Lesson 1Identity and access control: IAM, Azure RBAC/AAD, GCP IAM — roles, service principals, cross-account access basicsCompare identity and access frameworks across AWS, Azure, and GCP. Delve into IAM roles, Azure AD and RBAC, service principals, and cross-account access to craft secure multi-cloud access strategies.
AWS IAM core concepts and entitiesAzure AD, RBAC, and role assignmentsGCP IAM roles and resource hierarchyService principals and workload identityCross-account and cross-tenant accessLeast privilege and policy designLesson 2Networking primitives across providers: VPC, VNet, VPC Network — CIDR planning, subnets, route tables, NAT, Internet GatewaysGrasp how essential networking elements align across AWS, Azure, and GCP. You will plan CIDR blocks, set up subnets and routing, and comprehend NAT, internet gateways, and security perimeters for multi-cloud links.
VPC, VNet, and VPC Network comparisonCIDR sizing and IP address planningPublic, private, and isolated subnetsRoute tables and custom routing rulesNAT gateways and internet egressNetwork security groups and firewallsLesson 3DNS and global traffic management: Route 53, Azure DNS, Cloud DNS — DNS records, TTL, health-check based failoverUnderstand how DNS services correspond across clouds and enable global traffic handling. Examine record types, TTL approaches, health checks, and routing policies for latency-driven, weighted, and failover situations.
Route 53, Azure DNS, and Cloud DNSDNS record types and common usesTTL tuning and caching behaviourHealth checks and DNS-based failoverLatency and geo-based routing policiesWeighted and multi-value answersLesson 4Managed database services: RDS/Aurora, Azure Database (PostgreSQL/MySQL), Cloud SQL — high-availability options, read replicas, failover behaviourAlign managed relational database options across clouds. Comprehend engine selections, HA and failover systems, read replicas, backups, and scaling methods to build durable, transferable database structures.
Service overview: RDS, Azure DB, Cloud SQLEngine support and feature differencesHigh availability and failover behaviourRead replicas and read scaling patternsBackup, restore, and point-in-time recoverySecurity, networking, and access controlsLesson 5Cross-cloud connectivity basics: VPN, interconnect/expressroute options, Transit Gateway equivalents and routing considerationsReview choices for secure links between clouds and on-premises setups. Compare VPN, private interconnects, and transit hub designs, and grasp routing factors for scalable, sturdy multi-cloud networks.
Site-to-site VPN across providersDirect Connect, ExpressRoute, InterconnectTransit Gateway and hub-and-spoke modelsRouting domains and overlapping CIDRsHigh availability and failover designEncryption and compliance considerationsLesson 6Core compute services: EC2, Azure Virtual Machines, Google Compute Engine — instance types, images, lifecycleComprehend core compute services that support most workloads. Compare EC2, Azure Virtual Machines, and Google Compute Engine, emphasising instance types, images, lifecycle actions, and automation choices.
Instance families and sizing strategyImages, templates, and golden imagesInstance lifecycle and state transitionsStorage options and performance tuningPlacement groups and availability zonesAutomation with autoscaling and scriptsLesson 7Storage and object stores: S3, Azure Blob Storage, GCS — lifecycle, versioning, encryption, access policiesInvestigate object storage services across AWS, Azure, and GCP. Learn how lifecycle rules, versioning, encryption, and access controls align, and how to develop transferable patterns for backups, logs, static sites, and data lakes.
S3, Blob Storage, and GCS core conceptsLifecycle rules and storage class tiersObject versioning and recovery patternsEncryption at rest and in transit optionsBucket- and object-level access controlsCross-region replication and data localityLesson 8Managed compute alternatives: AWS ECS/EKS, Azure AKS/Container Instances, GCP GKE/Cloud Run — when to choose containers vs VMsCompare managed compute choices, from virtual machines to containers and serverless options. Learn when to opt for ECS, EKS, AKS, GKE, or Cloud Run over VM-based setups, and how this affects operations and expenses.
Core VM vs container trade-offsECS, EKS, AKS, and GKE overviewCloud Run and Azure Container InstancesCluster provisioning and scaling modelsImage registries and deployment flowsCost, operations, and portability concernsLesson 9Load balancing and ingress: ELB/ALB/NLB, Azure Load Balancer/Application Gateway, GCP Cloud Load Balancing — SSL termination, path-based routing, health checksGrasp load balancing and ingress options across providers. Learn to select between L4 and L7 services, set up SSL termination, path-based routing, and health checks, and design resilient multi-region access points.
L4 vs L7 load balancers across cloudsELB, ALB, NLB, and Azure equivalentsGCP HTTP(S) and TCP load balancersSSL termination and certificate handlingPath- and host-based routing rulesHealth checks and failover strategies
