book

AWS Certified Cloud Practitioner (CLF-C02) Study Guide

Name: AWS Certified Cloud Practitioner (CLF-C02) Study Guide
Author: Tom Taulli
ISBN: 9798341640221

by Tom Taulli

January 2026

Intermediate to advanced

254 pages

6h 48m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
What’s CoveredConventions Used in This BookO’Reilly Online LearningHow to Contact UsAcknowledgments
1. Introduction to the AWS Certified Cloud Practitioner (CLF-C02) Exam
Why Should You Take the Exam?RecognitionThe Cloud MegatrendAWS Remains DominantSalary BoostWho Should Take the Exam?Business Professionals and Nontechnical RolesIT Staff and Technologists New to the CloudStudents and Career ChangersTopics Covered in the ExamExam DetailsExam Delivery MethodsRegistration and ReschedulingOther AWS CertificationsAWS ResourcesUpdatesConclusion
2. Getting Started with AWS
Free TierSix-Month Free TierAlways FreeShort-Term TrialsSetting Up Your AWS AccountExploring the AWS Management ConsoleKeeping AWS Costs Under ControlBilling DashboardBudgetsFree Tier Usage AlertsCore AWS ServicesConclusionChapter Quiz
3. Cloud Computing Foundations
Cloud ComputingA Brief History of Cloud ComputingCloud Deployment ModelsCloud-Based (Public Cloud)On-Premises (Private Cloud)Hybrid CloudHow to Choose?Cloud ModelsIaaSPaaSSaaSCloud BenefitsConclusionChapter Quiz
4. Fundamentals of AWS
Cloud EconomicsOn-Premises Versus Cloud Computing EnvironmentsCapital Versus Operating ExpensesBring-Your-Own-License (BYOL) Versus Included License ModelsRightsizingAutomationScaleAWS Well-Architected FrameworkAWS Cloud Adoption FrameworkMigrationAWS Snow FamilyConclusionChapter Quiz
5. AWS Compliance and Governance
Understanding the DifferencesComplianceGovernanceSecurityCompliance Frameworks OverviewWorking with Compliance FrameworksCompliance ToolsCompliance DocumentationAWS ArtifactAWS Customer Compliance CenterConclusionChapter Quiz
6. AWS Identity and Access Management (IAM)
IdentityAuthentication Versus AuthorizationBasics of IAMCreating an IAM UserPoliciesSetting a Password PolicyMultifactor Authentication (MFA)PasswordlessAccessing AWSAWS Command Line Interface (CLI)AWS Software Development Kits (SDKs)CredentialsIAM RolesSecurity for IAMIAM Credential ReportsIAM Access AdvisorConclusionChapter Quiz
7. Security
Why Security MattersCommon Security ThreatsAWS Shared Responsibility ModelWhat AWS Secures: Security of the CloudWhat You Secure: Security in the CloudShared Responsibility Example: Amazon RDSThe Model Keeps EvolvingDefense‑in‑DepthLayer 1: Edge ProtectionLayer 2: Inbound Traffic FilteringLayer 3: Compute ProtectionLayer 4: Data and Identity SafeguardsLayer 5: Monitoring and DetectionThird-Party Security Services in the AWS MarketplaceResources for AWS Cloud SecurityConclusionChapter Quiz
8. AWS Global Infrastructure
Data CentersRegions and Availability ZonesSelecting RegionsEdge LocationsDeploying AWS ServicesChoosing Between One-Time Tasks and Repeatable Processes in AWSConclusionChapter Quiz
9. AWS Compute, Containers, and Serverless
EC2EC2 Instance TypesSecurity GroupsSetting Up an EC2 InstanceContainer ServicesAmazon Elastic Container Service (ECS)Amazon Elastic Kubernetes Service (EKS)AWS LambdaAWS Compute ElasticityConclusionChapter Quiz

10. AWS Storage Services
OverviewAmazon S3General PurposeUnpredictable or Changing AccessHigh-Performance, Single-AZ AccessInfrequent AccessArchiveData Residency and IsolationGlobal Data TransfersUsing S3Amazon Elastic Block Store (EBS)AWS Elastic File System (EFS)AWS FSxAWS Storage GatewayAWS BackupConclusionChapter Quiz
11. AWS Database Services
Relational Database Services—RDS and AuroraAmazon RDSAmazon AuroraAmazon RedshiftNoSQL Databases—DynamoDB, Neptune, and TimestreamAmazon DynamoDBAmazon NeptuneAmazon TimestreamMemory-Based Databases—ElastiCacheDatabase Migration Tools—DMS and SCTAWS Database Migration Service (AWS DMS)AWS Schema Conversion Tool (AWS SCT)ConclusionChapter Quiz
12. AWS Networking Services
Networking in a Data CenterVirtual Private Cloud (VPC)Setting Up a VPCRoute 53Network Connectivity Options to AWSAWS Site-to-Site VPNAWS Direct ConnectConclusionChapter Quiz
13. Artificial Intelligence and Data Analytics Tools
Artificial Intelligence, Machine Learning, Deep Learning, and Generative AIAmazon SageMaker AIAWS LexAmazon KendraData AnalyticsAmazon AthenaAmazon KinesisAmazon GlueAmazon QuickSightConclusionChapter Quiz
14. AWS Developer Tools and Other Essential Services
Application Integration ToolsAmazon EventBridgeAmazon Simple Notification Service (SNS)Amazon Simple Queue Service (SQS)Business ApplicationsAmazon ConnectAmazon Simple Email Service (SES)Developer Tools and DevOpsAWS CodeBuildAWS CodePipelineAWS X-RayClient-Facing Application and Desktop Delivery on AWSAmazon AppStream 2.0Amazon WorkSpacesWorkSpaces Secure BrowserAWS AmplifyAWS AppSyncManaging IoT Devices with AWS IoT CoreConclusionChapter Quiz
15. Billing, Budgeting, and Cost Management in AWS
AWS Pricing ModelsOn-Demand Instance PricingReserved Instance PricingSavings Plan PricingSpot Instance PricingDedicated Host PricingDedicated Instance PricingOn-Demand Capacity Reservation PricingAWS Billing and Cost ManagementAWS Cost ExplorerAWS Pricing CalculatorAWS BudgetsAWS Cost Allocation TagsAWS Technical Resources and AWS Support OptionsConclusionChapter Quiz
16. Strategies and Techniques for Successfully Taking the AWS Certified Cloud Practitioner Exam
Tips for Taking the ExamManage Your TimeRead Questions CarefullyUse the Process of EliminationStay Calm and Double-Check Your AnswersCrash Course: What to Know Before Exam DayCloud ConceptsSecurity and ComplianceCloud Technology and ServicesBilling, Pricing, and SupportConclusion
A. Practice Exam
B. Answer Key
Chapter 2 Answer KeyChapter 3 Answer KeyChapter 4 Answer KeyChapter 5 Answer KeyChapter 6 Answer KeyChapter 7 Answer KeyChapter 8 Answer KeyChapter 9 Answer KeyChapter 10 Answer KeyChapter 11 Answer KeyChapter 12 Answer KeyChapter 13 Answer KeyChapter 14 Answer KeyChapter 15 Answer KeyPractice Exam Answer Key
Glossary
Index
About the Author

Content preview from AWS Certified Cloud Practitioner (CLF-C02) Study Guide

Chapter 6. AWS Identity and Access Management (IAM)

When you’re working in the cloud, one of the first things you need to figure out is who has access to what. Controlling that access—both who gets in and what they’re allowed to do once they’re there—is exactly what AWS Identity and Access Management is built for. IAM lets you define users, groups, roles, and policies to control access across your AWS environment. Whether you’re setting up multifactor authentication, allowing users to log in, or following the principle of least privilege, IAM is a core part of keeping your cloud setup secure.

For the AWS Certified Cloud Practitioner exam, expect IAM to show up. The exam covers basic AWS security concepts, and IAM is a big part of that. You’ll need to understand what IAM does, how policies work, and when to use roles or groups depending on the situation.

Identity

Identity plays a central role in how we keep things organized. Just like you need a driver’s license or passport to prove who you are in the real world, systems need a way to recognize users, applications, and devices. And not just recognize them, but verify they’re allowed to do what they’re trying to do.

When we talk about identity in computing, we’re casting a wide net. It’s not just people logging into email or cloud dashboards. It includes applications talking to each other, devices joining networks, and services requesting access behind the scenes. In every case, identity forms the backbone of security. If you can’t ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

AWS Certified Cloud Practitioner Study Guide

Publisher Resources

ISBN: 9798341640214Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

AWS Certified Cloud Practitioner (CLF-C02) Study Guide

by Tom Taulli

Chapter 6. AWS Identity and Access Management (IAM)

Identity

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.