AWS Core Services Complete Guide — CLF-C02 Domain 3 (Cloud Technology & Services, 34%) — 30+ Services in One Article

AWS core services account for CLF-C02’s largest scope at 34% (about 17 questions). From over 240 AWS services, this article filters down to “the 30 services tested on the exam” and systematizes “when to use,” “rough pricing,” and “how it combines with other services” for each. That’s the essence of Domain 3 mastery. EC2 / S3 / RDS / Lambda / VPC / Bedrock / SageMaker and the rest — all covered with AI workload context in mind.

With Domain 2 Shared Responsibility (published 2026-05-27) giving you the responsibility boundaries and security services, and Domain 1 (published 2026-05-26) locking in the exam specification, this article now enters the service-by-service knowledge layer.

Domain 3 Overview — The Structure of the 34% Weight

Domain 3: Cloud Technology and Services is broken into 5 Task Statements per the official Exam Guide.

Concretely, the categories are Compute (EC2 / Lambda / ECS / EKS / Fargate / Elastic Beanstalk / Lightsail / Outposts), Storage (S3 / EBS / EFS / FSx / Storage Gateway), Database (RDS / Aurora / DynamoDB / ElastiCache / Redshift), Network (VPC / Route 53 / CloudFront / Direct Connect), Application Integration (SQS / SNS / EventBridge / Step Functions), and AI/ML (Bedrock / SageMaker / Q) — six categories spanning about 30 core services.

CLF-C02 mostly asks “service identification” — “which service fits this use case.” Questions like “Which serverless service runs functions on event triggers?” → Lambda. “Which service replaces traditional SAN with object storage at scale?” → S3. Memorizing each service’s elevator pitch in one line is the most cost-effective study path.

A Service Selection Decision Flow

Real architects ask: “I want to run an application — which compute service?” The decision flow goes like this.

“Need full OS control?” → EC2 (IaaS). “Want to run on Kubernetes?” → EKS. “Want to run on Docker without Kubernetes overhead?” → ECS (with EC2 launch type) or ECS+Fargate (serverless containers). “Event-driven function with no server management?” → Lambda. “Just deploy an app, don’t think about infrastructure?” → Elastic Beanstalk (PaaS). “Want a single VPS like DigitalOcean?” → Lightsail. “Need to run on-premise with AWS APIs?” → Outposts (hybrid hardware).

CLF-C02 exam questions follow this same decision flow pattern: “Which service is best for fully managed Kubernetes?” → EKS. “Which service runs code in response to S3 PUT events?” → Lambda.

Compute Services — Eight Options

EC2 has 6 main instance family categories: General Purpose (t / m), Compute Optimized (c), Memory Optimized (r / x), Storage Optimized (i / d), Accelerated Computing (p / g — GPU), and HPC Optimized (hpc). For AI workloads, p5 (8x H100), g6 (L4), and trn1 (Trainium) are the focus picks.

The EC2 pricing model has four options: On-Demand (hourly), Reserved Instances (1 / 3 year commit, up to 72% off), Savings Plans (commit to $/hour for 1 / 3 years, up to 72% off), and Spot Instances (use spare capacity, up to 90% off, but instances can be reclaimed). For AI workloads, Spot is ideal for training jobs (interruptions are recoverable), while On-Demand or Reserved suits inference APIs (interruption-sensitive).

AWS Lambda runs functions for up to 15 minutes per invocation, with the free tier covering 1 million invocations and 400,000 GB-seconds per month. Cold starts (slow first invocation) can be mitigated with Provisioned Concurrency. Combined with API Gateway + DynamoDB it forms the standard serverless API stack.

Storage Services — Centered on S3

S3 has 6 storage classes optimized for different access patterns: Standard (frequent access), Standard-IA (infrequent), One Zone-IA (single-AZ infrequent), Intelligent-Tiering (auto-tiering), Glacier Instant Retrieval (archive, millisecond retrieval), and Glacier Deep Archive (deepest archive, hours to retrieve). The Intelligent-Tiering class is the “set it and forget it” choice — it analyzes access patterns and migrates objects across tiers automatically.

S3 durability is 11 9s (99.999999999%) — practically zero risk of losing an object. Availability is 99.99% for Standard, slightly lower for IA / Glacier tiers. Versioning, MFA Delete, and Object Lock provide additional data-protection layers.

For AI / ML workloads, S3 is the de facto data lake. Training datasets, model checkpoints, intermediate features — all stored on S3 with high throughput access. SageMaker Training automatically pulls from S3 for training, and Bedrock Knowledge Bases ingests S3 documents for RAG retrieval.

Database Services — RDS and DynamoDB at the Center

Amazon RDS provides 6 database engines through a single management plane. Multi-AZ option enables automatic failover, Read Replicas enable read scaling, and automatic backups (1–35 day retention) are standard features.

Amazon Aurora is a MySQL / PostgreSQL-compatible cloud-native RDB with a storage layer that auto-replicates 6 copies across 3 AZs. It auto-extends up to 128 TB and provides a 99.99% SLA. Aurora Serverless (renamed from Aurora Serverless v2 in April 2026) auto-scales in 0.5 ACU increments based on demand, and can scale all the way to zero when idle.

Amazon DynamoDB is a key-value + document NoSQL providing single-digit-millisecond latency at any scale. It offers two pricing models — Provisioned (pre-specified) and On-Demand (auto) — that you choose based on traffic patterns. The Lambda + API Gateway + DynamoDB combination is the de facto standard for serverless APIs.

Network Services — Centered on VPC

Amazon VPC (Virtual Private Cloud) is the logical isolation foundation for any AWS workload. Public subnets (internet-accessible) and private subnets (internal-only) separate workloads; NAT Gateway provides outbound internet for private subnets. Default VPCs come with all subnets public, so production workloads typically build a custom VPC with private subnets for sensitive resources.

Amazon Route 53 is AWS’s DNS — the only AWS service with a 100% SLA, the highest commitment in the lineup. It supports routing policies like Geolocation, Latency-based, Weighted, and Failover for sophisticated traffic distribution.

CloudFront delivers static and dynamic content from 750+ edge locations globally. AWS WAF integration provides edge-layer DDoS and bot protection. With S3 + CloudFront + Route 53 you get the canonical pattern for static site hosting at minimal cost.

Application Integration — Four Messaging Services

SQS comes in Standard (best-effort ordering, at-least-once delivery) and FIFO (strict ordering, exactly-once delivery) varieties. Pricing is $0.40 per million Standard requests or $0.50 per million FIFO requests — the most economical messaging service.

SNS is the pub/sub pattern for fan-out delivery. One published message can trigger Lambda, send email, push to SMS, and write to SQS queues — all in parallel. The SNS → SQS fan-out + Lambda → DynamoDB pattern is the standard for event-driven architectures.

Step Functions orchestrates long-running workflows visually. State machines composed of Lambda invocations, Wait states, Parallel branches, and Map iterations handle complex business processes (order fulfillment, ML training pipelines, ETL workflows) declaratively.

AI / ML Services — Bedrock and SageMaker

Amazon Bedrock is the unified API for foundation models, with no infrastructure to manage. Claude Opus 4.7, Llama 4, Amazon Nova, Mistral, Stability AI, Cohere, AI21, and OpenAI GPT OSS — all accessible through one API call. Pricing is token-based (input / output tokens billed separately). Knowledge Bases adds RAG retrieval over your own S3 documents.

Amazon SageMaker is the end-to-end ML platform — Studio (notebook IDE), Training, Inference Endpoints, Pipelines (MLOps), and Model Registry. For custom model training, SageMaker is the AWS-native choice. Spot Instance integration for training jobs gives significant cost savings.

Amazon Q is the generative AI assistant for AWS workflows. Q Developer (in IDE), Q Business (enterprise document search), and Q in QuickSight (data analysis) cover different contexts. CLF-C02 may ask “What is Amazon Q?” — the answer is “AWS’s generative AI assistant for workflows.”

Deployment and Operations Services

CloudFormation is AWS’s foundational IaC tool, declaring infrastructure as YAML / JSON templates. Most enterprise deployments use CloudFormation directly or via CDK abstraction. CDK lets developers write infrastructure code in TypeScript / Python / Java, generating CloudFormation templates underneath.

CloudWatch is the universal observability service — collecting logs (CloudWatch Logs), metrics (CloudWatch Metrics), and alarms across all AWS services. With Lambda + DynamoDB + API Gateway architectures, CloudWatch is the only observability surface needed for most workloads.

Practice Questions (Domain 3 — 10 Sample Items)

Q1. Which serverless compute service runs functions on event triggers? A. EC2 B. ECS C. Lambda D. Lightsail
Answer: C

Q2. What’s the durability of S3 Standard? A. 99.9% B. 99.99% C. 99.999999999% (11 nines) D. 100%
Answer: C

Q3. Which is the right pick for “single-digit millisecond NoSQL”? A. RDS B. Aurora C. DynamoDB D. Redshift
Answer: C

Q4. Which service has a 100% SLA? A. EC2 B. S3 C. Route 53 D. Lambda
Answer: C

Q5. What’s the standard way to manage Kubernetes on AWS? A. ECS B. EKS C. Elastic Beanstalk D. Outposts
Answer: B

Q6. Which service is the foundation model API? A. SageMaker B. Bedrock C. Comprehend D. Polly
Answer: B

Q7. Which is best for “infrequent access, cheaper than Standard, retrieval in milliseconds”? A. S3 Standard B. S3 Standard-IA C. S3 Glacier Instant Retrieval D. S3 Glacier Deep Archive
Answer: C

Q8. Which is the EC2 pricing model for “spare capacity, up to 90% off”? A. On-Demand B. Reserved C. Savings Plans D. Spot
Answer: D

Q9. Which service is for sending one message to multiple subscribers? A. SQS B. SNS C. EventBridge D. Step Functions
Answer: B

Q10. Which is the IaC tool with YAML / JSON templates? A. CDK B. CodePipeline C. CloudFormation D. Systems Manager
Answer: C

Canonical Architectures Combining AWS Core Services

Serverless API: API Gateway + Lambda + DynamoDB. The de facto standard for low-traffic, event-driven APIs. Zero server management, scales from zero to millions, charge only for usage.

Static Site: S3 + CloudFront + Route 53. Hosting a static website at minimal cost. Use ACM (AWS Certificate Manager) for free TLS certificates.

3-Tier Web Application: ALB + EC2 (Auto Scaling Group) + RDS Multi-AZ. The classic pattern for traditional web apps. Auto Scaling handles traffic spikes, Multi-AZ ensures DB high availability.

RAG Chatbot: API Gateway + Lambda + Bedrock + Knowledge Bases (S3 documents) + DynamoDB (conversation history). The foundation pattern for AI-powered chatbots over enterprise documents.

Data Lake Analytics: S3 + Glue (ETL) + Athena (SQL queries on S3) + QuickSight (BI dashboard). Petabyte-scale analytics without managing data warehouse infrastructure.

Distinguishing Global vs Regional Services

AWS services break into Global (single endpoint worldwide) and Regional (separate endpoint per Region). The distinction is exam-relevant.

Global services: IAM, Route 53, CloudFront, WAF, Shield, Organizations. Operate worldwide from a single console without Region selection.

Regional services: EC2, S3, RDS, Lambda, VPC, DynamoDB, and most others. Region selection matters for latency, compliance, and cost. Resources don’t cross Region boundaries unless explicitly replicated.

S3 is interesting — bucket names are Globally unique, but the bucket itself is Regional (located in a specific Region). This is a common exam trick.

Conclusion — Next Up Is Domain 4: Billing and Support

AWS core services — 30+ services across compute, storage, database, network, application integration, AI/ML, deployment / operations — covered in one read. Domain 3 (Cloud Technology and Services, 34%) is the highest-weighted, and solid coverage here drives the largest portion of your CLF-C02 score.

Next comes Domain 4 (Billing, Pricing, and Support, 12%) — the lowest weight, but the most concrete and direct points to capture. The next article covers AWS pricing structure, billing models, and support plans in detail.

References

ブラウザだけでできる本格的なAI画像生成【ConoHa AI Canvas】

swiftwand

X

AIを使って、毎日の生活をもっと快適にするアイデアや将来像を発信しています。 初心者にもわかりやすく、すぐに取り入れられる実践的な情報をお届けします。 Sharing ideas and visions for a better daily life with AI. Practical tips that anyone can start using right away.