elastic Load Balancing uses
• Describe differences between Amazon SNS and Amazon SQS
• Summarize additional AWS compute options

31
Module Topics Topics:
• Topic A: Amazon Elastic Compute Cloud (Amazon EC2)
• Topic B: Amazon EC2 instance types
• Topic C: Amazon EC2 pricing
• Topic D: Amazon EC2 Auto Scaling
• Topic E: Elastic Load Balancing
• Topic F: AWS messaging services
• Topic G: Serverless compute services
• Topic H: AWS container services
• Knowledge check

32
Client and server model

Customer Barista

A customer makes a A barista fulfills the

request. customer’s request.
33
Topic A: Amazon Elastic Compute Cloud
(Amazon EC2)

34
Amazon EC2

•Use secure, sizable compute capacity

•Boot server instances in minutes
•Pay only for what you use
Amazon Elastic Compute
Cloud (Amazon EC2)

35
How Amazon EC2 works

Launch an instance Connect to the instance Use the instance

36
Topic B: Amazon EC2 instance types

37
Coffee shop tasks
Employee 1 Employee 2 Employee 3

38
Coffee shop tasks specialization
Employee 1 Employee 2 Employee 3

Make coffee Process transactions Order supplies

39
Amazon EC2 instance types (1 of 2)
General purpose Compute optimized Memory optimized
• Balances compute, • Offers high-performance • Delivers fast performance
memory, and networking processors for memory-intensive
resources workloads
• Ideal for compute-
• Suitable for a broad range intensive applications and • Well suited for high-
of workloads batch processing performance databases
workloads

40
Amazon EC2 instance types (2 of 2)
Accelerated computing Storage optimized
• Uses hardware accelerators to expedite • Offers low latency and high input/output
data processing operations per second (IOPS)

• Ideal for application streaming and • Suitable for workloads such as distributed
graphics workloads file systems and data warehousing
applications

41
Match: Amazon EC2 instance types (1 of 5)

1. Ideal for high-performance

databases A. General purpose

2. Suitable for data warehousing

B. Compute optimized
applications

3. Balances compute, memory, and

C. Memory optimized
networking resources

4. Offers high-performance
D. Storage optimized
processors

42
Match: Amazon EC2 instance types (2 of 5)

43
Match: Amazon EC2 instance types (3 of 5)

44
Match: Amazon EC2 instance types (4 of 5)

45
Match: Amazon EC2 instance types (5 of 5)

46
Topic C: Amazon EC2 pricing

47
Amazon EC2 instance pricing options (1 of 2)
On-demand Spot Reserved
• No upfront costs or • Ideal for workloads with • Provides a billing discount
minimum contracts flexible start and end over On-Demand pricing
times
• Requires a 1-year or 3-
• Ideal for short-term,
year term commitment
irregular workloads • Offers savings over On-
Demand prices

48
Amazon EC2 instance pricing options (2 of 2)
Compute Savings Plan Dedicated Instance Dedicated Host
• Offer up to 66% savings • An EC2 instance that runs • A physical server with EC2
over On-Demand costs for in a VPC on hardware for instance capacity for a
a consistent amount of a single customer single customer
compute usage
• Higher cost compared to • Most expensive Amazon
• Require a 1-year or 3-year standard Amazon EC2 EC2 option
term commitment instances

49
Discussion

What is the difference between

Compute Savings Plans and Spot
Instances?

50
Topic D: Amazon EC2 Auto Scaling

51
Manual scaling
Low demand High demand

Two Customers Four Customers

Barista Baristas

52
Amazon EC2 Auto Scaling (1 of 2)

Coffee Shop Website Traffic

• Scale capacity as computing 6

requirements change 5
4
3
2
• Use dynamic scaling and predictive 1
0

scaling
Demand Unused capacity

53
Amazon EC2 Auto Scaling (2 of 2)
High demand

Four Customers

Baristas

54
Topic E: Elastic Load Balancing

55
Load balancing
Unbalanced workload Balanced workload

56
Elastic Load Balancing

•Automatically distributes traffic across multiple

resources
•Provides a single point of contact for your Auto
Scaling group
Elastic Load Balancing

57
Scalability and load balancing
Low-demand period High-demand period

58
Auto Scaling and Elastic Load Balancing
Are these examples of Auto Scaling or Elastic Load Balancing?

1. Removed unneeded Amazon EC2 2. Adds a second Amazon EC2

instances when demand is low instance during an online store’s
popular sale

4. Ensure that no single EC2 instance

3. Distributes a workload across
has to carry the full workload on its
several Amazon EC2 instances
own

5. Automatically adjusts the number 6. Provides a single point of contact

of EC2 instances to match demand for traffic into an Auto Scaling group

59
Auto Scaling and Elastic Load Balancing
Are these examples of Auto Scaling or Elastic Load Balancing?

60
Topic F: AWS messaging services

61
Application architecture
Monolithic application Microservices

62
 Amazon Simple Notification Service

•Messages are published to topics.

•Subscribers immediately receive messages for
Amazon Simple Notification Service their topics.
(Amazon SNS)

63
Publish updates from a single topic

Coupons, coffee trivia, and new products

64
Publish updates from multiple topics

65
Amazon Simple Queue Service

•Send, store, and receive messages between

software components
•Queue messages without requiring other services
Amazon Simple Queue
Service (Amazon SQS) to be available

66
Example: Fulfill an order

1. The customer 2. The cashier gives the

orders. order to the barista.

3. The barista makes

the drink and gives it
to the customer.

67
Example: Orders in a queue

2. The order goes into

1. The customer
the queue.
orders.

Queue

4. The barista makes 3. The barista retrieves the

the drink and gives it order from the queue.
to the customer.

68
Topic G: Serverless compute services

69
Serverless computing
Computing with virtual servers Serverless computing

70
AWS Lambda

•Run code without provisioning or managing

servers
•Pay only for compute time while code is running
AWS Lambda •Use other AWS services to automatically trigger
code

71
How AWS Lambda works

Upload code to Set code to trigger Code runs only Pay only for the
AWS Lambda from an event when triggered compute time you
source use

72
Topic H: AWS container services

73
Containers

One host with multiple Tens of hosts with hundreds of

containers containers

74
Amazon Elastic Container Service (Amazon ECS)

•Run and scale containerized applications

•Use simple API calls to control Docker-enabled
applications
Amazon Elastic
Container Service
(Amazon ECS)

75
Amazon Elastic Kubernetes Service (Amazon EKS)

•Run and scale Kubernetes applications

•Readily update applications with new features
Amazon Elastic
Kubernetes Service
(Amazon EKS)

76
AWS Fargate

•Run serverless containers with Amazon ECS or

Amazon EKS
•Pay only for the resources you use
AWS Fargate

77
Knowledge check

78
Knowledge check 1 - question
A customer wants to use an Choice Response

Amazon EC2 instance for a A General purpose

batch processing workload.
Which Amazon EC2 instance
B Compute optimized
type should they use?

C Memory optimized

D Storage optimized

79
Knowledge check 1 – answer
A customer wants to use an The correct response is B.
Amazon EC2 instance for a
batch processing workload.
Which Amazon EC2 instance
type should they use?

80
Knowledge check 2 - question
What are the contract length Choice Response

options for Amazon EC2 A 1 year

Reserved Instances? (CHOOSE
TWO)
B 2 years

C 3 years

D 4 years

81
Knowledge check 2 – answer
What are the contract length The correct responses are A and C.
options for Amazon EC2
Reserved Instances? (CHOOSE
TWO)

82
Knowledge check 3 - question
A customer has a workload that Choice Response

will run for a total of 6 months A Reserved Instance

and can withstand
interruptions. What would be
B Dedicated Instance
the most cost-efficient Amazon
EC2 instance purchasing
option? C On-Demand Instance

D Spot Instance

83
Knowledge check 3 – answer
A customer has a workload that The correct response is D.
will run for a total of 6 months
and can withstand
interruptions. What would be
the most cost-efficient Amazon
EC2 instance purchasing
option?

84
Knowledge check 4 - question
A customer wants to give users Choice Response

messages for the specific topics A Amazon Simple Notification Service (Amazon SNS)
to which they have subscribed.
Which service should they use?
B AWS Lambda

C Amazon Simple Queue Service (Amazon SQS)

D Amazon Elastic Kubernetes Service (Amazon EKS)

85
Knowledge check 4 – answer
A customer wants to give users The correct response is A.
messages for the specific topics
to which they have subscribed.
Which service should they use?

86
Module summary Covered in this module:
• Amazon EC2 benefits
• Amazon EC2 instance types
• EC2 billing options
• EC2 Auto Scaling benefits
• Elastic Load Balancing benefits
• Amazon SNS vs. Amazon SQS
• Additional compute options

87
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

88
AWS Cloud Practitioner Essentials
Module 3: Global Infrastructure
and Reliability

89
Module Objectives On completion, you will be able to:
• Summarize the AWS Global Infrastructure benefits
• Describe Availability Zones
• Describe the benefits of Amazon CloudFront and edge
locations.
• Compare methods for provisioning AWS services.

90
Module Topics Topics:
• Demonstration: Explore the AWS Global Infrastructure
• Topic A: AWS Global Infrastructure
• Topic B: Get closer to your customers
• Topic C: AWS Outposts
• Topic D: Interact with AWS services
• Knowledge check

91
Build a global footprint

92
Demonstration: Explore the AWS Global
Infrastructure

93
Demonstration Explore the AWS Global Infrastructure
In this demo, your instructor will show you the
following things:
• Regions
• Availability zones

94
Topic A: AWS Global Infrastructure

95
Select a Region
Determine the right Region for your services, data, and applications based on:

Compliance with data Proximity to your Pricing Available services

governance and legal customers within a Region
requirements

96
Availability Zones

*New customers can access two Availability Zones in US

West (Northern California).
97
Amazon EC2 instances in multiple AZs

*New customers can access two Availability Zones in US

West (Northern California).
98
Discussion

What is the relationship between Regions

and Availability Zones?

99
Topic B: Get closer to your customers

100
Global content delivery (1 of 2)

101
Global content delivery (2 of 2)

102
Amazon CloudFront delivers content

103
Topic C: AWS Outposts

104
Get products from the coffee shop (1 of 2)

105
Get products from the coffee shop (2 of 2)

106
AWS Outposts

AWS Outposts family

Extend AWS infrastructure

and services to different
locations, including your on-
premises data center.

107
Discussion

When choosing an AWS Region for your

services, data, and applications, why
should you consider a Region’s proximity
to your customers?

108
Review: AWS Global Infrastructure

109
Topic D: Interact with AWS services

110
Perform actions through API requests
Coffee shop AWS Cloud
Order a cup of coffee Launch an Amazon EC2 instance
Ask for a refill Create a load balancer
Check you rewards balance Invoke an AWS Lambda function

111
Interact with AWS services

aws> _ </>

AWS Management AWS Command Line Software Development

Console Interface (AWS CLI) Kits (SDK)

112
Demonstration

113
Demonstration AWS Management Console
In this demo, your instructor will show you the
following things:
• Opening the list of all services
• Accessing recently visited services
• Finding a service by name, keyword, or acronym
• Browsing through the “Build a solution” and “Learn
to build” sections at the bottom of the AWS
Management Console home page
• Creating service shortcuts in the Console toolbar

114
Knowledge Check

115
Knowledge check 1 - question
Which of the following is TRUE Choice Response

for the AWS Global A An Availability Zone consists of a single Region.

Infrastructure?
B An Availability Zone consists of two or more Regions.

C A Region consists of a single Availability Zone.

D A Region consists of three or more Availability Zones.

116
Knowledge check 1 – answer
Which of the following is TRUE The correct response is D.
for the AWS Global
Infrastructure?

117
Knowledge check 2 - question
Which factors should be Choice Response

considered when selecting a A Compliance with data governance and legal requirements
Region? (Select TWO.)
B Proximity to your customers

C Access to 24/7 technical support

D Ability to assign custom permissions to different users

E Access to the AWS Command Line Interface (AWS CLI)

118
Knowledge check 2 – answer
Which factors should be The correct responses are A and B.
considered when selecting a
Region? (Select TWO.)

119
Knowledge check 3 - question
Which statement best describes Choice Response

Amazon CloudFront? A A service that can be used to run infrastructure in a hybrid

cloud approach

B A serverless compute engine for containers

C A service that can be used to send and receive messages

between software components through a queue

D A global content delivery service

120
Knowledge check 3 – answer
Which statement best describes The correct response is D.
Amazon CloudFront?

121
Knowledge check 4 - question
Which site does Amazon Choice Response

CloudFront use to cache copies A Edge location

of content for faster delivery to
users at any location?
B Region

C Availability Zone

D Origin

122
Knowledge check 4 – answer
Which site does Amazon The correct response is A.
CloudFront use to cache copies
of content for faster delivery to
users at any location?

123
Knowledge check 5 - question
Which actions can a cloud Choice Response

practitioner perform with AWS A Automate actions for AWS services and applications through
Outposts? scripts.

Access wizards and automated workflows to perform tasks in

B
AWS services.

C Extend AWS infrastructure and services to different locations

including an on-premises data center.

Develop AWS applications in supported programming

D
languages.

124
Knowledge check 5 – answer
Which actions can a cloud The correct response is C.
practitioner perform with AWS
Outposts?

125
Module summary Covered in this module:
• Three aspects of the AWS Global Infrastructure
• Four factors to consider when selecting an AWS
Region
• Three ways to interact with AWS services

126
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

127
AWS Cloud Practitioner Essentials
Module 4: Networking

128
Module Objectives On completion, you will be able to:
• Describe basic networking concepts
• Describe the differences between public and private
networking resources
• Explain a virtual private gateway using a real-life scenario
• Explain a VPN using a real-life scenario
• Describe AWS Direct Connect benefits
• Describe hybrid deployment benefits
• Describe the layers of security in an IT strategy
• Describe the services customers use to interact with the AWS
global network

129
Module Topics Topics:
• Topic A: Amazon Virtual Private Cloud (Amazon VPC)
• Topic B: Network access control lists and security groups
• Topic C: Interact with the AWS global network
• Knowledge check

130
Traffic in the coffee shop (1 or 2)

131
Traffic in the coffee shop (2 of 2)

132
Topic A: Amazon Virtual Private Cloud
(Amazon VPC)

133
Amazon VPC

Amazon Virtual Private

Cloud (Amazon VPC)
enables you to launch
resources in a virtual
network that you define.

134
Subnets

A subnet is a section in a VPC in

which you can place groups of
isolated resources.

A subnet can be public or private.

135
Internet gateway

136
Virtual private gateway

137
AWS Direct Connect

138
Match: VPC components (1 of 5)

1. Isolate databases containing A. Public subnet

customers’ personal information

2. Create a VPN connection between the

VPC and the internal corporate network B. Private subnet

3. Support customer-facing website C. Virtual Private Gateway

4. Establish a dedicated connection

between an on-premises data center D. AWS Direct Connect
and the VPC

139
Match: VPC components (2 of 5)

140
Match: VPC components (3 of 5)

141
Match: VPC components (4 of 5)

142
Match: VPC components (5 of 5)

143
Topic B: Network access control lists and
security groups

144
Network traffic in a VPC

145
Network access control lists

A network access control list (network

ACL) is a virtual firewall for a subnet. By
default:
• The default network ACL allows all inbound and
outbound traffic.
• Customer network ACLs deny all inbound and
outbound traffic

146
Stateless packet filtering
• Network ACLs perform stateless packet filtering.
• Before a packet can exit a subnet, it must be checked against the outbound
rules.

147
Security groups

A security group is a virtual firewall for an

Amazon EC2 instance.
By default, a security group denies all inbound
traffic and allows all outbound traffic.

148
Stateful packet filtering
• Security groups perform stateful packet filtering.
• They remember previous decisions that were made for incoming packets.

149
Discussion

What are the differences between

network access control lists and security
groups?

150
Topic C: Interact with the AWS global
network

151
Domain Name System (DNS)

152
Amazon Route 53

Route users to internet Connect user requests Manage DNS records for
applications to infrastructure in AWS domain names
and outside of AWS

153
Amazon Route 53 and Amazon CloudFront

154
Knowledge check

155
Knowledge check 1 – question
Which component or service Choice Response

can be used to establish a A Private subnet

private dedicated connection
between a company’s data
B DNS
center and AWS?

C AWS Direct Connect

D Amazon CloudFront

156
Knowledge check 1 – answer
Which component or service The correct response is C.
can be used to establish a
private dedicated connection
between a company’s data
center and AWS?

157
Knowledge check 2 – question
Which statement describes Choice Response

security groups? A They are stateful and allow all inbound traffic by default.

B They are stateful and deny all inbound traffic by default.

C They are stateless and allow all inbound traffic by default.

D They are stateless and deny all inbound traffic by default.

158
Knowledge check 2 – answer
Which statement describes The correct response is B.
security groups?

159
Knowledge check 3 – question
Which component is used to Choice Response

connect a VPC to the internet? A Internet gateway

B Public subnet

C Edge location

D Security group

160
Knowledge check 3 – answer
Which component is used to The correct response is A.
connect a VPC to the internet?

161
Knowledge check 4 – question
Which service is used to Choice Response

manage the DNS records for A Amazon Virtual Private Cloud

domain names?
B AWS Direct Connect

C Amazon CloudFront

D Amazon Route 53

162
Knowledge check 4 – answer
Which service is used to The correct response is D.
manage the DNS records for
domain names?

163
Knowledge check 5 – question
Which statement describes DNS Choice Response

resolution? A Launching resources in a customer-defined virtual network

B Storing local copies of content at edge locations around the

world

C Connecting a VPC to the internet

D Translating a domain name to an IP address

164
Knowledge check 5 – answer
Which statement describes DNS The correct response is D.
resolution?

165
Module summary Covered in this module:
• Structuring and connecting to a VPC
• Securing VPC resources with network access control
lists and security groups
• Using Amazon Route 53 and Amazon CloudFront to
deliver content

166
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

167
AWS Cloud Practitioner Essentials
Module 5: Storage and
Databases

168
Module Objectives On completion, you will be able to:
• Summarize the basic concept of storage and databases
• Describe Amazon Elastic Block Store (Amazon EBS) benefits
• Describe Amazon Simple Storage Service (Amazon S3) benefits
• Describe Amazon Elastic File System (Amazon EFS) benefits
• Summarize various storage solutions
• Describe Amazon Relational Database Service (Amazon RDS)
benefits
• Describe Amazon DynamoDB benefits
• Summarize various database services

169
Module Topics Topics:
• Topic A: AWS storage
• Topic B: AWS databases
• Topic C: Additional database services
• Knowledge check

170
Topic A: AWS storage

171
AWS storage types

Block storage Object storage File storage

172
Block storage

• In block storage, files are separated into equal-

sized pieces (blocks) of data.

• Block storage is used for applications that run

on Amazon EC2 instances.

173
Instance store

An Amazon EC2 instance The instance is stopped All data on the attached
with an attached or terminated. instance store
instance store is running. is deleted.

174
Amazon EBS volumes

An Amazon EC2 instance The instance is stopped or All data on the attached EBS
with an attached EBS terminated. (If terminated, the volume remains available.
volume is running EBS volume is removed by
default.)
175
Amazon EBS snapshots

EBS snapshots
Day 3
.
Day 2
Day 1 .
.

EBS volume All data is Only data that has changed since
(source data) backed up. the most recent snapshot is
backed up.

176
Discussion

What are the differences between

instance stores and Amazon EBS
volumes?

177
Object storage

In object store, each object consists of data,

metadata, and a key.

Object storage

178
Amazon Simple Storage Service

Store objects in buckets Set permissions to control Choose from a range of

access to objects storage classes for different
use cases

179
Amazon S3 storage classes (1 of 2)
S3 Standard S3 Standard-IA S3 One Zone-IA
• Designed for frequently • Ideal for infrequently • Stores data in a single
accessed data accessed data Availability Zone

• Stores data in a minimum • Similar to S3 Standard but • Has a lower storage price
of three Availability Zones has a lower storage price than S3 Standard-IA
and higher retrieval price

180
Amazon S3 storage classes (2 of 2)
S3 Intelligent-Tiering S3 Glacier Instance Retrieval S3 Glacier Flexible Retrieval S3 Glacier Deep Archive

• Ideal for data with • Low-cost storage • Lowest-cost object • Lowest-cost object
unknown or changing designed for data storage class storage class
access patterns archiving

• Configurable retrieval • Able to retrieve objects

• Requires a small • Able to retrieve objects time from minutes to within 12 hours
monthly monitoring and in milliseconds hours
automation fee per
object

181
Knowledge Check
You want to store data that is Choice Response

infrequently accessed but must A S3 Intelligent-Tiering

be immediately available when
needed. Which Amazon S3
B S3 Glacier Deep Archive
storage class should you use?

C S3 Standard-IA

D S3 Glacier Flexible Retrieval

182
Knowledge check – answer
You want to store data that is The correct response is C.
infrequently accessed but must
be immediately available when
needed. Which Amazon S3
storage class should you use?

183
File storage

In file storage, multiple clients can

access data that is stored in shared
file folders

184
Amazon Elastic File System

Store data in a scalable file Provide data to thousands of Store data in and across
system Amazon EC2 instance multiple Availability Zones
concurrently by default

185
Topic B: AWS databases

186
Database types
Relational database Nonrelational database

ID Product name Size Price Key Value

Name: John Doe

Medium roast 1 Address: 123 Any Street
1 12 oz. $5.30
ground coffee Favorite drink: Medium latte

Name: Mary Major

Dark roast ground 2 Address: 100 Main Street
2 20 oz. $9.27
coffee Birthday: July 5, 1994

187
Relational databases

• In a relational database, data is Example of data in a relational database

stored in a way that relates it to other ID Product name Size Price

pieces of data.
Medium roast
1 12 oz. $5.30
ground coffee

• Relational databases use structured Dark roast ground

2 20 oz. $9.27
query language (SQL) to store and coffee
query data.

188
Amazon Relational Database Service

Operate and scale a Automate time-consuming Store and transmit data

relational database in the administrative tasks securely
AWS Cloud

189
 Amazon RDS database engines

•Amazon Aurora
•PostgreSQL
•MySQL
•MariaDB
Amazon Relational Database
Service (Amazon RDS)
•Oracle Database
•Microsoft SQL Server

190
Amazon Aurora

Store data in an Reduce database costs by Replicate six copies of

enterprise-class relational eliminating unnecessary data across three
database input/output (I/O) operations Availability Zones

191
Discussion

One of the employees at the coffee shop has an

idea for the new inventory management system.
They believe they should maintain data in a text
file in Amazon S3.
Do you agree with their suggestion?
Why or why not?

192
Nonrelational databases
• A nonrelational database uses
structures other than rows and Example of data in a nonrelational database
columns to organize data. Key Value

Name: John Doe

1 Address: 123 Any Street
• For example, with key-value pairs, Favorite drink: Medium latte

data is organized into items (keys), Name: Mary Major

and items have attributes (values). 2 Address: 100 Main Street
Birthday: July 5, 1994

193
Amazon DynamoDB

Amazon DynamoDB is a It automatically scales to adjust for It is designed to handle over

serverless key-value capacity changes and maintain 10 trillion requests per day.
database. consistent performance.

194
AWS Database Migration Service
Migrate relational databases, nonrelational databases, and other types of
datastores

Example:

MySQL database AWS Database Amazon Aurora

(Source) Migration Service (AWS (Target)
DMS)

195
Amazon RDS and Amazon DynamoDB
For each scenario, should you use Amazon RDS or Amazon DynamoDB?

1. Storing data in a 2. Running a serverless

relational database database

3. Storing data in a key- 4. Using SQL to

value database organize data

5. Scaling up to 10 trillion 6. Storing data in an Amazon

requests per day Aurora database

196
Amazon RDS and Amazon DynamoDB
For each scenario, should you use Amazon RDS or Amazon DynamoDB?

197
Topic C: Additional database services

198
Additional database services (1 of 2)

Amazon Redshift Amazon DocumentDB Amazon Neptune Amazon QLDB

• Query and analyze data • Run MongoDB • Run applications that • Review a complete
across a data workloads in a use highly connected history of changes to
warehouse document database datasets your application data
service

199
Additional database services (2 of 2)

Amazon Managed Blockchain Amazon ElastiCache Amazon DynamoDB Accelerator

• Run a decentralized ledger • Add caching layers to improve • Improve DynamoDB response
database database read times times from single-digit
milliseconds to microseconds

200
Knowledge check

201
Knowledge check 1 – question
Which Amazon S3 storage Choice Response

classes are optimized for A S3 Standard

archival data? (Select TWO.)
B S3 Glacier Flexible Retrieval

C S3 Intelligent-Tiering

D S3 Glacier Deep Archive

E S3 Standard-IA

202
Knowledge check 1 – answer
Which Amazon S3 storage The correct responses are B and D.
classes are optimized for
archival data? (Select TWO.)

203
Knowledge check 2 – question
Which statement is true about Choice Response

Amazon EBS volumes and EBS volumes store data within a single Availability Zone.
A Amazon EFS file systems store data across multiple Availability
Amazon EFS file systems? Zones by default.
EBS volumes store data across multiple Availability Zones.
B Amazon EFS file systems store data within a single Availability
Zone by default.

C EBS volumes and Amazon EFS file systems both store data
within a single Availability Zone.

D EBS volumes and Amazon EFS file systems both store data
across multiple Availability Zones.

204
Knowledge check 2 – answer
Which statement is true about The correct response is A.
Amazon EBS volumes and
Amazon EFS file systems?

205
Knowledge check 3 – question
A customer wants to store data Choice Response

in an object storage service. A Amazon Managed Blockchain

Which AWS service should the
customer use for this type of
B Amazon Elastic File System (Amazon EFS)
storage?

C Amazon Elastic Block Store (Amazon EBS)

D Amazon Simple Storage Service (Amazon S3)

206
Knowledge check 3 – answer
A customer wants to store data The correct response is D.
in an object storage service.
Which AWS service should the
customer use for this type of
storage?

207
Knowledge check 4 – question
Which statement best describes Choice Response

Amazon DynamoDB? A A service that allows customers to run relational databases in

the AWS Cloud

B A serverless key-value database service

A service that customers can use to migrate relational

C databases, nonrelational databases, and other types of data
stores

D An enterprise-class relational database

208
Knowledge check 4 – answer
Which statement best describes The correct response is B.
Amazon DynamoDB?

209
Knowledge check 5 – question
Which service is used to query Choice Response

and analyze data across a data A Amazon Neptune

warehouse?
B Amazon DocumentDB

C Amazon ElastiCache

D Amazon Redshift

210
Knowledge check 5 – answer
Which service is used to query The correct response is D.
and analyze data across a data
warehouse?

211
Module summary Covered in this module:
• AWS storage services and resources
• Amazon S3 storage classes
• AWS database services

212
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

213
AWS Cloud Practitioner Essentials
Module 6: Security

214
Module Objectives On completion, you will be able to:
• Explain the benefits of the shared responsibility model
• Describe multi-factor authentication (MFA)
• Differentiate among the AWS Identity and Access Management
(IAM) security levels
• Explain AWS Organizations benefits
• Describe security policies
• Summarize the benefits of compliance with AWS
• Explain additional AWS security services

215
Module Topics Topics:
• Topic A: Shared responsibility model
• Topic B: AWS Identity and Access Management (IAM)
• Topic C: AWS Organizations
• Topic D: Compliance
• Topic E: Application security
• Topic F: Additional security services
• Knowledge check

216
Topic A: Shared responsibility model

217
Shared responsibility model
Customer Data
Customers

Platform, Applications, Identity and Access Management

Operating Systems, Network and Firewall Configuration
Network Traffic
Client-side Data Encryption Server-side Encryption
Protection

Software
Compute Storage Database Networking
AWS

Hardware/AWS Global Infrastructure

Regions Availability Zones Edge Locations

218
Customers: Security in the cloud
Customer Data
Customers

Platform, Applications, Identity and Access Management

Operating Systems, Network and Firewall Configuration
Network Traffic
Client-side Data Encryption Server-side Encryption
Protection

Examples of customer responsibilities include:

• Instance operating system • Host-based firewalls
• Applications • Account management
• Security groups
219
AWS: Security of the cloud

Software
Compute Storage Database Networking
AWS

Hardware/AWS Global Infrastructure

Regions Availability Zones Edge Locations

Examples of AWS responsibilities include:

• Physical security of data centers • Network infrastructure
• Hardware and software • Virtualization infrastructure
infrastructure
220
Review: Shared responsibility model
Are these tasks the responsibilities of customers or AWS?

1. Configuring security groups on 2. Maintaining network

Amazon EC2 instances infrastructure

3. Implementing physical 4. Patching software on

security controls at data centers Amazon EC2 instances

5. Maintaining servers that run 6. Setting permissions for

Amazon EC2 instances Amazon S3 objects

221
Review: Shared responsibility model
Are these tasks the responsibilities of customers or AWS?

222
Topic B: AWS Identity and Access
Management (IAM)

223
Security in the coffee shop

A new cashier begins working in The cashier is given an account that The cashier uses their account to
the coffee shop. has permission to access the point access the point of sale system.
of sale system.

224
IAM
IAM features

IAM user IAM policy

AWS Identity and Access

Management (IAM) allows you
IAM group IAM role
to manage access to AWS
services and resources.
Multi-factor authentication

225
AWS account root user

226
IAM users

An IAM user is an identity that

represents a person or application that
interacts with AWS services and
resources.

Best practice: Create individual IAM

users for each person who needs to
access AWS.

227
IAM policies

An IAM policy is a document that

grants or denies permissions to AWS
services and resources.

Best practice: Follow the security

principle of least privilege.

228
Example: IAM policy
This sample IAM policy allows permission to view a list of objects in the
Amazon S3 bucket with ID awsdoc-example-bucket, and to access the
objects.

{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Action": ["s3:ListObject", "s3:GetObject"],
"Resource": ["arn:aws:s3::: awsdoc-example-bucket",
"arn:aws:s3::: awsdoc-example-bucket/*"]
}
}

229
IAM groups
An IAM group is a collection of IAM
users.

Best practice: Attach IAM policies to

IAM groups, rather than to individual
IAM users.

Members inherit the policies assigned

to the group.

230
IAM roles
An IAM role is an identity that you can assume to gain temporary access to
permissions.

231
Multi-factor authentication
Multi-factor authentication provides an extra layer of protection for your
AWS account.

To sign in to an AWS website, a The user is prompted to The user is successfully

user enters their IAM user ID provide an authentication authenticated and can access
and password. response from their AWS MFA the requested AWS services or
device. resources.

232
Topic C: AWS Organizations

233
AWS Organizations

• AWS Organizations helps

customers consolidate and manage
multiple AWS accounts in a central
location.
• Use service control policies (SCPs)
to centrally control permissions for
the accounts in your organization.

234
Example: Organizational units

235
Knowledge check – question
A practitioner is configuring Choice Response

service control policies (SCPs) in A AWS Identity and Access Management (IAM) users
AWS Organizations. Which
identities and resources can
B AWS Identity and Access Management (IAM) groups
SCPs be applied to? (Select
TWO.)
C An individual member account

D AWS Identity and Access Management (IAM) roles

E An organizational unit (OU)

236
Knowledge check – answer
A practitioner is configuring The correct responses are C and E.
service control policies (SCPs) in
AWS Organizations. Which
identities and resources can
SCPs be applied to? (Select
TWO.)

237
Topic D: Compliance

238
AWS Artifact
AWS Artifact provides on-demand access to security and compliance reports
and select online agreements.

Access AWS compliance reports on Review, accept, and manage Access compliance reports from
demand agreements with AWS third-party auditors

239
Assurance programs

240
Customer Compliance Center
The Customer Compliance Center contains resources to help you learn more
about AWS compliance.

Discover compliance stories from Access compliance technical papers Complete the auditor learning path
companies in regulated industries and documentation

241
Knowledge check – question
Which tasks can be completed Choice Response

in AWS Artifact? (Select TWO.) A Access AWS compliance reports on-demand.

Consolidate and manage multiple AWS accounts within a

B
central location.

Create users to allow people and applications to interact with

C
AWS services and resources.

Set permissions for accounts by configuring service control

D
policies (SCPs).

E Review, accept, and manage agreements with AWS.

242
Knowledge check – answer
Which tasks can be completed The correct responses are A and E.
in AWS Artifact? (Select TWO.)

243
Topic E: Application security

244
AWS WAF
Helps protect your web applications and APIs
against common web exploits

245
AWS WAF rules

246
DoS and DDoS attacks
Denial of service attack Distributed denial of service attack

The attack originates from a The attack originates from multiple

single source. sources.

247
AWS Shield
AWS Shield provides protection against distributed denial of service (DDoS)
attacks.

Protect applications against Integrate AWS Shield Write custom web ACL
DDoS attacks Advanced with other AWS rules with AWS WAF to
services mitigate complex DDoS
attacks

248
Amazon Inspector
Amazon Inspector allows you to perform automated security assessments on
your applications.

Automatically conduct Identify security Receive recommendations

application security vulnerabilities and for how to fix security
assessments deviations from best issues
practices

249
Topic F: Additional security services

250
AWS Key Management Service

•AWS Key Management Service (AWS KMS) helps

customers perform encryption operations
through the use of cryptographic keys.
•You can choose the specific levels of access
control that you need for your keys.

251
Amazon GuardDuty
Amazon GuardDuty provides intelligent threat detection for AWS products
and services.

Enable Amazon GuardDuty continuously GuardDuty intelligently Review detailed findings

GuardDuty analyzes network and detects threats and take actions
account activity

252
Knowledge check

253
Knowledge check 1 – question
Which option describes an AWS Choice Response

Identity and Access An authentication process that provides an extra layer of

A
protection for an AWS account
Management (IAM) policy?
A document that grants or denies permissions to AWS services
B
and resources

An identity that a user can assume to gain temporary access to

C
permissions

The identity that is established when a user first creates an AWS

D
account

254
Knowledge check 1 – answer
Which option describes an AWS The correct response is B.
Identity and Access
Management (IAM) policy?

255
Knowledge check 2 – question
An employee requires Choice Response

temporary access to create A AWS account root user

several Amazon S3 buckets.

Which option should be used B AWS Identity and Access Management (IAM) group
for this task?
C AWS Identity and Access Management (IAM) role

D Service control policy (SCP)

256
Knowledge check 2 – answer
An employee requires The correct response is C.
temporary access to create
several Amazon S3 buckets.

Which option should be used

for this task?

257
Knowledge check 3 – question
Which of the following Choice Response

descriptions best describes the Adding an AWS Identity and Access Management (IAM) user
A
into at least one IAM group
concept of least privilege?
Granting only the permissions that are needed to perform
B
specific job tasks

C Checking a packet’s permissions against an access control list

Performing a denial of service attack that originates from at

D
least one device

258
Knowledge check 3 – answer
Which of the following The correct response is B.
descriptions best describes the
concept of least privilege?

259
Knowledge check 4 – question
Which service helps protect Choice Response

your applications against A Amazon GuardDuty

distributed denial of service
(DDoS) attacks?
B Amazon Inspector

C AWS Artifact

D AWS Shield

260
Knowledge check 4 – answer
Which service helps protect The correct response is D.
your applications against
distributed denial of service
(DDoS) attacks?

261
Knowledge check 5 – question
Which task can AWS Key Choice Response

Management Service (AWS A Configure multi-factor authentication (MFA)

KMS) perform?
B Update the AWS account root user password

C Create cryptographic keys

D Assign permissions to users and groups

262
Knowledge check 5 – answer
Which task can AWS Key The correct response is C.
Management Service (AWS
KMS) perform?

263
Module summary Covered in this module:
• Shared responsibility model
• AWS Identity and Access Management features
• Methods of managing multiple accounts in AWS
Organizations
• AWS services for application security and encryption
• AWS compliance resources

264
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

265
AWS Cloud Practitioner Essentials
Module 7: Monitoring and
Analytics

266
Module Objectives On completion, you will be able to:
• Summarize approaches to monitoring in AWS
• Describe Amazon CloudWatch benefits
• Describe AWS CloudTrail benefits
• Describe AWS Trusted Advisor benefits

267
Module Topics Topics:
• Topic A: Amazon CloudWatch
• Topic B: AWS CloudTrail
• Topic C: AWS Trusted Advisor
• Knowledge check

268
Topic A: Amazon CloudWatch

269
Coffee shop metrics

270
Amazon CloudWatch

Monitor your AWS and on- Configure automatic alerts

Access all of your metrics
premises infrastructure and and actions in response to
from a single location
resources in real time metrics

271
Amazon CloudWatch dashboard

272
Topic B: Amazon CloudTrail

273
Coffee shop events
3 days ago 2 days ago Today
The cashiers process a large To avoid running out of A shipment of coffee beans
number of transactions. supplies, the inventory is delivered to the coffee
specialist places and extra shop.
order.

274
AWS CloudTrail

Filter logs generated by API

Track user activities and Automatically detect
calls to assist with
API requests throughout unusual account activity
operational analysis and
your AWS infrastructure
troubleshooting

275
AWS CloudTrail event

What happened? New IAM user (Mary) created

Who made the request? IAM user John

When did this occur? January 1, 2023 at 9:00 AM

How was the request made? Through the AWS Management Console

276
Knowledge check – question
Which tasks can be performed Choice Response

by using AWS CloudTrail? A Monitor the AWS infrastructure and resources in real time
(Select TWO)
Track user activities and API requests throughout the AWS
B
infrastructure

View metrics and graphs to monitor the performance of

C
resources

Filter logs to assist with operational analysis and

D
troubleshooting

E Configure automatic actions and alerts in response to metrics

277
Knowledge check – answer
Which tasks can be performed The correct responses are B and D.
by using AWS CloudTrail?
(Select TWO)

278
Topic C: AWS Trusted Advisor

279
Coffee shop improvements

The consultant observes the

coffee shop.

The consultant makes

The owners implement
recommendations for
the suggested changes.
improvement.

280
AWS Trusted Advisor

Receive real-time guidance Compare your infrastructure to Evaluate and implement

for improving your AWS AWS best practices in five guidance at all stages of
environment categories deployment

281
AWS Trusted Advisor dashboard

282
Knowledge check

283
Knowledge check 1 – question
Which actions can you perform Choice Response

using Amazon CloudWatch? A Monitor the resources’ usage and performance.

(Select TWO.)
B Receive real-time guidance for improving the AWS environment.

Compare the infrastructure to AWS best practices in five

C
categories.

D Access metrics from a single dashboard.

Automatically detect unusual account activity using Amazon

E
GuardDuty.

284
Knowledge check 1 – answer
Which actions can you perform The correct responses are A and D.
using Amazon CloudWatch?
(Select TWO.)

285
Knowledge check 2 – question
Which service can be use to Choice Response

review the security of your A Amazon CloudWatch

Amazon S3 buckets by checking
for open access permissions?
B AWS CloudTrail

C AWS Trusted Advisor

D Amazon GuardDuty

286
Knowledge check 2 – answer
Which service can be use to The correct response is C.
review the security of your
Amazon S3 buckets by checking
for open access permissions?

287
Knowledge check 3 – question
Which categories are included Choice Response

in the AWS Trusted Advisor A Reliability

dashboard? (Select TWO.)
B Performance

C Scalability

D Elasticity

E Fault tolerance

288
Knowledge check 3 – answer
Which categories are included The correct responses are B and E.
in the AWS Trusted Advisor
dashboard? (Select TWO.)

289
Module summary Covered in this module:
• Amazon CloudWatch
• AWS CloudTrail
• AWS Trusted Advisor

290
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

291
AWS Cloud Practitioner Essentials
Module 8: Pricing and Support

292
Module Objectives On completion, you will be able to:
• Describe AWS pricing and support models
• Describe the AWS Free Tier
• Describe key benefits of AWS Organizations and consolidated
billing
• Explain AWS Budgets benefits
• Explain AWS Cost Explorer benefits
• Explain AWS Pricing Calculator benefits
• Distinguish among the AWS Support plans
• Describe AWS Marketplace benefits

293
Module Topics Topics:
• Topic A: AWS Pricing
• Demonstration: Explore AWS billing tools
• Topic B: Consolidated billing
• Topic C: AWS pricing tools
• Topic D: AWS Support plans
• Topic E: AWS Marketplace
• Knowledge check

294
AWS Pricing and support

295
Topic A: AWS Pricing

296
AWS Free Tier categories

Always free 12 months free Trials

297
AWS pricing concepts

Pay less with

Pay as you go Pay less when you
volume-based
reserve
discounts
Pay only for the resources that Reduce costs by reserving Receive savings through
you use without provisioning capacity in services such as volume-based discounts as
capacity in advance Amazon Elastic Compute Cloud your usage increases
(Amazon EC2) and Amazon
Relational Database Service
(Amazon RDS)

298
AWS Pricing Calculator

299
AWS Lambda pricing

•Pay only for the compute time you use

•Pay for the number of requests for your functions

AWS Lambda
•Save by signing up for Compute Savings Plans

300
Example: AWS Lambda service charges

301
 Amazon EC2 pricing

•Pay only for the time that your On-Demand

Instances run
•Reduce costs by using Spot Instances for
recommended use cases

Amazon Elastic Compute

•Save by signing up for Compute Savings Plans
Cloud (Amazon EC2)
•Amazon EC2 pricing:
https://aws.amazon.com/ec2/pricing

302
Example: Amazon EC2 service charges

303
Amazon S3 pricing

Amazon S3 pricing is based on four factors:

• Storage
• Requests and data retrievals
• Data transfer
Amazon Simple
Storage Service • Management and replication
(Amazon S3)

304
Example: Amazon S3 service charges

305
Knowledge check – question
The AWS Free Tier includes Choice Response

offers that are available to new A 3 months

AWS customers for a certain
period of time following their
B 6 months
AWS sign-up date. What is the
duration of this period?
C 9 months

D 12 months

306
Knowledge check 2 – answer
The AWS Free Tier includes The correct response is D.
offers that are available to new
AWS customers for a certain
period of time following their
AWS sign-up date. What is the
duration of this period?

307
Demonstration: Explore AWS billing tools

308
Demonstration Explore AWS Billing Tools
In this demo, your instruction will show you the
following things.
• Search for “Billing” in the Services menu
• Review your AWS bill, including:
• Service costs by Region
• Month to date spend
• Top services being used
• Current and forecasted amounts
• Top Free Tier services by usage

• Accessing other billing tools, such as Cost Explorer, Budgets, and

Budgets Reports.

309
Topic B: Consolidated billing

310
Consolidated billing

Receive a single bill Review itemized charges Share savings across the
for all the AWS that have been incurred accounts in your
accounts in your by each account organization
organization

311
Example: Consolidated billing
Monthly Consolidated
Bill

Management
$14.14
Account

Account 1 $19.64

Account 2 $19.96

Account 3 $20.06

Total charged to
$73.80
paying account:

312
Example: Volume pricing in Amazon S3 (1 of 2)

313
Example: Volume pricing in Amazon S3 (2 of 2)

314
Topic C: AWS pricing tools

315
AWS Budgets
AWS Budgets is a tool that you can use to set thresholds for your AWS service
usage and costs.

316
AWS Cost Explorer

AWS Cost Explorer is a tool

that you can use to visualize,
understand, and manage
your AWS costs and usage
over time.

317
Topic D: AWS Support plans

318
Basic Support
Basic Support is free for all AWS
customers and includes access to:
• Technical papers, documentation, and
support communities
• AWS Personal Health Dashboard
• A limited selection of AWS Trusted
Advisor checks

319
AWS Support plans

Enterprise
Developer Business Enterprise
On-Ramp
• Best-practice • Use-case • Application • Application
guidance guidance architecture architecture
• Client-side • All AWS Trusted guidance guidance
diagnostic Advisor checks • Infrastructure event • Infrastructure
tools • Limited support management event
• Building-block for third-party • A pool of Technical management
architecture software Account Managers • A designated
support (TAM) TAM

320
Technical Account Manager (TAM)
The Technical Account Manager is your
primary point of contact at AWS.
• Technical Account Managers are included
only with the Enterprise On-Ramp or
Enterprise Support plans.
• They provide guidance, technical
expertise, and best practices.

321
Knowledge check – question
Which of the following is the Choice Response

lowest-cost AWS Support plan A Business

that includes all AWS Trusted
Advisor checks?
B Developer

C Enterprise

D Basic

322
Knowledge check – answer
Which of the following is the The correct response is A.
lowest-cost AWS Support plan
that includes all AWS Trusted
Advisor checks?

323
Topic E: AWS Marketplace

324
AWS Marketplace
AWS Marketplace is a digital catalog that provides listings of third-party
software that runs on AWS.

Discover thousands of Access detailed information Explore software solutions

software products that run and reviews for each by industry and use case
on AWS product listing

325
AWS Marketplace categories

Business applications Data and analytics DevOps Infrastructure Software

Internet of Things Machine Learning Migration Security

326
Knowledge check

327
Knowledge check 1 – question
Which action can a customer Choice Response

perform with consolidated Review how much cost predicted AWS usage will incur by the
A
end of the month
billing?
B Create an estimate for the cost of use cases on AWS

Combine usage across accounts to receive volume pricing

C
discounts

D Visualized and manage AWS costs and usage over time

328
Knowledge check 1 – answer
Which action can a customer The correct response is C.
perform with consolidated
billing?

329
Knowledge check 2 – question
Which pricing tool is used to Choice Response

visualize, understand, and A AWS Pricing Calculator

manage AWS costs and usage
over time?
B AWS Budgets

C AWS Cost Explorer

D AWS Free Tier

330
Knowledge check 2 – answer
Which pricing tool is used to The correct response is C.
visualize, understand, and
manage AWS costs and usage
over time?

331
Knowledge check 3 – question
Which pricing tool can a Choice Response

customer use to receive alerts A Billing dashboard in the AWS Management Console
when their service usage
exceeds a customer-defined
B AWS Budgets
threshold?

C AWS Free Tier

D AWS Cost Explorer

332
Knowledge check 3 – answer
Which pricing tool can a The correct response is B.
customer use to receive alerts
when their service usage
exceeds a customer-defined
threshold?

333
Knowledge check 4 – question
A company wants to receive Choice Response

support from an AWS Technical A Developer

Account Manager (TAM). Which
support plan should they
B Basic
choose?

C Enterprise

D Business

334
Knowledge check 4 – answer
A company wants to receive The correct response is C.
support from an AWS Technical
Account Manager (TAM). Which
support plan should they
choose?

335
Knowledge check 5 – question
Which service or resource is Choice Response

used to find third-party A AWS Marketplace

software that runs on AWS?
B AWS Free Tier

C AWS Support

D Billing dashboard in the AWS Management Console

336
Knowledge check 5 – answer
Which service or resource is The correct response is A.
used to find third-party
software that runs on AWS?

337
Module summary Covered in this module:
• AWS Free Tier
• Consolidated billing
• Tools for planning, estimating, and reviewing AWS
costs
• AWS Support plans
• AWS Marketplace benefits

338
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

339
AWS Cloud Practitioner Essentials
Module 9: Migration and
Innovation

340
Module Objectives On completion, you will be able to:
• Describe migration and innovation in the
AWS Cloud
• Summarize the AWS Cloud Adoption Framework (AWS CAF)
• Summarize the seven key factors of a cloud migration strategy
• Describe the benefits of AWS data migration solutions
• Summarize the broad scope of innovative solutions that AWS
offers
• Summarize the six pillars of the AWS Well-Architected
Framework

341
Module Topics Topics:
• Topic A: AWS Cloud Adoption Framework
• Topic B: Migration strategies
• Topic C: AWS Snow Family
• Topic D: Innovation with AWS
• Topic E: AWS Well-Architected Framework
• Knowledge check

342
Topic A: AWS Cloud Adoption Framework

343
AWS Cloud Adoption Framework

• Provides advice to a company to enable a

quick and smooth migration to AWS
• Organizes guidance into six areas of focus,
called perspectives

344
Perspectives

Business People Governance

Business
capabilities

Technical
capabilities
Platform Security Operations

345
Business perspective

Business
Goal:
Ensures that IT aligns with
business needs and IT
investments link to key business
results

Common roles:
• Business managers
• Finance managers
• Budget owners
• Strategy stakeholders

346
People perspective

People
Goal:
Supports development of an
organization-wide change
management strategy for
successful cloud adoption

Common roles:
• Human resources
• Staffing
• People managers

347
Governance perspective

Governance
Goal:
Focuses on the skills and
processes to align IT strategy with
business strategy

Common roles:
• Chief information officer (CIO)
• Program managers
• Enterprise architects
• Business analysts
• Portfolio managers

348
Platform perspective

Goal:
Includes principles and patterns
for implementing new solutions
in the cloud, and migrating on-
premises workloads to the cloud

Common roles:
• Chief technology officer (CTO)
• IT managers
• Solutions architects

Platform

349
Security perspective

Goal:
Ensures that the organization
meets security objectives for
visibility, auditability, control, and
agility

Common roles:
• Chief information security
officer (CISO)
• IT security managers
• IT security analysts
Security

350
Operations perspective

Goal:
Helps you to enable, run, use,
operate, and recover IT workloads
to the level agreed on with your
business stakeholders

Common roles:
• IT operations managers
• IT support managers

Operations

351
Knowledge check – question
Which AWS Cloud Adoption Choice Response

Framework perspective helps A Business perspective

customers design, implement,
and optimize their AWS solution
B Platform perspective
based on their business goals
and perspectives?
C Operations perspective

D People perspective

352
Knowledge check – answer
Which AWS Cloud Adoption The correct response is B.
Framework perspective helps
customers design, implement,
and optimize their AWS solution
based on their business goals
and perspectives?

353
Topic B: Migration strategies

354
Seven migration strategies

355
Knowledge check – question
Which migration strategy Choice Response

involves moving from a A Refactoring

traditional license to a software
as a service model?
B Retiring

C Replatforming

D Repurchasing

356
Knowledge check 2 – answer
Which migration strategy The correct response is D.
involves moving from a
traditional license to a software
as a service model?

357
Topic C: AWS Snow Family

358
AWS Snow Family

AWS Snowcone AWS Snowball

• Small, rugged, and • AWS Snowball Edge

secure edge computing Storage Optimized
and data transfer device • AWS Snowball Edge
• Features up to 14 TB of Compute Optimized
usable storage

359
Topic D: Innovation with AWS

360
Innovation with AWS

Driving innovation in the cloud involves clearly

articulating the following conditions:
• Current state
• Desired state
• Problems you are trying to solve

361
Innovation paths
Consider some of the following innovation paths as you continue on your
cloud journey.

Serverless applications Artificial intelligence (AI) Machine learning (ML)

362
What is Amazon CodeWhisperer?
AI-powered code generator for IDEs and code editors
AI coding companion: AI security scanner:
• Generates code suggestions based on • Helps identify hard-to-find vulnerabilities
comments and existing code
• References multiple standards and best
• Offers real-time support for code practices
authoring directly within your integrated
development environment (IDE)

Content processed by CodeWhisperer Professional is not stored or used for service improvement.

363
Benefits of Amazon CodeWhisperer

Value to developers Value to organizations

• Increase velocity • Use at all experience levels
• Spend less time writing code • Support open-source attribution
• Receive help directly within your IDE • Reduce the risk of security vulnerabilities
• Find security vulnerabilities in your code • Increase code quality and developer productivity

364
Topic E: AWS Well-Architected Framework

365
Well-Architected Framework
The Well-Architected Framework helps you understand how
to design and operate reliable, secure, efficient, and cost-
effective systems in the AWS Cloud.
It is based on six pillars:
• Operational excellence
• Security
• Reliability
• Performance efficiency
• Cost optimization
• Sustainability
366
 Operational excellence
Run and monitor systems to deliver business value and to
continually improve supporting processes and procedures

• Perform operations as code

• Annotate documentation
• Anticipate failure
• Refine operations procedures frequently
• Make frequent, small, reversible changes

367
 Security
Protect information, systems, and assets while delivering
business value through risk assessments and mitigation
strategies

• Automate security best practices

• Apply security at all layers
• Protect data in transit and at rest

368
 Reliability
Test recovery procedures, scale horizontally to increase aggregate
system availability, and automatically recover from failure

• Recover from infrastructure or service

disruptions
• Dynamically acquire computing resources
to meet demand
• Mitigate disruptions such as
misconfigurations or transient network
issues

369
 Performance efficiency
Use computing resources efficiently to meet system requirements
and maintain that efficiency as demand changes and technologies
evolve

• Experiment more often

• Use serverless architectures
• Go global in minutes

370
 Cost optimization

Run systems to deliver business value at the lowest price point

• Adopt a consumption model

• Analyze and attribute expenditure
• Use managed services to reduce cost of
ownership

371
 Sustainability

Minimize the environmental impacts of running cloud workloads

• Understand your impact

• Establish sustainability goals
• Maximize utilization
• Reduce the downstream impact of workload

372
Knowledge Check

373
Knowledge check 1 – question
Which AWS Cloud Adoption Choice Response

Framework perspective helps A Governance perspective

you structure the selection and
implementation of
B Security perspective
permissions?

C Operations perspective

D Business perspective

374
Knowledge check 1 – answer
Which AWS Cloud Adoption The correct response is B.
Framework perspective helps
you structure the selection and
implementation of
permissions?

375
Knowledge check 2 – question
Which strategies are included in Choice Response

the seven strategies for A Revisiting

application migration? (Select
TWO.)
B Retaining

C Remembering

D Redeveloping

E Rehosting

376
Knowledge check 2 – answer
Which strategies are included in The correct responses are B and E.
the seven strategies for
application migration? (Select
TWO.)

377
Knowledge check 3 – question
What is the storage capacity of Choice Response

AWS Snowcone? A 8 TB HDD

B 20 TB HDD

C 28 TB HDD

D 14 TB HDD

378
Knowledge check 3 – answer
What is the storage capacity of The correct response is A.
AWS Snowcone?

379
Knowledge check 4 – question
What is the storage capacity of Choice Response

Snowball Edge Storage A 40 TB

Optimized?
B 60 TB

C 80 TB

D 100 TB

380
Knowledge check 4 – answer
What is the storage capacity of The correct response is C.
Snowball Edge Storage
Optimized?

381
Knowledge check 5 – question
Which AWS Well-Architected Choice Response

Framework pillar includes the A Cost optimization

ability to recover from
infrastructure or service
B Operational excellence
disruptions?

C Performance efficiency

D Reliability

382
Knowledge check 5 – answer
Which AWS Well-Architected The correct response is D.
Framework pillar includes the
ability to recover from
infrastructure or service
disruptions?

383
Module summary Covered in this module:
• AWS Cloud Adoption Framework
• Seven strategies for migration
• AWS Snow Family
• Innovation with AWS services
• Six pillars of the AWS Well-Architected Framework

384
Questions?

Thank you for attending

this session

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

385
AWS Cloud Practitioner Essentials
Module 10: AWS Certified
Cloud Practitioner Basics

386
Module Objectives On completion, you will be able to:
• Determine resources for preparing for the AWS
Certified Cloud Practitioner exam
• Evaluate types of questions that are included on the
AWS Certified Cloud Practitioner exam

387
Module Topics Topics:
• Topic A: Exam details
• Topic B: Exam strategies
• Topic C: Continue your learning
• Topic D: Register for your exam

388
Topic A: Exam details

389
Exam domains

Domain % of Exam

Domain 1: Cloud Concepts 26%

Domain 2: Security and Compliance 25%

Domain 3: Technology 33%

Domain 4: Billing and Pricing 16%

Total 100%

390
Recommended experience
For this exam, you should have:
• Basic understanding of IT services
• At least 6 months experience with the AWS
Cloud

391
Exam details (1 of 2)
• You must complete the exam within 90
minutes.
• The minimum passing score is 700 (the
maximum score is 1,000).
• The exam consists of multiple choice and
multiple response questions.
• A 30-minute time extension is available upon
request to non-native English speakers who are
taking an exam in English.

392
Exam details (2 of 2)

• There is no penalty for guessing.

• Unanswered questions are scored as
incorrect.
• You can flag questions to review before
submitting the exam.

393
Technical papers and resources
We recommend that you review the following technical
papers and resources:
• Overview of Amazon Web Services:
• Compare AWS Support Plans
• How AWS Pricing Works

394
Topic B: Exam strategies

395
Exam strategies

1. Read the full question.

2. Predict the answer before looking at the
response options.
3. Exclude incorrect response options.

396
Sample question 1 multiple choice
AWS Certified Cloud Choice Response

Practitioner exam results are A 650

reported as a score from 100–
1,000. What is the minimum
B 700
passing score?

C 850

D 900

397
Sample question 1 multiple choice strategy

398
Sample question 1 multiple choice answer

B 700 (correct)

399
Sample question 2 multiple response
Which domains are included on Choice Response

the AWS Certified Cloud A Security and compliance

Practitioner exam? (Select
TWO.)
B Automation and Optimization

C Monitoring and reporting

D Billing and pricing

E Deployment and provisioning

400
Sample question 2 multiple response strategy

401
Sample question 2 multiple response answer

A Security and compliance (correct)

D Billing and pricing (correct)

402
Topic C: Continue your learning

403
AWS Certification levels
Foundational Professional
Knowledge-based certification for foundational Role-based certifications that validate advanced skills and
understanding of AWS Cloud. No prior experience knowledge. At least two years of AWS Cloud experience
necessary. recommended.

Associate Specialty
Role-based certifications that showcase your knowledge and Certifications focused on specific topics. Recommended level of
skills and build your credibility as an AWS Cloud professional. experience varies.
Prior AWS Cloud or strong on-premises IT experience
recommended.

404
Core 4 – Steps to prepare for an AWS Certification exam
Approach exam day with confidence

Step 1 Step 2 Step 3 Step 4

Get to know Learn about Take exam Validate your
the exam and exam topics in preparation exam readiness
exam-style AWS Skill training in AWS with Official
questions Builder Skill Builder Practice Exams

405
Prepare for AWS Certification – step 1
Get to know the exam and exam-style questions

1 Review the exam guide.

Sign up for access to AWS Skill Builder,

2
the AWS online learning center.

Enroll and take an AWS Certification

3
Official Practice Question Set.

406
Prepare for AWS Certification – step 2
Learn about exam topics in Skill Builder

1 Identify gaps in your exam topic knowledge.

Enroll in self-paced digital courses you

2
need to learn about.

Access AWS Builder Labs to get hands-on;

3 apply your skills in the AWS Console.

407
Prepare for AWS Certification – step 3
Take exam prep training in AWS Skill Builder

AWS Skill Builder offers courses across

1
all domains.

AWS Builder Labs contain more than

2
150 self-paced labs.

3 Use gaming to prepare for your AWS

Certification with AWS Cloud Quest.

408
Prepare for AWS Certification – step 4
Validate your exam readiness

Take an AWS
Certification Official
Practice Exam with
exam-style scoring.

409
Topic D: Register for your exam

410
Register for your exam
Learn about options for taking the exam.

411
AWS Skill Builder online learning center

Continue to deepen the skills you need,

your way, with more than 500 courses and
interactive training developed by the
experts at AWS.

Game-based learning Self-paced labs

Use case challenges Exam preparation

412
 Don’t miss these learning opportunities

Free Digital Training Classroom Training AWS Certification

Learn with hundreds of free, self- Deepen your technical skills and Validate your expertise with an
paced digital courses on AWS learn from an accredited AWS industry-recognized credential.
fundamentals. instructor.

413
Course feedback
Your feedback is critical to us!

1. Sign in to https://www.aws.training.

2. Choose My Account, and then select Transcript.

3. Choose the Archived tab.

4. Expand the completed AWS Cloud Practitioner Essentials course, and

then choose Evaluate.

414
Thanks for participating!

Corrections, feedback, or other questions?

Contact us at https://support.aws.amazon.com/#/contacts/aws-training.
All trademarks are the property of their owners.

415