AWS Cloud Practitioner ← Back to blog

AWS CCP Study Guide: Management, Monitoring & Billing

29 April 2026 · Matt

CloudWatch, CloudFormation, AWS Organizations, Trusted Advisor, Support plans, and AWS pricing explained.

CloudWatch

The observability backbone of AWS. Collects metrics, logs, and events from virtually every AWS service.

  • Metrics: Numeric data points over time. EC2 sends CPU, network, disk metrics every 5 minutes by default (1-minute with detailed monitoring enabled, ~$0.01/metric/month). Custom metrics: push your own via the CloudWatch API.
  • Alarms: Trigger actions when a metric crosses a threshold. Actions: SNS notification, EC2 action (stop/reboot/terminate/recover), Auto Scaling action. States: OK, ALARM, INSUFFICIENT_DATA.
  • Logs: Centralised log storage. Lambda, ECS, RDS, VPC Flow Logs, CloudTrail all ship logs here. Log Insights runs SQL-like queries over log groups.
  • Events / EventBridge: React to state changes in AWS resources (e.g. trigger Lambda when EC2 instance stops, or when an S3 object is uploaded).
  • Container Insights: Enhanced monitoring for ECS/EKS — CPU, memory, network, and disk at the container level.
Exam tip: CloudWatch = monitoring AWS resources and apps (metrics, logs, alarms). CloudTrail = auditing API activity (who did what). They're complementary.

CloudFormation

Infrastructure as Code (IaC) for AWS. Define resources in YAML or JSON templates; CloudFormation provisions and manages the stack. Key features:

  • Stacks: A collection of AWS resources managed as a single unit. Update a template → CloudFormation calculates what changes and applies them.
  • Change Sets: Preview what will change before applying. No resources are modified until you execute the change set.
  • Rollback: If stack creation/update fails, CloudFormation automatically rolls back to the previous stable state.
  • StackSets: Deploy the same stack to multiple accounts and regions simultaneously. Use with AWS Organizations.
  • CDK (Cloud Development Kit): Define CloudFormation templates in TypeScript, Python, Java, or other languages. Synthesises to CloudFormation under the hood.

AWS Organizations

Manage multiple AWS accounts from a single management account:

  • Consolidated billing: All accounts' usage is aggregated for volume discounts and a single monthly bill.
  • Service Control Policies (SCPs): Organisation-wide IAM guardrails. Limit what even an account's root user can do. E.g. prevent any account from disabling CloudTrail, or restrict which regions can be used.
  • Organizational Units (OUs): Group accounts hierarchically (Dev OU, Prod OU) and attach different SCPs. Policies are inherited down the OU tree.

AWS Pricing Model

Three fundamental pricing drivers across all services:

  • Compute: Per second or per hour (EC2), per invocation + GB-second (Lambda), per vCPU/GB-hour (Fargate).
  • Storage: Per GB per month (S3 ~$0.023, EBS ~$0.08/gp3, EFS ~$0.30).
  • Data transfer: Inbound to AWS is free. Outbound to the internet ~$0.09/GB (first 10 TB/month, reduces at scale). Between AWS services in the same region is mostly free; cross-region costs ~$0.02/GB.

Cost Tools

  • Cost Explorer: Visualise and analyse your AWS costs. Filter by service, linked account, tag, or region. Forecast future spend. Identify Reserved Instance/Savings Plans opportunities.
  • Budgets: Set cost, usage, or RI/Savings Plans coverage budgets with email/SNS alerts when actual or forecasted spend crosses thresholds.
  • Cost & Usage Report (CUR): Most detailed billing data, delivered to S3 hourly. Queryable with Athena or Redshift.
  • Savings Plans: Commit to a $/hour spend level for 1 or 3 years in exchange for up to 72% discount. Compute Savings Plans apply across EC2, Lambda, and Fargate regardless of region or instance type.

Trusted Advisor

Automated recommendations across five categories: Cost Optimisation, Performance, Security, Fault Tolerance, and Service Limits. Free checks include S3 bucket public access, MFA on root account, and service quota warnings. Full set of checks (including cost optimisation recommendations) requires Business or Enterprise support plan.

Support Plans

Plan Cost Critical Response Key Feature
BasicFreeDocs, forums, Health Dashboard, 7 Trusted Advisor checks
Developer$29/mo (min)12 hours (business hours)Email support, 1 primary contact
Business$100/mo (min)1 hour24/7 phone+chat, full Trusted Advisor, Health API, Infrastructure Event Management (extra)
Enterprise On-Ramp$5,500/mo30 minPool of TAMs, Concierge Support Team
Enterprise$15,000/mo15 minDedicated TAM, Well-Architected reviews, Concierge

AWS Well-Architected Framework

Six pillars for evaluating architectures:

  • Operational Excellence: Run and monitor systems, improve processes. Key services: CloudWatch, CloudFormation, Systems Manager.
  • Security: Protect data and systems. IAM, KMS, CloudTrail, Shield, WAF.
  • Reliability: Recover from failures, meet demand. Multi-AZ, Auto Scaling, Route 53 failover.
  • Performance Efficiency: Use resources efficiently. Right-sizing, serverless, caching (CloudFront, ElastiCache).
  • Cost Optimisation: Avoid unnecessary expense. Reserved/Spot instances, Savings Plans, right-sizing.
  • Sustainability: Minimise environmental impact. Managed services (higher utilisation), right-sizing, Graviton instances.
Exam tip: "Reliability" is about recovering from failures and scaling to meet demand — not about security. "Operational Excellence" is about running and improving processes — not about uptime. Know the distinction.