Explore how websites work, from clients and servers to IP addresses, CPU, memory, storage, and databases, and why traditional IT shifted to on-demand cloud resources.

Explore how cloud computing delivers on-demand compute power, storage, and apps with pay-as-you-go pricing, enabling instant provisioning and scalable resources across global infrastructure.

Explore the three cloud service models: IaaS, PaaS, and SaaS. Understand how AWS pay-as-you-go pricing for compute, storage, and networking supports on-premises migration.

Trace AWS's evolution from internal IT to a global cloud platform. Understand its region-based infrastructure, availability zones, edge locations, and various use cases.

Explore the AWS console's new UI update, featuring a bright white interface and rounded blue buttons, while confirming that functionality remains unchanged from the old UI.

Explore the AWS console, learn how to select a region for lower latency, and navigate services by menu or search, including global versus regional services and regional availability.

Explore the shared responsibility model, defining your security duties in the cloud versus AWS, including data, operating system, and network controls, and review the AWS acceptable use policy.

Learn IAM basics: create users and groups, assign JSON policies, and enforce least privilege to securely control AWS services like EC2, elastic load balancing, and CloudWatch.

Practice creating IAM users and groups in AWS, assign administrator access, use tags, and sign in as IAM users via the global IAM service instead of the root account.

Enable multi-session support in the AWS console to sign into multiple accounts within the same browser, add sessions, and manage EC2 and EBS tasks across accounts.

Examine how IAM policies attach to groups and users, including inline policies, and learn the policy structure with version, id, statement, effect, principle, action, and resource.

Explore how IAM policies control access in AWS, manage users and groups, attach read-only or admin permissions, and craft policies with JSON or a visual editor.

Define an AWS password policy with minimum length, required character types, 90-day changes, and reuse prevention. Enable MFA for root and IAM users using virtual and hardware devices.

Define and enforce an IAM password policy with minimum length, character requirements, expiration, and reuse rules, then enable root account MFA with an authenticator app via QR code.

Access AWS through three options: management console, CLI, and SDK. Generate and protect access keys to enable secure CLI access and programmatic API calls.

Install the AWS CLI version 2 on Windows using the MSI installer, verify with aws --version, and learn how to upgrade by re-running the installer.

Install the AWS CLI version 2 on macOS with a graphical pkg installer, then verify by running aws --version in the terminal; refer to the guide for troubleshooting if needed.

Install the AWS CLI version 2 on Linux by downloading, unzipping, and running the installer with sudo. Verify the version and start using the AWS CLI.

Create an access key pair and configure the AWS CLI with aws configure to manage users via the CLI; CLI permissions mirror console permissions when modifying the admin group.

Explore AWS CloudShell, a free cloud-based terminal for running AWS CLI commands. Use your region as default, store files between restarts, and enable upload/download with multiple tabs.

Create IAM roles to let AWS services act on your behalf by granting permissions to resources like EC2, Lambda, and CloudFormation.

Practice creating an IAM role for an EC2 instance, attach the IAM read-only access policy, and configure the trusted entity to EC2.

Create an account-level IAM credentials report detailing all users and their credential statuses. Use IAM Access Advisor to view a user's service permissions and last access, supporting least privilege.

Generate a credentials report in IAM to review root and user accounts, password rotation, MFA status, and access keys. Use Access Advisor to see service usage and refine granular permissions.

Follow IAM best practices: avoid the root account for daily use, create individual users and groups with roles, enforce MFA, protect access keys, and never share credentials.

Explore the shared responsibility model for IAM in AWS. AWS handles infrastructure and service security, while you manage users, groups, roles, policies, MFA, key rotation, and access monitoring.

Learn how IAM users map to people, group permissions with policies and JSON, create roles for AWS services, and manage with CLI or SDK, MFA, password policy, and credentials report.

Configure the AWS billing console budgets and alarms to control costs, creating a zero-spend budget and a monthly cost budget with email alerts from actual and forecasted spend.

Explore Amazon EC2, the elastic compute cloud, and learn to launch instances, configure storage, networking, security groups, and EC2 user data bootstrapping to deploy your first website.

Launch your first EC2 instance with Amazon Linux, use user data to install a web server, and explore key concepts like security groups, key pairs, and public versus private IPs.

Explore EC2 instance types and their optimization levels, including general purpose, compute optimized, memory optimized, and storage optimized, and learn the m5.2xlarge naming convention.

Explore how AWS security groups act as firewalls for EC2 instances, controlling inbound traffic. They use IP ranges or security group references and govern outbound ports 22, 80, 443, 3389.

Explore security groups for an EC2 instance, view inbound and outbound rules, and understand how timeouts indicate misconfigurations, while noting ssh and http access from anywhere.

Explore how to securely connect to Linux servers using ssh across Mac, Linux, and Windows, with Putty and EC2 Instance Connect options.

Learn to SSH into an Amazon Linux 2 EC2 instance from Mac or Linux using a PEM key, configuring port 22 security and remote command line access.

Learn to SSH into an Amazon Linux 2 EC2 instance from Windows using PuTTY, including PEM to PPK conversion, key setup, and EC2 user authentication.

Master ssh on Windows 10 using PowerShell or command prompt with a pem file to connect to an EC2 instance on port 22. Learn to set correct permissions when needed.

Discover EC2 Instance Connect: browser-based SSH into an Amazon Linux 2 AMI without keys, using a temporary key and the EC2-user.

Demonstrates using IAM roles to supply EC2 credentials without configuring keys, by attaching DemoRoleForEC2 with IAMReadOnlyAccess and verifying access via aws iam list users before and after detaching.

Explore EC2 instance purchasing options, from on-demand and reserved instances to savings plans, spot, dedicated hosts, dedicated instances, and capacity reservations, with pricing and usage guidance.

Understand the shared responsibility model for EC2, with AWS securing data centers and hosts while you manage security in the cloud, including security groups, OS patches, and IAM roles.

Configure ec2 instances by selecting an ami, instance size, and storage. Use security groups and user data to bootstrap, connect via ssh, and review on-demand or reserved options.

Explore elastic block store (EBS) volumes as network drives that persist data after termination, attach to one instance in a specific availability zone, enabling provisioned capacity and IOPS.

View, create, and attach ebs gp2 volumes to an ec2 instance, learn their binding to specific availability zones, and understand delete on termination for the root volume.

Create EBS snapshots as backups, restore across availability zones or regions, and use archive tier (75% cheaper) and a recycle bin to protect against deletion.

Learn to create and manage EBS snapshots, copy them across regions for disaster recovery, and restore volumes from snapshots with optional encryption and tagging.

Learn how AMIs power EC2 by packaging OS, software, and monitoring for faster boot and use. Create, copy across regions, or use public and marketplace AMIs to launch customized instances.

Create an ami from an ec2 instance by using user data to install httpd. Launch new instances from the ami to achieve faster boot times and reuse configured software.

Discover how EC2 image builder, a free service, automates creating, testing, and distributing AMIs for EC2, using a builder EC2 instance to install software and validate images, with scheduled runs.

Use EC2 instance store for ultra high I/O with hardware disks attached to the host, ideal for buffers, caches, and scratch data, but it is ephemeral and requires backups.

Learn about elastic file system (EFS), a managed network file system for Linux EC2 across multiple AZs, compare it with EBS, and explore EFS-IA lifecycle cost optimization.

Understand the shared responsibility model for EC2 storage, including AWS's infrastructure duties and EBS/EFS data replication. Know customer duties for backups, encryption, and awareness of EC2 instance store risks.

Explore Amazon FSx, a managed service for file systems, as an alternative to EFS or S3. Learn about FSx for Lustre and FSx for Windows File Server and AD/NTFS integration.

Explore EBS volumes attached to one EC2 in an AZ, with snapshots, AMIs, EC2 image builder, and EFS across the region, EFS-IA, FSx for Windows and Lustre.

Perform a thorough EC2 cleanup to avoid charges in the free tier: terminate running instances, delete unneeded EBS volumes and snapshots, deregister AMIs, and verify no resources remain.

Discover how elastic load balancing and auto scaling groups enable vertical and horizontal scalability across multiple availability zones, ensuring high availability for EC2-based applications.

Master elastic load balancing on AWS with ALB, NLB, and GWLB, directing traffic to EC2 instances, enabling health checks, SSL termination, and cross-zone availability.

Launch two EC2 instances, set up an application load balancer with a target group, and verify traffic is balanced between healthy instances via the ALB.

Explore how auto scaling groups automatically scale out and in with EC2 instances, register with a load balancer, and enforce min, max, and desired capacity for elasticity and cost savings.

Configure an auto scaling group with a launch template, attach it to a load balancer, set desired capacity, and observe automatic replacement of unhealthy instances.

Explore auto scaling groups strategies, including manual scaling, dynamic scaling with simple and step policies, target tracking, scheduled scaling, predictive scaling powered by machine learning, and CloudWatch alarms.

Delete the auto-scaling group to stop recreating instances, then remove the application load balancer. The target group can remain since it costs nothing and will be empty after cleanup.

Explore how elastic load balancing (ELB) and auto scaling groups (ASG) deliver high availability, scalability, elasticity, and agility by distributing traffic across multiple availability zones and replacing unhealthy instances.

Learn how Amazon S3 provides infinitely scalable storage across buckets and regions, with objects, keys, and metadata, plus use cases like backup, disaster recovery, data lake, and hosting static websites.

Create and configure an Amazon S3 bucket, upload objects, organize with folders, and explore access methods—public URLs versus pre-signed URLs—while applying security settings, block public access and server-side encryption.

Explore S3 security concepts, including user-based IAM policies, resource-based bucket policies, cross-account access, and public read controls, plus access control lists, bucket settings, and encryption options.

Enable public access for an S3 bucket and create a bucket policy with the policy generator to allow getObject on all objects. Verify that coffee.jpg is publicly accessible.

Learn how Amazon S3 hosts static websites and serves them publicly with region-based URLs. Understand the role of S3 bucket policies in enabling public reads and resolving 403 forbidden errors.

Enable a bucket as a static website, upload index.html and assets, configure the bucket for public read access, and verify a public website endpoint and URLs for coffee.jpg and beach.jpg.

Enable bucket versioning in Amazon S3 to create versions with each upload, enabling safe updates, rollback to previous versions, and delete markers; note non-versioned files have version null.

Enable S3 bucket versioning, upload new file versions, view version IDs, and use permanent deletes or delete markers to rollback and restore previous objects.

Explore Amazon S3 replication, comparing CRR and SRR, enabling versioning on source and destination, and configuring asynchronous replication across regions or within a single region with cross-account IAM permissions.

Practice configuring S3 replication by creating origin and replica buckets, enabling versioning, and validating cross-region replication of object versions.

Explore Amazon S3 storage classes—standard, infrequent access, one zone-ia, glacier variants, and intelligent tiering—and learn about 11 nines durability, availability differences, and lifecycle-based automatic object movement.

Master S3 storage classes, including Standard, Intelligent-Tiering, Standard-IA, One-Zone-IA, Glacier Instant Retrieval, Glacier Flexible Retrieval, and Glacier Deep Archive. Use lifecycle rules to automate object transitions.

Explore the S3 express one zone storage class, a high-performance, single-AZ bucket option delivering low latency and cost savings for latency-sensitive and data-intensive workloads.

Understand how S3 encryption works with server-side encryption by default on bucket creation and object uploads. Contrast this with client-side encryption, where users encrypt before uploading.

Explore how IAM Access Analyzer for S3 monitors buckets to ensure intended users have access by analyzing policies, ACL, and Access Point policies, surfacing public or shared buckets for action.

Explore AWS's shared responsibility model for S3, covering infrastructure, availability, resilience, internal configuration, and compliance. Learn user duties like enabling versioning, configuring bucket policies, logging, cost optimization, and encryption.

Discover AWS Snowball edge devices for secure data migrations and on-site processing, featuring edge storage optimized and edge compute optimized models with 210 TB and 28 TB.

Learn how to work with the AWS Snow family, selecting Snowball Edge devices for import from S3, and configuring pricing, service roles, encryption, and data shipping back to AWS.

Explore AWS snowball edge pricing, detailing usage charges, data transfer out costs, free data transfer into Amazon S3, and on-demand or upfront committed options for edge computing and large storage.

Bridge on-premises storage with AWS using storage gateway to enable hybrid cloud, disaster recovery, backup, and tiered storage via file, volume, and tape gateways.

Explore Amazon S3 basics: buckets vs objects, IAM and bucket policies, encryption, static website hosting, versioning, same-region and cross-region replication, storage classes, and tools like Snowball and Storage Gateway.

Explore databases in AWS, from relational SQL to NoSQL with flexible schemas and JSON documents. Discover managed databases, high availability, backups, patching, and scalable options.

Explore AWS relational databases with RDS and Aurora, managed SQL services hosting engines like Postgres and MySQL, with automatic provisioning, backups, read replicas, multi-AZ, and serverless options.

Create a MySQL RDS database in the Aurora console, configure single-AZ free tier, enable public access, manage credentials, monitor performance, and practice backups, snapshots, and deletion workflows for disaster recovery.

Explore RDS deployment options, including read replicas to scale reads, multi-AZ for cross-AZ failover, and multi-region setups for disaster recovery and lower latency, with writes going to the main database.

Use Amazon ElastiCache to offload read-heavy workloads from RDS by caching in-memory data, delivering high performance and low latency with AWS handling maintenance, setup, and monitoring.

Explore DynamoDB, a managed, serverless NoSQL database with multi-az replication and single-digit latency, using a primary key with partition and sort keys and offering DynamoDB Accelerator for microseconds latency.

Create a DynamoDB table with a partition key, insert items, and observe flexible attributes. Recognize the serverless, single-table NoSQL design with no joins.

Explore how DynamoDB global tables enable active-active replication across multiple regions, delivering low-latency read and write access by replicating the same data across regions like us-east-1 and eu-west-3.

Explore Redshift, a PostgreSQL-based OLAP data warehouse for analytics and dashboards, featuring columnar storage, an MPP engine, a SQL interface, and serverless options.

Explore how Amazon EMR provisions and configures Hadoop clusters on AWS for big data analysis, enabling EC2-based clusters with Spark, HBase, Presto, and Flink.

Amazon Athena provides serverless SQL analytics on data stored in S3 without loading it. It supports CSV, JSON, ORC, Avro, Parquet and integrates with QuickSight for reporting.

Explore Amazon QuickSight, a serverless, machine learning-powered business intelligence service that creates interactive dashboards from databases for analytics, with per-session pricing and integrations with RDS, Aurora, Athena, Redshift, and S3.

Explore DocumentDB, a MongoDB-compatible no SQL database on AWS, offering fully managed, highly available service with multi-AZ replication and auto-scaling storage for millions of requests per second.

Discover Amazon Neptune, a fully managed graph database for highly connected data, with milliseconds latency, replication across multiple availability zones, and use cases from knowledge graphs to social networks.

Explore Amazon Timestream, a fully managed, fast, scalable, serverless time series database. Analyze trillions of events per day and use time series analytics to find patterns in real time.

Explore Amazon managed blockchain, a service to join public blockchain networks or create scalable private networks within AWS, compatible with Hyperledger Fabric and Ethereum, enabling decentralized multi-party transactions.

Explore aws glue, a fully serverless etl service that extracts data from s3 and rds, transforms it, and loads it into redshift for analytics, and the glue data catalog.

Use the database migration service to move data between databases, including homogeneous and heterogeneous migrations. Keep the source available during migration and enable quick, secure transfers into aws.

Map AWS databases to use cases across relational, NoSQL, and analytics, covering RDS, Aurora, DynamoDB and DAX, Redshift, EMR, Athena, QuickSight, DocumentDB, Neptune, Timestream, Glue, DMS, and Amazon Managed Blockchain.

Discover how Docker packages apps into containers for portable, consistent deployment across any OS; store images on Docker Hub or Amazon ECR and run them on EC2 with ECS.

Learn how to run Docker containers on AWS with ECS and Fargate, contrasting ECS provisioning of EC2 instances with Fargate's serverless model, and using ECR to store images.

Explore Amazon EKS, a managed Kubernetes service that deploys and scales containerized applications on EC2 or Fargate, highlighting Kubernetes open source nature and cloud-agnostic portability.

Explore the serverless paradigm, where developers deploy code and functions as a service while services like AWS Lambda and managed storages such as S3 and DynamoDB handle servers behind the scenes.

Explore AWS Lambda as a serverless, on-demand compute service with auto scaling, pay-per-request pricing, a generous free tier, and event-driven integration with S3, DynamoDB, CloudWatch, and ECS/Fargate for containers.

Explore how AWS Lambda runs code in multiple languages, responds to events, scales automatically, and integrates with CloudWatch Logs and IAM roles, using hands-on hello world examples.

Expose your Lambda functions via API gateway to external clients, creating a serverless rest http api; manage security, throttling, and monitoring while connecting to DynamoDB.

Explore how AWS Batch provides a fully managed, scalable batch processing service that dynamically provisions EC2 or Spot Instances to run Docker-based batch jobs defined on ECS for cost optimization.

Explore Amazon Lightsail, a stand-alone, low-cost option that bundles virtual servers, storage, databases, and networking for quick deployments. Targets beginners with web app templates and monitoring; includes no auto-scaling.

Explore how Lightsail provides a lightweight, separate AWS service for quick WordPress deployments with region and blueprint options, simple instance plans, and easy SSH access.

Explore docker container compute on AWS, including ECS with EC2 provisioning, Fargate serverless execution, ECR private images, and Lambda for scalable function as a service with API gateway options.