AWS Fundamentals: Understanding Compute, Storage, Database, Networking & Security

If you are just starting out on your journey toward mastering AWS cloud computing, then your first stop should be to understand the AWS fundamentals. This will enable you to get a solid foundation to then expand your knowledge across the entire AWS service catalog.  

It can be both difficult and daunting in deciphering where to start, you may find yourself asking questions like, “Where do I begin? What services should I learn about first? What principles and frameworks could help me?” Here at Cloud Academy, we have made this transition and decision easy for you in our newly updated Learning Path: Fundamentals of AWS. 

Fundamentals of AWS

This Learning Path will take you on that beginners journey to establish a sound understanding of the AWS essentials. It is comprised of:


Compute Fundamentals for AWS

The Compute category of services are key resources that allow you to carry out computational abilities via a series of instructions used by applications and systems. These resources cover a range of different services and features, including:

  • EC2 – Amazon Elastic Compute Cloud 
  • ECS – Amazon Elastic Container Service
  • ECR – Amazon Elastic Container Registry
  • EKS – Amazon Elastic Container Service for Kubernetes
  • AWS Elastic Beanstalk
  • AWS Lambda
  • AWS Batch
  • Amazon Lightsail

This course will provide the fundamental elements of all of these Compute services and features that will allow you to select the most appropriate service for your project and implementations. Each have their advantages by providing something of value that’s different to the others, which will all be discussed.

Storage Fundamentals for AWS

One of the core building blocks of Infrastructure-as-a-Service (IaaS) is storage. AWS provides a wide range of storage services that allow you to architect the correct solution for your needs. Understanding what each of these services is and what they have been designed and developed for, gives you the knowledge to implement best practices, while ensuring your data is stored, transmitted, and backed up in the most efficient and scalable way. This course focuses on each of the storage services provided by AWS and will explain the service, its key features, and when and why you might use the service within your own environment.

The objectives of this course are to provide:

  • An overview and introduction to the different AWS storage services
  • An understanding of how to transfer data into and out of AWS
  • The knowledge to confidently select the most appropriate storage service for your needs

Working with AWS Networking and Amazon VPC

This course has been designed to give you an overview of the AWS Virtual Private Cloud (VPC) and its associated networking components.  This will help you to architect and build your VPC for a variety of different work loads and use cases. The topics covered within this course include:

  • Virtual Private Clouds (VPCs)
  • Subnets
  • Route Tables
  • Network Access Control Lists (NACLs)
  • Security Groups
  • NAT Gateways
  • Bastion Hosts
  • VPN and Direct connection
  • VPC Peering
  • AWS Transit Gateway

By the end of this course, you will be able to:

  • Confidently architect a VPC across multiple availability zones within a region
  • Explain different networking components commonly used within AWS VPCs
  • Secure your VPCs to help you protect your resources within them
  • Assess which method of connectivity to your VPCs would be best in different scenarios

Database Fundamentals of AWS

This course will provide you with an introduction to the cloud database services offered by AWS. 

First, we learn to recognize and explain the basics of a cloud database service. We then learn to recognize and explain the differences between non-relational and relational databases before taking a high-level pass over the family of AWS database services available. We then dive into the non-relational databases — Amazon DynamoDB
, Amazon Elasticache, and Amazon Neptune — to explore the use cases for when we might want to use a non-relational database service. 

Next, we dive into Amazon Relational Database Service (RDS), exploring the database services provided by RDS. We then examine the services and their various use cases in the context of a scenario. 

On completing this course, you will have an understanding of the different types of database services available to you within the AWS cloud platform. You will be able to recognize and explain the various database services offered by AWS and identify and select which database service might suit a specific use case or requirement.

AWS: Overview of Identity & Access Management (IAM)

This course looks at one of the key security services within AWS, Identity & Access Management, commonly referred to IAM. This service manages identities and their permissions that are able to access your AWS resources. Understanding how this service works and what you can do with it, will help you to maintain a secure AWS environment, and IAM is an important step to ensure your resources are secure. 

Within this course we will look at:

  • What is Identity & Access Management? 
  • Groups, Users & Roles
  • IAM Policies
  • Multi-Factor Authentication
  • Identity Federation
  • IAM Features

By the end of this course, you will be able to:

  • Setup and configure users, groups, and roles to control which identities have authorization to access specific AWS resources
  • Implement multi-factor authentication
  • Create and implement IAM policies allowing you to grant or restrict very granular and specific permissions across a range of resources
  • Implement a password policy to align with your internal security controls
  • Understand when and why you may use identity federation access
  • Understand how the Key Management Service (KMS) is used in conjunction with IAM

Hands-on Labs

Our labs are designed to provide you with hands-on exposure to the AWS environment through the use of Cloud Academy’s AWS credentials, meaning you do not need to have your own AWS account.

Our AWS Fundamentals Labs include the following:

  • Create your first Amazon EC2 instance (Linux)
  • Create your first Amazon EC2 instance (Windows)
  • Create your first Amazon S3 Bucket
  • Managing Instance Volumes using EBS
  • Introduction to the Virtual Private Cloud (VPC)
  • Create your first Amazon RDS Database

By working through these labs, it will help you to solidify what you have learned through the theory courses. There is no better way to learn than to perform these tasks and steps yourself. The more you work on the labs, the more confident and aware you will be of the services and the environment.  

Blog resources

We have two blog post resources within this Learning Path:

AWS Global Infrastructure: Availability Zones, Regions, Edge Locations, Regional Edge Caches

AWS is a global public cloud provider, and as such, it has to have a global network of infrastructure to run and manage its many growing cloud services that support customers around the world. In this post, I take a look at the components that make up the AWS Global Infrastructure. 

The components are:

  • Availability Zones (AZs)
  • Regions
  • Edge Locations
  • Regional Edge
  • Caches

If you are deploying services on AWS, you will need to have a clear understanding of each of these components, how they are linked, and how you can use them within your solution to your maximum benefit.

AWS Shared Responsibility Model: Cloud Security

By the very nature of the phrase “AWS Shared Responsibility Model,” we can see that security implementation on the AWS Cloud is not the sole responsibility of any one player, but is shared between AWS and you, the customer. The AWS Shared Responsibility Model dictates which security controls are AWS’s responsibility and which are yours. In short, you decide how you want your resources to sit “in the cloud” (in other words, how much access you choose to give to and from your resources), while AWS guarantees the global security “of the cloud” (i.e., the underlying network and hardware they provide to host and connect your resources).

In my experience, a solid understanding of the AWS Shared Responsibility Model makes it easier to build and maintain a highly secure and reliable environment. Without knowing where you need to step in and take control of data security, you will not be able to properly define just how secure your environment really is. AWS treats security as its top priority — and so should you.

Knowledge checks and exam

There are three knowledge checks and one final exam within this Learning Path that will assess your level of understanding.

Knowledge Check: Compute Fundamentals for AWS

This exam will test your understanding of the products, components, features, and best practices discussed in the AWS Compute Fundamentals course. 

Knowledge Check: AWS Storage Fundamentals

This exam will test your understanding of the products, components, features, and best practices discussed in the AWS Storage Fundamentals course. 

Knowledge Check: Database Fundamentals for AWS

This exam will test your understanding of the relational and non-relational databases, how cloud databases differ from those on-premises, and features and use cases for the different AWS database services discussed in the course. 

Exam: Fundamentals of AWS

This exam will test the services and concepts discussed in the Fundamentals of AWS Learning Path. You have 45 minutes to complete 30 multiple-choice questions.

Questions will focus on the following service areas in AWS:

  • AWS Platform tools and concepts
  • Compute services
  • Storage services
  • Networking services
  • Database services
  • Security services

To dive deeper into AWS Security, Cloud Academy offers an AWS Security Services Learning Path. It is designed to introduce you to many of the different AWS Security Services that are available, and to help you implement varied levels of security within your AWS environment. 

AWS Security Services Learning Path

The services covered within this Learning Path are as follows:

  • AWS Identity & Access Management (IAM)
  • AWS Key Management Service (KMS)
  • AWS CloudHSM
  • AWS Web Application Firewall
  • AWS Shield
  • AWS Firewall Manager
  • AWS CloudTrail
  • Amazon Inspector
  • AWS Config
  • Amazon Macie
  • Amazon GuardDuty

Written by

Stuart Scott

Stuart is the AWS content lead at Cloud Academy where he has created over 40 courses reaching tens of thousands of students. His content focuses heavily on cloud security and compliance, specifically on how to implement and configure AWS services to protect, monitor and secure customer data and their AWS environment.

Related Posts

Michael Sheehy
— August 19, 2019

What Exactly Is a Cloud Architect and How Do You Become One?

One of the buzzwords surrounding the cloud that I'm sure you've heard is "Cloud Architect." In this article, I will outline my understanding of what a cloud architect does and I'll analyze the skills and certifications necessary to become one. I will also list some of the types of jobs ...

Read more
  • AWS
  • Cloud Computing
Nitheesh Poojary
— August 16, 2019

Boto: Using Python to Automate AWS Services

Boto allows you to write scripts to automate things like starting AWS EC2 instances Boto is a Python package that provides programmatic connectivity to Amazon Web Services (AWS). AWS offers a range of services for dynamically scaling servers including the core compute service, Elastic...

Read more
  • Automated AWS Services
  • AWS
  • Boto
  • Python
Andrew Larkin
— August 13, 2019

Content Roadmap: AZ-500, ITIL 4, MS-100, Google Cloud Associate Engineer, and More

Last month, Cloud Academy joined forces with QA, the UK’s largest B2B skills provider, and it put us in an excellent position to solve a massive skills gap problem. As a result of this collaboration, you will see our training library grow with additions from QA’s massive catalog of 500+...

Read more
  • AWS
  • Azure
  • content roadmap
  • Google Cloud Platform
Adam Hawkins
— August 9, 2019

DevSecOps: How to Secure DevOps Environments

Security has been a friction point when discussing DevOps. This stems from the assumption that DevOps teams move too fast to handle security concerns. This makes sense if Information Security (InfoSec) is separate from the DevOps value stream, or if development velocity exceeds the band...

Read more
  • AWS
  • cloud security
  • DevOps
  • DevSecOps
  • Security
Stefano Giacone
— August 8, 2019

Test Your Cloud Knowledge on AWS, Azure, or Google Cloud Platform

Cloud skills are in demand | In today's digital era, employers are constantly seeking skilled professionals with working knowledge of AWS, Azure, and Google Cloud Platform. According to the 2019 Trends in Cloud Transformation report by 451 Research: Business and IT transformations re...

Read more
  • AWS
  • Cloud skills
  • Google Cloud
  • Microsoft Azure
Andrew Larkin
— August 7, 2019

Disadvantages of Cloud Computing

If you want to deliver digital services of any kind, you’ll need to estimate all types of resources, not the least of which are CPU, memory, storage, and network connectivity. Which resources you choose for your delivery —  cloud-based or local — is up to you. But you’ll definitely want...

Read more
  • AWS
  • Azure
  • Cloud Computing
  • Google Cloud Platform
Joe Nemer
Joe Nemer
— August 6, 2019

Google Cloud vs AWS: A Comparison (or can they be compared?)

The "Google Cloud vs AWS" argument used to be a common discussion among our members, but is this still really a thing? You may already know that there are three major players in the public cloud platforms arena: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)...

Read more
  • AWS
  • Google Cloud Platform
  • Kubernetes
Stuart Scott
— July 29, 2019

Deployment Orchestration with AWS Elastic Beanstalk

If you're responsible for the development and deployment of web applications within your AWS environment for your organization, then it's likely you've heard of AWS Elastic Beanstalk. If you are new to this service, or simply need to know a bit more about the service and the benefits th...

Read more
  • AWS
  • elastic beanstalk
Stuart Scott
— July 26, 2019

How to Use & Install the AWS CLI

What is the AWS CLI? | The AWS Command Line Interface (CLI) is for managing your AWS services from a terminal session on your own client, allowing you to control and configure multiple AWS services and implement a level of automation. If you’ve been using AWS for some time and feel...

Read more
  • AWS
  • Command line interface
Alisha Reyes
Alisha Reyes
— July 22, 2019

Cloud Academy’s Blog Digest: July 2019

July has been a very exciting month for us at Cloud Academy. On July 10, we officially joined forces with QA, the UK’s largest B2B skills provider (read the announcement). Over the coming weeks, you will see additions from QA’s massive catalog of 500+ certification courses and 1500+ ins...

Read more
  • AWS
  • Azure
  • Cloud Academy
  • Cybersecurity
  • DevOps
  • Kubernetes
Adam Hawkins
— July 17, 2019

How to Become a DevOps Engineer

The DevOps Handbook introduces DevOps as a framework for improving the process for converting a business hypothesis into a technology-enabled service that delivers value to the customer. This process is called the value stream. Accelerate finds that applying DevOps principles of flow, f...

Read more
  • AWS
  • AWS Certifications
  • DevOps
  • DevOps Foundation Certification
  • Engineer
  • Kubernetes
Vineet Badola
— July 15, 2019

AWS AMI Virtualization Types: HVM vs PV (Paravirtual VS Hardware VM)

Amazon Machine Images (AWS AMI) offers two types of virtualization: Paravirtual (PV) and Hardware Virtual Machine (HVM). Each solution offers its own advantages. When we’re using AWS, it’s easy for someone — almost without thinking —  to choose which AMI flavor seems best when spinning...

Read more
  • AWS
  • Hardware Virtual Machine
  • Paravirtual
  • Virtualization