AWS Certified Cloud Practitioner
Validates foundational understanding of AWS Cloud concepts, services, security, architecture, pricing, and support. Intended for individuals in non-technical or early technical roles who want to demonstrate overall understanding of the AWS Cloud.
Exam domains
- Cloud Technology and Services34%
Define methods of deploying and operating in the AWS Cloud (deployment models - cloud/hybrid/on-premises; methods - AWS Management Console, AWS CLI, AWS SDKs, IaC with CloudFormation/CDK/Terraform; connecting to AWS - public internet, AWS Direct Connect, AWS Site-to-Site VPN). Define the AWS global infrastructure (Regions and Availability Zones, Local Zones, Wavelength Zones, Outposts, edge locations, CloudFront PoPs). Identify AWS compute services (Amazon EC2 instance families, Amazon ECS, Amazon EKS, AWS Fargate for serverless containers, AWS Lambda for serverless functions, AWS Batch, AWS Elastic Beanstalk). Identify AWS storage services (Amazon S3 storage classes - Standard/IA/Glacier; Amazon EBS volume types - gp3/io2/sc1; Amazon EFS for shared file storage; Amazon FSx for Windows/Lustre/NetApp; AWS Storage Gateway; AWS Backup; AWS Snow Family for data transfer). Identify AWS database services (Amazon RDS - MySQL/PostgreSQL/MariaDB/Oracle/SQL Server/Aurora; Amazon DynamoDB serverless NoSQL; Amazon ElastiCache - Redis/Memcached; Amazon Neptune graph database; Amazon DocumentDB MongoDB-compatible; Amazon Timestream; Amazon Keyspaces Cassandra-compatible; database migration with AWS DMS and AWS SCT). Identify AWS networking services (Amazon VPC, subnets, route tables, security groups, NACLs; Elastic Load Balancing - ALB/NLB/GLB; Amazon Route 53 DNS; Amazon CloudFront CDN; AWS Global Accelerator; AWS Direct Connect; AWS Transit Gateway). Identify AWS application integration, monitoring, analytics, AI/ML, and developer tools (SNS, SQS, EventBridge, Step Functions, AppFlow; CloudWatch, CloudTrail, X-Ray; Athena, Glue, EMR, Redshift, Kinesis, MSK, QuickSight; Rekognition, Polly, Comprehend, Lex, Personalize, SageMaker; CodeCommit, CodeBuild, CodeDeploy, CodePipeline).
- Security and Compliance30%
Understand the AWS shared responsibility model (AWS responsibility 'of' the cloud - hardware, software, networking, facilities; customer responsibility 'in' the cloud - data, identity management, applications). Understand AWS Cloud security, governance, and compliance concepts (compliance programs - PCI DSS/HIPAA/SOC/ISO/FedRAMP/GDPR; security pillars - identity and access management, infrastructure protection, data protection, detection, incident response). Identify AWS access management capabilities (IAM users, groups, roles, policies; principle of least privilege; MFA; root user vs IAM user; IAM Identity Center; AWS Organizations and SCPs; identity federation; AWS Cognito for application identity). Identify components and resources for security (AWS Shield - Standard/Advanced for DDoS, AWS WAF for web application firewall, AWS Firewall Manager, Amazon GuardDuty for threat detection, AWS Security Hub for unified findings, AWS Inspector for vulnerability assessment, AWS Trusted Advisor, AWS Artifact for compliance reports, AWS Audit Manager).
Sources
Questions are grounded in 150 references from official and authoritative materials.