Certified - AWS Certified Cloud Practitioner

One of the most important steps in learning about AWS is becoming familiar with its core services. These are the building blocks that nearly every customer uses in one way or another. They fall into a few major categories: compute, storage, and databases. Compute services provide the power to run applications. Storage services hold data securely and efficiently. Database services organize information in ways that make it easy to search and use. Understanding these categories gives you a strong foundation for both the AWS Certified Cloud Practitioner exam and for real-world conversations about cloud computing. Without this basic knowledge, it’s difficult to see how AWS supports businesses of all sizes.
Let’s start with compute services, which are often the entry point for customers. Compute refers to the virtual machines and environments where applications actually run. The most widely used service is Amazon EC2, which stands for Elastic Compute Cloud. EC2 allows you to launch virtual servers on demand. Instead of buying a physical machine, you rent as many or as few servers as you need, paying by the hour or second. Each virtual server is called an instance, and AWS offers many types of instances optimized for different tasks, such as high memory, fast processing, or large storage. EC2 is flexible and powerful, making it a core service in AWS.
Another compute option is Amazon ECS, or Elastic Container Service. Containers are a lightweight way to package applications so they run consistently in different environments. Imagine a shipping container: no matter what’s inside, it can be transported easily and fits the same way on a ship, train, or truck. In technology, containers do the same for software. ECS manages these containers at scale, letting businesses deploy hundreds or thousands of them without worrying about the underlying infrastructure. For organizations using modern software development methods, container services like ECS or Amazon EKS, the Elastic Kubernetes Service, are essential.
AWS Lambda introduces another approach to compute: serverless computing. In traditional computing, whether physical or virtual, you must think about the servers themselves. With Lambda, you don’t. You simply write the code you want to run, and AWS takes care of executing it when needed. You’re only charged for the time your code is actually running, not for idle servers. This makes Lambda efficient for event-driven tasks, like processing an image when it’s uploaded or sending a notification when a certain condition is met. Serverless computing has become popular because it reduces costs and complexity, freeing developers to focus on logic instead of infrastructure.
Next, let’s turn to storage services. Storage in AWS comes in different forms depending on the needs of the customer. Amazon S3, or Simple Storage Service, is the most widely used. It provides object storage, meaning data is stored as objects with metadata in buckets. S3 is designed to scale infinitely, handling everything from small personal backups to massive enterprise archives. It’s known for durability, with data replicated across multiple locations for safety. S3 is often the first service people encounter in AWS because it’s simple, reliable, and cost-effective. It is the backbone for storing files, media, backups, and more.
Amazon EBS, or Elastic Block Store, is another storage service, but it works differently from S3. EBS provides block storage, which is like the hard drive of a traditional computer. Each block of data is stored in sequence, and the storage is directly attached to an EC2 instance. This makes EBS ideal for workloads that require quick, consistent access to data, like databases or operating systems. Think of S3 as a massive warehouse where you can store countless boxes, while EBS is more like the hard disk inside your personal computer—fast and directly tied to the system running applications.
Amazon Glacier, now called Amazon S3 Glacier, provides archival storage. This is designed for data that is rarely accessed but must be kept for long periods, such as compliance records or historical data. The trade-off is cost versus speed: Glacier is very inexpensive, but retrieving data can take minutes to hours. Imagine a deep storage vault where documents are safe but not immediately accessible. Businesses use Glacier for records that must be preserved but do not need instant access. By offering this low-cost option, AWS helps organizations balance cost efficiency with long-term data retention requirements.
Now let’s explore database services, another essential category. A database is a structured way of storing and organizing information so that it can be easily retrieved and managed. AWS provides multiple database services tailored to different use cases. The most widely known is Amazon RDS, or Relational Database Service. RDS makes it easy to set up and run relational databases, which use tables and structured query language, or SQL, to manage data. These are the same types of databases that power traditional business applications, from payroll systems to online stores. With RDS, AWS handles maintenance tasks like backups and patching, letting customers focus on using the database rather than managing it.
Amazon DynamoDB is AWS’s managed NoSQL database. Unlike relational databases, NoSQL databases are designed for speed and scalability without rigid table structures. DynamoDB can handle millions of requests per second, making it ideal for applications like gaming, mobile apps, or real-time analytics. Think of RDS as an orderly library where every book has a precise catalog entry, while DynamoDB is more like a giant warehouse where items can be retrieved quickly without following strict organization rules. Both serve important roles, and AWS provides options to match different business needs.
For handling massive amounts of analytical data, AWS offers Amazon Redshift. Redshift is a data warehouse service, designed to process large volumes of structured data quickly. Businesses use it to analyze trends, create reports, and support decision-making. For example, a retail company could use Redshift to study years of sales data and forecast future demand. Redshift is optimized for querying and analysis rather than day-to-day operations, making it a powerful tool for business intelligence. Its ability to crunch large datasets in near real-time makes it stand out among AWS database services.
Another notable database service is Amazon Aurora. Aurora is a relational database engine that is compatible with MySQL and PostgreSQL, two of the most popular open-source databases. What makes Aurora unique is its performance and reliability. AWS designed it to be faster and more resilient than traditional databases, while still being cost-effective. Aurora automatically replicates data across multiple Availability Zones and continuously backs it up to S3. This means it combines the familiarity of existing database engines with the scalability and durability of the cloud. For many customers, Aurora provides the best of both worlds: compatibility with existing systems and cloud-level enhancements.
For more cyber related content and books, please check out cyber author dot me. Also, there are other prepcasts on Cybersecurity and more at Bare Metal Cyber dot com.
Networking services form the glue that holds AWS systems together. At the heart of networking in AWS is the Virtual Private Cloud, or VPC. A VPC allows customers to create their own private section of the AWS cloud, where they can launch resources like servers and databases in a controlled environment. Within a VPC, users can define subnets, set up routing rules, and control access through firewalls called security groups. It’s similar to building a private neighborhood inside a larger city—you benefit from the city’s infrastructure, but you control who enters and how the roads are laid out in your neighborhood.
Amazon Route 53 is AWS’s domain name service, or DNS. DNS is what translates human-friendly names like “example.com” into the numeric addresses that computers use to communicate. Without DNS, you would have to memorize long strings of numbers to visit websites. Route 53 not only provides this translation service but also offers traffic routing and health checks. It can direct users to the nearest AWS Region for lower latency or reroute them automatically if one server fails. This makes Route 53 both a naming system and a powerful tool for improving performance and reliability across the cloud.
Elastic Load Balancing, often shortened to ELB, is another networking feature. Load balancing means distributing traffic across multiple servers so that no single one becomes overwhelmed. Imagine a busy restaurant with many waiters—customers are seated evenly so that service remains smooth. ELB does the same for applications. It automatically detects healthy servers and routes users to them. If a server goes down, ELB redirects traffic without interruption. This service is crucial for achieving high availability and reliability, ensuring that applications remain responsive even under heavy demand or unexpected failures.
Content delivery is handled by Amazon CloudFront. CloudFront is a content delivery network, or CDN, that stores copies of data at edge locations worldwide. This ensures that users get information from the location closest to them. For example, someone watching a video in London would receive the stream from an edge location nearby instead of waiting for data to travel from a U.S. server. This reduces delay and improves the experience. CloudFront is widely used for websites, media streaming, and software downloads. By pushing content closer to users, it makes applications feel faster and more responsive no matter where the audience is.
Security services are another core part of AWS offerings. The most fundamental is Identity and Access Management, or IAM. IAM allows organizations to control who can log in, what they can access, and what actions they can take. Permissions are set through policies, ensuring that users only have the access they need and nothing more. This follows the principle of least privilege, which reduces risk by limiting exposure. IAM is often the first line of defense in cloud environments. If configured properly, it prevents unauthorized access and provides clear control over every account and role within the AWS environment.
To protect against attacks from the outside, AWS offers services like AWS Shield. Shield is designed to defend against distributed denial-of-service attacks, or DDoS attacks. These attacks overwhelm systems with massive amounts of traffic, making them unavailable to legitimate users. Shield automatically detects and mitigates such attacks at the network level, ensuring applications remain accessible. For customers, this protection is built in, reducing the burden of creating their own defenses. It is another example of AWS handling part of the shared responsibility, safeguarding infrastructure so customers can focus on their applications.
Another layer of protection comes from AWS WAF, which stands for Web Application Firewall. A WAF filters and monitors traffic going to web applications, blocking malicious requests such as SQL injections or cross-site scripting attempts. These are common techniques used by attackers to exploit vulnerabilities in websites. With AWS WAF, customers can set rules that control what kind of traffic is allowed. For example, they can block requests from suspicious IP addresses or patterns of behavior that look like attacks. This gives customers a customizable defense tool, tailored to the specific risks facing their applications.
Management services help customers organize and automate their cloud environments. AWS CloudFormation is a key service in this category. It allows users to define their entire infrastructure as code, meaning they can describe servers, networks, and settings in text files. These templates can then be deployed automatically, creating consistent environments every time. This approach reduces human error, speeds up deployment, and makes it easier to replicate setups across projects. Think of it like having blueprints for a building—you can recreate the same design whenever needed without relying on memory or manual work.
Monitoring is another critical aspect of management, and AWS CloudWatch is the service built for it. CloudWatch collects metrics, logs, and events from AWS resources and applications. It helps organizations understand how their systems are performing, detect unusual activity, and set alerts for problems. For example, if a server’s CPU usage spikes suddenly, CloudWatch can notify the administrator before it becomes a serious issue. Monitoring ensures that systems stay healthy and that potential problems are caught early. CloudWatch is an essential tool for maintaining visibility and control in dynamic cloud environments.
Awareness of these services is especially important for the AWS Certified Cloud Practitioner exam. While you won’t be asked to configure or manage them in detail, you are expected to recognize their purpose and role. Knowing that EC2 is compute, S3 is storage, RDS is relational databases, IAM controls access, and CloudWatch provides monitoring gives you the vocabulary to answer exam questions and to participate in workplace discussions. The exam measures your ability to identify which service fits a scenario, not your ability to write code or perform technical configurations.
The real benefit of understanding AWS’s core services is that they provide the foundation for everything else. Once you know what these building blocks do, advanced concepts like analytics, machine learning, and DevOps become much easier to grasp. The services we’ve discussed—compute, storage, databases, networking, security, and management—are the pillars of the AWS cloud. Whether you are pursuing certification, a career in technology, or simply learning to understand the digital world around you, these fundamentals give you the language and confidence to move forward. They are the starting point for deeper knowledge and practical application.
As we wrap up this overview, remember that AWS services are designed to be flexible and scalable. You don’t need to know every detail right away, but becoming comfortable with the categories and their main examples gives you a strong foundation. Compute powers applications, storage holds data, databases organize it, networking connects it, security protects it, and management tools keep it all running smoothly. These are the core concepts you’ll build on as you continue through your AWS journey. With this knowledge, you are well prepared to tackle both the exam and the practical use of AWS in real-world settings.