Brief Summary
This video is a comprehensive study course for the Google Cloud Associate Cloud Engineer certification. The course covers a wide range of topics, including cloud computing fundamentals, Google Cloud services, networking, security, and billing. The instructor, Antony Cevallos, provides detailed explanations, hands-on demos, and cheat sheets to help you pass the exam and get a cloud job.
- The course includes lecture content, follow-alongs, and cheat sheets.
- The instructor has 18 years of industry experience, including 7 years specializing in cloud and 4 years as a cloud trainer.
- The course is designed to help you pass the Google Cloud Associate Cloud Engineer certification exam.
Course Resources
This chapter explains how to access the course resources, which are designed to accompany the lessons and help you understand the theory and practical examples. The resources include study notes, lesson files, scripts, and resources used in the demo lessons. These files are available in a GitHub repository, which is always kept up-to-date. The chapter provides a step-by-step guide on how to obtain access to the repository through Windows, macOS, and Ubuntu Linux.
Google Cloud Certifications
This chapter discusses the various Google Cloud certifications available, including the Associate Cloud Engineer certification and the Professional level certifications. The chapter provides an overview of each certification, including its focus, recommended experience level, exam format, and cost. The instructor also shares his personal recommendations for the best entry points into the Professional level certifications.
Bow Tie Inc. Scenario
This chapter introduces the fictitious organization, Bow Tie Inc., which will be used throughout the course to provide real-world context for the architectures and demos. The chapter provides a high-level overview of Bow Tie Inc., including its business, its global operations, its current technical infrastructure, and the problems it is facing. The chapter also outlines the business goals and the favorable results that Bow Tie Inc. wants to achieve by moving to Google Cloud.
Practice Exam
This chapter provides a brief overview of the practice exam available on the Exam Pro platform. The chapter explains the structure of the practice exam, including the types of questions, the format, and the timing. The instructor also shares some tips and techniques for answering the questions effectively.
Cloud Computing Fundamentals
This chapter defines cloud computing and the five essential characteristics that define the cloud model: on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. The chapter also explains the four common cloud deployment models: public cloud, multi-cloud, private cloud, and hybrid cloud.
Google Cloud Global Infrastructure
This chapter discusses Google Cloud's global infrastructure, including how data centers are connected, how traffic flows when a request is made, and the overall structure of Google Cloud's geographic locations. The chapter explains the different geographic areas within Google Cloud, including zones, regions, and multi-regions.
Compute Service Options
This chapter provides an overview of the compute service options available in Google Cloud, including Compute Engine, Google Kubernetes Engine (GKE), App Engine, Cloud Functions, and Cloud Run. The chapter explains how each service differs from the others and where they fall under the cloud service model.
Storage and Database Options
This chapter provides an overview of the storage and database options available in Google Cloud. The chapter covers the three main storage options: Cloud Storage, File Store, and Persistent Disks. It also discusses the different database options, including Cloud SQL, Cloud Spanner, Bigtable, Datastore, Firestore, and Memorystore.
Networking Services
This chapter provides an overview of the networking services available in Google Cloud, including Virtual Private Cloud (VPC), firewall rules, routes, load balancing, Cloud DNS, Cloud VPN, and Direct Interconnect. The chapter explains how each service works and its use cases.
Resource Hierarchy
This chapter explains how resources and entities are organized within Google Cloud using a hierarchical structure. The chapter discusses the different layers of the resource hierarchy, including the domain level, the organization level, the folders level, the projects level, and the resources level. The chapter also explains how permissions are inherited through this hierarchical structure.
Creating a Google Cloud Account
This chapter covers the steps involved in creating a new Google Cloud account, including the free tier and the always free options. The chapter provides a step-by-step demo on how to create a free tier account and explains the requirements for fulfilling the demo.
Securing Your Google Cloud Account
This chapter discusses how to secure your Google Cloud account by following best practices. The chapter explains the importance of two-step verification and provides a hands-on demo on how to enable it in the Google Cloud console.
Google Cloud Console
This chapter provides an overview of the Google Cloud console and how to interact with it using the graphical user interface. The chapter provides a hands-on demo on how to navigate through the console and points out some helpful functions and features.
Cloud Billing
This chapter discusses cloud billing and provides an overview of the various resources involved with billing. The chapter explains the concepts around billing accounts and payments profiles and provides a demo on how to create, edit, and delete a cloud billing account.
Controlling Costs in Google Cloud
This chapter discusses how to control costs in Google Cloud, including committed use discounts, sustained use discounts, and budget alerts. The chapter explains the different types of discounts and how to use them to save money. It also provides a demo on how to create and edit budget alerts.
Exporting Billing Data
This chapter explains how to export billing data to BigQuery for detailed analysis. The chapter provides a demo on how to enable the export billing feature and bring it into BigQuery.
Cloud APIs
This chapter provides a hands-on demo on how to work with APIs in Google Cloud. The chapter explains what APIs are and how to enable them for your project.
Creating a Gmail Admin User
This chapter provides a demo on how to create and set up a new Gmail user as an admin user for use in the course. The chapter explains the difference between a super admin account and a regular admin user and provides a step-by-step guide on how to configure the new user.
Cloud SDK and CLI
This chapter provides an overview of the Cloud SDK and the command line interface (CLI). The chapter explains what the Cloud SDK is, how to authorize it, and how to use it to manage resources. It also provides a demo on how to install the Cloud SDK on Windows, macOS, and Ubuntu Linux.
Managing the Cloud SDK
This chapter provides a demo on how to manage the Cloud SDK, including how to initialize it, configure it, install and remove components, and use the gcloud interactive shell. The chapter also explains how to configure a second user account so that you can switch between different configurations.
Cloud Shell
This chapter provides a demo on how to use Cloud Shell, a browser-based virtual machine that is loaded with development tools. The chapter explains the features of Cloud Shell, including its persistent home directory, its built-in code editor, and its pre-installed tools. The chapter also shows how to customize the Cloud Shell environment by adding new tools.
Limits and Quotas
This chapter discusses limits and quotas in Google Cloud and how they affect your cloud usage. The chapter explains the different types of quotas, the reasons for enforcing them, and how to view and edit them.
Identity and Access Management (IAM)
This chapter provides an overview of Identity and Access Management (IAM), a service that manages access control in Google Cloud. The chapter explains the concepts of identities, roles, and policies and provides a detailed breakdown of the policy architecture. The chapter also discusses the principle of least privilege and how to apply it when working with IAM.
Policies and Conditions
This chapter dives deeper into policies and conditions in IAM, explaining how to put them together in policy statements. The chapter provides examples of policy statements in JSON and YAML formats and explains how to query projects for their granted policies. The chapter also discusses policy versions and the limitations of policies.
IAM Hands-on Tour
This chapter provides a hands-on demo on how to work with IAM in the Google Cloud console. The chapter shows how to add and edit permissions for members and roles, and how to edit existing policies. The chapter also demonstrates how to add a new user and grant them access to a project.
Service Accounts
This chapter provides a detailed explanation of service accounts, which are special accounts used by applications or virtual machine instances to authenticate with Google Cloud services. The chapter explains the different types of service accounts, how they authenticate, and how to manage their permissions. The chapter also discusses best practices for working with service accounts.
Service Accounts Hands-on Tour
This chapter provides a hands-on demo on how to work with service accounts in the Google Cloud console. The chapter shows how to create a custom service account, assign permissions to it, and attach it to a VM instance. The chapter also explains how to create service accounts using the command line.
Cloud Identity
This chapter provides an overview of Cloud Identity, Google's identity as a service offering for Google Cloud. The chapter explains the features of Cloud Identity, including device management, security, single sign-on, reporting, and directory management. The chapter also discusses Google Cloud Directory Sync (GCDs) and how it can be used to synchronize data between Google Cloud and on-premises Active Directory or LDAP servers.
IAM Best Practices
This chapter discusses best practices for working with IAM, including the principle of least privilege, granting roles at the smallest scope necessary, restricting access to service account management, and using Google Cloud resource hierarchy to mirror your organizational structure. The chapter also provides best practices for working with service accounts and keys, and for auditing IAM policies and changes.
Networking Refresher - Part 1
This chapter provides a networking refresher for those who are unfamiliar with networking concepts. The chapter covers the basics of IP addresses, the OSI model, and classful addressing. It also explains the concept of classless inter-domain routing (CIDR) and how to subnet networks.
Networking Refresher - Part 2
This chapter continues the networking refresher, covering IPv6 addressing, TCP and UDP protocols, and the application layer of the OSI model. The chapter also provides a brief overview of network address translation (NAT).
Virtual Private Cloud (VPC)
This chapter discusses Virtual Private Cloud (VPC), the core networking service in Google Cloud that allows you to create networks with private and public connectivity options. The chapter explains the features of VPC, including its global nature, its use of subnets, and its support for firewall rules and routes.
VPC Network Subnets
This chapter provides a detailed explanation of VPC network subnets, which are partitions of IP ranges within a VPC network. The chapter explains the features of subnets, including their regional nature, their support for primary and secondary ranges, and their ability to be expanded.
Routing and Private Google Access
This chapter discusses routing and private Google access in VPC networks. The chapter explains how routes define the paths that network traffic takes and the different types of routes available in Google Cloud. The chapter also explains how private Google access allows VM instances with internal IP addresses to reach Google APIs and services.
IP Addressing
This chapter discusses the different types of IP addressing in Google Cloud, including internal and external IP addresses, ephemeral and static IP addresses, and internal IP address reservations. The chapter explains how to choose the right type of IP address for your specific scenario.
IP Addressing Hands-on Tour
This chapter provides a hands-on demo on how to create and apply both internal and external static IP addresses in Google Cloud. The chapter shows how to create IP addresses using both the console and the command line, and how to promote ephemeral IP addresses to static IP addresses.
VPC Firewall Rules
This chapter discusses VPC firewall rules, a service that filters incoming and outgoing network traffic based on user-defined rules. The chapter explains the features of firewall rules, including their stateful nature, their components, and their characteristics.
Building a Custom VPC
This chapter provides a hands-on demo on how to build a custom VPC network, including creating subnets, creating a Cloud Storage bucket, creating instances, and implementing firewall rules and private Google access.
VPC Network Peering
This chapter discusses VPC network peering, a service that enables private communication between VPC networks in the same or different organizations. The chapter explains the features of VPC peering, including its advantages over using external IP addresses or VPNs, its restrictions, and its routing behavior.
VPC Network Peering Hands-on Tour
This chapter provides a hands-on demo on how to create a peering connection between two VPC networks in separate projects. The chapter shows how to verify the connection by creating instances in each network and pinging one instance from the other.
Shared VPCs
This chapter discusses shared VPCs, a service that allows an organization to connect resources from multiple projects to a common VPC network. The chapter explains the concepts of host projects and service projects, the roles involved in administering shared VPCs, and the different use cases for shared VPCs.
VPC Flow Logs
This chapter discusses VPC flow logs, a service that records a sample of network flows sent from and received by VM instances. The chapter explains the features of flow logs, including their use cases, their format, and how to enable them.
Cloud DNS
This chapter provides an overview of Cloud DNS, Google Cloud's managed DNS service. The chapter explains the features of Cloud DNS, including its global resilience, its support for public and private zones, and its use of managed name servers.
DNS Record Types
This chapter discusses the different types of DNS resource records, including name server records (NS), address records (A and AAAA), canonical name records (CNAME), text records (TXT), mail exchange records (MX), and pointer records (PTR). The chapter explains how each record type works and its use cases.
Network Address Translation (NAT)
This chapter discusses network address translation (NAT), a process that maps multiple local private IP addresses to a public IP address. The chapter explains the different types of NAT, including static NAT, dynamic NAT, and port address translation (PAT).
Virtualization
This chapter provides a basic introduction to virtualization, explaining how it enables multiple operating systems to run simultaneously on a single server. The chapter discusses the different types of virtualization, including software-based virtualization, para-virtualization, hardware-assisted virtualization, and kernel-level virtualization.
Compute Engine
This chapter provides a detailed explanation of Compute Engine, Google Cloud's infrastructure as a service (IaaS) virtual machine offering. The chapter explains the different components of an instance, including the machine type, the image, the storage, and the networking.
Creating a Compute Engine Instance
This chapter provides a hands-on demo on how to create a Compute Engine instance from scratch. The chapter shows how to configure the instance using the different options available in the console, including the machine type, the image, the storage, and the networking.
Compute Engine Machine Types
This chapter discusses Compute Engine machine types, which are sets of virtualized hardware resources available to VM instances. The chapter explains the different machine type families, including general purpose, compute optimized, and memory optimized. The chapter also discusses shared core machine types, custom machine types, and GPUs.
Managing Compute Engine Instances
This chapter discusses how to manage Compute Engine instances, including the instance lifecycle, shielded VMs, guest environments, metadata, and login methods. The chapter also explains the concept of live migration and how to use it to move instances between zones.
Managing Compute Engine Instances Hands-on Tour
This chapter provides a hands-on demo on how to manage Compute Engine instances, including how to connect to them using SSH and RDP, how to configure OS login, and how to manage project-wide public SSH keys.
Compute Engine Metadata
This chapter discusses Compute Engine metadata, which is information about projects and instances that can be queried at runtime. The chapter explains how to query metadata using the curl command, how to add custom metadata, and how to use metadata in startup and shutdown scripts.
Compute Engine Billing
This chapter discusses Compute Engine billing, explaining how costs and discounts are broken down. The chapter explains the resource-based pricing model, sustained use discounts, committed use discounts, and preemptable VMs.
Storage Fundamentals
This chapter provides an overview of storage fundamentals, explaining the three main types of storage: block storage, file storage, and object storage. The chapter also discusses the key performance terms related to storage, including I/O, queue depth, IOPS, throughput, latency, sequential access, and random access.
Persistent Disks and Local SSDs
This chapter discusses persistent disks and local SSDs, the two available types of block storage devices in Google Cloud. The chapter explains the different types of persistent disks, including standard, balanced, and SSD, and their performance characteristics. The chapter also discusses local SSDs, their performance characteristics, and their caveats.
Managing Persistent Disks
This chapter provides a hands-on demo on how to manage persistent disks in Compute Engine. The chapter shows how to create a persistent disk, attach it to an instance, format it, mount it, resize it, and delete it.
Persistent Disk Snapshots
This chapter discusses persistent disk snapshots, a great way to backup data from running or stopped instances. The chapter explains the features of snapshots, including their global nature, their incremental nature, and their storage location options. The chapter also discusses snapshot schedules and how to manage them.
Managing Persistent Disk Snapshots Hands-on Tour
This chapter provides a hands-on demo on how to manage persistent disk snapshots. The chapter shows how to create and delete snapshots, how to create a new instance from a snapshot, and how to create and manage snapshot schedules.
Deployment Manager
This chapter provides an overview of Deployment Manager, Google's tool for infrastructure as code. The chapter explains the architecture of Deployment Manager, including its components, its features, and its use of YAML, Jinja, and Python code templates.
Deployment Manager Hands-on Tour
This chapter provides a hands-on demo on how to deploy a configuration in Deployment Manager. The chapter shows how to create a configuration file and templates, how to preview a deployment, and how to deploy the configuration.
Cloud Load Balancers
This chapter discusses Google Cloud load balancing, a service that distributes user traffic across multiple instances of your application. The chapter explains the different types of load balancers, including global vs. regional, external vs. internal, and the different traffic types. The chapter also introduces the concept of backend services and network endpoint groups (NEGs).
Instance Groups and Instance Templates
This chapter discusses instance groups and instance templates, two resources that work together to create highly scalable and performing environments. The chapter explains the features and use cases of managed instance groups (MIGs), including auto healing, regional and zonal deployments, auto scaling, and auto updating. The chapter also discusses unmanaged instance groups and instance templates.
Managing Bow Ties Demo
This chapter provides a hands-on demo on how to manage instance groups, instance templates, and load balancers. The chapter shows how to create an instance template, use it to create an instance group, create a load balancer with a backend service, and configure health checks. The chapter also demonstrates how to simulate a scale out and a scale in using auto scaling.
Containers
This chapter provides an introduction to containers, explaining the difference between virtual machines and containers. The chapter explains how containers work, how to build a Docker image using a Dockerfile, and the value proposition of containers.
Google Kubernetes Engine (GKE)
This chapter provides an overview of Google Kubernetes Engine (GKE), Google Cloud's managed container orchestration service. The chapter explains the architecture of GKE, including its control plane, its nodes, and its components. The chapter also discusses the benefits of using GKE, including its managed environment, its advanced cluster management features, and its integration with other Google Cloud services.
GKE Cluster and Node Management
This chapter discusses cluster and node management in GKE, including choosing different cluster types, managing cluster versions, using node pools, and configuring upgrades. The chapter explains the different types of clusters, including zonal, multi-zonal, and regional clusters, and the different upgrade options available.
GKE Objects and Object Management
This chapter discusses Kubernetes objects and how they are managed. The chapter explains the concepts of object spec and object status, and how to create, update, and delete objects using manifest files. The chapter also discusses pods, namespaces, labels, and the pod lifecycle.
Kubernetes Services
This chapter discusses Kubernetes services, which are networking components that provide persistent access to pods. The chapter explains the different types of services, including cluster IP, node port, load balancer, multi-port services, external name, and headless services.
GKE Ingress
This chapter discusses GKE ingress, an object that defines rules for routing HTTP and HTTPS traffic to specific services in a cluster. The chapter explains the features of ingress, including its use of the GKE ingress controller, its support for multiple services under the same IP address, and its use of URL maps.
GKE Storage Options
This chapter discusses the storage options available for applications running on GKE. The chapter explains the different storage options, including Google Cloud's managed storage products, Kubernetes storage abstractions, and persistent volumes and claims.
Building a GKE Cluster
This chapter provides a hands-on demo on how to build a GKE cluster in the console. The chapter shows how to configure the cluster using the different options available, including the cluster type, the version, the node pools, and the networking settings. The chapter also shows how to configure the kubectl command line tool to interact with the cluster.
Building a Container Image
This chapter provides a demo on how to build a Docker image using Cloud Build and push it to Google Cloud Container Registry. The chapter explains the steps involved in building the image, including cloning the repository, enabling the Cloud Build API, and running the build command.
Deploying a Containerized Application to GKE
This chapter provides a demo on how to deploy a containerized application to a GKE cluster. The chapter shows how to deploy the image from Container Registry, how to verify the deployment using the kubectl command line tool, and how to expose the application using a service of type load balancer.
Managing a GKE Workload
This chapter provides a demo on how to manage a GKE workload, including scaling the application, editing the application, and rebuilding the Docker image to perform a rolling update.
Cloud Functions
This chapter provides an overview of Cloud Functions, a serverless execution environment that allows you to upload code and execute it in a fully managed environment. The chapter explains the features of Cloud Functions, including its event-driven nature, its supported runtimes, its pricing model, and its different types of functions.
Creating and Deploying a Cloud Function
This chapter provides a hands-on demo on how to create and deploy a Cloud Function. The chapter shows how to configure the function using the console, how to write the function code, and how to trigger the function using the HTTP URL.
Cloud Storage
This chapter provides an overview of Cloud Storage, Google Cloud's object storage service. The chapter explains the features of Cloud Storage, including its unlimited storage capacity, its worldwide accessibility, and its use of buckets and objects. The chapter also discusses storage classes, durability, and access control options.
Managing Cloud Storage Access
This chapter provides a hands-on demo on how to manage access to Cloud Storage buckets and objects. The chapter shows how to create a bucket, upload files to it, make the bucket publicly accessible, apply ACL permissions to an object, and generate a signed URL.
Object Versioning and Lifecycle Management
This chapter discusses object versioning and lifecycle management in Cloud Storage. The chapter explains how object versioning retains older versions of objects and how lifecycle management can be used to manage costs by deleting older versions or downgrading storage classes.
Managing Cloud Storage Access Hands-on Tour
This chapter provides a hands-on demo on how to manage object versioning and lifecycle management in Cloud Storage. The chapter shows how to enable versioning, how to delete and promote object versions, and how to create and edit lifecycle policies.
Cloud SQL
This chapter provides an overview of Cloud SQL, a fully managed cloud-native relational database service that offers MySQL, PostgreSQL, and SQL Server engines. The chapter explains the features of Cloud SQL, including its support for replication, high availability, backups, and point-in-time recovery.
Cloud Spanner
This chapter provides an overview of Cloud Spanner, a globally distributed relational database service that offers strong consistency and horizontal scalability. The chapter explains the features of Cloud Spanner, including its use of TrueTime, its automatic sharding, and its high availability.
NoSQL Databases
This chapter provides an overview of the NoSQL database options available in Google Cloud, including Cloud Bigtable, Cloud Datastore, Firestore, and Memorystore. The chapter explains the features and use cases of each database.
Big Data Ecosystem
This chapter provides an overview of the big data ecosystem in Google Cloud, including BigQuery, Pub/Sub, Composer, Dataflow, Dataproc, Cloud Data Lab, and Data Prep. The chapter explains the features and use cases of each service.
Machine Learning
This chapter provides an introduction to machine learning, explaining what it is, what it can do, and the machine learning ecosystem on Google Cloud. The chapter discusses the different machine learning APIs available, including Vision API, Video Intelligence, Natural Language API, Translation API, Dialogflow, Speech-to-Text API, Text
