Lecture Notes: AWS Certified Cloud Practitioner Course Overview by Andrew Brown from Exam Pro

Jul 2, 2024

Lecture Notes: AWS Certified Cloud Practitioner Course Overview by Andrew Brown from Exam Pro

Introduction

  • Instructor: Andrew Brown from Exam Pro
  • Topic: Importance of Cloud Computing in Web Development
  • Focus: AWS Certified Cloud Practitioner (CCP) certification - entry-level certification for AWS
  • Goal: To validate skills in cloud computing, specifically AWS, enhancing job opportunities

Overview of AWS CCP Certification

Key Points

  • CCP: AWS foundational knowledge; similar to a lite version of the Solutions Architect Associate
  • Unique Offerings: Emphasis on billing and business-centric concepts
  • Target Audience: Often sought by individuals in sales and management to inform higher-level execs like VPs or CEOs
  • Job Value: Not critical for developer resumes, but beneficial for bootcamp grads as a familiarity indicator with AWS

Importance of CCP for Developers

  • Confidence Building: Easiest and most inexpensive AWS certification, good preparatory step before tackling more complex certifications
  • Exam Environment Familiarization: Learn test center protocol, reduce exam day stress
  • Study Time Estimates:
    • Developers: <1 week
    • Bootcamp Grads: ~15 hours (~1.5 weeks)
    • Sales & Management: ~20 hours

Exam Process and Details

Taking the Exam

  • Test Centers: PSI and Pearson VUE
  • Online Proctoring: Pearson VUE offers online proctored exams, though in-person is recommended for harder exams
  • Exam Duration and Costs:
    • Cost: $100 USD
    • Time: 90 minutes for 65 questions; aim to review questions within the allotted time
    • Passing Score: 70% (fixed number for CCP)
  • Validity: Certification is valid for 3 years

Exam Guide and Domains

Exam Guide Walkthrough

  • Domains (and their weightings):
    • Cloud Concepts: Define AWS Cloud, cloud economics, architecture principles
    • Security: Shared responsibility model, AWS security services
    • Technology: Core AWS services, global infrastructure (regions, AZs, edge locations)
    • Billing and Pricing: Pricing models, account structures, billing support resources

Response Types

  • Two Types:
    • Multiple Choice: One correct response out of four options
    • Multiple Response: Two or more correct responses out of five or more options

White Papers (Recommended Reading)

  • Not Necessary for CCP, but you can refer to:
    • Overview of Amazon Web Services
    • Architecting for the Cloud: AWS Best Practices
    • How AWS Pricing Works
    • Cost Management in AWS Cloud
    • Comparison of AWS Support Plans (webpage)

Key Concepts in Cloud Computing

What is Cloud Computing?

  • Definition: Practice of using remote servers on the internet to store, manage, and process data instead of local servers or personal computers
  • On-Premise vs Cloud Providers:
    • On-Premise: Own servers and hardware, hire IT staff, maintain real estate, take full risk
    • Cloud Providers (like AWS, GCP, Azure): Someone else owns and maintains hardware, IT staff, and data centers; shared responsibility model for security and configuration
  • Cloud vs On-Prem Benefits:
    • Cost Management: Pay as you go, benefit from economies of scale
    • Flexibility: Scale up/down based on needs
    • Speed and Agility: Quick resource launch
    • Focus: Reduce distraction on IT maintenance
    • Global Reach: Easily deploy applications globally

Types of Cloud Computing

SaaS, PaaS, IaaS Breakdown

  • SaaS (Software as a Service): Completed product managed by service provider (e.g., Gmail, Office 365)
  • PaaS (Platform as a Service): For developers, focus on app deployment (e.g., AWS Elastic Beanstalk, Heroku)
  • IaaS (Infrastructure as a Service): Basic infrastructure like networking, computing, and storage (e.g., AWS, Azure, GCP)

Deployment Models

Cloud Deployment Models

  • Cloud: Fully utilizing cloud, suited for startups, projects, minimal cost
  • On-Prem: Resources deployed on site; preferred for data sensitivity and regulation reasons (e.g., government, large enterprises)
  • Hybrid: Combination of cloud and on-prem; used by banks, FinTechs, professional service providers

AWS Global Infrastructure

Summary of Global Infrastructure

  • Regions, AZs, and Edge Locations:
    • Regions: Physical locations with multiple AZs, isolated from each other
    • AZs (Availability Zones): Discrete data centers within a region
    • Edge Locations: Data centers that cache content closer to users
  • Gov Cloud: Special regions for controlled, classified info, operated by US citizens, complying with regulations such as ITAR, DoD

AWS Account Setup and Management

AWS Account Setup

  • Creating an Account: Fill in personal details, set up credit card information, verify phone number
  • Billing Preferences and Alerts: Set up budgets and billing alarms to avoid overbilling, use billing dashboard
  • Creating IAM Users and MFA: Secure root account with MFA, create IAM users for specific roles and access
  • Working With AWS Services:
    • Launching EC2 instances, AMIs, Auto Scaling Groups, Elastic Load Balancers
    • Using S3 for object storage, CloudFront for CDN, RDS for managed databases, Lambda for serverless functions
    • Utilize CloudWatch for monitoring and alarms, AWS Marketplace for software procurement

AWS Support Plans

Overview of Support Plans

  • Basic: Billing and account emails
  • Developer: $20/month, technical support via email
  • Business: $100/month, 24/7 chat and phone support, screen sharing, third-party support
  • Enterprise: $15,000/month, dedicated TAM, 15-min response for critical issues, all checks by Trusted Advisor, cost management support

Compliance and Security on AWS

AWS Compliance Programs

  • AWS Artifact: Access compliance reports for AWS services
  • Security and Compliance Services:
    • Inspector: Run security benchmarks on EC2 instances
    • WAF (Web Application Firewall): Protects web applications from common exploits
    • Shield: DDoS protection; Standard and Advanced (for larger, sophisticated attacks)
    • Pen Testing: Permitted on eight services; some activities prohibited (e.g., DDoS, port flooding)
    • GuardDuty: Detects anomalies and unauthorized access in AWS accounts
    • KMS (Key Management Service): Manages encryption keys for data
    • Amazon Macie: Monitors and protects sensitive data stored in S3
    • Security Groups and NACLs (Network ACLs): Firewalls at instance and subnet levels

Additional AWS Topics and Comparison

Cloud-Named Services

  • CloudFormation: Infrastructure as Code (IaaC), uses templates
  • CloudTrail: Logs API calls for auditing
  • CloudFront: Content Delivery Network (CDN)
  • CloudWatch: Monitoring service; includes logs, metrics, events, alarms, and dashboards
  • CloudSearch: Managed search service

Various Connect Services

  • Direct Connect: Dedicated network connection from on-premises to AWS
  • Amazon Connect: Call center in the cloud
  • MediaConnect: Transport for live video streams

Messaging Services

  • SNS (Simple Notification Service): Pub/Sub messaging for notifications (email, SMS, HTTP)
  • SQS (Simple Queue Service): Queuing service for message storage and delivery
  • SES (Simple Email Service): Email sending service for marketing and transactional emails

Load Balancers and Miscellaneous

  • Security Services: Comparison of Trusted Advisor (holistic view of security across services) vs. Inspector (security on EC2 instances)
  • Types of Load Balancers: Classic (older), Application (layer 7, HTTP/S), Network (layer 4, IP protocol)

Conclusion and Exam Registration

  • Book Exam: Process for scheduling exam via PSI or Pearson VUE
  • End Note: Best of luck with your exam and sharing success on social media