Cloud Engineer

Cloud Engineer

This is an online facilitated cloud career development program designed to support participants with a structured approach for learning the skills required to be an effective cloud engineer. The Cloud Engineer Program is based on the Google Cloud Associate Cloud Engineer certification exam guide, and therefore prepares candidates for Google Cloud certification. 

Although the program aligns with the topics outlined in the Google Cloud Associate Cloud Engineer exam guide, live sessions will include a reference to other cloud platforms such as Microsoft Azure and Amazon Web Services. Through live demos and project assignments, participants will gain practical hands-on experience on the domains covered by the certification examination. While an objective of this program is to enable candidates to successfully attain certification, the program's primary focus is to develop real-world skills needed by enterprise organisations. With the current shortage of enterprise cloud skills in the job market globally, this program enables participants to differentiate themselves and prove that not only do they have technical knowledge, they also have the skills required to do the job. There is therefore an emphasis on team project activities where participants apply the concepts learnt on real world projects. 

The ideal candidate for this program is an engineer that works on the cloud as part of their job role, or a developer. Professionals without any prior Information Technology experience will need to spend additional time to enhance their understanding and experience of the cloud. This program will enable these participants to plan and prepare for cloud certification. Below are scheduled dates for respective modules:

  • 15 Jan - 12 Feb: Project setup and IAM configuration
  • 12 Feb - 12 Mar: Network planning, implementation and management
  • 12 Mar - 9 Apr: Database planning, implementation and management
  • 9 Apr - 7 May: Compute resource planning, implementation and management
  • 7 May - 4 Jun: Kubernetes engine resource planning, implementation and management
  • 4 Jun - 2 Jul: Automated deployment, monitoring and logging
The program is available on a subscription basis, providing an opportunity for those interested in building skills in specific domains to join a subset of the program. The subscription price is £99.99 a month. The program is delivered on a rolling basis, with no start and end date. Consult the calendar for the schedule of activities.

Project Setup

1.2 Managing billing configuration

  • Creating one or more billing accounts
  • Linking projects to a billing account
  • Establishing billing budgets and alerts
  • Setting up billing exports

1.1 Setting up cloud projects and accounts

1.3 Installing and configuring the command line interface (CLI)

5.2 Interacting with Google Cloud programmatically

Enabling APIs within projects 

  • Managing users and groups in Cloud Identity
  • Creating a resource hierarchy 
  • Applying organizational policies to the resource hierarchy 
  • Granting members IAM roles within a project 
  • Provisioning and setting up products in Google Cloud’s operations suite
  • Google Cloud Shell
  • Google Cloud SDK (gcloud, gsutil and bq)
  • Cloud Emulators (e.g. Cloud Bigtable, Datastore, Spanner, Pub/Sub, Firestore)

2.1 Planning and estimating Google Cloud product use using the Pricing Calculator

5.1 Managing Identity and Access Management

  • Creating IAM policies
  • Viewing IAM policies
  • Managing the various role types and defining custom IAM roles

5.2 Managing service accounts

  • Creating service accounts
  • Using service accounts in IAM policies with minimum permissions
  • Assigning service accounts to resources
  • Managing IAM of a service account 
  • Managing service account impersonation
  • Creating and managing short-lived service account credentials


2.4 Planning and configuring network resources

  • Differentiating load balancing options
  • Identifying resource locations in a network for availability
  • Configuring Cloud DNS

3.5 Deploying and implementing networking resources.

  • Creating a VPC with subnets (e.g., custom-mode VPC, shared VPC)
  • Launching a Compute Engine instance with custom network configuration (e.g., internal-only IP address, Google private access, static external and private IP address, network tags)
  • Creating ingress and egress firewall rules for a VPC (e.g., IP subnets, network tags, service accounts)
  • Creating a VPN between a Google VPC and an external network using Cloud VPN
  • Creating a load balancer to distribute application network traffic to an application (e.g., Global HTTP(S) load balancer, Global SSL Proxy load balancer, Global TCP Proxy load balancer, regional network load balancer, regional internal load balancer)

4.5 Managing networking resources.

  • Adding a subnet to an existing VPC
  • Expanding a subnet to have more IP addresses
  • Reserving static external or internal IP addresses
  • Working with CloudDNS, CloudNAT, Load Balancers and firewall rules


2.3 Planning and configuring data storage options.

  • Product choice (e.g., Cloud SQL, BigQuery, Firestore, Cloud Spanner, Cloud Bigtable)
  • Choosing storage options (e.g., Zonal persistent disk, Regional balanced persistent disk, Standard, Nearline, Coldline, Archive)

3.4 Deploying and implementing data solutions.

  • Initializing data systems with products (e.g., Cloud SQL, Firestore, BigQuery, Cloud Spanner, Pub/Sub, Cloud Bigtable, Dataproc, Dataflow, Cloud Storage)
  • Loading data (e.g., command line upload, API transfer, import/export, load data from Cloud Storage, streaming data to Pub/Sub)

4.4 Managing storage and database solutions.

  • Managing and securing objects in and between Cloud Storage buckets
  • Setting object life cycle management policies for Cloud Storage buckets
  • Executing queries to retrieve data from data instances (e.g., Cloud SQL, BigQuery, Cloud Spanner, Datastore, Cloud Bigtable)
  • Estimating costs of data storage resources
  • Backing up and restoring database instances (e.g., Cloud SQL, Datastore)
  • Reviewing job status in Dataproc, Dataflow, or BigQuery


2.2 Planning and configuring compute resources

  • Selecting appropriate compute choices for a given workload (e.g., Compute Engine, Google Kubernetes Engine, Cloud Run, Cloud Functions)
  • Using preemptible VMs and custom machine types as appropriate

3.1 Deploying and implementing Compute Engine resources.

  • Launching a compute instance using Cloud Console and Cloud SDK (gcloud) (e.g., assign disks, availability policy, SSH keys)
  • Creating an autoscaled managed instance group using an instance template
  • Generating/uploading a custom SSH key for instances
  • Installing and configuring the Cloud Monitoring and Logging Agent
  • Assessing compute quotas and requesting increases

4.1 Managing Compute Engine resources.

  • Managing a single VM instance (e.g., start, stop, edit configuration, or delete an instance)
  • Remotely connecting to the instance
  • Attaching a GPU to a new instance and installing necessary dependencies
  • Viewing current running VM inventory (instance IDs, details)
  • Working with snapshots (e.g., create a snapshot from a VM, view snapshots, delete a snapshot)
  • Working with images (e.g., create an image from a VM or a snapshot, view images, delete an image)
  • Working with instance groups (e.g., set autoscaling parameters, assign instance template, create an instance template, remove instance group)
  • Working with management interfaces (e.g., Cloud Console, Cloud Shell, Cloud SDK)

3.3 Deploying and implementing Cloud Run and Cloud Functions resources.

  • Deploying an application and updating scaling configuration, versions, and traffic splitting
  • Deploying an application that receives Google Cloud events (e.g., Pub/Sub events, Cloud Storage object change notification events)

4.3 Managing Cloud Run resources.

  • Adjusting application traffic-splitting parameters
  • Setting scaling parameters for autoscaling instances
  • Determining whether to run Cloud Run (fully managed) or Cloud Run for Anthos


3.2 Deploying and implementing Google Kubernetes Engine resources.

  • Installing and configuring the command line interface (CLI) for Kubernetes (kubectl)
  • Deploying a Google Kubernetes Engine cluster with different configurations including AutoPilot, regional clusters, private clusters, etc.
  • Deploying a containerized application to Google Kubernetes Engine
  • Configuring Google Kubernetes Engine monitoring and logging

4.2 Managing Google Kubernetes Engine resources.

  • Viewing current running cluster inventory (nodes, pods, services)
  • Browsing Docker images and viewing their details in the Artifact Registry
  • Working with node pools (e.g., add, edit, or remove a node pool)
  • Working with pods (e.g., add, edit, or remove pods)
  • Working with services (e.g., add, edit, or remove a service)
  • Working with stateful applications (e.g. persistent volumes, stateful sets)
  • Managing Horizontal and Vertical autoscaling configurations
  • Working with management interfaces (e.g., Cloud Console, Cloud Shell, Cloud SDK, kubectl)

3.7 Implementing resources via infrastructure as code.

  • Building infrastructure via Cloud Foundation Toolkit templates and implementing best practices
  • Installing and configuring Config Connector in Google Kubernetes Engine to create, update, delete, and secure resources

Automation and Observability

3.6 Deploying a solution using Cloud Marketplace.

  • Browsing the Cloud Marketplace catalog and viewing solution details

3.7 Implementing resources via infrastructure as code.

  • Building infrastructure via Cloud Foundation Toolkit templates and implementing best practices
  • Installing and configuring Config Connector in Google Kubernetes Engine to create, update, delete, and secure resources

4.6 Monitoring and logging

  • Creating Cloud Monitoring alerts based on resource metrics
  • Creating and ingesting Cloud Monitoring custom metrics (e.g., from applications or logs)
  • Configuring log sinks to export logs to external systems (e.g., on-premises or BigQuery)
  • Configuring log routers
  • Viewing and filtering logs in Cloud Logging
  • Viewing specific log message details in Cloud Logging
  • Using cloud diagnostics to research an application issue (e.g., viewing Cloud Trace data, using Cloud Debug to view an application point-in-time)
  • Viewing Google Cloud status

Last modified: Sunday, 23 January 2022, 11:26 AM