I sat the AWS Certified Cloud Practitioner (CLF-C02) back in 2024 and passed. CLF-C02 is AWS’s foundational certification - broad rather than deep, covering cloud concepts, security, core services, and billing at a level anyone working around AWS should recognise.
It is the most accessible AWS exam, so if you already work with AWS day to day, a lot of this will be familiar. Treat it as a breadth check rather than a deep technical exam, and calibrate the prep to what you already know.
For more content on other relevant certifications, check Certifications.
The exam at a glance
| Questions | 65 (50 scored, 15 unscored) |
| Time | 90 minutes |
| Format | Multiple choice and multiple response |
| Passing score | 700 out of 1000 (scaled) |
| Cost | 100 USD |
| Validity | 3 years |
The score is scaled, so you do not need 70% of questions right - it is normalised across question difficulty. The exam is conceptual: it tests whether you understand what AWS services do and when they apply, not whether you can build with them.
The four domains
CLF-C02 has four domains. The percentages are the share of scored content, straight from the exam guide - the bigger the share, the more of your study time it deserves.
Domain 1 - Cloud Concepts (24%)
The “why cloud” domain. Value proposition of the cloud, the AWS global infrastructure, and the basics of how cloud economics differ from running your own hardware. Conceptual, not technical.
Focus areas:
- Benefits of cloud - elasticity, agility, pay-as-you-go, economies of scale
- AWS global infrastructure - Regions, Availability Zones, edge locations
- Cloud economics - CapEx vs OpEx, total cost of ownership
- The AWS Well-Architected Framework at a high level
- Migration and the cloud adoption basics
Domain 2 - Security and Compliance (30%)
The second-largest domain. The shared responsibility model is the spine of it - know exactly where AWS’s responsibility ends and yours begins. The rest is IAM basics and where to find compliance information.
Focus areas:
- Shared responsibility model - what AWS secures vs what you secure
- IAM - users, groups, roles, policies, MFA, root account protection
- Security services - Shield, WAF, GuardDuty, Inspector, KMS at a high level
- Compliance - AWS Artifact, where audit reports come from
- Encryption in transit and at rest as concepts
Domain 3 - Cloud Technology and Services (34%)
The largest domain and the widest. You need recognition-level knowledge of a long list of services - what each one is for, not how to configure it. Breadth beats depth here.
Focus areas:
- Compute - EC2, Lambda, Elastic Beanstalk, ECS/EKS at a glance
- Storage - S3, EBS, EFS, Glacier and when each fits
- Databases - RDS, DynamoDB, Aurora, ElastiCache at a glance
- Networking - VPC, Route 53, CloudFront, the basics
- Management and monitoring - CloudWatch, CloudTrail, Organizations, Trusted Advisor
- Ways to access AWS - console, CLI, SDKs, infrastructure as code
Domain 4 - Billing, Pricing, and Support (12%)
The smallest domain, but easy marks if you know the tools. Pricing models, the billing and cost tools, and the support plan tiers. Worth a focused hour - the distinctions are clean and frequently tested.
Focus areas:
- Pricing models - On-Demand, Reserved, Spot, Savings Plans
- Cost tools - Cost Explorer, Budgets, Cost and Usage Report, Billing Conductor
- Support plans - Basic, Developer, Business, Enterprise and what each includes
- AWS Organizations and consolidated billing
- Trusted Advisor cost checks
Services to know well
For CLF-C02 you need recognition-level knowledge - what each service is for and when you would reach for it, not how to configure it:
| Service | Know this about it |
|---|---|
| EC2 | Virtual servers; the pricing models attach here |
| S3 | Object storage, storage classes, durability |
| RDS | Managed relational databases vs running your own |
| Lambda | Serverless compute, pay per execution |
| VPC | Your private network boundary in AWS |
| IAM | Users, groups, roles, policies, MFA |
| CloudWatch | Monitoring, metrics, alarms, logs |
| CloudTrail | API activity auditing (who did what) |
| Organizations | Multi-account management, consolidated billing |
| Trusted Advisor | Best-practice checks across cost, security, performance |
| Cost Explorer / Budgets | Viewing spend vs alerting on spend |
| Well-Architected Tool | Reviewing workloads against the five pillars |
Easy things to mix up
These are the distinctions the exam likes to probe. At this level, knowing the boundary between a pair is usually the whole question:
- Shared responsibility model - AWS secures the cloud (hardware, global infrastructure); you secure what you put in it (data, IAM, configuration). Managed services shift more onto AWS.
- Regions vs Availability Zones vs edge locations - a Region is a geographic area, an AZ is one or more data centres within it, an edge location serves CloudFront content closer to users.
- Security groups vs network ACLs - security groups are stateful and act at the instance; NACLs are stateless and act at the subnet.
- On-Demand vs Reserved vs Spot - On-Demand for flexibility, Reserved/Savings Plans for steady long-term workloads at a discount, Spot for interruptible workloads at the biggest discount.
- Cost Explorer vs Budgets vs Cost and Usage Report - Explorer visualises past spend, Budgets alerts on thresholds, the CUR is the detailed line-item export.
- IAM users vs roles - users are long-lived identities, roles are assumed temporarily and avoid long-lived credentials.
- Support plans - Basic is free, Developer adds business-hours email support, Business adds 24/7 and a fuller Trusted Advisor, Enterprise adds a TAM.
- Trusted Advisor vs Well-Architected Tool - Trusted Advisor runs automated best-practice checks; the Well-Architected Tool is a guided self-review against the framework.
Resources
CLF-C02 is well served by free, AWS-authored material. You do not need to spend much here.
Essential
- Exam Guide (CLF-C02) - the syllabus. The domain breakdown and in-scope service list tell you exactly what is fair game.
- Exam Prep Enhanced Course (Skill Builder) - AWS’s own guided prep, free, and enough to carry most people through on its own.
- Tutorials Dojo practice exams (Jon Bonso) - the most useful practice material for AWS exams. The explanations teach the concepts, not just the answers.
- Official Practice Exam (Skill Builder) - calibrate against AWS-authored questions before booking.
Useful
- Exam Prep Standard Course (Skill Builder) - a lighter path than the enhanced course if you only need a refresher.
- Stephane Maarek’s CLF-C02 course - if you prefer a video walk-through over reading, this is the canonical one.
- DigitalCloud cheat sheets - good for last-week revision once the concepts are in place.
Skip if you are tight on time
- DigitalCloud resources page and Rishab Kumar’s CloudNotes - handy as references, but they overlap with the official course and your practice exams. Skim, do not study cover to cover.
Notes
- This is a breadth exam. Recognising what a service is for matters far more than any configuration detail - do not over-study any single service.
- The free Skill Builder enhanced course plus one set of practice exams is enough for most people. There is no need to buy multiple courses.
- Learn the shared responsibility model and the support plan tiers cold - they are reliable marks and the distinctions are clean.
- The score is scaled, so aim to clear 700 comfortably on practice exams rather than chasing a specific number.
- If you want the developer-level depth that this exam only touches, the DVA-C02 study notes are the natural next step up.