Difference between revisions of "AWS Cloud Practitioner"
Jump to navigation
Jump to search
| Line 3: | Line 3: | ||
<pre> | <pre> | ||
| − | Domain 1: Cloud Concepts | + | ==Domain 1: Cloud Concepts== |
| − | 1.1 Define the AWS Cloud and its value proposition | + | ===1.1 Define the AWS Cloud and its value proposition=== |
| − | + | Define the benefits of the AWS cloud including: | |
| − | + | * Security | |
| − | + | * Reliability | |
| − | + | * High Availability | |
| − | + | * Elasticity | |
| − | + | * Agility | |
| − | + | * Pay-as-you go pricing | |
| − | + | * Scalability | |
| − | + | * Global Reach | |
| − | + | * Economy of scale | |
| − | + | ||
| − | + | Explain how the AWS cloud allows users to focus on business value | |
| + | * Shifting technical resources to revenue-generating activities as opposed to managing | ||
infrastructure | infrastructure | ||
| − | 1.2 Identify aspects of AWS Cloud economics | + | |
| − | + | ===1.2 Identify aspects of AWS Cloud economics=== | |
| − | + | Define items that would be part of a Total Cost of Ownership proposal | |
| − | + | ||
| − | + | * Understand the role of operational expenses (OpEx) | |
| − | + | * Understand the role of capital expenses (CapEx) | |
| − | + | * Understand labor costs associated with on-premises operations | |
| − | + | * Understand the impact of software licensing costs when moving to the cloud | |
| − | + | ||
| − | + | Identify which operations will reduce costs by moving to the cloud: | |
| − | + | * Right-sized infrastructure | |
| − | 1.3 Explain the different cloud architecture design principles | + | * Benefits of automation |
| − | + | * Reduce compliance scope (for example, reporting) | |
| − | + | * Managed services (for example, RDS, ECS, EKS, DynamoDB) | |
| − | + | ||
| − | + | ===1.3 Explain the different cloud architecture design principles=== | |
| − | + | Explain the design principles: | |
| + | |||
| + | * Design for failure | ||
| + | * Decouple components versus monolithic architecture | ||
| + | * Implement elasticity in the cloud versus on-premises | ||
| + | * Think parallel | ||
Version 2.1 CLF-C01 4 | PAGE | Version 2.1 CLF-C01 4 | PAGE | ||
| − | Domain 2: Security and Compliance | + | |
| − | 2.1 Define the AWS shared responsibility model | + | ==Domain 2: Security and Compliance== |
| − | + | ===2.1 Define the AWS shared responsibility model=== | |
| − | + | Recognize the elements of the Shared Responsibility Model | |
| − | + | Describe the customer’s responsibility on AWS | |
| + | |||
| + | * Describe how the customer’s responsibilities may shift depending on the service used | ||
(for example with RDS, Lambda, or EC2) | (for example with RDS, Lambda, or EC2) | ||
| − | + | ||
| − | 2.2 Define AWS Cloud security and compliance concepts | + | * Describe AWS responsibilities |
| − | + | ||
| − | + | ===2.2 Define AWS Cloud security and compliance concepts=== | |
| + | Identify where to find AWS compliance information: | ||
| + | *Locations of lists of recognized available compliance controls (for example, HIPPA, | ||
SOCs) | SOCs) | ||
| − | + | * Recognize that compliance requirements vary among AWS services | |
| − | + | ||
| − | + | At a high level, describe how customers achieve compliance on AWS | |
| − | + | * Identify different encryption options on AWS (for example, In transit, At rest) | |
| − | + | ||
| − | + | Describe who enables encryption on AWS for a given service | |
| + | |||
| + | Recognize there are services that will aid in auditing and reporting | ||
| + | * Recognize that logs exist for auditing and monitoring (do not have to understand the | ||
logs) | logs) | ||
| − | + | * Define Amazon CloudWatch, AWS Config, and AWS CloudTrail | |
Explain the concept of least privileged access | Explain the concept of least privileged access | ||
2.3 Identify AWS access management capabilities | 2.3 Identify AWS access management capabilities | ||
Revision as of 13:32, 9 September 2021
==Domain 1: Cloud Concepts== ===1.1 Define the AWS Cloud and its value proposition=== Define the benefits of the AWS cloud including: * Security * Reliability * High Availability * Elasticity * Agility * Pay-as-you go pricing * Scalability * Global Reach * Economy of scale Explain how the AWS cloud allows users to focus on business value * Shifting technical resources to revenue-generating activities as opposed to managing infrastructure ===1.2 Identify aspects of AWS Cloud economics=== Define items that would be part of a Total Cost of Ownership proposal * Understand the role of operational expenses (OpEx) * Understand the role of capital expenses (CapEx) * Understand labor costs associated with on-premises operations * Understand the impact of software licensing costs when moving to the cloud Identify which operations will reduce costs by moving to the cloud: * Right-sized infrastructure * Benefits of automation * Reduce compliance scope (for example, reporting) * Managed services (for example, RDS, ECS, EKS, DynamoDB) ===1.3 Explain the different cloud architecture design principles=== Explain the design principles: * Design for failure * Decouple components versus monolithic architecture * Implement elasticity in the cloud versus on-premises * Think parallel Version 2.1 CLF-C01 4 | PAGE ==Domain 2: Security and Compliance== ===2.1 Define the AWS shared responsibility model=== Recognize the elements of the Shared Responsibility Model Describe the customer’s responsibility on AWS * Describe how the customer’s responsibilities may shift depending on the service used (for example with RDS, Lambda, or EC2) * Describe AWS responsibilities ===2.2 Define AWS Cloud security and compliance concepts=== Identify where to find AWS compliance information: *Locations of lists of recognized available compliance controls (for example, HIPPA, SOCs) * Recognize that compliance requirements vary among AWS services At a high level, describe how customers achieve compliance on AWS * Identify different encryption options on AWS (for example, In transit, At rest) Describe who enables encryption on AWS for a given service Recognize there are services that will aid in auditing and reporting * Recognize that logs exist for auditing and monitoring (do not have to understand the logs) * Define Amazon CloudWatch, AWS Config, and AWS CloudTrail Explain the concept of least privileged access 2.3 Identify AWS access management capabilities Understand the purpose of User and Identity Management o Access keys and password policies (rotation, complexity) o Multi-Factor Authentication (MFA) o AWS Identity and Access Management (IAM) • Groups/users • Roles • Policies, managed policies compared to custom policies o Tasks that require use of root accounts Protection of root accounts 2.4 Identify resources for security support Recognize there are different network security capabilities o Native AWS services (for example, security groups, Network ACLs, AWS WAF) o 3 rd party security products from the AWS Marketplace Recognize there is documentation and where to find it (for example, best practices, whitepapers, official documents) o AWS Knowledge Center, Security Center, security forum, and security blogs o Partner Systems Integrators Know that security checks are a component of AWS Trusted Advisor Version 2.1 CLF-C01 5 | PAGE Domain 3: Technology 3.1 Define methods of deploying and operating in the AWS Cloud Identify at a high level different ways of provisioning and operating in the AWS cloud o Programmatic access, APIs, SDKs, AWS Management Console, CLI, Infrastructure as Code Identify different types of cloud deployment models o All in with cloud/cloud native o Hybrid o On-premises Identify connectivity options o VPN o AWS Direct Connect o Public internet 3.2 Define the AWS global infrastructure Describe the relationships among Regions, Availability Zones, and Edge Locations Describe how to achieve high availability through the use of multiple Availability Zones o Recall that high availability is achieved by using multiple Availability Zones o Recognize that Availability Zones do not share single points of failure Describe when to consider the use of multiple AWS Regions o Disaster recovery/business continuity o Low latency for end-users o Data sovereignty Describe at a high level the benefits of Edge Locations o Amazon CloudFront o AWS Global Accelerator 3.3 Identify the core AWS services Describe the categories of services on AWS (compute, storage, network, database) Identify AWS compute services o Recognize there are different compute families o Recognize the different services that provide compute (for example, AWS Lambda compared to Amazon Elastic Container Service (Amazon ECS), or Amazon EC2, etc.) o Recognize that elasticity is achieved through Auto Scaling o Identify the purpose of load balancers Identify different AWS storage services o Describe Amazon S3 o Describe Amazon Elastic Block Store (Amazon EBS) o Describe Amazon S3 Glacier o Describe AWS Snowball o Describe Amazon Elastic File System (Amazon EFS) o Describe AWS Storage Gateway Identify AWS networking services o Identify VPC o Identify security groups o Identify the purpose of Amazon Route 53 o Identify VPN, AWS Direct Connect Identify different AWS database services o Install databases on Amazon EC2 compared to AWS managed database
See also
- AWS, Amazon Managed Services, AWS Management & Governance, computing, security, networking, AWS compliance, AWS Outposts AWS Free Tier, AWS certifications, AWS Trusted Advisor, AWS Systems Manager, AWS Config, IAM Access Analyzer, AWS Cost Explorer, AWS Cost Management, AWS Budgets, AWS Organizations, AWS dev: (CodeStar, Cloud9), AWS Partner Network (APN), AWS Resource Access Manager, AWS Quick Starts, AWS Global Accelerator, AWS Elemental MediaStore, AWS Enterprise support, AWS support, AWS Professional Services Consultants, AWS Cloud Map, AWS Marketplace, AWS CLI, AWS Management Console, AWS acceptable use policy, amazonaws.com, Quotas, AWS Support plans, AWS Resource Explorer, AWS Managed Services (AMS), AWS savings, AWS Nitro System, AWS timeline
- Certifications: Security certifications, Enterprise architecture, Coursera, AWS certifications, CertiProf, Pearson VUE, Terraform Associate, Freecram, ExamLabs
Advertising:
