Google Associate Cloud Engineer
The Google Associate Cloud Engineer certification marks a significant step in your cloud computing journey. This globally recognized credential validates your ability to deploy, manage, and secure cloud solutions on Google Cloud Platform (GCP). It empowers you to contribute effectively to cloud-based projects and pave the way for further career advancement.
Who Should Consider This Exam?
This certification caters to a diverse range of individuals seeking to:
- Launch their cloud career: IT professionals, system administrators, network engineers, or anyone new to cloud computing can establish a solid foundation.
- Expand their skillset: Existing cloud practitioners can deepen their knowledge of GCP and enhance their marketability.
- Demonstrate proficiency: Validate your understanding of cloud fundamentals and commitment to professional development.
- Contribute to cloud projects: Collaborate effectively with teams building and managing cloud solutions on GCP.
Responsibilities of a Google Associate Cloud Engineer
- Deploy and manage Google Cloud resources: Create and configure virtual machines, storage buckets, networking components, and other GCP services.
- Implement security best practices: Securely configure resources, manage access controls, and implement threat detection mechanisms.
- Monitor and troubleshoot issues: Proactively monitor system health, identify and resolve problems, and ensure optimal performance.
- Automate tasks with Google Cloud tools: Utilize tools like Cloud Shell and scripts to automate repetitive tasks and increase efficiency.
- Understand and explain cloud billing: Calculate costs associated with GCP resources and optimize spending.
Exam Details
- Format: 50-65 multiple-choice and multiple-select questions
- Time Limit: 2 hours
- Languages: English, Japanese, Spanish, Portuguese
- Passing Score: Not publicly disclosed
Course Outline
The Google Associate Cloud Engineer exam covers the following topics -
Section 1: Setting up a cloud solution environment (23%)
1.1 Setting up cloud projects and accounts. Considerations include:
● Creating a resource hierarchy
● Applying organizational policies to the resource hierarchy
● Granting members Identity and Access Management (IAM) roles within a project
● Managing users and groups in Cloud Identity (manually and automated)
● Enabling APIs within projects
● Provisioning and seing up products in Google Cloud Observability
● Assessing quotas and requesting increases
● Setting up standalone organizations
● Setting up cloud networking
● Confirming availability of products in geographical locations (e.g., regional, global)
● Configuring Cloud Asset Inventory and using Gemini Cloud Assist to analyze resources
1.2 Managing billing configuration. Considerations include:
● Creating one or more billing accounts
● Linking projects to a billing account
● Establishing billing budgets and alerts
● Setting up billing exports
Section 2: Planning and implementing a cloud solution (30%)
2.1 Planning and implementing compute resources. Considerations include:
● Selecting appropriate compute choices for a given workload (e.g., Compute Engine,
Google Kubernetes Engine [GKE], Cloud Run, Cloud Run functions, Knative serving)
● Launching a compute instance (e.g., availability policy, SSH keys)
● Choosing the appropriate storage for Compute Engine (e.g., zonal Persistent Disk,
regional Persistent Disk (Google Cloud Hyperdisk)
● Creating an autoscaled managed instance group by using an instance template
● Configuring OS Login
● Configuring VM Manager
● Using Spot VM instances and custom machine types
● Installing and configuring the command-line interface (CLI) for Kubernetes (kubectl)
● Deploying a GKE cluster with different configurations (e.g., GKE Autopilot, regional
clusters, private clusters)
● Deploying a containerized application to GKE
● Deploying an application to serverless compute plaorms, including for the processing
of Google Cloud events (e.g., Pub/Sub events, Cloud Storage object change notication
events, Eventarc)
2.2 Planning and implementing storage and data solutions. Considerations include:
● Choosing and deploying data products (e.g., Cloud SQL, BigQuery, Firestore, Spanner,
Bigtable, AlloyDB, Dataow, Pub/Sub, Google Cloud Managed Service for Apache
Kaa, Memorystore)
● Choosing and deploying storage products (e.g., Cloud Storage, Filestore, Google Cloud
NetApp Volumes) and Cloud Storage options (e.g., Standard, Nearline, Coldline, Archive)
● Loading data (e.g., command-line upload, load data from Cloud Storage, Storage
Transfer Service)
● Maintaining multi-region redundancy across data solutions
2.3 Planning and implementing networking resources. Considerations include:
● Creating a VPC with subnets (e.g., custom mode VPC, Shared VPC)
● Creating and applying Cloud Next Generation Firewall (Cloud NGFW) policies with
ingress and egress rules and attributes (e.g., action, source, destination, targets,
protocols, ports)
● Using Tags (e.g., secure Tags) and service accounts in Cloud NGFW policy rules
● Establishing network connectivity (e.g., Cloud VPN, VPC Network Peering, Cloud
Interconnect)
● Choosing and deploying load balancers
● Differentiating Network Service Tiers
2.4 Planning and implementing resources through infrastructure as code. Considerations
include:
● Infrastructure as code tooling (e.g., Fabric FAST, Cong Connector, Terraform, Helm)
● Planning and executing infrastructure as code deployments, including versioning, state
management, and updates
Section 3: Ensuring successful operation of a cloud solution (27%)
3.1 Managing compute resources. Considerations include:
● Remotely connecting to a Compute Engine instance
● Viewing current running Compute Engine instances
● Working with snapshots and images (e.g., create, view, and delete images or snapshots;
schedule a snapshot)
● Viewing current running GKE cluster inventory (e.g., nodes, Pods, Services)
● Configuring GKE to access Artifact Registry
● Working with GKE node pools (e.g., add, edit, or remove a node pool; autoscaling node
pool)
● Working with Kubernetes resources (e.g., Pods, Services, StatefulSets)
● Managing horizontal and vertical Pod autoscaling configurations
● Managing GKE Autopilot Pod resource requests
● Deploying new versions of a Cloud Run application
● Adjusting application traffic spliing parameters (e.g., Cloud Run, Cloud Run functions,
GKE)
● Configuring autoscaling for a Cloud Run application
3.2 Managing storage and data solutions. Considerations include:
● Managing and securing objects in Cloud Storage buckets
● Seeing object lifecycle management policies for Cloud Storage buckets
● Executing queries to retrieve data from data instances (e.g., Cloud SQL, BigQuery,
Bigtable, Spanner, Firestore, AlloyDB)
● Estimating costs of data storage resources
● Backing up and restoring database instances (e.g., Cloud SQL, Firestore, Spanner,
AlloyDB, Bigtable)
● Reviewing job status (e.g., Dataow, BigQuery)
● Using Database Center to manage the Google Cloud database eet
3.3 Managing networking resources. Considerations include:
● Adding a subnet to an existing VPC
● Expanding a subnet to have more IP addresses
● Reserving static external or internal IP addresses
● Adding custom static routes in a VPC
● Working with Cloud DNS and Cloud NAT
3.4 Monitoring and logging. Considerations include:
● Creating Cloud Monitoring alerts based on resource metrics
● Creating and ingesting Cloud Monitoring custom metrics (e.g., from applications or
logs)
● Exporting logs to external systems (e.g., on-premises, BigQuery)
● Configuring log buckets, log analytics, and log routers
● Viewing and filtering logs in Cloud Logging
● Viewing specific log message details in Cloud Logging
● Using cloud diagnostics to research an application issue (e.g., Cloud Trace, Cloud
Proler, Query Insights, index advisor)
● Viewing the Personalized Service Health dashboard
● Configuring and deploying Ops Agent
● Deploying Google Cloud Managed Service for Prometheus
● Configuring audit logs
● Using Gemini Cloud Assist for Cloud Monitoring
● Using Active Assist to optimize resource utilization
Section 4: Configuring access and security (20%)
4.1 Managing Identity and Access Management (IAM). Considerations include:
● Viewing and creating IAM policies
● Managing the various role types and dening custom IAM roles (e.g., basic, predened,
custom)
4.2 Managing service accounts. Considerations include:
● Creating service accounts
● Using service accounts in IAM policies with minimum permissions
● Assigning service accounts to resources
● Managing IAM permissions of a service account
● Managing service account impersonation
● Creating and managing short-lived service account credentials
● Using a Google Cloud service account with a GKE application
Get ready to prepare for the Google Associate Cloud Engineer with the updated Practice Exams Now!