Cheat Sheet

AWS CLF-C02 Cheat Sheet 2026: 1-Page Domain Summary

Updated April 23, 2026  |  6 min read

Table of Contents

This cheat sheet is for anyone sitting the AWS Cloud Practitioner CLF-C02 exam in 2026 who needs a printable, domain-by-domain review of the essentials.

Test your cheat sheet knowledge
30Q Quick Drill

Domain 1: Cloud Concepts (24%)

This domain tests your understanding of why cloud computing exists. Expect questions on cost savings, scalability, and the differences between cloud, hybrid, and on-premises deployment models. Do not just memorize definitions — know why a company would choose one model over another.

  • Cloud Value Proposition: Trade capital expense (capex) for variable expense (opex). Pay only for what you use.
  • Economies of Scale: AWS serves millions of customers → lower per-unit cost than any single company can achieve alone.
  • Deployment Models: Cloud (fully AWS), Hybrid (on-prem + cloud), On-Premises (fully self-managed).
  • Global Infrastructure: Regions (geographic areas) → Availability Zones (isolated data centers) → Edge Locations (CloudFront CDN).

Domain 2: Security & Compliance (30%)

Security is the largest domain on the exam. The shared responsibility model appears in nearly every practice test. Focus on who manages what (AWS vs. customer), the basics of IAM, and the difference between encryption at rest and in transit. Compliance programs are usually tested by name recognition only.

  • IAM: Users, Groups, Roles, Policies. Principle of least privilege. Never use root account for daily tasks.
  • MFA: Multi-factor authentication required for root and IAM users. Virtual MFA (app) or hardware MFA.
  • Encryption: At rest (SSE-S3, SSE-KMS, SSE-C) and in transit (TLS/SSL). KMS manages keys.
  • Compliance: SOC, PCI-DSS, HIPAA, GDPR. AWS is responsible for the cloud; you are responsible for in the cloud.
  • AWS Organizations: Consolidated billing, SCPs (Service Control Policies), multi-account management.
  • AWS Artifact: On-demand access to AWS compliance reports and agreements.

Domain 3: Cloud Technology & Services (34%)

This is the biggest and most detailed domain. You do not need to know how to configure services — you need to know what each service does and when to use it. The exam loves questions that describe a business need and ask which service fits best. Pay special attention to storage classes and database use cases.

Compute

  • EC2: Virtual servers. Instances, AMIs, EBS volumes, Security Groups (stateful), NACLs (stateless).
  • Lambda: Serverless compute. Event-driven, pay per invocation, auto-scaling.
  • Elastic Beanstalk: PaaS for deploying web apps. Handles infrastructure automatically.
  • ECS / EKS: Container orchestration. ECS is AWS-native; EKS is managed Kubernetes.
  • AWS Fargate: Serverless compute for containers. No EC2 management needed.

Storage

  • S3: Object storage. Standard, IA, Glacier, Glacier Deep Archive. 11 nines durability.
  • EBS: Block storage for EC2. gp3 (general), io2 (high performance), st1 (throughput), sc1 (cold).
  • EFS: Managed NFS. Shared file storage across multiple EC2 instances.
  • FSx: Managed Windows File Server or Lustre.

Databases

  • RDS: Managed relational databases (MySQL, PostgreSQL, MariaDB, Oracle, SQL Server).
  • DynamoDB: NoSQL key-value store. Single-digit millisecond latency, serverless.
  • Redshift: Data warehouse for analytics.
  • ElastiCache: Managed Redis or Memcached for in-memory caching.

Networking

  • VPC: Isolated network. Subnets, route tables, internet gateways, NAT gateways.
  • CloudFront: Global CDN. Caches content at edge locations.
  • Route 53: DNS service. Domain registration, routing policies, health checks.
  • Direct Connect: Dedicated private connection from on-prem to AWS.

Other Core Services

  • CloudWatch: Monitoring, logs, metrics, alarms.
  • CloudTrail: Auditing. Records API calls and account activity.
  • SNS: Pub/sub messaging. Push notifications to email, SMS, Lambda.
  • SQS: Message queue. Decouples application components.
  • EventBridge: Serverless event bus. Connects SaaS apps and AWS services.

Domain 4: Billing, Pricing & Support (12%)

This is the smallest domain but it surprises many test-takers. You must know the four pricing models, when to use the TCO Calculator vs. the Pricing Calculator, and the four support plans by response time and cost. Billing questions are often phrased as scenario-based comparisons rather than simple recall.

  • AWS Free Tier: 12 months free for new accounts. Limited usage on EC2, S3, RDS, etc.
  • Pricing Calculator: Estimate costs before deploying.
  • TCO Calculator: Compare on-premises vs AWS total cost of ownership.
  • Cost Explorer: Visualize and analyze AWS spending.
  • Budgets: Set custom cost and usage budgets with alerts.
  • Consolidated Billing: One bill for multiple accounts via AWS Organizations.

Well-Architected Framework: 6 Pillars

PillarKey Idea
Operational ExcellenceRun and monitor systems; continuously improve
SecurityProtect data, systems, and assets
ReliabilityRecover from failures, scale automatically
Performance EfficiencyUse resources efficiently, evolve with tech
Cost OptimizationMinimize cost while delivering business value
SustainabilityMinimize environmental impact of workloads

Shared Responsibility Model

AWS Responsibility (Security OF the Cloud)

  • Data center physical security
  • Hardware, software, networking
  • Host operating systems
  • Virtualization layer

Customer Responsibility (Security IN the Cloud)

  • Customer data
  • IAM, MFA, encryption
  • OS patches (for EC2)
  • Network ACLs and security groups
  • Application security

Support Plans at a Glance

For a day-by-day study plan that incorporates all the concepts above, see our 30-day CLF-C02 study guide. Need more free materials? Our free AWS resources roundup has videos, labs, and practice tests.

PlanCostResponse Time
BasicFreeNone (community only)
Developer$29/moBusiness hours, < 24h
Business$100/mo (min)24/7, < 1h critical
Enterprise On-Ramp$5,500/mo (min)24/7, < 30 min critical

Pricing Models Cheat Sheet

ModelBest ForSavings
On-DemandShort-term, unpredictable workloadsBaseline
Reserved InstancesSteady-state workloads, 1-3 year commitUp to 72%
Savings PlansFlexible commitment based on $/hourUp to 72%
Spot InstancesFault-tolerant, flexible start/end timesUp to 90%

Ready to test your memorization?

Take a domain-specific drill or full mock exam.

Practice by Domain Full Mock

Frequently Asked Questions

What should I memorize for AWS Cloud Practitioner?

Memorize the six Well-Architected pillars, the Shared Responsibility Model, core service purposes (EC2, S3, RDS, Lambda, VPC), pricing models, and support plans.

Is there a formula sheet for CLF-C02?

No formula sheet is provided. You must know pricing concepts (On-Demand vs Reserved vs Spot vs Savings Plans) and basic TCO comparisons from memory.

How many services do I need to know?

You need to recognize roughly 60-80 services by name and primary purpose. You do not need deep configuration knowledge for any of them.

Can I use a cheat sheet during the exam?

No. The exam is closed-book. This cheat sheet is for pre-exam review only.

What are the six Well-Architected pillars?

Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability.

Put this cheat sheet to work

Free unlimited practice tests with instant explanations.

Start Free Mock Exam