This chapter covers the AWS Global Infrastructure — the physical building blocks that underpin every AWS service. Understanding Regions, Availability Zones, Edge Locations, and how data flows across them is essential for the CLF-C02 exam, as this objective (Domain 1: Cloud Concepts, Objective 1.2) accounts for approximately 8-10% of the total exam score. You will learn how AWS achieves high availability, fault tolerance, and low latency through its global architecture, and how to choose the right infrastructure components for your workloads.
Jump to a section
Imagine a global pizza chain called 'AWS Pizza'. Each 'Region' is a major city with its own central kitchen (like us-east-1 in Virginia). Within that city, they have multiple 'Availability Zones' — these are separate, full-kitchen facilities in different neighborhoods, each with its own power, water, and gas lines. If one kitchen loses power, the other can keep baking pizzas. Now, to get pizzas to customers faster, they have 'Edge Locations' — small kiosks in every town that don't bake pizzas from scratch but store par-baked crusts and popular toppings (cached data). When you order, the kiosk finishes baking and serves you quickly. The 'AWS Global Accelerator' is like a VIP hotline that routes your order to the nearest kitchen with the shortest queue, avoiding traffic. Finally, 'AWS Outposts' is like franchising the kitchen to run inside your own restaurant — you control the equipment but use the same recipes and supply chain. This mirrors how AWS physically separates compute and storage across AZs for fault tolerance, uses edge locations for low-latency content delivery (CloudFront), and offers hybrid solutions like Outposts.
What is the AWS Global Infrastructure?
The AWS Global Infrastructure is the physical network of data centers, networking, and content delivery components that AWS operates worldwide. It is designed to provide secure, reliable, and scalable cloud services with low latency and high availability. The infrastructure is composed of three main components: Regions, Availability Zones, and Edge Locations. Additionally, services like AWS Local Zones, Wavelength Zones, and AWS Outposts extend the infrastructure to meet specific latency, regulatory, and hybrid requirements.
Regions
An AWS Region is a geographical area that contains two or more Availability Zones. Each Region is completely independent from other Regions, with its own set of services, pricing, and compliance certifications. As of 2025, AWS has 33 launched Regions globally, with more planned. For example, us-east-1 (Northern Virginia) is the oldest and most heavily used Region, while eu-west-1 (Ireland) is a popular European Region. When you launch resources like EC2 instances or RDS databases, you must select a Region. Data does not automatically replicate across Regions unless you explicitly configure cross-Region replication (e.g., S3 Cross-Region Replication or Aurora Global Database).
Why multiple Regions? - Latency: Deploy resources close to your users to reduce network round-trip time. - Compliance: Keep data within specific legal boundaries (e.g., GDPR requires data in EU Regions). - Disaster recovery: Run workloads in multiple Regions to withstand a full Region outage. - Cost: Pricing varies by Region due to local electricity, real estate, and tax differences.
Availability Zones (AZs)
Each Region contains multiple Availability Zones — typically three or more (e.g., us-east-1 has six AZs: us-east-1a, us-east-1b, etc.). An AZ is one or more discrete data centers with redundant power, networking, and connectivity. AZs are physically separated by several kilometers (but within 100 km of each other) to prevent correlated failures from events like tornados or earthquakes. They are connected via high-bandwidth, low-latency fiber optic links, enabling synchronous replication between AZs for services like Amazon RDS Multi-AZ or Amazon ElastiCache.
Key characteristics: - Each AZ has independent power, cooling, and physical security. - AZs are isolated from failures in other AZs. - The link between AZs is typically less than 2 milliseconds of latency. - You cannot choose a specific AZ by name (e.g., us-east-1a) across accounts — AWS maps AZ names to different physical data centers per account to balance load.
Edge Locations and Regional Edge Caches
Edge Locations are sites that AWS uses to cache content for faster delivery to users. They are primarily used by Amazon CloudFront (CDN) and AWS Lambda@Edge. There are over 600 Edge Locations and 13 Regional Edge Caches worldwide. Unlike Regions, Edge Locations do not run compute or storage services directly (except Lambda@Edge for lightweight functions). They act as a cache: when a user requests content, CloudFront serves it from the nearest Edge Location if cached; otherwise, it fetches from the origin (e.g., an S3 bucket or HTTP server) and caches it for future requests.
Regional Edge Caches are a middle layer between Edge Locations and the origin, reducing load on the origin by caching less popular content at a regional level.
AWS Local Zones
Local Zones are extensions of AWS Regions that place compute, storage, and database services closer to large population centers that are not near an existing Region. They are designed for workloads that require single-digit millisecond latency. For example, AWS Local Zones are available in cities like Los Angeles, Boston, and Miami. They are connected to the parent Region (e.g., us-east-1) for management and networking.
AWS Wavelength Zones
Wavelength Zones are designed for 5G applications, embedding AWS compute and storage at the edge of telecommunications providers' networks. This enables ultra-low latency for applications like autonomous vehicles, live video processing, and industrial IoT. They are available through partners like Verizon and Vodafone.
AWS Outposts
AWS Outposts bring native AWS services, infrastructure, and operating models to virtually any on-premises data center or co-location space. You can run EC2, EBS, ECS, EKS, and RDS locally on Outposts, connected to the nearest AWS Region for management. This is ideal for workloads that require low latency to on-premises systems, local data processing, or data residency requirements.
How It All Connects: The AWS Global Network
AWS owns a private global network backbone that interconnects all Regions, AZs, and Edge Locations. This backbone provides high throughput and low latency, avoiding the public internet for inter-Region traffic. Services like AWS Direct Connect allow customers to connect their on-premises data centers to this backbone via dedicated private lines.
Comparison to On-Premises
In a traditional on-premises data center, you have a single location with limited redundancy (often just two power feeds and backup generators). If that location fails, everything goes down. With AWS, you can spread your application across multiple AZs in a Region, achieving 99.99% availability for a well-architected workload. You can also deploy across multiple Regions for disaster recovery, which is impractical for most on-premises setups due to cost.
When to Use Each Component
Single Region, multiple AZs: For most production workloads needing high availability within a geographic area.
Multiple Regions: For global user base, disaster recovery, or regulatory compliance.
Edge Locations: For content delivery (CloudFront) or serverless compute at the edge (Lambda@Edge).
Local Zones: For latency-sensitive applications in metro areas without a nearby Region.
Wavelength Zones: For 5G applications requiring sub-10ms latency.
Outposts: For hybrid workloads that must run on-premises due to latency or data residency.
AWS Global Infrastructure Limits
Maximum number of VPCs per Region: 5 (soft limit, can be increased).
Maximum number of Elastic IP addresses per Region: 5.
Each AZ can have multiple subnets, but subnets cannot span AZs.
Data transfer between AZs is charged (typically $0.01/GB in each direction).
Inter-Region data transfer costs more (e.g., $0.02/GB from us-east-1 to eu-west-1).
Choose a Region for your workload
First, determine the geographic location of your users and any compliance requirements. For a global audience, you might choose us-east-1 (Northern Virginia) as a primary Region because it offers the widest range of services and lowest latency to many parts of the world. For EU customers requiring GDPR compliance, choose eu-west-1 (Ireland) or eu-central-1 (Frankfurt). Check the AWS Regional Services list to ensure all services you plan to use are available in that Region. For disaster recovery, select a second Region far enough away (e.g., us-west-2 in Oregon as a pair with us-east-1).
Design for multiple Availability Zones
Within your chosen Region, deploy your application across at least two Availability Zones. For example, launch EC2 instances in us-east-1a and us-east-1b, with an Application Load Balancer distributing traffic. Use Amazon RDS Multi-AZ to automatically synchronize your database to a standby in another AZ. This design ensures that if one AZ experiences an outage (e.g., power failure), your application continues running from the other AZ. AWS handles the physical separation — you just select the AZ IDs (e.g., us-east-1a) when launching resources. Note that the AZ name maps to different physical data centers per AWS account to balance load.
Configure Edge Locations with CloudFront
To deliver static and dynamic content with low latency, set up Amazon CloudFront. Create a distribution with an origin (e.g., an S3 bucket or an HTTP server). CloudFront automatically uses its global network of Edge Locations to cache content. When a user in Tokyo requests your website, CloudFront serves it from the nearest Edge Location (e.g., in Tokyo or Osaka) if cached. If not, it fetches from the origin and caches it. You can also use Lambda@Edge to run custom code at Edge Locations for A/B testing, URL rewrites, or authentication. CloudFront supports both HTTP/HTTPS and WebSocket protocols.
Extend to Local Zones for low latency
If you have users in a metropolitan area without a nearby Region (e.g., Los Angeles), you can use an AWS Local Zone. First, enable the Local Zone in your AWS account. Then, create a subnet in the Local Zone VPC and launch EC2 instances there. The Local Zone is logically part of the parent Region (us-west-2) but physically located in LA. This gives you single-digit millisecond latency to LA users. Data transfer between the Local Zone and the parent Region is charged at standard inter-AZ rates. Note that not all services are available in Local Zones — typically EC2, EBS, and some database services.
Use Direct Connect for hybrid connectivity
For a hybrid cloud setup, where your on-premises data center needs a dedicated, private connection to AWS, order AWS Direct Connect. You work with an AWS Direct Connect Partner to establish a cross-connect from your on-premises router to an AWS Direct Connect location. This provides consistent network performance, lower latency, and higher security compared to internet-based VPNs. You can then access all AWS services in the Region via private IP addresses. Direct Connect comes in speeds from 50 Mbps to 100 Gbps. You can also set up a Direct Connect gateway to connect to multiple Regions from a single connection.
Scenario 1: Global E-Commerce Platform
A company like 'ShopGlobal' runs an e-commerce website serving customers worldwide. They deploy their application in three AWS Regions: us-east-1 (primary), eu-west-1 (Europe), and ap-southeast-1 (Singapore). Within each Region, they use two Availability Zones for high availability. They use Amazon Route 53 latency-based routing to direct users to the closest Region. For static assets (images, CSS, JavaScript), they use CloudFront with Edge Locations to cache content globally. The product catalog database is deployed as Amazon Aurora Global Database, with a primary in us-east-1 and read replicas in the other two Regions for low-latency reads. This architecture costs more due to cross-Region data transfer and multiple database instances, but it provides sub-100ms page load times worldwide and can survive a full Region outage. Misconfiguration example: If they forget to enable CloudFront caching for dynamic content, each request goes back to the origin, increasing latency and origin load.
What CLF-C02 Tests on This Objective
The exam asks you to identify the components of the AWS Global Infrastructure and explain their purposes. Specifically, you must know:
The difference between a Region, Availability Zone, and Edge Location.
How many AZs a Region must have (at least 2, typically 3 or more).
That AZs are isolated from each other but connected with low-latency links.
That Edge Locations are used for content caching (CloudFront) and DNS (Route 53).
That data does not automatically replicate across Regions.
Common Wrong Answers and Why
'Availability Zones are the same as data centers' – Wrong. An AZ can consist of multiple data centers. The exam expects you to know that an AZ is one or more data centers with independent power and networking.
'Edge Locations can run EC2 instances' – Wrong. Edge Locations do not run general-purpose compute. Only Lambda@Edge functions can run at Edge Locations.
'You can choose a specific physical AZ by name' – Wrong. The AZ name (e.g., us-east-1a) maps to different physical AZs per account to balance resources.
'All AWS services are available in all Regions' – Wrong. New services are rolled out gradually; older Regions get them first. Always check the Region table.
Tricky Distinctions
Regional vs. Global Services: Some services are global (IAM, Route 53, CloudFront, WAF) – they operate across all Regions. Others are Regional (EC2, S3, RDS) – you must select a Region. The exam tests this distinction.
Local Zones vs. Wavelength Zones: Both are edge extensions. Local Zones are for general low-latency; Wavelength Zones are specifically for 5G mobile networks.
Direct Connect vs. VPN: Direct Connect is a dedicated private line; VPN uses the public internet with encryption. The exam asks when to use each.
Decision Rule for Multi-Choice
If a question asks about 'high availability' or 'fault tolerance', the answer almost always involves multiple Availability Zones. If it asks about 'low latency' for a global user base, think CloudFront Edge Locations. If it asks about 'data residency', think selecting a specific Region. Eliminate answers that mention 'single point of failure' or 'same physical location'.
AWS Global Infrastructure consists of Regions, Availability Zones, Edge Locations, and Regional Edge Caches.
Each Region has at least 2 Availability Zones; most have 3 or more.
Availability Zones are isolated from each other to prevent correlated failures.
Edge Locations are used by CloudFront and Lambda@Edge for content caching and edge compute.
Data does not automatically move between Regions; you must configure replication.
AWS Local Zones extend Regions closer to large population centers for low latency.
AWS Outposts bring AWS services to on-premises data centers for hybrid workloads.
Direct Connect provides dedicated private network connectivity to AWS.
These come up on the exam all the time. Here's how to tell them apart.
AWS Region
Geographic area containing 2+ AZs
Independent from other Regions
Used for data residency and latency
Resources do not automatically replicate across Regions
Pricing varies by Region
Availability Zone
One or more data centers within a Region
Isolated from other AZs (power, network, cooling)
Connected to other AZs via low-latency fiber
Used for high availability and fault tolerance
Inter-AZ data transfer is charged
Edge Location
Used by CloudFront and Lambda@Edge
Caches content for low-latency delivery
Located in many cities worldwide
Does not run general-purpose compute
First point of contact for user requests
Regional Edge Cache
Intermediate cache between Edge and origin
Reduces load on origin for less popular content
Fewer locations than Edge Locations
Stores content for longer TTLs
Used when content is not at Edge Location
Mistake
All AWS Regions have the same number of Availability Zones.
Correct
No. The number of AZs per Region varies. For example, us-east-1 has 6 AZs, while eu-north-1 (Stockholm) has 3. AWS does not guarantee a minimum number beyond the requirement of at least 2 for a Region.
Mistake
An Availability Zone is a single data center.
Correct
An AZ can consist of multiple data centers. The key point is that AZs are isolated from each other in terms of power, cooling, and networking, but each AZ itself may have redundant data centers.
Mistake
Data is automatically replicated across all Regions.
Correct
By default, data stays within the Region where it is stored. You must explicitly enable cross-Region replication (e.g., S3 Cross-Region Replication, Aurora Global Database) to copy data to other Regions.
Mistake
Edge Locations can run any AWS service.
Correct
Edge Locations run only CloudFront, Lambda@Edge, and Route 53. They do not run EC2, EBS, or other compute/storage services.
Mistake
You can choose a specific physical data center within an AZ.
Correct
No. You can only select the AZ by its logical name (e.g., us-east-1a). AWS decides which physical data center(s) constitute that AZ for your account.
Every AWS Region has a minimum of two Availability Zones, but most have three or more. For example, us-east-1 has six AZs, while eu-west-1 has three. The exact number can vary by Region and may change over time as AWS expands. You should always check the current number for the Regions you plan to use. On the exam, remember that a Region must have at least two AZs to provide high availability.
No. You can only choose the Availability Zone (e.g., us-east-1a). AWS maps AZ names to different physical data centers per account to balance resource utilization. This means that us-east-1a for your account might be a different physical data center than us-east-1a for another account. You cannot select a specific data center within an AZ.
An Edge Location is a site that caches content for CloudFront to serve to users with low latency. There are hundreds of Edge Locations globally. A Regional Edge Cache is a larger cache that sits between Edge Locations and the origin server. It stores less popular content that may not be cached at Edge Locations, reducing the load on the origin. Both are part of CloudFront's content delivery network.
No. Data transfer between Availability Zones within the same Region is charged. As of 2025, the rate is typically $0.01 per GB in each direction. This cost applies to traffic that crosses AZ boundaries, such as when an EC2 instance in one AZ communicates with an RDS instance in another AZ. You should consider this when designing your architecture to minimize cross-AZ traffic where possible.
AWS Local Zones are designed for applications that require single-digit millisecond latency for end-users in a specific metropolitan area. They place compute, storage, and database services closer to large population centers that are not near an existing AWS Region. For example, a gaming company serving users in Los Angeles can use the LA Local Zone to reduce latency. Local Zones are connected to their parent Region for management and networking.
AWS achieves high availability by physically separating AZs, each with independent power, cooling, and networking. They are connected via redundant, low-latency fiber links. You design your application to run in multiple AZs, using services like Elastic Load Balancing to distribute traffic and Amazon RDS Multi-AZ for database failover. If one AZ fails, traffic is routed to the remaining AZs, ensuring continuous operation.
A Region is a large geographic area with multiple AZs and full service availability. A Local Zone is an extension of a Region that places select services (EC2, EBS, etc.) closer to a specific city for lower latency. Local Zones do not have multiple AZs and are dependent on the parent Region for management and some services. They are ideal for latency-sensitive workloads but offer fewer services than a full Region.
You've just covered AWS Global Infrastructure — now see how well it sticks with free CLF-C02 practice questions. Full explanations included, no account needed.
Done with this chapter?