AWS Certified Cloud Practitioner Training 2020 - Full Course

freeCodeCamp.org209 minutes read

Cloud computing, particularly AWS certification, is crucial for web development and offers job opportunities. The CCP certification emphasizes foundational AWS knowledge, showcasing familiarity with cloud concepts and billing for bootcamp grads.

Insights

  • Cloud computing is a crucial skill in web development, particularly with AWS being a favored choice for startups.
  • The CCP certification emphasizes foundational AWS knowledge, particularly in billing and business concepts.
  • The CCP certification can boost confidence and act as a stepping stone to more advanced exams, especially for bootcamp grads.
  • Study time for the CCP certification varies based on experience, with developers potentially passing in less than a week.
  • The exam for CCP certification costs $100, lasts 90 minutes, consists of 65 questions, and requires a passing score of 70%.
  • AWS operates in 69 availability zones across 22 regions globally, with the largest region being US East (North Virginia).
  • Edge locations in AWS handle requests for CloudFront and Route 53, ensuring low latency for end users worldwide.
  • AWS offers different support tiers like Basic, Business, and Enterprise, with Enterprise support starting at $15,000 USD.
  • AWS Marketplace provides a curated catalog of software listings, allowing easy purchase and deployment of software products.

Get key ideas from YouTube videos. It’s free

Recent questions

  • What is AWS Cloud Practitioner Certification?

    The AWS Cloud Practitioner Certification, also known as CCP, is a foundational certification that showcases knowledge of basic AWS services, billing, and business concepts. It is designed for individuals who want to demonstrate their understanding of cloud computing and AWS services, making it an excellent starting point for those interested in pursuing a career in cloud technology.

  • How can I prepare for the AWS Cloud Practitioner exam?

    To prepare for the AWS Cloud Practitioner exam, you can utilize various resources such as online courses, practice exams, and study guides. It is recommended to familiarize yourself with the exam guide, which outlines the domains covered in the certification. Focus on understanding cloud concepts, security, technology, and billing/pricing, with technology being a significant portion of the exam. Additionally, consider hands-on practice with AWS services to reinforce your knowledge and build confidence for the exam.

  • What are the benefits of obtaining the AWS Cloud Practitioner certification?

    Obtaining the AWS Cloud Practitioner certification can open up job opportunities in the cloud computing industry, showcasing your foundational knowledge of AWS services and concepts. It can also serve as a stepping stone to more advanced AWS certifications, allowing you to progress in your career. The certification is valid for three years, providing a long-lasting credential that demonstrates your expertise in cloud technology.

  • How can I schedule the AWS Cloud Practitioner exam?

    To schedule the AWS Cloud Practitioner exam, you can choose to take it at a test center partnered with AWS or online through Pearson VUE. When booking with Pearson VUE, select your preferred language, test center location, and available time slot. Once you have completed the scheduling process and made the necessary payment, you will be ready to take the exam. Be sure to review the exam details, including the duration, number of questions, passing score, and exam guide before scheduling your exam.

  • What are the different types of cloud computing services?

    Cloud computing services are categorized into three main types: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). SaaS provides software applications over the internet on a subscription basis, PaaS offers a platform for developers to build, deploy, and manage applications, and IaaS provides virtualized computing resources like servers, storage, and networking. Each type of cloud computing service builds on top of the other, offering varying levels of control and flexibility for users.

Related videos

Summary

00:00

"CCP Certification: Essential AWS Skill for Web"

  • Cloud computing is an essential skill in web development, with AWS being a popular choice for startups.
  • The course focuses on getting AWS certified as a cloud practitioner, offering job opportunities.
  • The CCP certification showcases foundational AWS knowledge, emphasizing billing and business concepts.
  • While the CCP may not be crucial for developers, it can be beneficial for bootcamp grads to show familiarity with AWS.
  • Obtaining the CCP certification can build confidence and serve as a stepping stone to more challenging exams.
  • Study time varies based on experience: developers can pass in less than a week, bootcamp grads in 15 hours, and sales/management in 20 hours.
  • The exam can be taken at test centers partnered with AWS, or online through Pearson VUE, with proctored exams available.
  • The exam costs $100, lasts 90 minutes, consists of 65 questions, and requires a passing score of 70%.
  • The certification is valid for three years, providing a long-lasting credential.
  • The exam guide outlines four domains: cloud concepts, security, technology, and billing/pricing, with technology being the largest portion.

12:33

Cloud Computing: Cost-effective, scalable, global solution.

  • Trade capital expense for variable expense: On-premises requires payment for data centers and servers upfront, while cloud providers charge based on usage.
  • Benefit from massive economics of scale: Cloud computing allows cost-sharing with other customers, providing unbeatable savings compared to on-premises solutions.
  • Stop guessing capacity: Cloud computing eliminates the need to guess infrastructure capacities, allowing for scaling up or down based on current needs.
  • Increased speed and agility: Cloud computing enables launching resources within minutes, as opposed to waiting days or weeks for on-premises solutions.
  • Stop spending money on running and maintaining data centers: Cloud computing frees up resources by eliminating the need to pay for servers, IT staff, and other maintenance costs.
  • Go global in minutes: Cloud computing allows for deploying applications in multiple regions worldwide with minimal costs, providing low latency and a better customer experience.
  • Types of cloud computing: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) are the three main types, with each building on top of the other.
  • Cloud computing deployment models: Cloud, on-premises, and hybrid models are utilized based on factors like cost, regulatory requirements, and existing infrastructure.
  • AWS global infrastructure: AWS operates in 69 availability zones (AZs) across 22 geographical regions worldwide, with numerous edge locations to support low latency and high throughput.
  • Regions in AWS global infrastructure: Regions are geographically distinct locations with multiple data centers (AZs), with the largest region being US East (North Virginia) where new services often debut first.

25:55

AWS Edge Locations and GovCloud Overview

  • Edge locations are data centers owned by AWS partners with direct connections to the AWS network.
  • These locations handle requests for CloudFront and Route 53, automatically routing requests to the nearest edge location.
  • Services like S3 Transfer Acceleration and API Gateway are used to quickly upload data to AWS via edge locations.
  • Edge locations ensure low latency for end users globally.
  • GovCloud is a specialized AWS region for hosting sensitive, regulated workloads, operated by US citizens on US soil.
  • GovCloud is compliant with FedRAMP, Department of Justice, ITAR, EAR, and DoD regulations.
  • GovCloud regions are available in US West and US East, exclusively for US identity and root account holders.
  • Setting up an AWS account requires providing personal information, agreeing to terms, and adding a valid credit card.
  • Billing preferences should be set to receive alerts and reports for cost monitoring.
  • Creating budgets and billing alarms in AWS helps prevent unexpected charges by setting spending limits and receiving notifications.

38:44

"Secure Billing Alarms and User Management"

  • To create a billing alarm, hit "Create topic" and then "Next" to set it up.
  • Multiple billing alarms can be created for different amounts like 100, 150, or 202 to track expenses.
  • Utilize diverse budgets to manage expenses effectively.
  • Confirm the email notification for the billing alarm to activate it.
  • Turn on Multi-Factor Authentication (MFA) for added security on the root account.
  • Choose a virtual MFA option for mobile devices like Google Authenticator.
  • Create a new user account to avoid using the root account for security reasons.
  • Assign the new user to a group with appropriate permissions like admin access.
  • Set up a password policy with specific requirements like character count and complexity.
  • Ensure to log in as the new user created and avoid using the root account for regular activities.

50:49

"Launching EC2 Server in North Virginia"

  • Availability zones vary by region, with Canada Central having fewer zones compared to North Virginia's six.
  • New features are likely to be found in North Virginia, prompting a region change for following along.
  • Launching a server involves using EC2, accessed through the services tab and EC2 console.
  • Configuration options for the server include selecting the OS (Amazon Linux 2 for free tier benefits) and instance type (T2 micro for cost-saving).
  • Instance details allow for choosing the number of instances to start, default VPC, default subnet, and creating an IM role.
  • Creating an IM role involves navigating to the IM Management Console, selecting EC2, and specifying permissions for SSM (Simple Systems Manager).
  • Storage options include choosing storage size, volume type (general purpose), and reviewing before launching the instance.
  • Proceeding without a key pair is possible when using SSM for server access, acknowledging potential connection limitations.
  • Monitoring the instance's status through the console, ensuring it passes status checks and displays public and private IP addresses.
  • Accessing the instance can be done through SSH, EC2 Instance Connect, or preferred method SSM, ensuring visibility and session logging for security.

01:02:14

Auto Scaling, Load Balancing, and Amazon S3

  • Launch configuration created without a key pair
  • Creation of the launch configuration is followed by the creation of the auto scaling group
  • Auto scaling group named "fresh ASG" set with a group size of one instance
  • Selection of a VPC and subnets for the auto scaling group
  • Configuration of scaling policies to determine the group's reaction to environment changes
  • Progression to notifications, tags, and review before creating the auto scaling group
  • Monitoring the auto scaling group's status and instance count
  • Instances are automatically spun up to meet the minimum demand set
  • Instances can be terminated to trigger the auto scaling group to launch replacements
  • Auto scaling group can be deleted, leading to the termination of associated instances
  • Elastic Load Balancers (ELBs) distribute traffic evenly to multiple instances
  • Instances running in different availability zones to prevent downtime
  • Launching instances to be load balanced
  • Creation of two instances named "instance A" and "instance B"
  • Configuration of an Application Load Balancer (ALB) to balance traffic
  • Registration of instances to the ALB's target group
  • Provisioning of the ALB and obtaining its DNS name for traffic routing
  • Explanation of how ELBs route traffic to registered targets
  • Deletion of the ALB and manual termination of instances
  • Amazon S3 is a global service with region-specific buckets
  • Creation of a bucket named "exam pro fresh"
  • Uploading files to the created bucket from the desktop

01:13:58

"Optimizing file delivery with CloudFront and S3"

  • To download a file from S3, simply click the download button.
  • S3 offers various functionalities, but the basic concept involves uploading and downloading files.
  • The S3 bucket created will not be deleted as it will be used in conjunction with CloudFront.
  • CloudFront acts as a content distribution network, optimizing the delivery of static files or videos globally.
  • CloudFront copies static content to multiple edge locations worldwide for faster access.
  • Creating a CloudFront distribution involves selecting the S3 bucket and adjusting settings.
  • CloudFront distributions take time to create but enhance content delivery speed globally.
  • CloudFront provides a domain name for routing traffic to the nearest edge location.
  • RDS, or Relational Database Service, allows for setting up relational databases.
  • RDS offers different templates like production, dev test, and free tier, each catering to specific needs and costs.

01:26:08

AWS Pricing Options for Workload Flexibility

  • On-demand pricing is suitable for short-term spikes in workload, unpredictable usage, new app development, or experimental runs.
  • Reserved Instances (RI) offer the best long-term savings for applications with steady, predictable usage or reserved capacity needs.
  • Reduced pricing for RIs is based on term class offerings and payment options.
  • Payment options for RIs include standard, convertible, and scheduled, with standard offering the highest savings at 75% compared to on-demand.
  • Convertible RIs provide flexibility to change instance types, though with slightly lower savings of up to 54%.
  • Scheduled RIs are for specific time periods of predictable workload, offering varying savings.
  • Terms for RIs can be one year or three years, with payment options of all upfront, partial upfront, or no upfront.
  • Spot Instances offer the biggest savings at 90% off compared to on-demand pricing, suitable for flexible start and end times or low-cost applications.
  • Spot Instances can be terminated by AWS at any time, with no charges for partial hour usage if terminated by AWS.
  • Dedicated hosting is the most expensive option, designed for strict server-bound licensing or regulatory requirements, available in on-demand or reserved flavors with up to 70% savings.

01:38:27

AWS Support Tiers and Marketplace Overview

  • AWS offers different support tiers: Basic, Business, and Enterprise.
  • The Enterprise tier is the most expensive, starting at $15,000 USD, with dedicated resources including a personal concierge and a technical account manager.
  • Enterprise support provides a new response time of 15 minutes for critical system issues.
  • Advisor checks vary between Basic (7 checks) and Business Enterprise (all checks).
  • Pricing for different tiers, response times (24/7, 1 hour, 15 minutes), and account assignments are crucial to know.
  • Creating a support case in AWS involves choosing the type, category, severity, and providing a description with attachments.
  • Technical support allows asking technical questions about AWS services, narrowing down categories based on the service.
  • Chat and phone support are available for technical issues, with cloud engineers assisting and saving conversations for reference.
  • AWS Marketplace offers a curated catalog of software listings from independent vendors, allowing buying and selling of software.
  • Users can explore categories, vendors, pricing plans, and delivery methods to find and subscribe to products like Amazon Machine Images.

01:51:11

"Trusted Advisor: Free AWS Best Practices Checks"

  • Trusted Advisor provides free checks for Business or Enterprise support, encompassing all checks available.
  • Trusted Advisor acts as an automated checklist for AWS best practices, with five categories of advice and checks.
  • Under Cost Optimization, Trusted Advisor suggests saving money by addressing idle load balancers and unassociated Elastic IPs.
  • Idle load balancers incur a minimum monthly cost of $15, prompting removal if not in use.
  • Elastic IPs not attached to EC2 instances lead to costs, advising their release if unassociated.
  • Performance recommendations may include upgrading to larger instances for high CPU usage.
  • Security suggestions encompass enabling MFA on root accounts and rotating IAM access keys for enhanced security.
  • Fault tolerance advice may involve ensuring RDS backups are in place for database recovery.
  • Service limits recommendations aim to prevent exceeding set limits, like requesting a limit increase for services such as SES.
  • Consolidating billing centralizes billing information from multiple member accounts under a master account, aiding in cost management and volume discounts.
  • AWS Cost Explorer offers insights into cost and usage, allowing for forecasting, custom reports, and data visualization for effective cost management across multiple accounts.

02:03:30

"Managing AWS Budgets and TCO Efficiently"

  • AWS Budgets is a service that helps plan service usage, costs, and instance reservations, costing about two cents per day with a limit of 20,000 budgets, the first two being free.
  • Budgets can be set up to alert when approaching or exceeding defined budgets, with three types available: cost, usage, and reservation, allowing tracking based on monthly, quarterly, or yearly levels.
  • Budgets can be managed via the dashboard or API, with notifications sent via email or chatbot services like Slack or Chime.
  • The process of setting up a budget involves choosing between cost, usage, or reservation budgets, selecting the period, and setting the budget amount, with options for recurring or expiring budgets.
  • Alerts can be configured to notify when approaching the budget threshold, with the ability to add contacts for notifications and integrate with Amazon SNS or chatbot services.
  • The Total Cost of Ownership (TCO) calculator helps estimate savings when moving to AWS from on-premise, providing detailed reports for executive presentations based on data provided.
  • The TCO calculator requires input on server details, storage, network, and labor costs, generating a comparison between on-premise and AWS costs, potentially saving up to 70% annually.
  • AWS Landing Zone assists enterprises in setting up a secure multi-account environment, serving as a baseline for multi-account architecture, with an upfront cost more suitable for larger enterprises than small to medium-sized startups.

02:15:28

Automated Landing Zone Setup for Secure Growth

  • Companies recommend running in multi-account but lack knowledge on setting it up securely and for future growth.
  • Landing zone is a setup service that automates the creation and security of multi-accounts.
  • Service Account Vending Machine (VM) provisions and configures new accounts through a service catalog template.
  • Access to accounts is through single sign-on.
  • Customers can customize environments through a landing zone configuration and update pipeline.
  • Ava's landing zone includes four accounts: master, shared service, log archive, and secret accounts.
  • Setting up separate login and security accounts is crucial for auditing purposes.
  • Additional accounts can be created using the account vending machine.
  • Resource groups are collections of resources sharing one or more tags for organization.
  • Resource groups help consolidate information based on projects and resources used, displaying details based on metrics, alarms, and configuration settings.

02:27:25

Creating and Accessing Cost Usage Reports in AWS

  • To access Ava's cost usage report, go to the billing dashboard and select cost of usage reports.
  • Create a new report by naming it and configuring where it will be stored.
  • Choose the level of detail for the report, such as daily or hourly.
  • Select the integration options like Athena, Redshift, or QuickSight, or leave it as is.
  • Review and complete the report creation process.
  • Wait for the report to be delivered to an Amazon S3 bucket within 24 hours.
  • Access the report by navigating through the S3 bucket folders to find the CSV zip file.
  • Unzip the file to access the raw data in Excel for analysis.
  • Integrate the data into QuickSight and Athena for further analysis within AWS.
  • Create an organization in AWS to manage multiple accounts and apply service control policies for access control.

02:39:26

Managing AWS Accounts and Databases Effectively

  • To enable a policy, go to developers and choose attach.
  • You can set permissions for accounts, allowing access to specific services.
  • Accounts have their own root account when created.
  • To suspend an account, go to "my account" and select suspend.
  • You cannot close your own account without proper permissions.
  • To suspend an account, attach full access and detach EC two in service policies.
  • DynamoDB is a NoSQL key-value database that can scale to millions of records.
  • RDS is a popular relational database service supporting multiple engines like MySQL and Oracle.
  • Aurora is a fully managed relational database with better performance than regular RDS.
  • Redshift is a columnar store database suitable for handling large amounts of data.

02:52:12

AWS Services Simplify Cloud Deployment and Management

  • Elastic Beanstalk simplifies code deployment on AWS by allowing users to upload their code and choose a container with minimal configuration.
  • OpsWorks is a configuration management service that assists in setting up server instances using Chef or Puppet tools.
  • CloudFormation enables infrastructure setup through JSON or YAML files defining AWS resources and configurations.
  • AWS Quick Starts are pre-made cloudformation templates for various services, aiding in quick deployment.
  • AWS Marketplace offers a wide range of software listings from vendors for easy purchase and deployment.
  • EC2 is a highly configurable server allowing users to choose CPU, memory, network, and OS.
  • ECS is a Docker service for running microservices, while Fargate is an evolution of ECS without the need to choose EC2 instances.
  • EKS provides Kubernetes as a service for microservices, and Lambda allows running serverless functions without server management.
  • Elastic Beanstalk orchestrates various AWS services for web applications, focusing on developer environments.
  • AWS Batch aids in batch processing by scheduling and executing computing workloads across AWS services using spot pricing.

03:04:44

AWS Services Overview: Workspaces, WorkDocs, Chime, WorkMail

  • Workspaces are virtual Remote Desktops for provisioning Windows or Linux desktops quickly, scaling up to thousands.
  • WorkDocs is a content creation collaboration service similar to SharePoint, allowing easy content creation, editing, and sharing.
  • Chime is a platform for online meetings, video conferencing, and business calling, combining features of Slack and Skype.
  • WorkMail is a managed business email, contacts, and calendar service, akin to Gmail but on AWS.
  • Pinpoint is a marketing campaign management system for sending targeted emails, SMS, push notifications, and voice messages.
  • SES is a cloud-based email sending service for marketers and developers, supporting HTML emails for web applications.
  • QuickSight is a business intelligence service enabling visualization of data from multiple sources with minimal programming knowledge.
  • Direct Connect offers a dedicated gigabit network connection from on-premise to AWS for low latency and secure connections.
  • VPN allows secure connections to networks through site-to-site or client VPN options.
  • Storage Gateway is a hybrid storage service enabling on-premise applications to use AWS Cloud Storage for various purposes like backup, archiving, and disaster recovery.

03:17:39

AWS Compliance and Security Services Overview

  • AWS provides a database artifact service to assess compliance programs, requiring proof beyond logos on websites.
  • Accessing compliance reports involves navigating through AWS artifacts, selecting a package, and generating a PDF with links to desired files.
  • Instructions for accessing compliance reports include using Adobe Acrobat Reader for file downloads and opening specific files within the PDF.
  • Amazon Inspector aids in hardening EC2 instances by running security benchmarks, including network and host assessments.
  • AWS Web Application Firewall (WAF) allows users to create rules for traffic based on HTTP requests, protecting against common web exploits.
  • AWS Shield offers DDoS protection services, with Shield Standard automatically enabled for all AWS customers and Shield Advanced providing additional protection for a fee.
  • Penetration testing on AWS is permitted on specific services like EC2 instances, RDS, and CloudFront, with prohibited activities including DDoS attacks and flooding.
  • Amazon GuardDuty is a threat detection service that monitors for malicious activity using machine learning to analyze various logs, alerting users for incident response.
  • GuardDuty utilizes cloud trail logs, VPC flow logs, and DNS logs for threat detection, with the ability to automate incident response through cloud watch events or third-party services.
  • Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS) are related concepts to GuardDuty, monitoring and protecting networks from unauthorized access.

03:30:24

AWS Security Features and Services Overview

  • Amazon GuardDuty is an IDS/IPS for AWS, detecting malicious activity or policy violations.
  • GuardDuty findings show attempts like SSH brute force attacks on public-facing instances.
  • Key Management Service (KMS) is a managed service for creating and controlling encryption keys.
  • KMS uses multi-tenant HSMs for secure key storage and integrates with many AWS services for encryption.
  • Amazon Macie monitors S3 data for anomalies, alerting on unauthorized access or data leaks.
  • Macie detects risks like ransomware, privilege escalation, and information loss, ranking at-risk users.
  • Security groups act at the instance level, while NACLs act at the subnet level in VPCs.
  • Security groups require allow rules for traffic, while NACLs allow for specific IP blocking.
  • Universal VPN offers site-to-site and client VPN connections for secure network access.
  • Cloud services like CloudFormation, CloudTrail, CloudFront, and CloudWatch offer various functionalities.

03:43:00

AWS Messaging and Application Integration Overview

  • SNS and SQS are often confused due to their messaging functions and application integration capabilities.
  • SNS uses a pub-sub messaging model to pass messages, while SQS focuses on queuing up messages.
  • SNS sends notifications to subscribers via various protocols like HTTP, email, SMS, and Lambda, while SQS places messages in a queue for applications to pull using the AWS SDK.
  • SNS is ideal for sending plain text emails triggered by AWS services like building alarms, while SQS can retain messages for up to 14 days, send them sequentially or in parallel, and ensure message delivery.
  • SNS is recommended for webhooks and internal emails, while SQS is suitable for delay tasks and queuing emails.
  • Inspector audits EC2 instances against security checklists, like the CIS benchmark, while Trusted Advisor offers recommendations and best practices across multiple services, emphasizing security measures.
  • Three types of load balancers include Classic Load Balancer (formerly Elastic Load Balancer), Application Load Balancer for layer 7 traffic like HTTP and HTTPS, and Network Load Balancer for layer 4 traffic handling TCP and TLS.
  • Application Load Balancer allows advanced routing rules for subdomains and can attach a Web Application Firewall, while Network Load Balancer is optimized for high-performance, low-latency traffic handling.
  • SNS is for practical and internal email use cases, sending notifications via multiple protocols, while SES is cloud-based and suitable for professional and marketing emails.
  • Artifact focuses on compliance frameworks like SOC or PCI, generating PDF reports on AWS's adherence, while Inspector ensures EC2 instance security through scripts and PDF reports on security checks.

03:55:28

Scheduling Exams with PSI and Pearson VUE

  • To book an exam with PSI, select a Wednesday or Thursday slot, pay in USD, and once payment is made, you are ready to take the exam.
  • When booking with Pearson VUE, choose your preferred language, select a test center from the options provided, compare availability, choose a time slot, and proceed to checkout to schedule the exam.
Channel avatarChannel avatarChannel avatarChannel avatarChannel avatar

Try it yourself — It’s free.