🪴 PAR Brain

AWS CCP md

Mar 29, 202510 min read

Domain 1: Cloud Concepts

Task Statement 1.1: Define the benefits of the AWS Cloud.

Knowledge of: • Value proposition of the AWS Cloud Skills in: • Understanding the economies of scale (for example, cost savings) • Understanding the benefits of global infrastructure (for example, speed of deployment, global reach) • Understanding the advantages of high availability, elasticity, and agility

Task Statement 1.2: Identify design principles of the AWS Cloud.

Knowledge of: • AWS Well-Architected Framework Skills in: • Understanding the pillars of the Well-Architected Framework (for example, operational excellence, security, reliability, performance efficiency, cost optimization, sustainability) • Identifying differences between the pillars of the Well-Architected Framework

Task Statement 1.3: Understand the benefits of and strategies for migration to the

AWS Cloud. Knowledge of: • Cloud adoption strategies • Resources to support the cloud migration journey Skills in: • Understanding the benefits of the AWS Cloud Adoption Framework (AWS CAF) (for example, reduced business risk; improved environmental, social, and governance (ESG) performance; increased revenue; increased operational efficiency) • Identifying appropriate migration strategies (for example, database replication, use of AWS Snowball)

Task Statement 1.4: Understand concepts of cloud economics.

Knowledge of: • Aspects of cloud economics • Cost savings of moving to the cloud Skills in: • Understanding the role of fixed costs compared with variable costs • Understanding costs that are associated with on-premises environments • Understanding the differences between licensing strategies (for example, Bring Your Own License [BYOL] model compared with included licenses) • Understanding the concept of rightsizing • Identifying benefits of automation (for example, provisioning and configuration management with AWS CloudFormation) • Identifying managed AWS services (for example, Amazon RDS, Amazon Elastic Container Service [Amazon ECS], Amazon Elastic Kubernetes Service [Amazon EKS], Amazon DynamoDB)

Domain 2: Security and Compliance

Task Statement 2.1: Understand the AWS shared responsibility model.

Knowledge of: • AWS shared responsibility model Skills in: • Recognizing the components of the AWS shared responsibility model • Describing the customer’s responsibilities on AWS • Describing AWS responsibilities • Describing responsibilities that the customer and AWS share • Describing how AWS responsibilities and customer responsibilities can shift, depending on the service used (for example, Amazon RDS, AWS Lambda, Amazon EC2

Task Statement 2.2: Understand AWS Cloud security, governance, and compliance

concepts.
Knowledge of:
• AWS compliance and governance concepts
• Benefits of cloud security (for example, encryption)
• Where to capture and locate logs that are associated with cloud security
Skills in:
• Identifying where to find AWS compliance information (for example, AWS
Artifact)
• Understanding compliance needs among geographic locations or industries
(for example, AWS Compliance)
• Describing how customers secure resources on AWS (for example, Amazon
Inspector, AWS Security Hub, Amazon GuardDuty, AWS Shield)
• Identifying different encryption options (for example, encryption in transit,
encryption at rest)
• Recognizing services that aid in governance and compliance (for example,
monitoring with Amazon CloudWatch; auditing with AWS CloudTrail, AWS
Audit Manager, and AWS Config; reporting with access reports)
• Recognizing compliance requirements that vary among AWS services

Task Statement 2.3: Identify AWS access management capabilities.

Knowledge of:
• Identity and access management (for example, AWS Identity and Access
Management [IAM])
• Importance of protecting the AWS root user account
• Principle of least privilege
• AWS IAM Identity Center (AWS Single Sign-On)

Skills in:
• Understanding access keys, password policies, and credential storage (for
example, AWS Secrets Manager, AWS Systems Manager)
• Identifying authentication methods in AWS (for example, multi-factor
authentication [MFA], IAM Identity Center, cross-account IAM roles)
• Defining groups, users, custom policies, and managed policies in compliance
with the principle of least privilege
• Identifying tasks that only the account root user can perform
• Understanding which methods can achieve root user protection
• Understanding the types of identity management (for example, federated)

Task Statement 2.4: Identify components and resources for security.

Knowledge of:
• Security capabilities that AWS provides
• Security-related documentation that AWS provides
Skills in:
• Describing AWS security features and services (for example, security groups,
network ACLs, AWS WAF)
• Understanding that third-party security products are available from AWS
Marketplace
• Identifying where AWS security information is available (for example, AWS
Knowledge Center, AWS Security Center, AWS Security Blog)
• Understanding the use of AWS services for identifying security issues (for
example, AWS Trusted Advisor)

Domain 3: Cloud Technology and Services

Task Statement 3.1: Define methods of deploying and operating in the AWS Cloud.

Knowledge of:
• Different ways of provisioning and operating in the AWS Cloud
• Different ways to access AWS services
• Types of cloud deployment models
• Connectivity options Skills in:
• Deciding between options such as programmatic access (for example, APIs,
SDKs, CLI), the AWS Management Console, and infrastructure as code (IaC)
• Evaluating requirements to determine whether to use one-time operations
or repeatable processes
• Identifying different deployment models (for example, cloud, hybrid, on-
premises)
• Identifying connectivity options (for example, AWS VPN, AWS Direct
Connect, public internet)

Task Statement 3.2: Define the AWS global infrastructure.

Knowledge of:
• AWS Regions, Availability Zones, and edge locations
• High availability
• Use of multiple Regions
• Benefits of edge locations
• AWS Wavelength Zones and AWS Local Zones
Skills in:
• Describing relationships among Regions, Availability Zones, and edge
locations
• Describing how to achieve high availability by using multiple Availability
Zones
• Recognizing that Availability Zones do not share single points of failure
• Describing when to use multiple Regions (for example, disaster recovery,
business continuity, low latency for end users, data sovereignty)
• Describing at a high level the benefits of edge locations (for example,
Amazon CloudFront, AWS Global Accelerator)

Task Statement 3.3: Identify AWS compute services.

Knowledge of:
• AWS compute services

Skills in:
• Recognizing the appropriate use of different EC2 instance types (for
example, compute optimized, storage optimized)
• Recognizing the appropriate use of different container options (for
example, Amazon ECS, Amazon EKS)
• Recognizing the appropriate use of different serverless compute options
(for example, AWS Fargate, Lambda)
• Recognizing that auto scaling provides elasticity
• Identifying the purposes of load balancers

Task Statement 3.4: Identify AWS database services.

Knowledge of:
• AWS database services
• Database migration
Skills in:
• Deciding when to use EC2 hosted databases or AWS managed databases
• Identifying relational databases (for example, Amazon RDS, Amazon Aurora)
• Identifying NoSQL databases (for example, DynamoDB)
• Identifying memory-based databases
• Identifying database migration tools (for example AWS Database Migration
Service [AWS DMS], AWS Schema Conversion Tool [AWS SCT])

Task Statement 3.5: Identify AWS network services.

Knowledge of:
• AWS network services
Skills in:
• Identifying the components of a VPC (for example, subnets, gateways)
• Understanding security in a VPC (for example, network ACLs, security
groups)
• Understanding the purpose of Amazon Route 53
• Identifying edge services (for example, CloudFront, Global Accelerator)
• Identifying network connectivity options to AWS (for example AWS VPN,
Direct Connect)

Task Statement 3.6: Identify AWS storage services.

Knowledge of:
• AWS storage services
Skills in:
• Identifying the uses for object storage
• Recognizing the differences in Amazon S3 storage classes
• Identifying block storage solutions (for example, Amazon Elastic Block Store
[Amazon EBS], instance store)
• Identifying file services (for example, Amazon Elastic File System [Amazon
EFS], Amazon FSx)
• Identifying cached file systems (for example, AWS Storage Gateway)
• Understanding use cases for lifecycle policies
• Understanding use cases for AWS Backup

Task Statement 3.7: Identify AWS artificial intelligence and machine learning (AI/ML)

services and analytics services.
Knowledge of:
• AWS AI/ML services
• AWS analytics services
Skills in:
• Understanding the different AI/ML services and the tasks that they
accomplish (for example, Amazon SageMaker, Amazon Lex, Amazon Kendra)
• Identifying the services for data analytics (for example, Amazon Athena,
Amazon Kinesis, AWS Glue, Amazon QuickSight)

Task Statement 3.8: Identify services from other in-scope AWS service categories.

Knowledge of:
• Application integration services of Amazon EventBridge, Amazon Simple
Notification Service (Amazon SNS), and Amazon Simple Queue Service
(Amazon SQS)
• Business application services of Amazon Connect and Amazon Simple Email
Service (Amazon SES)
• Customer engagement services of AWS Activate for Startups, AWS IQ, AWS
Managed Services (AMS), and AWS Support
• Developer tool services and capabilities of AWS AppConfig, AWS Cloud9,
AWS CloudShell, AWS CodeArtifact, AWS CodeBuild, AWS CodeCommit,
AWS CodeDeploy, AWS CodePipeline, AWS CodeStar, and AWS X-Ray
• End-user computing services of Amazon AppStream 2.0, Amazon
WorkSpaces, and Amazon WorkSpaces Web
• Frontend web and mobile services of AWS Amplify and AWS AppSync
• IoT services of AWS IoT Core and AWS IoT Greengrass
Skills in:
• Choosing the appropriate service to deliver messages and to send alerts and
notifications
• Choosing the appropriate service to meet business application needs
• Choosing the appropriate service for AWS customer support
• Choosing the appropriate option for business support assistance
• Identifying the tools to develop, deploy, and troubleshoot applications
• Identifying the services that can present the output of virtual machines
(VMs) on end-user machines
• Identifying the services that can create and deploy frontend and mobile
services
• Identifying the services that manage IoT devices

Domain 4: Billing, Pricing, and Support

Task Statement 4.1: Compare AWS pricing models.

Knowledge of:
• Compute purchasing options (for example, On-Demand Instances, Reserved
Instances, Spot Instances, Savings Plans, Dedicated Hosts, Dedicated
Instances, Capacity Reservations)
• Data transfer charges
• Storage options and tiers
Skills in:
• Identifying and comparing when to use various compute purchasing options
• Describing Reserved Instance flexibility
• Describing Reserved Instance behavior in AWS Organizations
• Understanding incoming data transfer costs and outgoing data transfer costs
(for example, from one Region to another Region, within the same Region)
• Understanding different pricing options for various storage options and
tiers

Task Statement 4.2: Understand resources for billing, budget, and cost management.

Knowledge of:
• Billing support and information
• Pricing information for AWS services
• AWS Organizations
• AWS cost allocation tags
Skills in:
• Understanding the appropriate uses and capabilities of AWS Budgets, AWS
Cost Explorer, and AWS Billing Conductor
• Understanding the appropriate uses and capabilities of AWS Pricing
Calculator
• Understanding AWS Organizations consolidated billing and allocation of
costs
• Understanding various types of cost allocation tags and their relation to
billing reports (for example, AWS Cost and Usage Report)

Task Statement 4.3: Identify AWS technical resources and AWS Support options.

Knowledge of:
• Resources and documentation available on official AWS websites
• AWS Support plans
• Role of the AWS Partner Network, including independent software vendors
and system integrators
• AWS Support Center
Skills in:
• Locating AWS whitepapers, blogs, and documentation on official AWS
websites
• Identifying and locating AWS technical resources (for example AWS
Prescriptive Guidance, AWS Knowledge Center, AWS re:Post)
• Identifying AWS Support options for AWS customers (for example,
customer service and communities, AWS Developer Support, AWS Business
Support, AWS Enterprise On-Ramp Support, AWS Enterprise Support)
• Identifying the role of Trusted Advisor, AWS Health Dashboard, and the
AWS Health API to help manage and monitor environments for cost
optimization
• Identifying the role of the AWS Trust and Safety team to report abuse of
AWS resources
• Understanding the role of AWS Partners (for example AWS Marketplace,
independent software vendors, system integrators)
• Identifying the benefits of being an AWS Partner (for example, partner
training and certification, partner events, partner volume discounts)
• Identifying the key services that AWS Marketplace offers (for example, cost
management, governance and entitlement)
• Identifying technical assistance options available at AWS (for example, AWS
Professional Services, AWS Solutions Architects)

Graph View

Backlinks

  • No backlinks found