Career upgrade: Learn practical AI skills for better jobs and higher pay.
Level up
PracticeVideosBlogFlashcardsEspañol
Cheat sheet

AWS Cloud Practitioner Cheat Sheet

Practice QuestionsStudy Guide

Cloud Concepts

24%of exam

Cloud BenefitsWell-ArchitectedMigration + CAFCloud EconomicsCapEx vs OpEx

Security + Compliance

30%of exam

ResponsibilityIdentity + AccessSecurity ServicesComplianceIAM Role vs User

Technology + Services

34%of exam

Compute + ContainersStorage + DatabaseNetwork + DeliveryManagement + IntegrationService Picker

Billing + Support

12%of exam

Cost + SupportPricingCost ToolsSupport PlansCost Picker

Quick Facts

Exam
CLF-C02
Credential
Cloud Practitioner
Questions
65 total
Scored
50 questions
Time
90 min
Pass
700/1000
Level
Foundational
Blueprint
CLF-C02 current

Six Pillars

OPSERS keeps workload reviews complete

Operational excellenceSecurityReliabilityPerformanceCost optimizationSustainability

Cloud Benefits

Global reach
Regions worldwide
Agility
Provision in minutes
Elasticity
Scale with demand
Scalability
Add capacity
HA
Minimize downtime
Economies
Provider scale savings
OpEx
Usage-based spend
CapEx
Upfront hardware
Automation
Repeatable changes

Well-Architected

Operational excellence
Run and improve
Security
Protect data/systems
Reliability
Recover from failure
Performance
Efficient resource use
Cost optimization
Avoid waste
Sustainability
Reduce environmental impact
WA Tool
Review workloads
Pillar tradeoffs
Balance priorities

Migration + CAF

CAF
Transformation guidance
Business
Value outcomes
People
Culture skills
Governance
Priorities controls
Platform
Cloud foundation
Security
Risk controls
Operations
Run workloads
DMS
Database migration
Snow Family
Offline transfer

Shared Model

AWS owns cloud; you own choices

FacilitiesHardwareDataIAMPatchingConfig

IAM User vs Role

IAM user

  • Person/service
  • Long-term keys
  • Avoid sharing

IAM role

  • Assumed identity
  • Temporary keys
  • Preferred access

Permanent vs temporary

Security Picker

  1. Human permissionsIAM(Least privilege)
  2. App usersCognito(Customer identity)
  3. Encryption keysKMS(Managed keys)
  4. Threat detectionGuardDuty(Findings)
  5. Vulnerability scansInspector(Workloads)
  6. Sensitive S3 dataMacie(Discovery)
  7. Compliance reportsArtifact(Audits)
  8. Web filteringWAF(Layer 7)

Responsibility

AWS
Cloud infrastructure
Customer
Data and configuration
IaaS
More customer duties
PaaS
Shared app duties
SaaS
Mostly provider managed
EC2 patching
Customer OS duty
Physical DC
AWS duty
IAM users
Customer duty

Identity + Access

Root user
Protect strongly
IAM user
Long-term identity
IAM role
Temporary access
IAM policy
JSON permissions
Groups
User collections
MFA
Extra factor
KMS
Key management
Cognito
App user identity
IAM Identity Center
Workforce SSO

Security Services

GuardDuty
Threat detection
Inspector
Vulnerability scans
Macie
Sensitive data discovery
Detective
Security investigations
Security Hub
Posture aggregation
Shield
DDoS protection
WAF
Web request filtering
Artifact
Compliance reports
ACM
TLS certificates
Secrets Manager
Rotate secrets

Core Services

Compute stores, networks connect, IAM permits

EC2S3VPCIAM

EC2 vs Lambda

EC2

  • OS control
  • Persistent servers
  • You patch

Lambda

  • Event code
  • No servers
  • AWS patches

Server vs function

Service Picker

  1. Need OS controlEC2(IaaS)
  2. Event codeLambda(Serverless)
  3. Managed app deployElastic Beanstalk(PaaS)
  4. Container orchestrationECS(AWS native)
  5. Kubernetes requiredEKS(Managed K8s)
  6. Object filesS3(Durable)
  7. Relational databaseRDS(Managed SQL)
  8. Key-value scaleDynamoDB(NoSQL)
  9. Global cacheCloudFront(CDN)
  10. DNS routingRoute 53

Compute + Containers

EC2
Virtual servers
Lambda
Event functions
Elastic Beanstalk
Managed app deploy
Lightsail
Simple VPS
ECS
Container service
EKS
Managed Kubernetes
Fargate
Serverless containers
Batch
Batch jobs
Outposts
AWS on-premises

S3 vs EBS

S3

  • Object storage
  • HTTP access
  • Regional service

EBS

  • Block volumes
  • Attach to EC2
  • AZ scoped

Objects vs blocks

Storage + Database

S3
Object storage
S3 Glacier
Archive storage
EBS
EC2 block volumes
EFS
Linux file shares
FSx
Managed file systems
Backup
Central backups
Storage Gateway
Hybrid storage
RDS
Relational databases
Aurora
AWS relational engine
DynamoDB
Key-value NoSQL
Redshift
Data warehouse
ElastiCache
In-memory cache

Security Group vs NACL

Security group

  • Instance level
  • Stateful
  • Allow rules

NACL

  • Subnet level
  • Stateless
  • Allow/deny rules

Instance vs subnet

Network + Delivery

VPC
Isolated network
Subnet
VPC segment
Security group
Instance firewall
NACL
Subnet firewall
Route 53
DNS service
CloudFront
CDN edge cache
Direct Connect
Private circuit
Site-to-Site VPN
Encrypted tunnel
Transit Gateway
Network hub
PrivateLink
Private service access
API Gateway
Managed API front
Global Accelerator
Global traffic routing

CloudWatch vs CloudTrail

CloudWatch

  • Metrics/logs
  • Alarms
  • Resource health

CloudTrail

  • API calls
  • Audit trail
  • Who did what

Observe vs audit

Management + Integration

CloudWatch
Metrics and alarms
CloudTrail
API activity logs
Config
Resource compliance
Systems Manager
Ops management
Auto Scaling
Capacity adjustment
CloudFormation
IaC templates
Trusted Advisor
Best-practice checks
Organizations
Account grouping
EventBridge
Event bus
SNS
Pub/sub notifications
SQS
Message queues
Step Functions
Workflow orchestration

Cost Flow

Estimate, track, alert, optimize

CalculatorExplorerBudgetsAdvisor

Cost Explorer vs Budgets

Cost Explorer

  • Analyze spend
  • Historical trends
  • Forecast view

Budgets

  • Set thresholds
  • Send alerts
  • Track limits

Analyze vs alert

Cost Picker

  1. Estimate architecturePricing Calculator
  2. Inspect spendCost Explorer
  3. Alert thresholdBudgets
  4. Detailed chargesCUR
  5. Commit usageSavings Plans
  6. Unused capacitySpot
  7. Optimization adviceTrusted Advisor
  8. Multi-account billingOrganizations

Cost + Support

Pricing Calculator
Future cost estimate
Cost Explorer
Spend analysis
Budgets
Spend alerts
CUR
Detailed spend data
Savings Plans
Flexible commitment
Reserved Instances
Instance commitment
Spot
Spare capacity
On-Demand
No commitment
Free Tier
Limited free use
Marketplace
Third-party software
Basic Support
Account support
Developer Support
Business-hours support
Business Support
Production support
Enterprise Support
Mission-critical support

Common Traps

Shared Responsibility

AWS secures facilities Customer secures data

Region vs AZ

Region = geography AZ = datacenter set

SG vs NACL

SG is stateful NACL is stateless

Role vs User

Role has temporary keys User has long-term keys

Calculator vs Explorer

Calculator estimates future Explorer reads actuals

CloudWatch vs CloudTrail

CloudWatch observes metrics CloudTrail records API

S3 vs EBS

S3 stores objects EBS attaches volumes

Last Minute

  1. 1.Know 24/30/34/12 weights
  2. 2.700 pass; 50 scored
  3. 3.AWS owns physical infrastructure
  4. 4.IAM role beats shared keys
  5. 5.SG stateful; NACL stateless
  6. 6.S3 objects; EBS blocks
  7. 7.Calculator estimates; Explorer tracks
  8. 8.GuardDuty detects suspicious activity
  9. 9.Artifact provides compliance reports
  10. 10.CloudTrail records API activity
  11. 11.Trusted Advisor recommends optimizations

AWS Cloud Practitioner

Practice QuestionsStudy GuideCheat SheetFlashcards
1 video3 blogs

AWS Certified Cloud Practitioner CLF-C02 Cert Guide (Certification Guide)

$49.99 · Buy on Amazon

Take courses on UdemyLearning path on Pluralsight
Same family resources

Explore More AWS Certifications

Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.

AWS Solutions Architect

Cheat SheetPractice QuestionsStudy GuideFlashcards
3 blogs

AWS Certified AI Practitioner

Cheat SheetPractice QuestionsStudy GuideFlashcards
1 blog

AWS Developer

Practice Questions
2 blogs

AWS Data Engineer

Practice Questions
1 blog

AWS Certified Security – Specialty (SCS-C03)

Practice Questions
1 blog

AWS Database

Practice Questions

More From This Family

Videos and articles for deeper review.

VideoPass AWS Cloud Practitioner CLF-C02 First Try (2026)This examArticleAzure vs AWS Certification 2026: Which Cloud Cert Should You Get First?19 min readArticleFREE AWS Developer DVA-C02 Exam Guide 2026: Pass on Attempt 128 min readArticlePass AWS Cloud Practitioner CLF-C02 First Try (2026)14 min readArticleAWS Certified AI Practitioner (AIF-C01) Exam Guide 2026: FREE Study Plan, Bedrock Deep Dive, Pass Rate32 min read