Cloud Practitioner

Who Should Take This

Ideal for recent graduates, junior IT staff, or professionals transitioning into cloud roles who have up to six months of exposure to AWS services. They seek to validate their foundational understanding, enhance credibility with employers, and prepare for further AWS specialization.

What's Covered

1 Define the AWS Cloud and its value proposition, identify aspects of AWS Cloud economics, and describe different cloud architecture design principles.

2 Define the AWS Shared Responsibility Model, AWS Cloud security and compliance concepts, and identify AWS access management capabilities.

3 Define methods of deploying and operating in the AWS Cloud, define the AWS global infrastructure, and identify AWS compute, database, network, and storage services.

4 Compare and contrast the various pricing models for AWS, understand account structures for billing and pricing, and identify resources available for billing support.

Exam Structure

Question Types

Multiple Choice
Multiple Response

Scoring Method

Scaled scoring from 100 to 1000, minimum passing score of 700

Delivery Method

Pearson VUE testing center or online proctored

Recertification

Recertify every 3 years by passing the current exam or earning a higher-level AWS certification.

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph

Practice Questions

Lesson Modules

Console Simulator Labs

Exam Tips & Strategy

20 Activity Formats

Course Outline

80 learning goals

1 Domain 1: Cloud Concepts

4 topics

Define the benefits of the AWS Cloud

Identify the defining characteristics of cloud computing including on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.
Explain how the AWS global infrastructure delivers high availability, fault tolerance, and low-latency access through Regions, Availability Zones, and edge locations.
Explain business benefits of cloud adoption including agility, elasticity, cost savings, global reach, and reduced time to market compared to on-premises infrastructure.
Differentiate between public, private, and hybrid cloud deployment models and identify when each is appropriate for a given business requirement.

Identify design principles of the AWS Cloud

Identify the six pillars of the AWS Well-Architected Framework: operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability.
Explain AWS design principles such as designing for failure, implementing elasticity, decoupling components, and thinking parallel to build resilient applications.
Apply Well-Architected Framework pillars to simple scenarios to evaluate whether a proposed architecture meets foundational best practices.

Understand the benefits of and strategies for migration to the AWS Cloud

Identify the six common migration strategies (6 Rs): rehost, replatform, refactor, repurchase, retire, and retain and describe when each is appropriate.
Explain the phases and purpose of the AWS Cloud Adoption Framework including business, people, governance, platform, security, and operations perspectives.
Choose appropriate AWS migration support services including AWS Migration Hub, AWS Application Discovery Service, and AWS Database Migration Service for foundational migration scenarios.

Understand cloud economics and financial benefits

Compare capital expenditure and operational expenditure models and explain how pay-as-you-go pricing reduces upfront financial risk and converts fixed costs to variable costs.
Explain how rightsizing, managed services, autoscaling, and economies of scale influence total cost of ownership and operating efficiency.
Identify licensing strategies such as bring-your-own-license and AWS Marketplace options and explain their impact on cloud migration costs.
Analyze introductory cloud cost scenarios to select cost-effective options using workload patterns, consumption variability, and reserved versus on-demand tradeoffs.

2 Domain 2: Security and Compliance

5 topics

Define the AWS shared responsibility model

Explain the AWS shared responsibility model and distinguish customer responsibilities from AWS responsibilities across infrastructure, managed, and abstracted service models.
Apply the shared responsibility model to determine which party is responsible for patching, encryption, physical security, and network configuration in specific service scenarios.
Analyze how the shared responsibility boundary shifts between IaaS services like EC2, PaaS services like Elastic Beanstalk, and SaaS services to identify customer security obligations.

Define AWS Cloud security, governance, and compliance concepts

Identify governance, risk, and compliance concepts including data residency, data classification, least privilege, and regulatory requirements in AWS environments.
Identify AWS compliance programs and resources including AWS Artifact, SOC reports, ISO certifications, PCI DSS, and HIPAA eligibility for validating regulatory requirements.
Explain how AWS Config rules, AWS CloudTrail logging, and service control policies support auditability and continuous compliance monitoring.
Determine which compliance and attestation resources to use when validating that a cloud workload meets specific regulatory frameworks.

Identify AWS access management capabilities

Identify the purpose and components of AWS Identity and Access Management including users, groups, roles, and policies for controlling access to AWS resources.
Explain the importance of the root user, IAM best practices including MFA enforcement, and the principle of least privilege for securing AWS accounts.
Apply IAM policy concepts to select least-privilege access patterns and choose between identity-based policies and resource-based policies for common access scenarios.
Explain multi-factor authentication, temporary credentials via STS, and identity federation basics for secure access to AWS accounts and applications.
Explain how AWS Organizations and service control policies enforce account-level guardrails and centralized governance in multi-account environments.

Identify components and resources for security

Identify encryption options for data at rest using AWS Key Management Service, S3 server-side encryption, and EBS volume encryption.
Identify encryption options for data in transit including TLS/SSL, VPN tunnels, and AWS Certificate Manager for securing communication channels.
Explain how security groups and network access control lists provide stateful and stateless traffic filtering for VPC workload isolation.
Identify threat detection and protection services including Amazon GuardDuty, AWS WAF, AWS Shield, and AWS Firewall Manager and describe their primary use cases.
Explain the purpose of Amazon Inspector for vulnerability scanning and Amazon Macie for sensitive data discovery in S3 buckets.

Identify AWS security monitoring and incident response resources

Explain how AWS CloudTrail provides API activity logging and audit trails for security investigation and compliance evidence.
Explain how AWS Config tracks resource configuration changes and evaluates compliance against defined rules.
Identify AWS Security Hub and AWS Trusted Advisor security check capabilities for centralized security posture assessment and remediation guidance.
Analyze a foundational security scenario to select the appropriate combination of monitoring, detection, and response services based on the threat type and shared responsibility boundary.

3 Domain 3: Cloud Technology and Services

10 topics

Define methods of deploying and operating in the AWS Cloud

Identify AWS access and management interfaces including the AWS Management Console, AWS CLI, AWS SDKs, and AWS CloudShell and explain when each is appropriate.
Explain the concept of infrastructure as code and identify AWS CloudFormation and AWS CDK as tools for provisioning and managing AWS resources through templates.
Explain the purpose of development, test, and production environments and basic operational lifecycle practices including deployment and change management on AWS.

Define the AWS global infrastructure

Identify the components of AWS global infrastructure including Regions, Availability Zones, Local Zones, and edge locations and explain their relationship to latency, compliance, and resilience.
Explain how to select an AWS Region based on data sovereignty, latency, service availability, and pricing considerations.
Choose foundational high-availability architectures that use multiple Availability Zones or Regions for disaster recovery and fault tolerance goals.

Identify AWS compute services

Identify Amazon EC2 and explain instance types, AMIs, key pairs, and the basic lifecycle of launching and terminating instances for virtual server workloads.
Explain the purpose of AWS Lambda for serverless compute and describe event-driven execution, automatic scaling, and pay-per-invocation pricing.
Identify container services including Amazon ECS, Amazon EKS, and AWS Fargate and explain when containerized workloads are preferable to virtual machines or serverless functions.
Explain how AWS Elastic Beanstalk simplifies application deployment by managing infrastructure provisioning, load balancing, and scaling automatically.
Explain how Auto Scaling groups automatically adjust EC2 instance count based on demand to maintain availability and optimize cost.
Analyze basic compute scenarios and select the most appropriate service among EC2, Lambda, ECS/Fargate, and Elastic Beanstalk based on workload characteristics and operational requirements.

Identify AWS storage services

Identify Amazon S3 as an object storage service and explain buckets, objects, storage classes (Standard, Intelligent-Tiering, Glacier), and durability guarantees.
Identify Amazon EBS as block storage for EC2 and explain volume types, snapshots, and the relationship between EBS volumes and EC2 instance storage.
Identify Amazon EFS and Amazon FSx as managed file storage services and explain when shared file system access is needed across multiple compute resources.
Choose the appropriate storage service and S3 storage class for a given access pattern by evaluating frequency, latency, durability, and cost requirements.

Identify AWS database services

Identify Amazon RDS and Amazon Aurora as managed relational database services and explain supported engines, automated backups, and Multi-AZ deployments.
Identify Amazon DynamoDB as a managed NoSQL key-value and document database and explain tables, items, on-demand versus provisioned capacity modes, and single-digit millisecond latency.
Identify Amazon ElastiCache and Amazon MemoryDB as in-memory caching services for reducing database read latency in high-throughput applications.
Choose suitable database services for transactional, caching, and analytical scenarios by evaluating data model, scale, latency, and consistency requirements.

Identify AWS networking services

Identify Amazon VPC and explain subnets, route tables, internet gateways, and NAT gateways for creating isolated network environments in the AWS Cloud.
Identify Amazon Route 53 as a DNS service and explain domain registration, hosted zones, routing policies, and health checks for directing traffic to AWS resources.
Identify Amazon CloudFront as a content delivery network and explain edge caching, origin integration, and latency reduction for globally distributed content.
Explain how Elastic Load Balancing distributes incoming traffic across multiple targets and identify Application, Network, and Gateway Load Balancer types.
Identify AWS Direct Connect and AWS Site-to-Site VPN as hybrid connectivity options for establishing private network connections between on-premises data centers and AWS.

Identify AWS messaging and integration services

Identify Amazon SQS as a managed message queue service and explain how it decouples application components with standard and FIFO queue types.
Identify Amazon SNS as a managed pub/sub notification service and explain topics, subscriptions, and fan-out message delivery patterns.
Choose between SQS and SNS for decoupling scenarios by evaluating whether the use case requires point-to-point queuing or publish-subscribe notification patterns.

Identify AWS monitoring and management services

Identify Amazon CloudWatch for metrics, alarms, dashboards, and log monitoring and AWS CloudTrail for API activity logging, security auditing, and operational troubleshooting.
Explain how AWS Systems Manager provides operational management capabilities including patch management, parameter storage, and run commands across EC2 instances.

Identify AWS analytics and AI/ML services

Identify analytics services such as Amazon Athena, Amazon Redshift, Amazon Kinesis, and AWS Glue and explain their primary data processing and query use cases.
Identify AI and machine learning services including Amazon SageMaker, Amazon Rekognition, Amazon Comprehend, Amazon Lex, and Amazon Polly and describe their high-level use cases.

Identify AWS services from scenario-based requirements

Identify AWS architecture reference materials including whitepapers, Well-Architected Tool, and AWS re:Post for supporting technology decisions and troubleshooting.
Analyze basic business and technical scenarios to select the most appropriate combination of AWS services by balancing cost, performance, security, and operational complexity.
Differentiate between closely related AWS services and justify a selection for compute, storage, database, and messaging requirements in simple scenario-based questions.

4 Domain 4: Billing, Pricing, and Support

3 topics

Compare AWS pricing models

Compare On-Demand, Reserved Instances, Savings Plans, Spot Instances, and Dedicated Hosts pricing models and explain when each is most cost-effective for predictable and variable workloads.
Identify common pricing dimensions such as compute time, storage volume, data transfer out, and request count across core AWS services.
Explain the AWS Free Tier including always-free, 12-month-free, and trial offerings and identify which services include free-tier usage.
Choose cost optimization strategies including rightsizing instances, scheduling non-production resources, using S3 lifecycle policies, and selecting appropriate pricing commitments based on workload patterns.

Understand resources for billing, budget, and cost management

Explain the purpose of AWS Billing and Cost Management dashboard, AWS Cost Explorer, and AWS Pricing Calculator for monitoring spending, forecasting costs, and estimating service expenses.
Explain how AWS Budgets provides spending alerts, usage thresholds, and reservation coverage notifications to prevent unexpected charges.
Explain how consolidated billing in AWS Organizations, cost allocation tags, and linked account structures support cost attribution and multi-account financial management.

Identify AWS technical resources and support options

Identify the four AWS Support plans (Basic, Developer, Business, Enterprise) and compare response times, support channels, and included features such as Trusted Advisor checks and TAM access.
Explain how AWS Trusted Advisor provides recommendations across cost optimization, performance, security, fault tolerance, and service limits categories.
Choose the appropriate support plan and assistance channel for a given business scenario considering severity level, response time needs, and available budget.

Hands-On Labs

15 labs ~185 min total Console Simulator

Practice in a simulated cloud console or Python code sandbox — no account needed. Each lab runs entirely in your browser.

Certification Benefits

Salary Impact

$86,000

Average Salary

Related Job Roles

Cloud Practitioner IT Support Specialist Business Analyst Project Manager Sales Engineer

Industry Recognition

The AWS Cloud Practitioner is the most widely held AWS certification and serves as the entry point into the AWS ecosystem. It validates foundational cloud literacy recognized across industries, making it valuable for both technical and non-technical professionals.

Scope

Included Topics

All domains in the AWS Certified Cloud Practitioner (CLF-C02) exam guide: Domain 1 Cloud Concepts (24%), Domain 2 Security and Compliance (30%), Domain 3 Cloud Technology and Services (34%), and Domain 4 Billing, Pricing, and Support (12%).
Foundational knowledge of AWS global infrastructure, core service categories (compute, storage, database, networking, messaging, containers, serverless), security and compliance concepts, pricing models, billing and support resources, and basic cloud adoption and migration concepts aligned to CLF-C02 objectives.
Key AWS services including EC2, S3, RDS, DynamoDB, Lambda, VPC, IAM, CloudWatch, CloudTrail, CloudFormation, SNS, SQS, Route 53, CloudFront, Elastic Beanstalk, ECS, Organizations, Budgets, Cost Explorer, Trusted Advisor, and the Well-Architected Framework.
Scenario-driven service selection at the foundational level, shared responsibility model application, and basic cloud economics reasoning.

Not Covered

Deep implementation details for associate, professional, or specialty-level certifications not required by CLF-C02.
Hands-on command-level administration with AWS CLI, SDK code implementation, and advanced automation scripting.
Current service price points, promotional discounts, and region-by-region pricing values that change over time.
Service families explicitly listed as out of scope in the official CLF-C02 guide (for example, advanced developer tooling, specialized migration tooling details, and niche industry workloads).
Infrastructure-as-code template authoring, CI/CD pipeline construction, and deployment strategy configuration.

Official Exam Page

Learn more at Amazon Web Services

Visit