10 days. 10 hands-on labs. All production-style.
Each day pairs a real enterprise scenario with a hands-on lab. Work through them in order, building the skills that come together in the final capstone. Delivered live, mentored by Shubh Dadhich.
Day by day
AWS Environment Setup & IAM Security
A brand-new enterprise AWS account must be locked down before any workload lands: identity, billing guardrails and least-privilege access from hour one.
- AWS account setup and organisation structure
- IAM users, roles, groups and policies with least privilege
- AWS CLI configuration and named profiles
- Billing protection, budgets and cost guardrails
Hands-on lab: Python IAM Security Audit Tool. Build a Python (boto3) tool that audits IAM users, roles and policies and flags least-privilege violations.
Enterprise Networking & Security Architecture
The platform needs a secure, segmented network foundation: isolated tiers, controlled ingress and egress, and defense-in-depth at every layer.
- VPC design, subnets and route tables
- Internet Gateway and NAT Gateway patterns
- Security Groups and Network ACLs
- Public and private tiering and secure connectivity
Hands-on lab: VPC Security Assessment Tool. Build a Python tool that inspects VPC configuration and reports security-group and NACL exposure across the network.
Compute Architecture & Intelligent Scaling
Traffic is unpredictable and the business needs compute that stays available and scales itself, with no late-night manual interventions.
- EC2 and launch templates
- Auto Scaling groups and scaling policies
- Elastic Load Balancers and target groups
- Health checks and self-healing compute
Hands-on lab: Deploy Highly Available Infrastructure. Stand up a self-healing, auto-scaling, load-balanced compute tier that survives instance failure automatically.
Serverless Automation
Routine operational toil is eating engineer time: compliance checks and reactions to events should run themselves, serverlessly.
- AWS Lambda functions and triggers
- EventBridge rules and event-driven patterns
- SNS notifications and fan-out
- Scheduled and reactive automation
Hands-on lab: Automated Resource Compliance Scanner. Build an event-driven Lambda that scans resources for compliance violations and notifies the team automatically.
Infrastructure as Code
Click-ops has produced undocumented, drifting infrastructure. Everything must become versioned, reviewable, repeatable code.
- Terraform fundamentals and workflow
- Reusable modules and composition
- Remote state and state management
- Drift detection and reconciliation
Hands-on lab: Provision AWS Infrastructure using Terraform. Codify the environment as Terraform modules with remote state, then detect and reconcile drift.
Monitoring & AI-Powered Incident Analysis
Incidents take too long to understand. The team needs observability plus AI that reads the logs and explains what happened, fast.
- CloudWatch metrics, alarms and dashboards
- Centralised logging and log insights
- Amazon Bedrock for AI log analysis
- Automated incident summarisation
Hands-on lab: AI-Based Log Analysis and Incident Summary. Use Amazon Bedrock to analyse CloudWatch logs and generate a plain-language incident summary with likely root cause.
Enterprise Cloud Security
Security must shift from reactive to continuous: threats detected and responded to automatically across the whole account.
- GuardDuty threat detection
- Security Hub findings and standards
- CloudTrail auditing and non-repudiation
- Secrets Manager and credential hygiene
Hands-on lab: Automated Threat Response. Wire GuardDuty findings to an automated response workflow that contains and reports threats without human delay.
High Availability & Disaster Recovery
The business cannot tolerate downtime. The platform must survive AZ and region failure and recover automatically.
- AWS Well-Architected Framework
- Multi-AZ and Multi-Region design
- Backup, failover and RTO and RPO
- Recovery automation
Hands-on lab: Automated Recovery Workflow. Build a workflow that detects failure and automatically executes a recovery and failover sequence.
Cost Optimization & AI Recommendations
Cloud spend is climbing without clear ownership. Costs must be understood, right-sized, and anomalies caught with AI.
- Cost Explorer analysis and reporting
- Rightsizing and resource optimisation
- AWS Budgets and cost guardrails
- Cost Anomaly Detection with AI insights
Hands-on lab: Intelligent Cost Optimization Dashboard. Build a dashboard that surfaces spend, rightsizing opportunities and AI-flagged cost anomalies in one view.
Enterprise AIOps Orchestration
The capstone lead-in: every signal feeds one intelligent, event-driven pipeline that detects, decides and remediates end-to-end.
- EventBridge, SNS and SQS orchestration
- Step Functions for workflow coordination
- AI-driven decisioning and automation
- End-to-end AIOps pipeline design
Hands-on lab: End-to-End Enterprise AIOps Pipeline. Assemble events, queues, workflows and AI into a single pipeline that detects issues and drives automated remediation.
Enterprise Intelligent Cloud Operations Platform
Bring the full ten days together into one complete Enterprise Intelligent Cloud Operations Platform: architected, coded, secured, monitored and operated with AI.
- Enterprise network architecture and Terraform infrastructure
- Auto scaling with high availability and automated recovery
- AI log analysis and event-driven automation
- Automated security response and threat containment
- Cost optimisation and infrastructure drift detection
- A unified cloud operations dashboard