Lesson 1Networking, CDN and edge considerations: VPC design, load balancing, CDN for storefront performanceThis section handles networking and edge planning, covering VPC setup, subnets, routing, and load balancing. It also details CDN and edge caching to boost speed, reliability, and safety for customer services.
VPC, subnet, and routing topologyNorth-south and east-west securityLayer 4 and 7 load balancingCDN caching and invalidation rulesEdge security and DDoS protectionsLesson 2Data and state management: database selection (RDBMS vs cloud-native SQL/NoSQL), caching, data replication and backup strategiesThis section tackles data and state planning, including RDBMS and cloud SQL/NoSQL options, schema and access methods, caching plans, and copying and backup. It stresses uniformity, speed, and recovery aims.
Relational vs NoSQL data modelingManaged database service selectionCaching layers and invalidationReplication, RPO, and RTO planningBackup, restore, and DR testingLesson 3Security and compliance design: IAM, secrets management, encryption in transit and at rest, PCI scope reduction approachesThis section prioritises security and compliance from start, covering IAM, secrets handling, and encryption moving and stored. It also covers PCI scope cuts and audit prep for controlled ICT setups.
Identity and access management designSecrets storage and rotationTLS, certificates, and key handlingData encryption at rest strategiesPCI scope reduction and evidenceLesson 4Cost management and governance: tagging, budgeting, reserved vs on-demand usage, cost monitoring toolsThis section clarifies cost handling and oversight, including tagging norms, budgeting, and reserved vs pay-as-you-go capacity. It also reviews cost tracking tools, chargeback, and limits to curb excess spend.
Tagging and cost allocation modelsBudgeting and forecast processesReserved, spot, and on-demand mixCost dashboards and alertingPolicies and guardrails for spendLesson 5Choosing deployment platform(s): public cloud selection criteria (availability zones, managed services, cost), hybrid vs cloud-native tradeoffsThis section guides picking public cloud providers, comparing managed services and rates, and choosing hybrid vs cloud-first, matching platforms to toughness, rules, and running needs.
Cloud provider comparison criteriaEvaluating managed service offeringsCost modeling and TCO estimationHybrid vs cloud-native decision factorsMulti-region and AZ deployment designLesson 6Observability and operability: centralised logging, metrics, distributed tracing, alerting and runbooksThis section plans monitoring for ICT systems, including central logging, metrics, traces, and alerts. It details SLOs, boards, runbooks, and duty shifts for steady running and quick issue fix.
Centralized logging architectureMetrics, KPIs, SLOs, and SLIsDistributed tracing implementationAlert design and noise reductionRunbooks and incident workflowsLesson 7Compute and runtime: containers, orchestration with Kubernetes, serverless options and when to use themThis section checks compute and runtime choices, covering containers, Kubernetes handling, and serverless. It explains planning, auto-scaling, workload split, and best fits for ICT rollout.
Containerization standards and imagesKubernetes cluster and node designAutoscaling and workload placementServerless functions and event modelsChoosing runtimes for each workloadLesson 8CI/CD and delivery pipelines: branching strategies, automated testing, artifact management, deployment patterns (blue/green, canary)This section details CI/CD line design, from branching and versions to auto-tests, artifact handling, and rollout methods like blue/green and canary, for safe, repeatable, checked software delivery.
Branching and release strategiesAutomated build and test stagesArtifact storage and provenanceBlue/green and canary rolloutsRollback and feature flag tacticsLesson 9Core architecture patterns: microservices vs modular monolith, API gateway, service mesh essentialsThis section studies key design patterns, pitting microservices vs modular monoliths, and API gateway and service mesh roles. It focuses on scaling, links, monitoring, and running complexity balances.
Microservices vs modular monolithDomain boundaries and service sizingAPI gateway responsibilitiesService mesh capabilities and limitsInter-service communication patterns
