← Back to Paths
[PLACEHOLDER hero banner]
Become a Cloud Engineer / Cloud Architect
Design and operate multi-cloud platforms that are secure, cost-optimized, and globally resilient.
CREATED BY
D
Dev R. [PLACEHOLDER] ★ 4.8
Senior Data Engineer at StreamBase | 10+ years of experience
About this Path
For engineers targeting Cloud Engineer II, Staff Cloud Engineer, or Cloud Architect roles at product companies and consultancies. You will go beyond certification-level knowledge to design multi-account AWS and GCP landing zones, architect for 99.99% SLAs, implement FinOps practices, and present cloud architecture decisions to senior engineering leadership.
Path Overview
Advanced LevelCertificate of CompletionAbout 68 hours to completeEnglish language20+ curated videosLearn online at your own pace6 modules with resourcesGamified & interactive
Path Curriculum
AWS Control Tower & GCP Organization Policies
OU hierarchy, SCPs vs IAM permission boundaries, account vending automation.
Hub-and-Spoke Networking: Transit Gateway & Shared VPC
Route table design, on-prem connectivity, overlapping CIDR remediation strategies.
Identity Federation: AWS SSO, Workload Identity & Zero Trust
SAML vs OIDC federation, attribute-based access control, credential minimisation.
Cloud Security Posture: SecurityHub, SCC & CSPM Tools
CIS benchmark automation, findings aggregation, suppression workflows.
EKS & GKE: Managed Node Groups, Autopilot, Karpenter
Node provisioner vs cluster autoscaler, spot interruption handling, upgrade strategies.
Serverless Patterns: Lambda, Cloud Run & Event-Driven Design
Cold start mitigation, concurrency limits, event fan-out with EventBridge/Pub-Sub.
Container Image Supply Chain & ECR/Artifact Registry
Vulnerability scanning, image signing with Cosign, immutable tags enforcement.
RDS Aurora Global Database & Multi-Region Replication
Failover automation, read replica lag, global write forwarding trade-offs.
S3 & GCS: Storage Classes, Lifecycle & Replication
Intelligent-Tiering cost analysis, Cross-Region Replication conflict resolution.
DynamoDB Global Tables & Eventual Consistency Patterns
Partition key design, adaptive capacity, DynamoDB Streams for event sourcing.
Data Lake Architecture: S3-backed Iceberg & BigLake
Table format evolution, partition pruning, cross-engine query federation.
Active-Active vs Active-Passive: RTO/RPO Design Choices
Data synchronisation latency budgets, DNS-based traffic steering with Route 53 ARC.
Chaos Engineering for Cloud Workloads: AWS FIS & Gremlin
Steady-state hypothesis, AZ failure injection, dependency circuit-breaker validation.
Backup Strategy: AWS Backup, Cross-Region Vault & PITR
Backup plans, vault lock for immutability, restoration drill automation.
Well-Architected Framework Reviews & Architecture Decision Records
Pillar trade-off documentation, risk register, ADR templates for cloud choices.
Cost Allocation: Tagging Strategy, AWS Cost Explorer & BigQuery BI Engine
Chargeback vs showback models, untagged resource alerting, anomaly detection.
Compute Rightsizing: Savings Plans, RIs & Spot Strategies
Graviton migration lift, EC2 Spot interruption-tolerant architectures, committed use.
FinOps Dashboards with Kubecost & Cloud Custodian
Per-team cost dashboards, idle resource remediation policies, budget alerts.
Designing Global SaaS Platforms: Multi-Tenant Isolation Patterns
Silo vs pool vs bridge models, data residency, tenant throttling enforcement.
High-Scale Event Streaming: Kinesis, Pub-Sub & MSK
Throughput sizing, consumer group lag monitoring, exactly-once semantics trade-offs.
Cloud Architecture Communication: Diagrams & Trade-off Narratives
C4 model, AWS/GCP diagram conventions, structuring trade-off presentations for CTOs.
Common Senior/Staff Interview Scenarios with Model Answers
URL shortener, ride-share dispatch, real-time leaderboard—cloud-native solutions.
What you'll learn
- ✓Design multi-account AWS and GCP landing zones with SCPs, guardrails, and hub-spoke networking at enterprise scale.
- ✓Architect globally resilient workloads with active-active multi-region failover, RTO/RPO analysis, and chaos validation.
- ✓Implement zero-trust network architectures using VPC service controls, Private Link, and certificate-based mTLS.
- ✓Automate cloud infrastructure using Terraform CDK, Pulumi, and policy-as-code pipelines with mandatory drift detection.
- ✓Apply FinOps practices to achieve 30–40% cost reduction through rightsizing, savings plans, spot strategy, and showback dashboards.
- ✓Lead Well-Architected reviews, produce architecture decision records, and communicate trade-offs to principal engineers and CTOs.