GCP: Associate Cloud Engineer

Learn how GCP organizes resources into a hierarchy of Organization, Folders, and Projects, and how organization policies enforce governance controls across the hierarchy.

Practice creating folders, projects, and applying organization policies to enforce governance controls across the GCP resource hierarchy.

Learn how to grant IAM roles, manage users and groups in Cloud Identity, enable APIs, and control access across GCP projects.

Practice granting IAM roles to members, managing Cloud Identity users and groups, and enabling APIs within a GCP project.

Learn how to create and manage billing accounts, link projects, configure budgets and alerts, and export billing data for cost analysis.

Practice creating billing accounts, linking projects, setting up budget alerts, and configuring billing exports to Cloud Storage and BigQuery.

Learn how to set up Google Cloud Observability products, assess project quotas, and request quota increases to ensure your cloud solutions can scale.

Practice provisioning Cloud Monitoring workspaces, configuring uptime checks, viewing project quotas, and submitting quota increase requests.

Learn how to select compute options, launch VM instances, choose storage types, configure managed instance groups with autoscaling, and use Spot VMs and custom machine types.

Practice launching VM instances with custom machine types, configuring persistent disks, creating instance templates, and setting up managed instance groups with autoscaling.

Learn how to deploy and manage GKE clusters with Autopilot, regional, and private configurations, deploy containerized applications, and configure kubectl access.

Practice deploying a GKE Autopilot cluster, configuring kubectl, deploying a containerized application, and managing node pools and pod autoscaling.

Learn how to deploy applications to Cloud Run and Cloud Functions, handle event-driven workloads with Pub/Sub and Eventarc, and compare serverless options for different use cases.

Practice deploying a containerized application to Cloud Run, configuring autoscaling, and deploying an event-driven Cloud Function triggered by Pub/Sub.

Learn how to choose between Cloud Storage classes (Standard, Nearline, Coldline, Archive), create and configure buckets, load data from multiple sources, and maintain multi-region redundancy.

Practice creating Cloud Storage buckets with different storage classes, configuring uniform bucket-level access, uploading objects, and using the Storage Transfer Service.

Learn how to choose and deploy GCP managed data services including Cloud SQL, BigQuery, Firestore, Spanner, Bigtable, AlloyDB, Pub/Sub, Dataflow, and Memorystore.

Practice creating a Cloud SQL instance, importing data, executing SQL queries, creating a BigQuery dataset, loading data, and running analytical queries.

Learn how to create VPCs with custom and shared configurations, design subnet layouts, and configure Cloud Next Generation Firewall policies with ingress and egress rules.

Practice creating a custom mode VPC with subnets, configuring Cloud Next Generation Firewall policies with ingress and egress rules, and using secure tags in firewall rules.

Learn how to establish network connectivity with Cloud VPN, VPC Network Peering, and Cloud Interconnect, and choose and deploy appropriate GCP load balancers for different traffic patterns.

Practice deploying an HTTP(S) load balancer with a managed instance group backend, configuring health checks, and setting up VPC Network Peering between two VPCs.

Learn how to use Terraform and other IaC tools (Config Connector, Fabric FAST, Helm) to deploy GCP infrastructure, manage state, version configurations, and execute updates safely.

Practice writing Terraform configurations to provision GCP resources, manage Terraform state, apply updates, and use the google provider to deploy a VPC, subnet, and Compute Engine instance.

Learn how to manage running Compute Engine instances, work with snapshots and images, manage GKE node pools and workloads, deploy Cloud Run revisions, and configure traffic splitting.

Practice creating VM snapshots, managing GKE node pools, deploying new Cloud Run revisions, and configuring traffic splitting between revisions for canary deployments.

Learn how to manage Cloud Storage objects and lifecycle policies, query data from Cloud SQL, BigQuery, Bigtable, and Firestore, perform database backups and restores, and estimate storage costs.

Practice configuring object lifecycle management rules on Cloud Storage buckets, performing Cloud SQL database backups and point-in-time restores, and querying BigQuery datasets.

Learn how to add and expand subnets, reserve static IP addresses, add custom static routes, and configure Cloud DNS and Cloud NAT for internet connectivity without external IPs.

Practice adding a subnet to an existing VPC, expanding its IP range, reserving static external and internal IP addresses, and configuring Cloud DNS records and Cloud NAT for private instance internet access.

Learn how to create Cloud Monitoring alerts, define custom metrics, use Cloud Trace, Cloud Profiler, and Query Insights for diagnostics, deploy Ops Agent, and configure Managed Prometheus.

Practice creating Cloud Monitoring alerting policies based on resource metrics, defining custom metrics from application logs, building dashboards, deploying the Ops Agent, and using Cloud Trace for application diagnostics.

Learn how to view and filter Cloud Logging entries, configure log buckets and routers, export logs to BigQuery and external systems, configure audit logs, and use Active Assist.

Practice viewing and filtering Cloud Logging entries, creating log sinks to export logs to Cloud Storage and BigQuery, configuring log-based metrics, and enabling and reviewing audit logs.

Learn how to view and create IAM policies, understand the difference between basic, predefined, and custom roles, and design custom IAM roles following the principle of least privilege.

Practice creating IAM policy bindings, comparing basic, predefined, and custom roles, designing and deploying a custom IAM role with minimum required permissions, and testing role access.

Learn how to create and manage service accounts, apply minimum permissions, assign service accounts to resources, configure impersonation, manage short-lived credentials, and use Workload Identity for GKE.