Cloud Engineer Roadmap
90 days • Beginner to Job-Ready
From IT Support to Cloud Engineering

Zero to
Cloud-Ready
in 90 Days.

A structured, week-by-week learning plan built for people who already work in IT and want to make a real career move into Cloud Engineering. No wasted time, no fluff.

3
Learning Phases
12
Structured Weeks
3h
Daily Commitment
Phase One
Starting point: You already understand basic networking, operating systems, and how IT infrastructure works. That's a real advantage. Phase 1 converts that foundation into cloud literacy, Linux fluency, and your first real hands-on experience with AWS.
Phase 01
Cloud Foundations + Linux + Networking
Days 1 to 30
Build the mental model of how the cloud works, get comfortable on the command line, and understand the networking concepts that underpin everything in cloud engineering.
Week 01

How Cloud Computing Works

Concepts, vocabulary, and the big mental model shift from on-premise to cloud

Topics
  • What cloud computing is: IaaS, PaaS, SaaS explained clearly
  • Public vs private vs hybrid cloud models
  • The major cloud providers: AWS, Azure, GCP and where they differ
  • AWS global infrastructure: Regions, Availability Zones, Edge Locations
  • Shared Responsibility Model: what AWS owns vs what you own
  • Core AWS services overview: EC2, S3, RDS, VPC, IAM, Lambda
Weekly Assessment
  • Create a free AWS account and explore the console
  • Draw a diagram mapping your current IT job concepts to their AWS equivalents
  • Quiz: AWS Cloud Practitioner practice test, score at least 65%
Week 02

Linux Command Line for Cloud Engineers

Linux is the operating system of the cloud. You need to be fluent, not just familiar

Topics
  • File system navigation: ls, cd, pwd, find, locate
  • File operations: cp, mv, rm, chmod, chown, ln
  • Users, groups, and Linux permissions model (rwx)
  • Process management: ps, top, kill, systemctl, journalctl
  • Package management: apt, yum, snap
  • SSH: key generation, connecting to remote servers, config file
  • Text editing with vim/nano; piping and redirects (|, >, >>)
Weekly Assessment
  • Launch a free EC2 instance and connect via SSH
  • Create a user, set permissions, install Nginx, and view logs
  • Daily: 20 min on Linux Survival (linuxsurvival.com)
Week 03

Networking Fundamentals for Cloud

Cloud networking mirrors physical networking. Your IT background is a real head start here

Topics
  • IP addressing, subnets, CIDR notation (/24, /16 explained)
  • TCP/IP model, DNS, DHCP, HTTP/S, ports
  • AWS VPC: subnets (public vs private), route tables, internet gateways
  • Security Groups vs Network ACLs: stateful vs stateless
  • NAT Gateways, Elastic IPs, Bastion Hosts
  • Load balancers: ALB vs NLB and when to use each
Weekly Assessment
  • Build a custom VPC with 2 public and 2 private subnets from scratch
  • Launch an EC2 in the private subnet, access it via a bastion
  • Subnetting practice: subnettingpractice.com (30 min/day)
Week 04

AWS Core Services: Compute, Storage, and IAM

The three pillars of every AWS environment. Get very comfortable here before moving on

Topics
  • EC2 in depth: instance types, AMIs, user data, key pairs, EBS
  • Auto Scaling Groups and Launch Templates
  • S3: buckets, objects, storage classes, versioning, lifecycle rules
  • S3 permissions: bucket policies, ACLs, public access blocks
  • IAM deep dive: users, groups, roles, policies (JSON), MFA
  • Least privilege principle and IAM best practices
Weekly Assessment
  • Host a static website on S3 with a custom bucket policy
  • Create an IAM role and attach it to an EC2 instance
  • AWS Cloud Practitioner practice exam: target 80%+
Phase Two
Entering intermediate territory: Phase 2 is where you start building things that actually look like a cloud engineer's job. You will write Infrastructure as Code, containerize applications, set up automated pipelines, and understand how to keep systems running reliably and securely.
Phase 02
IaC, Containers, CI/CD, and Security
Days 31 to 60
Move from clicking in the console to writing code that builds infrastructure. Add containers and automated pipelines so your deployments are consistent and repeatable.
Week 05

Infrastructure as Code with Terraform

Stop clicking in consoles. Start writing code that builds and destroys infrastructure repeatably

Topics
  • What IaC is and why it matters for cloud at scale
  • Terraform HCL syntax: providers, resources, variables, outputs
  • Terraform workflow: init, plan, apply, destroy
  • State management: local state vs remote state in S3
  • Modules: writing reusable infrastructure blocks
  • Provisioning an EC2 + VPC + Security Group with Terraform
Weekly Assessment
  • Provision a full VPC + EC2 + S3 bucket using only Terraform
  • Add a variable file so the same code works across dev and prod
  • Store Terraform state in an S3 bucket with DynamoDB lock
Week 06

Docker and Containerization

Containers are how modern applications get packaged and shipped. You need to build and run them

Topics
  • Why containers exist: the "works on my machine" problem
  • Docker architecture: daemon, client, images, containers, registries
  • Writing Dockerfiles: FROM, RUN, COPY, ENV, EXPOSE, CMD
  • Multi-stage builds for smaller, optimized images
  • Docker volumes, networks, and compose files
  • AWS ECR: pushing and pulling private container images
Weekly Assessment
  • Containerize a simple web app with a multi-stage Dockerfile
  • Push the image to AWS ECR using the AWS CLI
  • Run a 2-service app locally with Docker Compose
Week 07

CI/CD Pipelines

Automate how code goes from a developer's laptop to a running server. This is table stakes for cloud roles

Topics
  • CI/CD concepts: continuous integration, delivery, and deployment
  • Git branching strategy: why pipelines follow your branch model
  • GitHub Actions: workflows, triggers, jobs, steps, and secrets
  • Pipeline stages: lint, test, build Docker image, push to ECR
  • Deploying to AWS from a pipeline (EC2, ECS, or Elastic Beanstalk)
  • Environment variables and secrets management in pipelines
Weekly Assessment
  • Build a GitHub Actions pipeline: test, build Docker image, push to ECR
  • Add a manual approval gate before deploying to production
  • Trigger a pipeline only on pushes to the main branch
Week 08

Cloud Security Fundamentals

Every cloud engineer owns security. It is not a separate team's problem

Topics
  • IAM advanced: permission boundaries, service control policies
  • Encryption: at rest (KMS) and in transit (TLS/ACM)
  • AWS Secrets Manager and Parameter Store for credential management
  • AWS CloudTrail: audit logging everything that happens in your account
  • AWS Config for compliance and drift detection
  • Security Hub, GuardDuty, and what they alert you to
Weekly Assessment
  • Enable CloudTrail and find the last 5 API calls made in your account
  • Store a database password in Secrets Manager, retrieve it in a script
  • Enable GuardDuty and review the findings dashboard
Phase Three
Production-level skills: Phase 3 is about reliability, scale, and being ready to work on a real platform team. Kubernetes, observability, serverless, and a capstone project that you can walk any interviewer through.
Phase 03
Kubernetes, Observability, and Portfolio
Days 61 to 90
Learn how production platforms handle scale and reliability. Build a complete project portfolio. Come out ready to answer real interview questions with real examples.
Week 09

Kubernetes Foundations

Kubernetes is the standard for running containers at scale. Most cloud engineering roles touch it daily

Topics
  • Kubernetes architecture: control plane, worker nodes, etcd
  • Core objects: Pods, Deployments, Services, ConfigMaps, Secrets
  • kubectl commands: apply, get, describe, logs, exec, delete
  • Namespaces, resource requests and limits
  • Ingress controllers and how traffic enters a cluster
  • AWS EKS: spinning up a managed K8s cluster
Weekly Assessment
  • Deploy a 3-pod application on Minikube using YAML manifests
  • Expose it via a Service and test it with port-forward
  • Simulate a pod crash and recover it using kubectl describe
Week 10

Monitoring, Logging, and Observability

You cannot fix what you cannot see. Observability is the difference between reacting and predicting

Topics
  • The 3 pillars of observability: metrics, logs, traces
  • AWS CloudWatch: metrics, alarms, dashboards, log groups
  • Prometheus: scraping metrics from applications and nodes
  • Grafana: building dashboards from Prometheus metrics
  • Centralized logging: AWS CloudWatch Logs and log insights queries
  • Setting up alerts that page you before users notice a problem
Weekly Assessment
  • Create a CloudWatch alarm that fires when CPU crosses 80%
  • Set up Prometheus + Grafana on a K8s cluster, build a dashboard
  • Write a CloudWatch Logs Insights query to find all HTTP 500 errors
Week 11

Serverless, Databases, and Cost Optimization

Round out your AWS knowledge with the services that appear in almost every real-world architecture

Topics
  • AWS Lambda: functions, triggers, execution roles, cold starts
  • API Gateway + Lambda: building a serverless REST API
  • AWS RDS: managed relational databases, multi-AZ, read replicas
  • DynamoDB basics: tables, keys, and when to use NoSQL
  • Cost optimization fundamentals: Reserved Instances, Savings Plans, rightsizing
  • AWS Cost Explorer and Budgets: setting alerts before bills surprise you
Weekly Assessment
  • Build a serverless API: API Gateway + Lambda + DynamoDB
  • Set a billing alert in AWS Budgets for $10/month
  • Use Cost Explorer to identify your top 3 spend drivers
Week 12

Capstone Project + Interview Prep

Build one project that ties everything together and tells your story in any interview

Capstone Project Scope
  • Provision all infrastructure with Terraform (VPC, EKS, RDS, S3)
  • Containerize a simple app, push to ECR via GitHub Actions pipeline
  • Deploy to EKS with Helm, expose via an Ingress controller
  • Add Prometheus + Grafana for metrics and CloudWatch for logs
  • Lock it down: IAM roles, Security Groups, Secrets Manager
  • Publish to GitHub with a README, architecture diagram, and setup guide
Interview Deliverables
  • Record a 5-minute walkthrough of your architecture
  • Prepare answers to: "Tell me about a time you improved reliability/security/cost"
  • Complete AWS Solutions Architect Associate exam (strong portfolio signal)
Certification Path
Month 1 Target

AWS Cloud Practitioner

Validates cloud concepts and AWS literacy. Easy win and confidence booster.

Month 2-3 Target

AWS Solutions Architect Associate

The gold standard for entry cloud roles. Most job postings list this explicitly.

After 90 Days

CKA (Kubernetes Admin)

If targeting Kubernetes-heavy or Platform Engineering roles specifically.

Long Term

AWS DevOps Pro or SysOps

Specialist track once you have 6+ months of hands-on cloud experience.

Best Courses for Each Phase
Phase 1

AWS Certified Cloud Practitioner

Stephane Maarek's course on Udemy. The most complete CCP prep course available. Covers every concept in Week 1 and 4 with hands-on demos.

Exam Prep
Phase 1

Linux Basics for Hackers / KodeKloud Linux

KodeKloud's free Linux course has built-in browser labs so you practice every command without installing anything. Perfect for Week 2.

FreeKodeKloud
Phase 2

HashiCorp Terraform Official Tutorials

Free, interactive, and written by the people who built Terraform. Start with the "Get Started on AWS" track. No better place to learn HCL from scratch.

Freedeveloper.hashicorp.com
Phase 2

Docker for the Absolute Beginner

KodeKloud's flagship Docker course. Hands-on labs built in. Mumshad Mannambeth's teaching style is famously clear for beginners starting from zero.

Lab-Based
Phase 2

AWS Solutions Architect Associate (SAA-C03)

Stephane Maarek's SAA course. The definitive prep resource. Covers VPC, IAM, EC2, S3, RDS, Lambda, and every service that appears in real cloud jobs.

Certification
Phase 3

Kubernetes for Absolute Beginners

KodeKloud's K8s beginner course covers every concept in Week 9 with interactive labs. Widely regarded as the best entry-level K8s course available.

Lab-Based
Phase 3

Grafana + Prometheus (Techworld with Nana)

Nana's YouTube tutorials on observability are free and extremely practical. Covers setting up the full stack on K8s, exactly what Week 10 requires.

FreeYouTube
All Phases

A Cloud Guru / Pluralsight

Great for sandbox labs where you practice in a real AWS environment without getting billed. Especially useful for Weeks 3, 4, 8, and the capstone project.

Sandbox Labs
Daily Learning Schedule (3 Hours)
45
min
Video Lesson

Focused course content. Notes in your own words only, no transcription.

75
min
Hands-On Lab

Build in AWS, KodeKloud, or locally. Type every command yourself.

20
min
Official Docs

AWS, Terraform, and K8s docs. Learn to read them early; they are the source of truth.

20
min
Review + Recall

Anki flashcards or explain the day's topic to yourself out loud.

1x
per week
Build Something

One project from memory. No tutorials. Push it to GitHub every time.

1x
per week
Practice Exam

50 CCP or SAA questions. Review every wrong answer before the next session.

Cloud Engineering Roadmap • IT to Cloud in 90 Days 3 Phases • 12 Weeks • Job-Ready