Service Confusion — AWS Cloud Practitioner (CLF-C02)

Which AWS service provides utilization-based rightsizing recommendations for EC2 instances, versus a service that offers general best-practice checks or retrospective spending visibility?

When persistent low utilization signals over-provisioned compute after migration, choose the service that produces machine-learning-backed instance rightsizing recommendations (AWS Compute Optimizer) rather than services that display historical cost trends (AWS Cost Explorer), alert on budget thresholds (AWS Budgets), or estimate future pricing (AWS Pricing Calculator).

Does the scenario require proactive threshold-based alerting on variable spend (AWS Budgets) or reactive historical cost analysis and forecasting (AWS Cost Explorer)?

Whether to provision and redeploy infrastructure using a repeatable IaC template (CloudFormation) or through manual Console interactions that cannot enforce environment parity or prevent configuration drift.

Determine which migration phase action is required next given that application dependencies have not yet been catalogued, selecting the assess-phase service over any migrate-phase execution service.

Whether the source and target engines differ (heterogeneous migration) determines if AWS SCT is required before AWS DMS, or if AWS DMS alone is sufficient.

When source and target database engines are identical (homogeneous migration), AWS DMS alone is sufficient; AWS SCT is not needed because no schema conversion is required.

Whether the engine change between source (SQL Server) and target (Aurora PostgreSQL) requires an explicit schema conversion step — DMS replicates data rows but does not transform schemas across engines; SCT must be added for any heterogeneous migration.

Is the requirement a database-specific live replication (AWS DMS) or a server and application lift-and-shift (AWS Application Migration Service), given the source is MySQL and the target is Amazon Aurora MySQL-compatible?

Whether AWS SCT or AWS DMS owns the schema conversion phase in a heterogeneous migration — SCT converts schemas and stored objects across incompatible engines; DMS replicates data rows only.

When source and target share the same database engine (homogeneous migration), AWS DMS alone handles data replication; AWS SCT is not required because no schema conversion across engine boundaries is needed.

When the dominant constraint is zero upfront infrastructure cost combined with low-latency global content delivery, prefer the managed edge-distribution service (CloudFront) over a DNS-routing service (Route 53), because content caching at edge locations—not DNS resolution—satisfies both the capex-to-opex and latency requirements simultaneously.

Whether the scenario demands an active elasticity mechanism that right-sizes capacity in real time (Auto Scaling) or a cost-visibility/alerting tool that reports on spending (Cost Explorer, Budgets) or surfaces static recommendations (Trusted Advisor) — the correct answer must operationalize the design principle, not merely expose or report on data about it.

When the workload is dynamic and non-cacheable, choose AWS Global Accelerator over Amazon CloudFront, because CloudFront's latency advantage depends on cache hits and provides no meaningful benefit for unique per-request responses.

When a workload's single-invocation runtime exceeds Lambda's 15-minute maximum execution limit AND no-server-management is required, AWS Fargate is the correct serverless compute choice over Lambda or EC2.

When Kubernetes compatibility is absent from the requirements, select ECS over EKS to minimize orchestration overhead; reject Fargate as the orchestration answer because it is a compute engine that runs beneath ECS or EKS, not a standalone scheduler.

Whether a team that wants to upload application code and delegate all infrastructure management to AWS should choose a managed PaaS (Elastic Beanstalk) versus an event-driven serverless compute service (Lambda) or an IaaS option (EC2).

When the workload has variable per-item attributes, a key-value access pattern, and sub-millisecond latency at scale, choose a managed NoSQL store (DynamoDB) rather than a managed relational database (RDS) whose fixed-schema and join model is mismatched to the data model.

Distinguish whether the requirement is for proactive threshold alerting (AWS Budgets) versus historical cost analysis and trend forecasting (AWS Cost Explorer).

Does centralized third-party software procurement with AWS-unified billing route through AWS Marketplace or through upgrading the AWS Support plan?

Which detective control satisfies continuous behavioral threat-intelligence monitoring of API and network activity (GuardDuty) versus scheduled software-vulnerability scanning of compute resources (Inspector) when the threat vector is credential-based anomalous access.

Determine whether closing an AWS Organizations member account is a root-user-exclusive action or one that can be delegated to an IAM administrator.

Determine whether the requirement calls for inline traffic filtering at the HTTP layer (perimeter blocking) or passive threat detection, and select the service that can intercept and drop the named exploit before it reaches the origin.

Does the requirement call for continuous active threat detection and behavioral anomaly analysis across live log streams, or for periodic advisory recommendations against static AWS best-practice benchmarks?

Whether the requirement calls for active, continuous aggregation of cross-service security findings with standards-based compliance scoring (Security Hub) or for passive, independent best-practice advisory checks that do not consume findings from other AWS security detection services (Trusted Advisor).