blog > aws-clf-co2-cloud-technology-and-services

AWS CLF-CO2 : Cloud Technology and Services

by Yashlin Naidoo
Published on: 5/20/2024


This blog is part of a 4 part series covering the 2024 AWS (CLF-CO2) study guide. While there is tremendous value in going through this blog even if you are not writing the exam , please be aware that the content is centered around the exam.

As with any exam , the curriculum and the course content will evolve over time , please pay attention to when this blog was written and take into account that the exam and its content may have changed.

Deploying and Operating in the AWS Cloud

  1. Different Ways of Provisioning and Operating in the AWS Cloud:
    • Resource Deployment Methods: Options include manual setup through the console, infrastructure as code (e.g., AWS CloudFormation, Terraform), and automated deployment pipelines.
  2. Different Ways to Access AWS Services:
    • APIs: Provide programmatic access to AWS services, allowing integration with other applications.
    • SDKs: Software Development Kits simplify AWS interactions across programming languages.
    • CLI (Command Line Interface): Enables executing commands via scripts or terminal commands.
    • AWS Management Console: A graphical user interface for managing AWS services and resources.
  3. Types of Cloud Deployment Models:
    • Cloud: Fully hosted on AWS, where all infrastructure is managed by AWS.
    • Hybrid: Combines cloud and on-premises infrastructure, providing flexibility for specific workloads.
    • On-Premises: Resources are managed locally, but AWS services may still be integrated.
  4. Connectivity Options:
    • AWS VPN: Secure, encrypted connections to AWS from your on-premises network.
    • AWS Direct Connect: A dedicated network connection for high bandwidth, low latency access to AWS.
    • Public Internet: Access to AWS resources via standard internet connections.
  5. Deciding Between Access Methods:
    • Programmatic Access: Ideal for automation and integration through APIs, SDKs, or CLI.
    • AWS Management Console: Best suited for hands-on management and visual resource monitoring.
    • Infrastructure as Code (IaC): Ensures consistent and repeatable deployments using tools like CloudFormation.
  6. Identifying Connectivity Options:
    • AWS VPN: Best for secure, quick connections.
    • AWS Direct Connect: Suitable for high throughput and consistent latency.
    • Public Internet: Offers convenience and accessibility at a lower cost.

AWS Global Infrastructure

  1. AWS Regions, Availability Zones, and Edge Locations:
    • Regions: Geographically isolated areas consisting of multiple Availability Zones.
    • Availability Zones (AZs): Isolated data centers within a region that offer redundancy and low-latency network connections to each other.
    • Edge Locations: Sites that cache content and accelerate data delivery, reducing latency.
  2. Use of Multiple Regions:
    • Disaster Recovery (DR) and Business Continuity: Implementing cross-region backups and multi-region failover.
    • Low Latency: Distributing applications to regions closer to end users.
    • Data Sovereignty: Ensuring data remains within specific geographic regions for compliance.
  3. Benefits of Edge Locations:
    • Amazon CloudFront: A content delivery network (CDN) that caches content close to users for faster load times.
    • AWS Global Accelerator: Improves the availability and performance of applications by routing traffic to optimal endpoints.
  4. AWS Wavelength Zones and AWS Local Zones:
    • Wavelength Zones: Extends AWS infrastructure to the edge of 5G networks for ultra-low latency applications.
    • Local Zones: Offers low-latency access to specific AWS services, bringing compute, storage, and networking closer to end users.

AWS Compute Services

  1. Appropriate Use of Different EC2 Instance Types:
    • Compute-Optimized: Suitable for high-performance computing (HPC), gaming, and scientific modeling.
    • Memory-Optimized: Ideal for in-memory databases, big data analytics, and real-time processing.
    • Storage-Optimized: Great for NoSQL databases, data warehousing, and Hadoop.
    • General Purpose: Balanced compute, memory, and storage for diverse applications.
  2. Appropriate Use of Different Container Options:
    • Amazon ECS: Best for managing containers using AWS’s native orchestration.
    • Amazon EKS: Ideal for Kubernetes users who prefer open-source tooling and native integrations.
    • AWS Fargate: Perfect for those needing fully serverless container orchestration.
  3. Appropriate Use of Serverless Compute Options:
    • AWS Lambda: Best for event-driven applications, microservices, and one-time processing tasks.
    • AWS Fargate: Suitable for applications that require full container orchestration without managing infrastructure.
  4. Auto Scaling for Elasticity:
    • Amazon EC2 Auto Scaling: Automatically scales EC2 instances based on defined rules and demand.
    • Application Auto Scaling: Provides scaling for ECS tasks, DynamoDB tables, and other AWS services.
  5. Purposes of Load Balancers:
    • Application Load Balancer (ALB): Operates at the application layer (Layer 7), ideal for HTTP and HTTPS traffic.
    • Network Load Balancer (NLB): Operates at the network layer (Layer 4), suited for high-throughput, low-latency traffic.
    • Classic Load Balancer (CLB): Legacy load balancer that supports HTTP, HTTPS, and TCP protocols.
    Load balancers distribute traffic across multiple instances or targets, ensuring improved reliability and availability by routing around faulty or overwhelmed resources.

AWS Database Services

  1. AWS Database Services:
    • Relational Databases (SQL): Amazon RDS and Amazon Aurora for managed database services.
    • NoSQL Databases: Amazon DynamoDB and Amazon DocumentDB for flexible, schema-less data structures.
    • In-Memory Databases: Amazon ElastiCache for caching and real-time analytics.
    • Graph Databases: Amazon Neptune for complex relationship mapping.
    • Data Warehousing: Amazon Redshift for large-scale analytics.
  2. Database Migration:
    • AWS Database Migration Service (DMS): Helps migrate databases with minimal downtime.
    • AWS Schema Conversion Tool (SCT): Converts database schemas from one database engine to another.
  3. EC2-Hosted vs. AWS-Managed Databases:
    • EC2-Hosted: Offers full control over the database engine and configuration but requires managing backups, scaling, and maintenance.
    • AWS-Managed: Includes features like automated backups, scaling, high availability, and security management.
  4. Relational Databases:
    • Amazon RDS (Relational Database Service): Supports multiple database engines like MySQL, PostgreSQL, and SQL Server.
    • Amazon Aurora: A high-performance, scalable relational database compatible with MySQL and PostgreSQL.
  5. NoSQL Databases:
    • Amazon DynamoDB: Fully managed, low-latency, NoSQL database suitable for web, mobile, and gaming applications.
    • Amazon DocumentDB: A managed MongoDB-compatible database for JSON-like document storage.
  6. Memory-Based Databases:
    • Amazon ElastiCache: Supports Redis and Memcached for real-time caching and in-memory processing.
    • Amazon MemoryDB: Fully managed Redis-compatible in-memory database for ultra-fast data processing.

AWS Network Services

  1. AWS Network Services:
    • Amazon VPC (Virtual Private Cloud): Enables the provisioning of a logically isolated network, defining your own IP ranges and subnet configurations.
    • Amazon Route 53: Managed DNS service that connects requests to AWS services or external domains.
    • AWS Direct Connect: Dedicated private connection from on-premises networks to AWS.
    • AWS VPN: Securely connects on-premises networks or individual devices to AWS via IPsec tunnels.
    • AWS CloudFront: Content delivery network (CDN) that speeds up delivery of static and dynamic web content.
  2. Components of a VPC:
    • Subnets: Logical subdivisions of a VPC that allow you to group resources.
    • Gateways: Connect your VPC to other networks, such as:
      • Internet Gateway: Enables communication between VPC resources and the internet.
      • NAT Gateway: Allows private subnet instances outbound access to the internet.
      • Virtual Private Gateway: Connects VPCs to your on-premises network using a VPN.
  3. Security in a VPC:
    • Security Groups: Act as virtual firewalls for individual instances, controlling inbound and outbound traffic.
    • Network ACLs: Operate at the subnet level and control traffic entering or leaving subnets.
  4. Purpose of Amazon Route 53:
    • DNS Management: Handles domain registration, routing traffic, and managing DNS records.
    • Traffic Routing: Supports routing policies for global load balancing, geolocation, and latency-based routing.
    • Health Checks: Monitors endpoint health and ensures traffic is only directed to healthy endpoints.

AWS Storage Services

  1. AWS Storage Services:
    • Amazon S3 (Simple Storage Service): Scalable object storage for any type of data.
    • Amazon EBS (Elastic Block Store): Persistent block storage for EC2 instances.
    • Amazon EFS (Elastic File System): Managed, scalable file storage that grows and shrinks automatically.
    • Amazon FSx: Fully managed Windows file servers and high-performance file systems.
    • AWS Storage Gateway: Connects on-premises environments to cloud storage.
    • AWS Backup: Centralized service to manage backups across AWS resources.
  2. Differences in Amazon S3 Storage Classes:
    • S3 Standard: Default class for frequently accessed data.
    • S3 Intelligent-Tiering: Optimizes costs by automatically moving data between access tiers.
    • S3 Standard-IA (Infrequent Access): Suitable for data accessed less frequently but requires rapid retrieval.
    • S3 One Zone-IA: Lower-cost option for infrequently accessed data, stored in a single availability zone.
    • S3 Glacier: Archive storage for data that doesn’t require immediate access, with different retrieval speeds.
  3. Block Storage Solutions:
    • Amazon EBS: Persistent block-level storage for EC2 instances, offering performance and backup features.
    • Instance Store: Temporary block storage that persists only during instance lifetimes, useful for caching.
  4. File Services:
    • Amazon EFS: Managed NFS file system for shared access across multiple EC2 instances.
    • Amazon FSx: High-performance file storage optimized for Windows workloads or high-speed data processing

AWS Artificial Intelligence and Machine Learning (AI/ML) Services and Analytics Services

  1. AWS AI/ML Services:
    • Amazon SageMaker: Comprehensive service for machine learning (ML), enabling data scientists to build, train, and deploy models at scale.
    • Amazon Lex: Builds intelligent chatbots for natural language understanding and text or voice interfaces.
    • Amazon Kendra: Implements advanced search for improved data discovery across internal knowledge bases.
    • Amazon Comprehend: Natural language processing service that extracts insights from documents.
    • Amazon Rekognition: Analyzes images and videos to identify objects, faces, and inappropriate content.
    • Amazon Personalize: Delivers personalized recommendations for end users using machine learning.
  2. AWS Analytics Services:
    • Amazon Athena: Serverless querying service for S3, allowing SQL queries over stored data.
    • Amazon Kinesis: Real-time data streaming platform for processing and analyzing streaming data.
    • AWS Glue: Serverless data integration tool for extracting, transforming, and loading (ETL) data into data lakes and other stores.
    • Amazon QuickSight: Scalable business intelligence service for creating data visualizations and generating business insights.
    • Amazon Redshift: Fully managed data warehouse that handles petabyte-scale data.

Services from Other In-Scope AWS Service Categories

  1. Application Integration Services:
    • Amazon EventBridge: Serverless event bus service that connects applications via events.
    • Amazon Simple Notification Service (SNS): Push messaging service for sending alerts and notifications to various endpoints.
    • Amazon Simple Queue Service (SQS): Fully managed message queue service for decoupling distributed systems.
  2. Business Application Services:
    • Amazon Connect: Cloud-based contact center solution for managing customer interactions.
    • Amazon Simple Email Service (SES): Email platform for sending transactional or marketing emails.
  3. Customer Engagement Services:
    • AWS Activate for Startups: Provides startups with credits, technical training, and support.
    • AWS IQ: Connects AWS experts with customers for projects and technical advice.
    • AWS Managed Services (AMS): Automates infrastructure management.
    • AWS Support: Offers support plans ranging from basic to enterprise levels.
  4. Developer Tool Services and Capabilities:
    • AWS AppConfig: Manages application configurations.
    • AWS Cloud9: Web-based IDE for coding, debugging, and running applications.
    • AWS CloudShell: Browser-based shell with pre-configured AWS CLI.
    • AWS CodeArtifact: Artifact repository for storing and sharing software packages.
    • AWS CodeBuild: Managed CI service that compiles source code and runs tests.
    • AWS CodeCommit: Source control service for hosting Git repositories.
    • AWS CodeDeploy: Automates application deployments.
    • AWS CodePipeline: CI/CD service to automate release pipelines.
    • AWS CodeStar: Integrates project management tools with CI/CD workflows.
    • AWS X-Ray: Analyzes and traces distributed applications.
  5. End-User Computing Services:
    • Amazon AppStream 2.0: Streams desktop applications securely to a web browser.
    • Amazon WorkSpaces: Provides secure, managed virtual desktops.
    • Amazon WorkSpaces Web: Web-based access to virtual desktops and browser-based apps.
  6. Frontend Web and Mobile Services:
    • AWS Amplify: Full-stack development framework for web and mobile apps.
    • AWS AppSync: GraphQL API service that connects to data sources like DynamoDB and Lambda.
  7. IoT Services:
    • AWS IoT Core: Securely connects and manages IoT devices.
    • AWS IoT Greengrass: Extends cloud capabilities to local IoT devices.
  8. Choosing the Appropriate Service for Messaging and Alerts:
    • Amazon SNS is suitable for high-throughput notifications, while Amazon SQS excels at message queuing.
  9. Choosing the Appropriate Service for Business Applications:
    • For contact centers, Amazon Connect is ideal, whereas Amazon SES handles email-related needs.
  10. Choosing the Appropriate Service for Customer Support:
  • AWS Support offers tailored plans ranging from basic to enterprise, with services like account monitoring and architectural guidance.


Yashlin Naidoo

Location Icon
Cascades Office Park, Wasbank St,
Little Falls,
Roodepoort, 1724,
Gauteng, South Africa
Runninghill Logo
Stay connected
LinkedinX platformFacebookInstagram