Lesson 1Networking, CDN and edge considerations: VPC design, load balancing, CDN for storefront performanceThis section covers networking and edge design, including VPC layout, subnets, routing, and load balancing. It also explains CDN and edge caching strategies to boost performance, reliability, and security for user-facing services.
VPC, subnet, and routing topologyNorth-south and east-west securityLayer 4 and 7 load balancingCDN caching and invalidation rulesEdge security and DDoS protectionsLesson 2Data and state management: database selection (RDBMS vs cloud-native SQL/NoSQL), caching, data replication and backup strategiesThis section tackles data and state design, covering RDBMS and cloud SQL/NoSQL options, schema and access patterns, caching strategies, and replication and backup. It stresses consistency, performance, and recovery goals.
Relational vs NoSQL data modelingManaged database service selectionCaching layers and invalidationReplication, RPO, and RTO planningBackup, restore, and DR testingLesson 3Security and compliance design: IAM, secrets management, encryption in transit and at rest, PCI scope reduction approachesThis section focuses on security and compliance by design, covering IAM, secrets management, and encryption in transit and at rest. It also introduces PCI scope reduction and audit readiness for regulated ICT setups.
Identity and access management designSecrets storage and rotationTLS, certificates, and key handlingData encryption at rest strategiesPCI scope reduction and evidenceLesson 4Cost management and governance: tagging, budgeting, reserved vs on-demand usage, cost monitoring toolsThis section explains cost management and governance, including tagging standards, budgeting, and reserved versus on-demand capacity. It also covers cost monitoring tools, chargeback models, and guardrails to avoid overspending.
Tagging and cost allocation modelsBudgeting and forecast processesReserved, spot, and on-demand mixCost dashboards and alertingPolicies and guardrails for spendLesson 5Choosing deployment platform(s): public cloud selection criteria (availability zones, managed services, cost), hybrid vs cloud-native tradeoffsThis section explains how to pick public cloud providers, compare managed services and pricing, and decide between hybrid and cloud-native approaches, matching deployment platforms with resilience, compliance, and operational needs.
Cloud provider comparison criteriaEvaluating managed service offeringsCost modeling and TCO estimationHybrid vs cloud-native decision factorsMulti-region and AZ deployment designLesson 6Observability and operability: centralized logging, metrics, distributed tracing, alerting and runbooksThis section covers designing observability for ICT systems, including centralised logging, metrics, traces, and alerting. It explains SLOs, dashboards, runbooks, and on-call workflows to ensure reliable operations and quick incident response.
Centralized logging architectureMetrics, KPIs, SLOs, and SLIsDistributed tracing implementationAlert design and noise reductionRunbooks and incident workflowsLesson 7Compute and runtime: containers, orchestration with Kubernetes, serverless options and when to use themThis section looks at compute and runtime options, including containers, Kubernetes orchestration, and serverless platforms. It explains scheduling, autoscaling, workload isolation, and when each model best suits ICT implementation needs.
Containerization standards and imagesKubernetes cluster and node designAutoscaling and workload placementServerless functions and event modelsChoosing runtimes for each workloadLesson 8CI/CD and delivery pipelines: branching strategies, automated testing, artifact management, deployment patterns (blue/green, canary)This section details CI/CD pipeline design, from branching and versioning to automated testing, artifact management, and deployment strategies like blue/green and canary, ensuring safe, repeatable, and auditable software delivery.
Branching and release strategiesAutomated build and test stagesArtifact storage and provenanceBlue/green and canary rolloutsRollback and feature flag tacticsLesson 9Core architecture patterns: microservices vs modular monolith, API gateway, service mesh essentialsThis section explores core architecture patterns, comparing microservices and modular monoliths, and explaining API gateway and service mesh roles. It focuses on scalability, coupling, observability, and operational complexity tradeoffs.
Microservices vs modular monolithDomain boundaries and service sizingAPI gateway responsibilitiesService mesh capabilities and limitsInter-service communication patterns
