Lesson 1Identity and access control: IAM, Azure RBAC/AAD, GCP IAM — roles, service principals, cross-account access basicsWe compare how identity and access work in AWS, Azure, and GCP. You learn about IAM roles, Azure AD and RBAC, service principals, and basic cross-account access to create secure multi-cloud patterns for Eritrean operations.
AWS IAM core concepts and entitiesAzure AD, RBAC, and role assignmentsGCP IAM roles and resource hierarchyService principals and workload identityCross-account and cross-tenant accessLeast privilege and policy designLesson 2Networking primitives across providers: VPC, VNet, VPC Network — CIDR planning, subnets, route tables, NAT, Internet GatewaysWe explore how basic networking tools match across AWS, Azure, and GCP. You design CIDR plans, subnets, and routing, and grasp NAT, internet gateways, and security lines for multi-cloud links in Eritrean networks.
VPC, VNet, and VPC Network comparisonCIDR sizing and IP address planningPublic, private, and isolated subnetsRoute tables and custom routing rulesNAT gateways and internet egressNetwork security groups and firewallsLesson 3DNS and global traffic management: Route 53, Azure DNS, Cloud DNS — DNS records, TTL, health-check based failoverWe learn how DNS services align across clouds for worldwide traffic handling. You explore record types, TTL methods, health checks, and routing rules for low-delay, weighted, and backup scenarios in Eritrea.
Route 53, Azure DNS, and Cloud DNSDNS record types and common usesTTL tuning and caching behaviorHealth checks and DNS-based failoverLatency and geo-based routing policiesWeighted and multi-value answersLesson 4Managed database services: RDS/Aurora, Azure Database (PostgreSQL/MySQL), Cloud SQL — high-availability options, read replicas, failover behaviorWe compare managed database options across clouds. Understand engine picks, high-availability and failover ways, read copies, backups, and scaling so you build strong, movable database systems for Eritrean use.
Service overview: RDS, Azure DB, Cloud SQLEngine support and feature differencesHigh availability and failover behaviorRead replicas and read scaling patternsBackup, restore, and point-in-time recoverySecurity, networking, and access controlsLesson 5Cross-cloud connectivity basics: VPN, interconnect/expressroute options, Transit Gateway equivalents and routing considerationsWe look at ways to connect clouds and on-site securely. Compare VPN, private links, and transit hubs, and learn routing tips for scalable, strong multi-cloud networks in Eritrean setups.
Site-to-site VPN across providersDirect Connect, ExpressRoute, InterconnectTransit Gateway and hub-and-spoke modelsRouting domains and overlapping CIDRsHigh availability and failover designEncryption and compliance considerationsLesson 6Core compute services: EC2, Azure Virtual Machines, Google Compute Engine — instance types, images, lifecycleGrasp main compute services for most tasks. Compare EC2, Azure VMs, and Google Compute Engine, focusing on instance kinds, images, life cycles, and automation for Eritrean workloads.
Instance families and sizing strategyImages, templates, and golden imagesInstance lifecycle and state transitionsStorage options and performance tuningPlacement groups and availability zonesAutomation with autoscaling and scriptsLesson 7Storage and object stores: S3, Azure Blob Storage, GCS — lifecycle, versioning, encryption, access policiesWe delve into object storage across AWS, Azure, and GCP. Learn lifecycle rules, versioning, encryption, and access, and design movable ways for backups, logs, sites, and data lakes in Eritrea.
S3, Blob Storage, and GCS core conceptsLifecycle rules and storage class tiersObject versioning and recovery patternsEncryption at rest and in transit optionsBucket- and object-level access controlsCross-region replication and data localityLesson 8Managed compute alternatives: AWS ECS/EKS, Azure AKS/Container Instances, GCP GKE/Cloud Run — when to choose containers vs VMsCompare managed compute from VMs to containers and serverless. Learn when to pick ECS, EKS, AKS, GKE, or Cloud Run over VMs, and how it affects operations and costs in Eritrean contexts.
Core VM vs container trade-offsECS, EKS, AKS, and GKE overviewCloud Run and Azure Container InstancesCluster provisioning and scaling modelsImage registries and deployment flowsCost, operations, and portability concernsLesson 9Load balancing and ingress: ELB/ALB/NLB, Azure Load Balancer/Application Gateway, GCP Cloud Load Balancing — SSL termination, path-based routing, health checksUnderstand load balancing and entry options across providers. Choose L4 and L7 services, set SSL end, path routing, health checks, and build strong multi-region access for Eritrea.
L4 vs L7 load balancers across cloudsELB, ALB, NLB, and Azure equivalentsGCP HTTP(S) and TCP load balancersSSL termination and certificate handlingPath- and host-based routing rulesHealth checks and failover strategies
