Lesson 1Networking, CDN and edge considerations: VPC design, load balancing, CDN for storefront performanceThis section covers networking and edge design, including VPC layout, subnets, routing, and load balancing. It also explains CDN and edge caching strategies to improve performance, reliability, and security for user-facing services.
VPC, subnet, and routing topologyNorth-south and east-west securityLayer 4 and 7 load balancingCDN caching and invalidation rulesEdge security and DDoS protectionsLesson 2Data and state management: database selection (RDBMS vs cloud-native SQL/NoSQL), caching, data replication and backup strategiesThis section addresses data and state design, covering RDBMS and cloud SQL/NoSQL choices, schema and access patterns, caching strategies, and replication and backup. It emphasises consistency, performance, and recovery objectives.
Relational vs NoSQL data modelingManaged database service selectionCaching layers and invalidationReplication, RPO, and RTO planningBackup, restore, and DR testingLesson 3Security and compliance design: IAM, secrets management, encryption in transit and at rest, PCI scope reduction approachesThis section focuses on security and compliance by design, covering IAM, secrets management, and encryption in transit and at rest. It also introduces PCI scope reduction and audit readiness for regulated ICT environments.
Identity and access management designSecrets storage and rotationTLS, certificates, and key handlingData encryption at rest strategiesPCI scope reduction and evidenceLesson 4Cost management and governance: tagging, budgeting, reserved vs on-demand usage, cost monitoring toolsThis section explains cost management and governance, including tagging standards, budgeting, and reserved versus on-demand capacity. It also covers cost monitoring tools, chargeback models, and guardrails to prevent overspending.
Tagging and cost allocation modelsBudgeting and forecast processesReserved, spot, and on-demand mixCost dashboards and alertingPolicies and guardrails for spendLesson 5Choosing deployment platform(s): public cloud selection criteria (availability zones, managed services, cost), hybrid vs cloud-native tradeoffsThis section explains how to select public cloud providers, compare managed services and pricing, and decide between hybrid and cloud‑native approaches, aligning deployment platforms with resilience, compliance, and operational needs.
Cloud provider comparison criteriaEvaluating managed service offeringsCost modeling and TCO estimationHybrid vs cloud-native decision factorsMulti-region and AZ deployment designLesson 6Observability and operability: centralised logging, metrics, distributed tracing, alerting and runbooksThis section covers designing observability for ICT systems, including centralised logging, metrics, traces, and alerting. It explains SLOs, dashboards, runbooks, and on-call workflows to ensure reliable operations and fast incident response.
Centralized logging architectureMetrics, KPIs, SLOs, and SLIsDistributed tracing implementationAlert design and noise reductionRunbooks and incident workflowsLesson 7Compute and runtime: containers, orchestration with Kubernetes, serverless options and when to use themThis section examines compute and runtime options, including containers, Kubernetes orchestration, and serverless platforms. It explains scheduling, autoscaling, workload isolation, and when each model best fits ICT implementation needs.
Containerization standards and imagesKubernetes cluster and node designAutoscaling and workload placementServerless functions and event modelsChoosing runtimes for each workloadLesson 8CI/CD and delivery pipelines: branching strategies, automated testing, artefact management, deployment patterns (blue/green, canary)This section details CI/CD pipeline design, from branching and versioning to automated testing, artefact management, and deployment strategies such as blue/green and canary, ensuring safe, repeatable, and auditable software delivery.
Branching and release strategiesAutomated build and test stagesArtifact storage and provenanceBlue/green and canary rolloutsRollback and feature flag tacticsLesson 9Core architecture patterns: microservices vs modular monolith, API gateway, service mesh essentialsThis section explores core architecture patterns, comparing microservices and modular monoliths, and explaining API gateway and service mesh roles. It focuses on scalability, coupling, observability, and operational complexity tradeoffs.
Microservices vs modular monolithDomain boundaries and service sizingAPI gateway responsibilitiesService mesh capabilities and limitsInter-service communication patterns
