GCP

GCP Zero-to-Hero

A five-tier mastery path — Foundation to Specialist — across every Google Cloud domain, every certification, and real job, troubleshooting and architecting skills.

Foundation → Intermediate → Advanced → Expert → Specialist ~200 hours 76 of 76 lessons ready Cloud Digital Leader · ACE · PCA · PCNE · PCSE · PCDE · PDE · PMLE · Cloud Database Engineer
Start the course

A complete, job-oriented path through Google Cloud: cloud fundamentals, the resource hierarchy, IAM, compute, storage, databases, networking, serverless, security, landing zones, the Architecture Framework, data, AI/ML, resilience and operations — built from production-grade lessons and capped with an enterprise landing-zone capstone.

What you’ll be able to do

  • Navigate Google Cloud confidently — the resource hierarchy, projects, IAM, the console and gcloud
  • Run compute, storage, database and networking services in production
  • Build serverless and event-driven systems with Cloud Run, Pub/Sub and Eventarc
  • Engineer security with IAM, Org Policy, KMS, VPC Service Controls and Workload Identity
  • Stand up an enterprise landing zone with Shared VPC and the Architecture Framework
  • Operate, troubleshoot and recover workloads, and be certification- and interview-ready

Prerequisites

  • Basic IT literacy (files, networks, a terminal) — no prior cloud experience required
  • A free Google Cloud account for the hands-on labs (Free Tier / $300 credit is enough)

Who it’s for

Career-changers and developers new to the cloud, engineers moving to Google Cloud, and people preparing for Google Cloud certifications or real GCP delivery work.

Curriculum

Tier 1 · Foundation — Google Cloud Basics (CDL/ACE)

Start at zero: what Google Cloud is, the global infrastructure, the resource hierarchy, IAM, and your first workloads.

  1. 1 Google Cloud Fundamentals: Global Infrastructure, Resource Hierarchy & Pricing Junior 19 min read
  2. 2 Google Cloud IAM Fundamentals: Roles, Service Accounts, Policy & Inheritance Junior 24 min read
  3. 3 Three-Tier Web Application on GCP: The Foundational Pattern Junior 17 min read
  4. 4 Serverless Event-Driven Data Pipeline on GCP for Beginners Junior 17 min read
  5. 5 GCP Cloud Adoption Framework: Overview & Maturity Model — The Four Themes (Learn, Lead, Scale, Secure), the Tactical–Strategic–Transformational Phases, Epics, and How to Assess Your Maturity Advanced 23 min read

Tier 2 · Intermediate — Compute & Serverless (ACE)

Run compute: managed instance groups, Cloud Run, and event-driven Cloud Functions.

  1. 6 Regional Managed Instance Groups: Autohealing, Canary Rollouts, and Stateful MIGs Advanced 14 min read
  2. 7 Cloud Run in Production: Services, Jobs, VPC Egress, and Concurrency Tuning Advanced 16 min read
  3. 8 Event-Driven Architecture with Cloud Functions 2nd Gen and Eventarc Advanced 17 min read

Tier 2 · Intermediate — Storage & Databases (ACE)

Store data: Cloud Storage protection, Cloud SQL HA, and Spanner schema design.

  1. 9 Cloud Storage Data Protection: Retention Lock, Soft Delete, Versioning, and Replication Advanced 14 min read
  2. 10 Cloud SQL in Production: HA, Read Replicas, PSC Connectivity, and Maintenance Advanced 16 min read
  3. 11 Cloud Spanner Schema Design: Interleaving, Hotspot Avoidance, and Secondary Indexes Expert 16 min read

Tier 2 · Intermediate — Networking (VPC)

Design VPCs: Shared VPC, hierarchical firewall + Cloud NAT, Cloud DNS, and the global load balancer.

  1. 12 Building a Shared VPC: Centralized Networking Across Many GCP Projects Advanced 14 min read
  2. 13 Controlling Egress on GCP: Hierarchical Firewall Policies and Cloud NAT, End to End Advanced 15 min read
  3. 14 Cloud DNS at Scale: Private Zones, Peering, Forwarding, and Response Policies Advanced 15 min read
  4. 15 Engineering the Global External Application Load Balancer on GCP Advanced 16 min read

Tier 2 · Intermediate — Production Readiness (Architecture Framework)

What makes a workload production-ready: the reliability, operational-excellence and performance pillars.

  1. 16 GCP Well-Architected: Reliability — User-Experience SLOs, Error Budgets, Redundancy Across Failure Domains, Graceful Degradation, Failure Recovery, Chaos Testing & Capacity Planning Advanced 30 min read
  2. 17 GCP Well-Architected: Operational Excellence — Operational Readiness, the Cloud Operations Suite, Incident & Problem Management, Release Engineering, Toil Reduction & Capacity Planning Advanced 31 min read
  3. 18 GCP Well-Architected: Performance Optimization — Performance Principles, Resource Selection, Scaling, Load Balancing, Caching, and Continuous Tuning Advanced 26 min read

Tier 3 · Advanced — Networking Engineering (PCNE)

Connect at scale: Private Service Connect, HA VPN/Cloud Router, VPC Service Controls and hybrid/multi-cloud.

  1. 19 Private Service Connect on GCP: Publishing and Consuming Services End-to-End Advanced 15 min read
  2. 20 Resilient Hybrid Connectivity with HA VPN, Cloud Router, and BGP on GCP Advanced 15 min read
  3. 21 VPC Service Controls and Access Context Manager: Preventing Data Exfiltration on GCP Expert 16 min read
  4. 22 GCP Enterprise Architecture: Hybrid & Multi-Cloud Advanced 29 min read

Tier 3 · Advanced — Security Engineering (PCSE)

Engineer security: deny policies & conditions, KMS/CMEK, Secret Manager, Workload Identity, Org Policy and compliance.

  1. 23 Advanced GCP IAM: Deny Policies, Conditional Bindings, and Impersonation Chains Expert 14 min read
  2. 24 Cloud KMS in Depth: CMEK, Envelope Encryption, Cloud HSM, and External Key Manager Expert 18 min read
  3. 25 Secret Manager Rotation Pipelines with Cloud Functions, IAM, and CMEK Advanced 16 min read
  4. 26 Keyless Authentication to GCP: Workload Identity Federation for GitHub Actions and CI/CD Advanced 14 min read
  5. 27 Designing a GCP Resource Hierarchy: Org, Folders, Projects, and Org Policy Guardrails Intermediate 13 min read
  6. 28 GCP Well-Architected: Security, Privacy & Compliance — IAM, Data & Network Security, Compliance, Secret Manager, Security Command Center, and Shielded/Confidential VMs Advanced 27 min read
  7. 29 SOC 2 Continuous Compliance Automation on GCP with Drata Intermediate 17 min read

Tier 3 · Advanced — Serverless, Messaging & Integration

Build decoupled systems: Pub/Sub at depth, event-driven and serverless API architectures.

  1. 30 Pub/Sub Delivery Guarantees: Exactly-Once, Ordering Keys, Dead-Letter, and Flow Control Advanced 16 min read
  2. 31 GCP Enterprise Architecture: Event-Driven Architecture Advanced 28 min read
  3. 32 GCP Enterprise Architecture: Serverless API Advanced 26 min read

Tier 3 · Advanced — Containers / GKE

Run GKE in production: Autopilot hardening, Dataplane V2, the multi-cluster Gateway API, and Workload Identity.

  1. 33 GKE Autopilot in Production: A Hardening and Cost-Control Playbook Advanced 15 min read
  2. 34 GKE Dataplane V2: Cilium-Based Network Policy and Observability Expert 16 min read
  3. 35 GKE Gateway API: Single and Multi-Cluster Traffic Management Expert 17 min read
  4. 36 GKE Workload Identity Deep Dive: Secure Pod-to-Google-API Access Without Keys Expert 14 min read
  5. 37 GCP Enterprise Architecture: Production Microservices on GKE Advanced 24 min read

Tier 3 · Advanced — Data Engineering (PDE)

Engineer data: BigQuery performance & fine-grained access, and real-time analytics pipelines.

  1. 38 Taming BigQuery Cost and Performance: Partitioning, Clustering, and Reservations Advanced 15 min read
  2. 39 BigQuery Fine-Grained Security: Column-Level, Row-Level, and Data Masking Advanced 16 min read
  3. 40 GCP Enterprise Architecture: Real-Time Analytics Advanced 27 min read
  4. 41 Real-Time Payments Fraud Scoring Pipeline on GCP Advanced 18 min read

Tier 4 · Expert — Architecture Framework, Cost & System Design (PCA)

Architect to the framework: cost optimisation and end-to-end system design.

  1. 42 GCP Well-Architected: Cost Optimization — Cost Principles, Billing & Budgets, CUDs & Spot VMs, Right-Sizing, FinOps, and Cost Monitoring Advanced 26 min read
  2. 43 GCP Well-Architected: System Design — Core Principles, Geography & Regions, the Resource Hierarchy, Networking Foundations, and Choosing Compute, Storage & Databases Advanced 27 min read

Tier 4 · Expert — Landing Zones & Governance

Build the enterprise platform: the landing zone across resource hierarchy, identity, network, security and operations.

  1. 44 GCP Enterprise Architecture: Secure Foundation / Landing Zone Advanced 25 min read
  2. 45 GCP Landing Zone: Resource Hierarchy — The Organization Node, Environment & Team Folders, Projects, and Design Trade-offs Advanced 27 min read
  3. 46 GCP Landing Zone: Identity & Access — Cloud Identity, Groups, IAM, Service Accounts & Workload Identity Federation Advanced 21 min read
  4. 47 GCP Landing Zone: Networking — Shared VPC, Hybrid Connectivity, Firewall Policies & Cloud DNS Advanced 26 min read
  5. 48 GCP Landing Zone: Security & Guardrails — Org Policy Constraints, VPC Service Controls, Security Command Center, CMEK & Assured Workloads Advanced 23 min read
  6. 49 GCP Landing Zone: Operations & Billing — Cloud Logging Sinks & Buckets, Cloud Monitoring, Billing Export & Budgets, and Org-Wide Observability Advanced 24 min read

Tier 4 · Expert — Cloud Adoption Framework (CAF)

Lead the organisational journey: the CAF themes — learn, lead, scale, secure and the operating model.

  1. 50 GCP Cloud Adoption Framework: Learn Theme — Learning Programs at Scale, Partners, Certification & the Cloud CoE Advanced 18 min read
  2. 51 GCP Cloud Adoption Framework: Lead Theme — Leadership & Governance, Mobilizing Teams, Cross-Functional Collaboration, and a Cloud Operating Model Advanced 27 min read
  3. 52 GCP Cloud Adoption Framework: Scale Theme — Cloud-Native Adoption, Automation, CI/CD & Self-Service Operations Advanced 21 min read
  4. 53 GCP Cloud Adoption Framework: Secure Theme — Advanced Security Posture, Identity/Network/Data Security, Compliance & Proactive Defense-in-Depth Advanced 23 min read
  5. 54 GCP Cloud Adoption Framework: Operating Model & Epics — Designing the Cloud Operating Model, the Epic Backlog as Your Execution Engine, and Wiring It Into the Landing Zone & Enterprise Foundations Blueprint Advanced 24 min read

Tier 4 · Expert — Resilience, DR & Migration

Design for failure and change: DR/resilience patterns and migration to Google Cloud.

  1. 55 GCP Enterprise Architecture: Multi-Region DR & Resilience Advanced 26 min read
  2. 56 GCP Enterprise Architecture: Migration to Google Cloud Advanced 26 min read

Tier 4 · Expert — Enterprise Reference Architectures

Study complete designs: global web, peak-scale education, multi-tenant SaaS, and a centralised logging lake.

  1. 57 GCP Enterprise Architecture: Global Web Application Advanced 21 min read
  2. 58 Education Platform Scaling for a National Exam Day on GCP Advanced 18 min read
  3. 59 Moodle Multi-Tenant SaaS for a Training Provider on GCP Intermediate 17 min read
  4. 60 Centralized Logging Lake on GCP for Security and Compliance Intermediate 17 min read

Tier 5 · Specialist — Data & Analytics (PDE)

Build the data platform: lakehouse, big data, and data mesh on Google Cloud.

  1. 61 GCP Enterprise Architecture: Data Warehouse & Lakehouse Advanced 22 min read
  2. 62 GCP Enterprise Architecture: Big Data Processing Advanced 21 min read
  3. 63 GCP Enterprise Architecture: Data Mesh Advanced 23 min read

Tier 5 · Specialist — AI/ML & Generative AI (PMLE)

Serve AI in production: Vertex AI MLOps, ML platforms, GenAI RAG, and recommendation engines.

  1. 64 Production MLOps on Vertex AI: Building Reproducible Training and Deployment Pipelines Expert 17 min read
  2. 65 GCP Enterprise Architecture: ML Platform / MLOps Advanced 16 min read
  3. 66 GCP Enterprise Architecture: Generative-AI / RAG on Vertex AI Advanced 27 min read
  4. 67 Product Recommendation Engine for Retail on GCP Vertex AI Intermediate 17 min read
  5. 68 GCP Enterprise Architecture: Retail Recommendation Engine Advanced 21 min read

Tier 5 · Specialist — Integration & Industry Solutions

Domain solutions: API monetisation with Apigee and IoT analytics.

  1. 69 API Monetization Platform on Apigee with Developer Portal and Billing Advanced 18 min read
  2. 70 GCP Enterprise Architecture: IoT Ingestion & Analytics Advanced 28 min read

Track · Troubleshooting (Easy → Complex)

Diagnose anything: a method and per-area playbooks, then complex multi-service incident RCA.

  1. 71 Google Cloud Troubleshooting Playbooks: IAM, VPC, Compute, Cloud SQL & GKE Intermediate 19 min read
  2. 72 Advanced Google Cloud Troubleshooting: Complex Multi-Service Incidents & RCA Advanced 24 min read

Track · Architecting (Easy → Complex)

Turn requirements into designs: a six-rung ladder from a static site to multi-region global.

  1. 73 The Google Cloud Architecting Ladder: From a Static Site to Multi-Region Global Advanced 38 min read

Track · Certification Center

Pass the exams: the CDL/ACE/PCA/PDE/Security prep kit with checklists, case studies and practice questions.

  1. 74 Google Cloud Certification Prep Kit: Digital Leader, ACE, PCA, PDE & Security Engineer Advanced 34 min read

Track · Job-Ready — Projects & Capstone

Get hired: a six-project portfolio ladder and an enterprise landing-zone capstone.

  1. 75 Real-World Google Cloud Portfolio Projects: From a Static Site to a Landing Zone Advanced 26 min read
  2. 76 Google Cloud Capstone: Build an Enterprise Landing Zone + 3-Tier App Advanced 26 min read
All courses Browse all GCP articles