AI, data, security, and governance are common service-identification topics in AWS CLF-C02.
AI/ML Services
AWS provides multiple layers of AI/ML capability:
- AI services: ready-to-use capabilities such as recognition, translation, speech, and text analysis
- ML services: tools for training and deploying models
- ML frameworks and infrastructure: lower-level training environments
For generative AI, Amazon Bedrock is commonly used to access foundation models and build generative AI applications.
Data Analytics
A common flow is ETL:
- Extract
- Transform
- Load
Data pipelines move data from sources into storage and analytics platforms. Analytics services help query, visualize, and discover insights.
Identity and Access
IAM manages users, groups, roles, and permission policies.
IAM Identity Center centralizes identity management.
Secrets Manager securely stores secrets and credentials.
Systems Manager supports operations automation and instance management.
Network and Application Protection
Common services:
- AWS Shield: DDoS protection
- AWS WAF: web application firewall
- Security Groups: instance-level firewall
- Network ACL: subnet-level firewall
Data Protection
KMS manages encryption keys. Backups, encryption, access control, and auditing work together to protect data.
Monitoring and Governance
CloudWatch monitors metrics and logs.
CloudTrail audits API calls.
AWS Config tracks resource configuration changes.
AWS Organizations manages multiple accounts.
AWS Artifact provides compliance reports and agreements.