📖 About this Domain
This domain covers the configuration and deployment of cloud infrastructure components. It focuses on networking, compute, and storage provisioning, emphasizing automation and infrastructure as code (IaC) principles for scalable solutions.
🎓 What You Will Learn
- Configure network topologies including VPCs, subnets, firewall rules, and hybrid connectivity with Cloud VPN or Interconnect.
- Provision and manage individual storage systems like Cloud Storage, Persistent Disk, and Cloud SQL for specific workloads.
- Deploy and configure compute systems such as Compute Engine instances, managed instance groups (MIGs), and GKE clusters.
- Utilize infrastructure as code (IaC) with tools like Terraform or Cloud Deployment Manager for automated resource provisioning.
🛠️ Skills You Will Build
- Implement secure and scalable VPC network designs, including multi-VPC and hybrid cloud networking patterns.
- Deploy and manage virtual machines, auto-scaling groups, and container orchestration with GKE for diverse applications.
- Select and configure optimal storage solutions based on data type, access patterns, and performance requirements.
- Automate infrastructure deployment and management using declarative IaC templates for consistency and repeatability.
💡 Top Tips to Prepare
- Gain deep knowledge of VPC, subnets, routes, and firewall rules as they are foundational for all GCP deployments.
- Get hands-on practice with Terraform to provision and manage a multi-service GCP environment declaratively.
- Understand the decision criteria for choosing between IaaS (GCE), CaaS (GKE), and PaaS (App Engine, Cloud Run).
- Memorize the specific use cases and performance characteristics of block, object, and file storage options on Google Cloud.
📖 About this Domain
This domain covers designing secure cloud solutions on Google Cloud. It emphasizes identity management, data protection mechanisms, network security controls, and meeting compliance mandates.
🎓 What You Will Learn
- Design Identity and Access Management (IAM) policies, manage service accounts, and enforce organization policies for resource governance.
- Implement data protection using Cloud KMS for encryption at rest and in transit, and manage application secrets with Secret Manager.
- Configure network security using VPC firewall rules, Cloud Armor for WAF/DDoS protection, and VPC Service Controls for data exfiltration prevention.
- Meet regulatory compliance requirements by leveraging Security Command Center for threat detection and Cloud Audit Logs for security monitoring.
🛠️ Skills You Will Build
- Architecting secure access patterns using IAM, Cloud Identity, and Identity-Aware Proxy (IAP).
- Applying data security controls like Data Loss Prevention (DLP) API and managing encryption keys (CMEK, CSEK).
- Building secure network perimeters with Shared VPC, VPC peering, and Private Google Access configurations.
- Mapping compliance frameworks like PCI DSS or HIPAA to Google Cloud services and logging capabilities.
💡 Top Tips to Prepare
- Master the IAM resource hierarchy and policy inheritance to correctly apply the principle of least privilege.
- Focus on VPC Service Controls and how they create perimeters to mitigate data exfiltration risks.
- Differentiate between Google-managed, CMEK, and CSEK encryption options and their specific use cases.
- Analyze the official case studies through a security lens, identifying potential vulnerabilities and designing mitigations.
📖 About this Domain
This domain covers translating business and technical requirements into a robust, secure, and scalable Google Cloud solution. It emphasizes designing infrastructure, network, storage, and compute resources. The focus is on creating a blueprint that aligns with compliance and organizational constraints.
🎓 What You Will Learn
- Designing a solution infrastructure that meets defined business requirements like SLOs and cost objectives.
- Designing a solution infrastructure that meets technical requirements including performance, security, and integration.
- Designing network, storage, and compute resources by selecting appropriate Google Cloud services.
- Creating a detailed migration plan, including data transfer and workload migration strategies.
🛠️ Skills You Will Build
- Evaluating business case studies to architect multi-tiered solutions on Google Cloud.
- Applying the Google Cloud Architecture Framework principles for operational excellence, security, and reliability.
- Mapping on-premises services to Google Cloud equivalents for lift-and-shift or hybrid-cloud scenarios.
- Selecting optimal services like Compute Engine, Google Kubernetes Engine, and Cloud Storage based on workload characteristics.
💡 Top Tips to Prepare
- Master the Google Cloud Architecture Framework as it provides the foundational principles for all design questions.
- Practice with the official Google Cloud case studies to connect business problems with technical solutions.
- Understand the decision trees for choosing compute, storage, and database services based on specific criteria.
- Focus on designing for hybrid and multi-cloud connectivity using services like Cloud Interconnect, Cloud VPN, and Anthos.
📖 About this Domain
This domain covers advising development and operations teams to ensure successful solution deployment and lifecycle management. It emphasizes programmatic interaction with Google Cloud using tools like Cloud SDK and Cloud Shell for implementation.
🎓 What You Will Learn
- Learn to implement CI/CD pipelines using Cloud Build, Cloud Source Repositories, and Artifact Registry.
- Learn to provision and manage infrastructure as code (IaC) with Cloud Deployment Manager and Terraform.
- Learn to interact with Google Cloud services programmatically using APIs, Cloud SDK, and Cloud Shell.
- Learn to manage the API lifecycle, including deployment and security, with Apigee and Cloud Endpoints.
🛠️ Skills You Will Build
- Build skills in automating application builds, tests, and deployments through CI/CD practices.
- Build skills in creating version-controlled and repeatable infrastructure deployments using IaC.
- Build skills in scripting and automating cloud management tasks for operational efficiency.
- Build skills in designing and securing scalable APIs for application integration.
💡 Top Tips to Prepare
- Master core gcloud and gsutil commands for managing resources like Compute Engine, Cloud Storage, and IAM.
- Practice writing and applying Terraform configurations to deploy a multi-service Google Cloud environment.
- Understand the flow and triggers within Cloud Build for automating your build and deployment processes.
- Differentiate the use cases for Apigee versus Cloud Endpoints for API management scenarios.
📖 About this Domain
This domain covers the alignment of technical and business processes with Google Cloud solutions. It emphasizes optimizing the software development lifecycle (SDLC), implementing FinOps principles, and establishing frameworks for continuous improvement.
🎓 What You Will Learn
- You will learn to map technical processes like CI/CD pipelines and ITSM frameworks onto Google Cloud services.
- You will understand how to analyze business requirements, manage stakeholders, and apply FinOps for TCO optimization.
- You will discover methods for establishing continuous improvement cycles through post-mortems and root cause analysis (RCA).
- You will learn to define and measure business impact using SLOs, SLIs, and SLAs for cloud operations.
🛠️ Skills You Will Build
- You will build the ability to design automated CI/CD pipelines using services like Cloud Build and Artifact Registry.
- You will develop skills in cloud financial management, including TCO calculation and implementing cost controls with Budgets and Recommender.
- You will be able to foster a Site Reliability Engineering (SRE) culture by defining SLOs and conducting blameless post-mortems.
- You will learn to translate business continuity and disaster recovery (BCDR) requirements into technical cloud architecture.
💡 Top Tips to Prepare
- Master the Google Cloud CI/CD toolchain, including Cloud Source Repositories, Cloud Build, and Artifact Registry.
- Understand the principles of FinOps and how to use Google Cloud's cost management tools to optimize TCO.
- Study the Google SRE handbook concepts, particularly SLOs, error budgets, and the role of blameless post-mortems.
- Practice mapping business requirements from the official case studies to technical processes and cloud-native solutions.
📖 About this Domain
This domain covers designing and operating reliable services on Google Cloud. It emphasizes Site Reliability Engineering (SRE) principles for building resilient, highly available, and observable systems. You will focus on monitoring, logging, and implementing disaster recovery strategies to meet Service Level Objectives (SLOs).
🎓 What You Will Learn
- You will learn to design for high availability using multi-zonal and multi-regional deployments with services like Cloud Load Balancing and Cloud DNS.
- You will learn to implement comprehensive observability using Cloud Monitoring for metrics and alerting, and Cloud Logging for centralized log analysis.
- You will learn to define and manage application reliability using SRE concepts like Service Level Indicators (SLIs), SLOs, and error budgets.
- You will learn to plan and execute disaster recovery (DR) strategies, including backup, restore, and failover procedures for stateful services.
🛠️ Skills You Will Build
- You will build the skill to architect fault-tolerant systems that can survive infrastructure failures without significant user impact.
- You will build the skill to configure and interpret metrics, dashboards, and alerts within the Google Cloud's operations suite to proactively manage system health.
- You will build the skill to apply SRE principles to balance feature velocity with operational stability and manage services via error budgets.
- You will build the skill to conduct root cause analysis (RCA) and blameless post-mortems to improve system reliability over time.
💡 Top Tips to Prepare
- Master the Google Cloud's operations suite (formerly Stackdriver), focusing on the distinction between Cloud Monitoring and Cloud Logging.
- Understand the different high availability (HA) and disaster recovery (DR) options for key services like Compute Engine, GKE, and Cloud SQL.
- Internalize the core concepts from the Google SRE handbook, especially SLIs, SLOs, and error budgets, as they are foundational to exam questions.
- Review the official Google Cloud case studies to understand how reliability principles are applied to solve real-world business problems.
