AWS Certified Cloud Practitioner (CLF-C02) #6 Domain 3-1 Core Services — Compute and Storage

10 min read

With #5 we finished Domain 2. Now into the domain that carries the heaviest weight on the exam — Cloud Technology and Services (34%).

Almost every question in this domain takes the shape “Which service best fits this scenario?”. Rather than memorizing every feature of every service, it’s far more efficient to classify the kind of workload each service solves.

This post covers the front half of Domain 3 — compute and storage.

Compute services at a glance #

ServiceAbstraction levelWorkload
EC2Virtual machineThe most general-purpose compute. OS of your choice, install whatever software you want
LightsailEC2 + prepackagedSimple websites or small apps, flat-rate pricing
ECS / EKSContainer orchestrationContainer-based microservices
FargateServerless containersStrips the node-management burden out of ECS/EKS
LambdaFunction-level serverlessEvent-driven, short-running code
Elastic BeanstalkApp deployment automationUpload code and AWS provisions the infrastructure
BatchBatch jobsLarge-scale data processing
OutpostsOn-prem AWS hardwareData sovereignty + API consistency with AWS
Local Zones / WavelengthGeographic extensionSingle-digit ms latency / 5G workloads

EC2 — Elastic Compute Cloud #

The most basic service providing virtual machines. We covered it in Basics Track #2.

Instance families #

EC2 instance names carry a family + generation + size (m5.large, c6i.xlarge).

FamilyUse
T (Burstable)Workloads with low day-to-day traffic and occasional spikes (dev, small web)
M (General Purpose)Balanced workloads. The most common pick
C (Compute Optimized)CPU-intensive (batch processing, game servers)
R (Memory Optimized)Memory-intensive (in-memory DBs, caches)
X / Z (High Memory)Very large memory (SAP HANA-class)
I (Storage Optimized)Fast local SSD (NoSQL DBs)
G / P (Accelerated)GPU (ML, graphics)
A (Arm-based, Graviton)Price-performance and power efficiency

You don’t need to memorize every family for the exam. “GPU workloads go to G/P”, “memory-heavy goes to R”, “general-purpose is M” is enough.

EC2 instance pricing models (briefly) #

We cover pricing in detail in #8. The essentials:

ModelCharacter
On-DemandPay for what you use. Most expensive but most flexible
Reserved Instance1- or 3-year commitment. Up to 75% off
Savings PlansHourly commitment. More flexible than RIs
Spot InstanceUses idle capacity. Up to 90% off. Can be interrupted at any time
Dedicated HostAn entire physical server. Licensing and regulatory needs

Lambda — serverless functions #

A service that runs your code with no server management.

AttributeValue
Max execution time15 minutes
Memory128 MB to 10 GB
TriggersS3, API Gateway, SQS, EventBridge, and many more
PricingRequest count + execution time (in milliseconds)
Free tier1M requests + 400,000 GB-seconds per month

Exam patterns #

  • “Automatically generate a thumbnail whenever an image is uploaded to S3” → Lambda + S3 events
  • “Run a REST API with no server management” → Lambda + API Gateway
  • “Data processing that takes more than an hour” → Lambda doesn’t fit (15-minute limit). Use ECS/Batch
  • “Highly irregular usage, only fires occasionally” → Lambda (charged only for what you use)

ECS, EKS, Fargate — containers #

ServiceMeaning
ECS (Elastic Container Service)AWS-native container orchestration
EKS (Elastic Kubernetes Service)Managed Kubernetes
FargateThe serverless mode for ECS/EKS — removes the node (EC2) management burden

ECS’s two launch modes #

ModeMeaning
ECS on EC2You manage the EC2 nodes yourself
ECS on FargateNo node management. Billed per container

Exam patterns #

  • “Run Docker containers without managing nodes” → Fargate
  • “Use the standard Kubernetes interface and have AWS manage it” → EKS
  • “Just run containers on AWS, nothing fancy” → ECS
  • “We use Kubernetes on-prem and want the same tooling on AWS” → EKS (portability)

Elastic Beanstalk #

A service that deploys apps as a PaaS. Upload your code as a zip and AWS provisions EC2, ELB, and Auto Scaling automatically.

Supported platforms: Node.js, Python, Java, Ruby, Go, .NET, PHP, Docker, and more.

Exam patterns #

  • “Deploy a Node.js app as fast as possible with minimal infrastructure setup” → Elastic Beanstalk
  • “Keep existing EC2/ELB/Auto Scaling and just automate deployment” → CodeDeploy fits better than Beanstalk

Lightsail #

Provides a simple virtual server plus prepackaged apps (WordPress, LAMP, MEAN) on flat-rate pricing.

ItemValue
PricingFrom $3.50/month
IncludesEC2 instance + data transfer + static IP + DNS + load balancing (optional)
Use casesPersonal blogs, small business websites

EC2 vs Lightsail #

  • EC2 — Powerful and flexible, but requires infrastructure knowledge. Usage-based pricing
  • Lightsail — Simple. Flat rate. For beginners and small workloads

AWS Batch #

A managed service for batch jobs. Automatically schedules and retries hundreds to tens of thousands of jobs.

Exam patterns #

  • “Batch-encode hundreds of thousands of videos” → AWS Batch
  • “Process massive data overnight” → Batch
  • “A short, one-shot data transformation” → Lambda

Outposts, Local Zones, Wavelength #

ServiceMeaning
OutpostsAWS hardware placed inside your data center. Data sovereignty + API consistency with AWS
Local ZonesSmall region extensions placed in metropolitan areas. Single-digit ms latency
WavelengthInside 5G telco networks. Minimizes latency for mobile 5G users

For the exam, just map use cases:

  • Data must not leave the corporate data center → Outposts
  • Gaming/media needing single-digit ms latency → Local Zones
  • Minimum latency for 5G mobile users → Wavelength

Compute workload mapping #

ScenarioRecommended service
Traditional web serverEC2 or Beanstalk
Event-driven short codeLambda
Processing that takes 1+ hoursEC2, ECS, Batch
Containers without managing nodesFargate
Kubernetes standardEKS
Upload code and let AWS handle infrastructureElastic Beanstalk
Personal blog or small siteLightsail
Large-scale batch jobsBatch
Keep data on-prem but use AWS APIsOutposts
GPU ML workloadsEC2 G/P family
Physical server required for licensingDedicated Host

Storage services at a glance #

ServiceTypeCharacter
S3Object storageThe most general. Infinite scale. HTTP/HTTPS
EBSBlock storageEC2’s disk
EFSFile storage (Linux)Multiple EC2 instances mount simultaneously
FSxFile storage (specialized)Windows / Lustre / NetApp / OpenZFS
Storage GatewayHybridBridges on-prem ↔ AWS storage
Snow FamilyData transfer devicesPetabyte-scale offline transfer
BackupUnified backupConsolidates backup policies across services

S3 (Simple Storage Service) #

The standard for object storage. Files are accessed by URL.

Characteristics #

  • Infinite scale — Practically no limit on object count or total capacity
  • Up to 5 TB per object
  • 99.999999999% (11 9s) durability — Automatically replicated across multiple facilities
  • Bucket names are globally unique
  • Looks global, but data lives in a region

S3 Storage Classes #

The most frequently tested area. Tiers based on access frequency.

ClassCharacterUse case
S3 StandardImmediate access, multi-AZFrequently accessed data
S3 Intelligent-TieringAuto-tiers dataIrregular or unpredictable access patterns
S3 Standard-IA (Infrequent Access)Immediate access, lower GB cost, retrieval fees applyLess than once a month
S3 One Zone-IAIA + single AZ. Cheaper, lower availabilityReproducible backups
S3 Glacier Instant RetrievalImmediate access, archive pricingAbout once a quarter
S3 Glacier Flexible RetrievalMinutes-to-hours retrievalOnce or twice a year
S3 Glacier Deep Archive12-hour retrieval, cheapest of allLegal retention (7+ years)

Exam patterns #

  • “Accessed about once a month but must be retrieved immediately” → S3 Standard-IA
  • “Access pattern is unpredictable, optimize automatically” → Intelligent-Tiering
  • “7-year legal retention, almost never accessed, lowest cost possible” → Glacier Deep Archive
  • “Reproducible backup, minimize cost” → One Zone-IA

S3 Lifecycle Policy #

A rule that automatically moves objects to another class after a time threshold.

Lifecycle example
Object created → after 30 days move to Standard-IA → after 90 days to Glacier → after 1 year delete

S3 security #

FeatureDescription
Block Public AccessAccount/bucket/object-level public block
Bucket PolicyBucket-level access policy (JSON)
ACL (Access Control List)Object-level permissions (legacy, not recommended)
EncryptionSSE-S3 / SSE-KMS / SSE-C / client-side
VersioningKeeps versions of objects; recovers from accidental deletes or overwrites
MFA DeleteRequires MFA to delete objects (only root can enable)

Common S3 scenarios on the exam #

  • “Static website hosting” → S3 (Static Website Hosting)
  • “Upload a single object larger than 5 GB” → Multipart Upload
  • “Grant temporary download access to a third party” → Pre-signed URL
  • “Replicate S3 objects to another region” → Cross-Region Replication (CRR)
  • “Replication within the same region” → Same-Region Replication (SRR)

EBS (Elastic Block Store) #

EC2’s disk.

AttributeValue
MountMounts to a single EC2 instance (Multi-Attach option exists)
AZ-boundAn EBS volume is bound to one AZ. EC2 in another AZ cannot use it
SnapshotsStored in S3, can be copied to other regions
Typesgp3 (general-purpose SSD), io2 (high-performance SSD), st1 (throughput HDD), sc1 (low-cost HDD)

Exam patterns #

  • “EC2’s boot disk” → EBS
  • “EC2 in another AZ mounts the same disk” → Not possible. Use EFS
  • “EBS backup” → Snapshot (stored in S3)

EFS (Elastic File System) #

File storage that multiple EC2 instances mount simultaneously. Linux only (NFS).

AttributeValue
Concurrent mountsThousands of EC2 instances on the same filesystem
Auto-scalingGrows automatically as you use it
Multi-AZA single EFS is usable from EC2 instances in multiple AZs
ClassesStandard / Infrequent Access

Exam patterns #

  • “Multiple EC2 instances share files with read/write” → EFS
  • “Shared files for Windows servers” → EFS doesn’t fit. FSx for Windows

FSx #

Managed file systems for specialized workloads.

TypeUse
FSx for Windows File ServerSMB for Windows environments
FSx for LustreHPC and ML high-performance compute
FSx for NetApp ONTAPNetApp compatibility
FSx for OpenZFSOpenZFS workloads

For the exam, just map:

  • Windows SMB share → FSx for Windows
  • HPC, ML → FSx for Lustre

Storage Gateway — hybrid storage #

A gateway that bridges on-prem and AWS storage.

TypeUse
File GatewayOn-prem NFS/SMB ↔ S3
Volume GatewayBlock volume backup
Tape GatewayVirtual tape backup → S3 / Glacier

Exam scenario: “Move on-prem backup tape systems to the cloud” → Tape Gateway.

Snow Family — bulk data transfer #

DeviceCapacity
Snowcone8 TB SSD / 14 TB HDD
Snowball Edge80 TB or 210 TB
Snowmobile100 PB (an actual truck)

Petabyte-scale data is shipped on physical devices rather than over the internet.

Exam scenario: “Move 500 TB from the corporate data center to AWS in one shot, internet is slow” → Snowball Edge.

AWS Backup — unified backup #

Consolidates backups across services (EBS, RDS, EFS, DynamoDB, FSx, and more) into a single policy.

Storage workload mapping #

ScenarioRecommended service
General object storage (files, images, logs)S3
EC2 boot disk or DB diskEBS
Shared files across Linux EC2 instancesEFS
Windows shared files (SMB)FSx for Windows
HPC/ML high-performance file systemFSx for Lustre
Accessed about once a monthS3 Standard-IA
Quarterly, but must be immediateS3 Glacier Instant Retrieval
Almost never accessed, cheapest possibleS3 Glacier Deep Archive
On-prem backups into the cloudStorage Gateway (Tape)
Petabyte-scale data transferSnowball Edge, Snowmobile
Unified backup managementAWS Backup

Common traps #

1) Picking Lambda as the answer to everything compute #

Lambda has a 15-minute limit. Long jobs go to ECS/Batch.

2) EBS Multi-AZ #

EBS is bound to a single AZ by default. EC2 in another AZ cannot mount the same disk. For sharing, use EFS.

3) EFS and Windows #

EFS is Linux NFS only. For Windows, use FSx for Windows.

4) Assuming all S3 Glacier classes are instantly retrievable #

Glacier classes have different retrieval times. Only Instant Retrieval is immediate; the others take minutes to hours.

5) Trying to memorize every EC2 instance family #

T, M, C, R, G, and P are plenty. You don’t need to memorize every generation and size.

6) Dismissing Lightsail #

In small-scale, flat-rate scenarios, Lightsail is the right answer more often than you’d expect.

Wrap-up #

What this post locked in:

  • Compute — EC2 (VM) / Lambda (serverless) / ECS, EKS, Fargate (containers) / Beanstalk (PaaS) / Lightsail (small flat-rate) / Batch (batch jobs) / Outposts (hybrid)
  • Workload → service mapping is the core
  • EC2 instance families — T, M, C, R, G, P and friends classified by purpose
  • Storage — S3 (object) / EBS (block) / EFS (Linux file) / FSx (specialized file) / Storage Gateway (hybrid) / Snow (offline transfer)
  • S3 Storage Classes — Standard / Intelligent-Tiering / Standard-IA / One Zone-IA / three Glacier flavors (Instant, Flexible, Deep Archive)
  • Lifecycle Policies for automatic tier transitions
  • Traps — Lambda’s 15-minute limit, EBS’s AZ binding, EFS being Linux-only, Glacier retrieval times, over-memorizing instance families

Next — Domain 3-2 Networking and Databases #

On to the back half of Domain 3.

#7 Domain 3-2 Core Services — Networking and Databases covers VPC, Subnet, Route 53, CloudFront, the four flavors of ELB, VPN, Direct Connect, and Global Accelerator, plus the classification and use-case mappings for RDS, Aurora, DynamoDB, ElastiCache, and Redshift.

X