AWS Cloud Practitioner

From wikieduonline
Jump to navigation Jump to search

Domain 1: Cloud Concepts

1.1 Define the AWS Cloud and its value proposition

Define the benefits of the AWS cloud including:

Explain how the AWS cloud allows users to focus on business value

  • Shifting technical resources to revenue-generating activities as opposed to managing

infrastructure

1.2 Identify aspects of AWS Cloud economics

Define items that would be part of a Total Cost of Ownership proposal

  • Understand the role of operational expenses (OpEx)
  • Understand the role of capital expenses (CapEx)
  • Understand labor costs associated with on-premises operations
  • Understand the impact of software licensing costs when moving to the cloud

Identify which operations will reduce costs by moving to the cloud:

  • Right-sized infrastructure
  • Benefits of automation
  • Reduce compliance scope (for example, reporting)
  • Managed services (for example, RDS, ECS, EKS, DynamoDB)

1.3 Explain the different cloud architecture design principles

Explain the design principles:

  • Design for failure
  • Decouple components versus monolithic architecture
  • Implement elasticity in the cloud versus on-premises
  • Think parallel

Domain 2: Security and Compliance

2.1 Define the AWS shared responsibility model

Recognize the elements of the Shared Responsibility Model Describe the customer’s responsibility on AWS

  • Describe how the customer’s responsibilities may shift depending on the service used

(for example with RDS, Lambda, or EC2)

  • Describe AWS responsibilities

2.2 Define AWS Cloud security and compliance concepts

Identify where to find AWS compliance information:

  • Locations of lists of recognized available compliance controls (for example, HIPPA,

SOCs)

  • Recognize that compliance requirements vary among AWS services

At a high level, describe how customers achieve compliance on AWS

Describe who enables encryption on AWS for a given service

Recognize there are services that will aid in auditing and reporting

  • Recognize that logs exist for auditing and monitoring (do not have to understand the

logs)

Explain the concept of least privileged access

2.3 Identify AWS access management capabilities

Understand the purpose of User and Identity Management:

Protection of root accounts

2.4 Identify resources for security support

Recognize there are different network security capabilities:

rd party security products from the AWS Marketplace

  • Recognize there is documentation and where to find it (for example, best practices,

whitepapers, official documents)

Know that security checks are a component of AWS Trusted Advisor

Domain 3: Technology

3.1 Define methods of deploying and operating in the AWS Cloud

Identify at a high level different ways of provisioning and operating in the AWS cloud:

Identify different types of cloud deployment models:

Identify connectivity options:

3.2 Define the AWS global infrastructure

Describe the relationships among Regions, Availability Zones, and Edge Locations.

Describe how to achieve high availability through the use of multiple Availability Zones:

  • Recall that high availability is achieved by using multiple Availability Zones
  • Recognize that Availability Zones do not share single points of failure

Describe when to consider the use of multiple AWS Regions:

Describe at a high level the benefits of Edge Locations:

3.3 Identify the core AWS services

Describe the categories of services on AWS (compute, storage, network, database).

Identify AWS compute services:

  • Recognize there are different compute families
  • Recognize the different services that provide compute (for example, AWS Lambda

compared to Amazon Elastic Container Service (Amazon ECS), or Amazon EC2, etc.)

  • Recognize that elasticity is achieved through Auto Scaling
  • Identify the purpose of load balancers

Identify different AWS storage services:

Identify AWS networking services:

Identify different AWS database services:

  • Install databases on Amazon EC2 compared to AWS managed database

See also

Advertising: