
AWS Certified Cloud Practitioner Exam Guide
Amazon Web Services is the largest cloud computing service provider in the world. Its foundational certification, AWS Certified Cloud Practitioner (CLF-C01), is the first step to fast-tracking your career in cloud computing. This certification will add value even to those in non-IT roles, including professionals from sales, legal, and finance who may be working with cloud computing or AWS projects. If you are a seasoned IT professional, this certification will make it easier for you to prepare for more technical certifications to progress up the AWS ladder and improve your career prospects.
The book is divided into four parts. The first part focuses on the fundamentals of cloud computing and the AWS global infrastructure. The second part examines key AWS technology services, including compute, network, storage, and database services. The third part covers AWS security, the shared responsibility model, and several security tools. In the final part, you'll study the fundamentals of cloud economics and AWS pricing models and billing practices.
Complete with exercises that highlight best practices for designing solutions, detailed use cases for each of the AWS services, quizzes, and two complete practice tests, this CLF-C01 exam study guide will help you gain the knowledge and hands-on experience necessary to ace the AWS Certified Cloud Practitioner exam.
- AWS Certified Cloud Practitioner Exam Guide
- Contributors
- About the author
- About the reviewer
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Share Your Thoughts
- Section 1: Cloud Concepts
- Chapter 1: What Is Cloud Computing?
- What is cloud computing?
- The six advantages of cloud computing
- Exploring the basics of virtualization
- Exploring cloud computing models
- Infrastructure as a Service
- Platform as a Service
- SaaS
- Understanding cloud deployment models
- Public cloud
- Private cloud
- Hybrid cloud
- Summary
- Questions
- What is cloud computing?
- Chapter 2: Introduction to AWS and the Global Infrastructure
- What is AWS?
- A quick history of AWS
- Exploring the AWS Global Infrastructure
- Regions
- AZs
- Edge locations
- Regional edge caches
- Regional services
- Global services
- On-premises services
- Choosing the right AWS support plan for your business
- Basic support plan
- Developer support plan
- Business support plan
- Enterprise support plan
- Overview of the AWS Service Health Dashboard
- The AWS AuP
- Summary
- Questions
- What is AWS?
- Chapter 3: Exploring AWS Accounts, Multi-Account Strategy, and AWS Organizations
- Why have a multi-account AWS environment?
- AWS Landing Zone
- AWS Control Tower
- Managing multiple accounts AWS Organizations
- Introducing AWS Organizations
- Consolidated billing
- How many AWS accounts do you need?
- Core AWS OUs
- Additional OUs
- AWS Free Tier accounts
- Free tools
- Always free services (limited offering)
- Free trials
- Exercise 3.1 Setting up your first AWS Free Tier account
- Exercise 3.2 Setting up a billing alarm
- Questions
- Section 2: AWS Technologies
- Chapter 4: Identity and Access Management
- Introduction to the AWS IAM service
- The AWS IAM console
- The AWS IAM services
- The root user account and implementing Multi-Factor Authentication (MFA)
- Setting up MFA
- The importance of defining IAM password policies
- Key differences between IAM users and IAM groups
- IAM users
- IAM groups
- Defining permissions with IAM policies
- Types of identity-based policies
- Example of an IAM policy
- Assigning temporary credentials with IAM roles
- Temporary credentials
- Reviewing credential reports
- Exercise 4.1 creating an IAM group
- Exercise 4.2 creating an IAM user
- Exercise 4.3 logging in to your AWS account as an IAM user
- Accessing the AWS platform using the CLI
- Accessing your account via the CLI
- Downloading the CLI tools
- Exercise 4.4 accessing the AWS platform using the AWS CLI on a Windows computer
- Exercise 4.5 creating an IAM user with administrative privileges
- Summary
- Questions
- Introduction to the AWS IAM service
- Chapter 5: Amazon Simple Storage Service (S3)
- Technical requirements
- Introduction to storage options on AWS
- Block storage
- File storage
- Object storage
- Introduction to Amazon S3
- Buckets and objects
- Managing your objects in a bucket
- Regional hosting global availability
- Access permissions
- Versioning
- Cross-Region and same-Region replication
- S3 encryption
- Static website hosting
- Amazon S3TA
- Learning about archiving solutions with Amazon S3 Glacier
- Connecting your on-premises storage to AWS with Amazon Storage Gateway
- Migrating large datasets to AWS with the AWS Snow Family
- AWS Snowball
- Amazon Snowcone
- Amazon Snowmobile
- Exercise 5.1 Setting up an Amazon S3 bucket
- Exercise 5.2 Configuring public access to S3 buckets
- Exercise 5.3 Enabling versioning on your bucket
- Exercise 5.4 Setting up static website hosting
- Summary
- Questions
- Chapter 6: AWS Networking Services VPCs, Route53, and CloudFront
- Technical requirements
- Introduction to on-premises networks
- Basic corporate networks
- Fundamentals of IP addressing and CIDRs
- IP address version 4 IPv4
- Limitations of IPv4 addresses
- Businesses need internet access
- What about IPv6?
- Network sizes and classes
- What are subnet masks?
- What is subnetting?
- Classless Interdomain Routing (CIDR)
- Virtual Private Clouds (VPCs)
- All about subnets
- Internet access
- VPC security
- Network Address Translation (NAT)
- VPC peering
- VPC transit gateway
- Virtual Private Networks (VPNs)
- Direct Connect
- Learning about DNS and global routing with Amazon Route53
- Domain registration
- Hosted zones
- Routing policies
- Health checks
- Traffic flow and traffic policies
- Implementing a robust CDN with Amazon CloudFront
- Choosing a price class for your CloudFront distribution
- Introduction to Amazon API Gateway
- Exercise 6.1 setting up a public subnet VPC
- Summary
- Questions
- Chapter 7: AWS Compute Services
- Introduction to Amazon EC2
- Amazon Machine Images (AMIs)
- Exploring EC2 instance types
- Learning about Amazon EBS and instance backed store
- Amazon Elastic Block Store
- AWS EC2 instance store volumes
- Learning about EC2 pricing options
- On-Demand Instance Pricing Option
- Reserved Instance Pricing Option
- Spot Instance Pricing Option
- Implementing Shared File Storage with Amazon EFS
- Learning about VPSes with Amazon Lightsail
- Introduction to Amazon ECS and Kubernetes
- Amazon ECS comes in two deployment options
- Amazon Elastic Kubernetes Service (Amazon EKS)
- Learning about additional compute services on AWS
- Serverless option AWS Lambda
- AWS Batch
- AWS Outposts
- Understanding additional storage options in AWS
- Amazon FSx for Lustre
- Amazon FSx for Windows File Server
- Securing your VPC with bastion hosts
- Exercise 7.1 Expanding ProductionVPC so that it includes two public subnets and two private subnets
- Setting up additional subnets
- Creating private subnets
- Exercise 7.2 Creating a Bastion Host security group
- Exercise 7.3 Launching an EC2 instance
- Exercise 7.4 Launching an application on Amazon Fargate
- Summary
- Questions
- Introduction to Amazon EC2
- Chapter 8: AWS Database Services
- Technical requirements
- Managed databases versus unmanaged databases
- Learning about additional database services for specific niche requirements
- Introduction to database concepts and models
- Relational databases
- Non-relational (NoSQL) databases
- Introduction to Amazon RDS
- Deploying in Amazon VPCs
- Backup and recovery
- High availability with Multi-AZ
- Backup and recovery
- Horizontal scaling with read replicas
- A brief introduction to Amazon Aurora
- Learning about Amazon DynamoDB (NoSQL database solution)
- Tables, items, and attributes
- Provisioning capacity for DynamoDB
- Understanding the use cases for Amazon Redshift and data warehousing
- Online Analytical Processing (OLAP)
- Redshift architecture
- About Redshift Spectrum
- Understanding the importance of in-memory caching options with Amazon Elasticache
- Learning about additional database services for specific niche requirements
- Introduction to Amazon Neptune
- Amazon QLDB
- Database Migration Service
- Exercise 8.1 Extending your VPC to host database subnets
- Exercise 8.2 Creating a database subnet group
- Exercise 8.3 Launching your Amazon RDS database in ProductionVPC
- Exercise 8.4 Deploying an Amazon DynamoDB table
- Summary
- Questions
- Chapter 9: High Availability and Elasticity on AWS
- Technical requirements
- Introduction to vertical and horizontal scaling concepts
- Overview of the OSI model
- Distributing web traffic with Amazon ELB
- Load balancers and VPCs
- ALB
- ALB and WAF
- NLB
- GWLB
- CLB
- Implementing elasticity with Amazon Auto Scaling
- Auto Scaling groups
- Configuration templates
- Scaling options
- Designing multi-Region HA solutions
- Extended exercises setting the scene
- Exercise 9.1 setting up an Amazon S3 bucket to host source files
- Exercise 9.2 creating an IAM role
- Exercise 9.3 configuring an ALB
- Exercise 9.4 amending the Production-VPC security group
- Exercise 9.5 deploying a NAT gateway
- Exercise 9.6 deploying your application servers with Amazon Auto Scaling
- Exercise 9.7 cleanup
- Summary
- Questions
- Chapter 10: Application Integration Services
- Technical requirements
- Understanding notification services such as Amazon SNS
- Amazon SNS endpoints
- Amazon SNS topics
- Standard and FIFO topics
- Amazon SNS Fanout scenario
- Amazon SNS pricing
- Decoupling your application architecture with Amazon SQS and Amazon MQ
- Amazon SQS queue types
- Amazon SQS pricing and security
- Amazon MQ
- Designing event-driven application workflows using AWS EventBridge
- Coordinating multiple AWS services into serverless workloads with Amazon Step Functions and Amazon SWF
- AWS Step Functions
- Workflow types
- Amazon Simple Workflow Service (SWF)
- Exercise 10.1 Amazon S3 event notification using Amazon SNS
- Step 1 creating an SNS topic and subscribing to the topic
- Step 2 configuring your SNS topic policy
- Step 3 setting up the Amazon S3 event notification service
- Step 4 testing the configuration
- Exercise 10.2 cleaning up
- Summary
- Questions
- Chapter 11: Analytics on AWS
- Technical requirements
- Learning about data streaming with Amazon Kinesis
- Amazon Kinesis Data Firehose
- Amazon Kinesis Data Streams
- Amazon Kinesis Data Analytics
- Amazon Kinesis Video Streams
- Learning how to query data stored in Amazon S3 with Amazon Athena
- Introduction to Amazon Elasticsearch
- Overview of Amazon Glue and QuickSight
- Overview of Amazon Glue
- Overview of Amazon QuickSight
- Additional analytics services
- Exercise 11.1 analyzing your sales report with Amazon Athena and AWS Glue
- Step 1 Amazon S3
- Step 2 Amazon Athena and Amazon Glue
- Step 3 Amazon Athena
- Exercise 11.2 cleaning up
- Summary
- Questions
- Chapter 12: Automation and Deployment on AWS
- Technical requirements
- Understanding application deployment with Amazon Elastic Beanstalk
- Core components of Amazon Elastic Beanstalk
- Understanding the benefits of IaC using Amazon CloudFormation
- CloudFormation templates
- CloudFormation stacks
- Change sets
- Drift detection
- Introduction to the orchestration of Chef and Puppet solutions using AWS OpsWorks
- AWS OpsWorks stacks
- IT automation with Lambda
- Exercise 12.1 stopping and starting EC2 instances at regular intervals using AWS Lambda
- Step 1 - Launching an EC2 instance
- Step 2 - Creating an IAM policy and execution role for your Lambda function
- Step 3 - Creating Lambda functions that stop and start your EC2 instances
- Step 4 - Creating CloudWatch event rules to trigger your Lambda functions
- Step 5 - Testing your Lambda function
- Exercise 12.2 cleaning up
- Summary
- Questions
- Chapter 13: Management and Governance on AWS
- Technical requirements
- The basics of Amazon CloudWatch
- CloudWatch metrics
- Dashboards
- Alarms
- CloudWatch Logs
- Amazon CloudWatch Events
- Meeting compliance requirements with Amazon CloudTrail
- Trails
- Learning about change management with AWS Config
- Configuration items
- Configuration history
- Configuration recorder
- Configuration snapshot
- Configuration stream
- Managing your AWS resources with AWS Systems Manager
- Learning how to use AWS Trusted Advisor
- AWS Trusted Advisor and Support plans
- Understanding the AWS Well-Architected Framework
- Reliability
- Performance efficiency
- Security
- Operational excellence
- Cost optimization
- Exercise 13.1 Reviewing the Trusted Advisor reports in your AWS account
- Summary
- Questions
- Section 3: AWS Security
- Chapter 14: Implementing Security in AWS
- Understanding the Shared Responsibility Model
- Security of the cloud
- Security in the cloud
- Introduction to the AWS compliance programs and AWS Artifact
- About AWS Artifact
- AWS vulnerability scanning
- Overview of data encryption services on AWS
- Amazon S3 encryption
- AWS CloudHSM
- Protecting cloud resources and applications with AWS WAF and AWS Shield
- Protecting applications with AWS WAF
- Protecting network attacks with AWS Shield
- Assessing and securing your EC2 instances with AWS Inspector
- Other AWS security services
- Amazon Macie
- AWS GuardDuty
- Amazon Detective
- AWS Certificate Manager
- AWS Secrets Manager
- Amazon Cognito
- AWS Directory Service
- Exercise 14.1 preventing data leaks with Amazon Macie
- Step 1 creating a new Amazon S3 bucket
- Step 2 configuring Amazon Macie to identify sensitive employee data
- Exercise 14.2 cleaning up
- Summary
- Questions
- Understanding the Shared Responsibility Model
- Section 4: Billing and Pricing
- Chapter 15: Billing and Pricing
- Technical requirements
- An overview of billing and pricing on AWS
- Understanding AWS cost optimization
- Learning about AWS billing and cost management tools
- AWS Cost Explorer
- Cost allocation tags
- Cost and usage report
- AWS Budgets
- Learning how to use the AWS pricing and TCO calculators
- The AWS Pricing Calculator
- AWS Migration Evaluator
- Exercise 15.1 setting up cost budgets on AWS
- Summary
- Questions
- Chapter 16: Mock Tests
- Mock test 1
- Mock test 2
- Answers
- Chapter 1
- Chapter 2
- Chapter 3
- Chapter 4
- Chapter 5
- Chapter 6
- Chapter 7
- Chapter 8
- Chapter 9
- Chapter 10
- Chapter 11
- Chapter 12
- Chapter 13
- Chapter 14
- Chapter 15
- Chapter 16
- Mock Test 1
- Mock test 2
- Why subscribe?
- Other Books You May Enjoy
- Packt is searching for authors like you
- Share Your Thoughts
- Tytuły: AWS Certified Cloud Practitioner Exam Guide
- Autor: Rajesh Daswani
- Tytuł oryginału: AWS Certified Cloud Practitioner Exam Guide
- ISBN Ebooka: 9781801075244, 9781801075244
- Data wydania: 2022-01-13
- Identyfikator pozycji: e_2t2m
- Kategorie:
- Wydawca: Packt Publishing