AWS CLF-C02 Handbook

"Virtual servers, Rent VMs, OS management"

Virtual servers in the cloud

"Container orchestration, Docker, Task Definition"

Container orchestration service

"Kubernetes, K8s, Open source"

Managed Kubernetes service

"Serverless, Function as Service, Pay per call"

Run code without servers

"Serverless containers, No EC2 management"

Serverless container compute

"Batch processing, Dynamically launch EC2"

Fully managed batch processing

"Simple web app, WordPress, Beginner"

Easy virtual private servers

"Scale out, Scale in, Demand"

Automatic scaling of EC2 instances

"PaaS, Upload code, Easy deploy"

Platform as a Service

"Object storage, Buckets, Infinitely scalable"

Scalable object storage

"Archive, Long-term retention, Hours retrieval"

Low-cost archive storage

"Block storage, Attached to EC2, Specific AZ"

EC2 block storage volumes

"NFS, Linux, Mount on 100s EC2, Multi-AZ"

Managed file storage

"Hybrid storage, Bridge on-premise"

Hybrid cloud storage

"High-performance, HPC"

High-performance file system

"SMB protocol, Windows file shares"

Windows file system

"Physical device, Migrate petabytes, Edge"

Physical data transport

"Centralized backup, Retention, Plans"

Centralized backup management

"Relational, SQL, MySQL/PostgreSQL"

Managed relational database

"AWS proprietary, 5x faster MySQL, Serverless"

High-performance managed DB

"NoSQL, Serverless, Single-digit ms latency"

Managed NoSQL database

"In-memory, Cache, Redis/Memcached"

In-memory data store

"Graph database, Social network"

Managed graph database

"MongoDB compatibility, JSON"

MongoDB-compatible database

"Ledger, Blockchain, Immutable"

Blockchain networks

"Private network, Subnets, IP ranges"

Isolated cloud network

"Distribute traffic, ALB/NLB/GLB, Health checks"

Distribute incoming application traffic

"DNS, Route users, Health checks"

Scalable DNS service

"CDN, Edge locations, Cache content"

Content delivery network

"Private connection, Fiber optic, Hybrid"

Dedicated network connection

"Site-to-Site, Client VPN, IPsec"

Secure encrypted connection

"Connect thousands VPCs, Hub-and-spoke"

Network transit hub

"Static IP, Anycast, Global availability"

Network performance optimizer

"Interface Endpoint, Private connectivity, No internet"

Securely access services privately

"Users/Groups/Roles, Permissions, Least Privilege"

Identity & access management

"SSO, Single Sign-On, Multi-account access"

Centralized identity management

"DDoS protection, Standard vs Advanced"

DDoS protection

"Firewall, SQL injection, XSS"

Web application firewall

"Encryption keys, Manage encryption"

Key management service

"Hardware Security Module, Dedicated hardware"

Hardware security module

"Threat detection, ML, Crypto attacks"

Intelligent threat detection

"Security assessment, EC2 vulnerabilities"

Automated security assessment

"Discover sensitive data, PII, S3"

Data privacy service

"Compliance reports, PCI, ISO, SOC"

Compliance documentation

"Record changes, Compliance timeline"

Resource configuration tracking

"Audit API calls, Who did what"

API activity logging

"Sign-up, Sign-in, User Pools"

Customer identity & access

"Rotate secrets, DB credentials"

Secrets management

"Central dashboard, Compliance, Aggregated alerts"

Unified security posture management

"Investigation, Root cause, Graph"

Investigate security findings

"VPC firewall, Stateful, IPS/IDS"

Managed network firewall for VPCs

"Central rules, WAF management, Organizations"

Central firewall policy management

"SSL/TLS, Public/Private certs, Auto-renewal"

Provision and manage SSL certificates

"Active Directory, AD Connector, SSO"

Managed Microsoft Active Directory

"Temporary credentials, AssumeRole, Cross-account"

Targeted temporary access

"API, REST, WebSocket, Throttling"

Create, publish, maintain, monitor, and secure APIs

"Orchestration, Workflow, Visual, State machine"

Visual workflow service to coordinate microservices

"Event bus, Scheduler, SaaS integration"

Serverless event bus

"Queue, Decouple apps, Pull-based"

Message queuing service

"Notification, Pub/Sub, Push-based"

Notification service

"Infrastructure as Code, Templates"

IaC automation

"Managed Chef and Puppet"

Configuration management

"Scale multiple resources, Predictive scaling"

Unified scaling plans & forecasting

"Patching, Run commands, Parameter Store"

Operational management

"Best practices, Cost optimization"

Optimization recommendations

"Multiple accounts, Consolidated billing"

Account management

"Landing Zone, Governance, Multi-account setup"

Multi-account governance

"Self-service, Portfolios, Approved products"

Manage approved IT services

"Right-sizing, Recommendations, Machine learning"

Resource optimization

"Metrics, Alarms, Logs, Dashboards"

Monitoring & observability

"Best practices, 6 Pillars, Review"

Architecture reviews

"CAF, 6 Perspectives, Business, People, Governance"

Framework for cloud transformation

"Share resources, Cross-account, Subnets"

Securely share resources across accounts

"Personalized status, Maintenance, Service health"

Personalized AWS service health view

"Ops on behalf, RFC, Patching/Backup"

Infrastructure operations management

"Buy software, AMI, SaaS, Third-party"

Digital catalog for software

"Limits, Request increase, Alarms"

Manage service limits

"Golden AMI, Pipeline, Patching"

Automate AMI creation

"Visualize costs, Forecast, Reports"

Cost visualization & forecasting

"Alarms, Alert if limits exceeded"

Budget alerts & tracking

"Estimate costs, Quote"

Cost estimation tool

"Long-term commitment, Flexible pricing"

Flexible pricing model

"Basic, Developer, Business, Enterprise, TAM"

Support tiers & pricing

"Speech to text"

Automatic speech recognition

"Text to speech"

Text-to-speech service

"Translation"

Language translation

"Image analysis, Face detection"

Image & video analysis

"Chatbots, Conversational intent"

Conversational interfaces

"NLP, Sentiment analysis"

Natural language processing

"Build, train, deploy ML models"

Machine learning platform

"OCR, Extract text, Forms/Tables"

Extract text/data from documents

"Recommendations, User behavior, ML"

Real-time recommendation engine

"Enterprise search, Natural language, Documents"

Intelligent enterprise search

"Migrate database, Homogeneous/Heterogeneous"

Database migration service

"Lift and shift, Rehost, Physical to AWS"

Application migration

"Analyze on-premises, Dependency mapping"

Server usage analysis

"Business case, TCO"

Migration planning

"Data transfer, NFS/SMB, On-prem to AWS"

Online data transfer service

"SFTP, FTPS, FTP, S3/EFS"

Fully managed file transfer

"Track progress, Discovery, Orchestrator"

Central migration tracking

"Virtual desktops, VDI, DaaS"

Desktop-as-a-Service solution

"Stream apps, Browser access"

Stream desktop applications

"Mobile/Web apps, Hosting, Auth"

Build and deploy full-stack apps

"GraphQL, Real-time, Offline"

Managed GraphQL API

"Git, Source control, Private repo"

Managed source control service

"Build artifacts, Compile code, Test"

Fully managed build service

"Automate deployment, Blue/Green"

Automate code deployments

"CI/CD, Pipeline, Orchestrate"

Continuous delivery service

"IDE, Browser-based, Collaborative"

Cloud IDE for writing code

"Artifact repo, npm/maven proxy"

Secure artifact management

"ML code review, Profiler"

Intelligent developer recommendations

"Real devices, Mobile testing, Browser testing"

App testing on real devices

"Chaos engineering, Fault injection, Resilience"

Fault Injection Service

"IaC, Code, TypeScript/Python"

Define infrastructure as code

"Visual builder, Serverless, Drag-and-drop"

Visually build serverless apps

"Serverless SQL, Query S3"

Interactive SQL query service

"Data warehouse, Analytics, Columnar"

Cloud data warehouse

"Big Data, Spark, Hadoop"

Cloud big data platform

"BI, Dashboards, Visualizations"

Business intelligence service

"Search, Logs, ELK, Analytics"

Search and analytics suite

"Real-time streaming, Video streams"

Process real-time data

"ETL, Data Catalog, Crawler"

Simple, scalable, and serverless data integration

"Connect devices, MQTT, Shadow"

Connect devices to the cloud

"Contact center, Call center, Cloud"

Omnichannel cloud contact center

"Marketing, Segments, Campaigns, SMS/Email"

Targeted multi-channel marketing

"Hybrid, Rack on-prem, Same APIs"

Run AWS infrastructure on-premises

"5G, Edge, Ultra-low latency"

AWS services at the 5G edge

"Metro extension, Low latency, City-level"

Infrastructure closer to end-users

"Satellite, Antennas, Downlink"

Fully managed ground station as a service