☁️
INTERMEDIATE

Cloud Engineer Roadmap

Your complete guide to becoming a Cloud Engineer.
Design and manage cloud infrastructure that powers modern applications — one of the most in-demand tech roles today.

What is Cloud Engineering?

Cloud Engineers design, build and manage cloud infrastructure on platforms like AWS, Azure, or Google Cloud. You'll create scalable, secure and cost-effective solutions that enable companies to run applications without managing physical servers.

This role combines system administration, networking, automation and programming. You'll work with cutting-edge technologies like containers (Docker), orchestration (Kubernetes), infrastructure as code (Terraform) and serverless computing.

Cloud Engineers are in extremely high demand. Every company — from startups to Fortune 500 — is moving to the cloud. This career offers excellent growth opportunities, competitive compensation and the chance to work with the latest technologies.

Key Facts

Entry Level
Intermediate (requires IT basics)
Prerequisites
Linux, networking, scripting
Learning Time
8-12 months to job-ready
Work Style
Automation, architecture, problem-solving
Demand
Extremely high globally

Career Progression Path

Your journey from beginner to expert

0-1 Years

Junior Cloud Engineer

Learn cloud fundamentals, deploy basic infrastructure, manage cloud resources, work with monitoring and logging.

1-3 Years

Cloud Engineer

Design cloud architectures, implement automation, manage containers and Kubernetes, optimize costs, ensure security.

3-5 Years

Senior Cloud Engineer

Architect enterprise solutions, lead cloud migrations, implement DevOps practices, mentor juniors, handle complex infrastructure.

5-8 Years

Cloud Architect / Principal Engineer

Design multi-cloud strategies, make architectural decisions, lead large-scale projects, set cloud standards across organization.

8+ Years

Specialization Options

Branch into Cloud Security, Site Reliability Engineering (SRE), DevOps Leadership or Cloud Consulting based on your interests.

Complete Learning Path

Follow this step-by-step roadmap to become job-ready

0

Prerequisites (If Needed)

Duration: 4-6 weeks

Essential Foundational Skills

What to Learn:
Linux command line basics, networking fundamentals (TCP/IP, DNS, HTTP), basic scripting (Bash or Python), version control with Git, understanding of web servers and databases
Free Resources:
  • Linux Journey (complete basics)
  • NetworkChuck YouTube tutorials
  • Git and GitHub crash course
Note:
If you've completed IT Support or System Administrator roadmap, you already have these skills! Skip to Phase 1.
1

Cloud Fundamentals (Choose AWS or Azure)

Duration: 6-8 weeks

Cloud Concepts & Service Models

What to Learn:
IaaS vs PaaS vs SaaS, cloud deployment models (public, private, hybrid), cloud benefits (scalability, elasticity, cost), shared responsibility model, regions and availability zones, cloud economics and pricing
Free Resources:
  • AWS Cloud Practitioner Essentials (free course)
  • Azure Fundamentals (free course)
  • Google Cloud Digital Leader path
Hands-On Practice:
Create free tier account (AWS/Azure/GCP), explore console, understand billing, use cost calculator

Core Cloud Services (AWS Example)

What to Learn:
Compute: EC2 (virtual servers), instance types, AMIs, Auto Scaling
Storage: S3 (object storage), EBS (block storage), storage classes
Networking: VPC, subnets, route tables, Internet Gateway, Security Groups
Database: RDS (managed databases), DynamoDB (NoSQL)
Identity: IAM (users, roles, policies)
Free Resources:
  • AWS official training (free tier)
  • freeCodeCamp AWS course (YouTube)
  • AWS documentation and tutorials
Hands-On Practice:
Launch EC2 instances, create S3 buckets, configure VPC with public/private subnets, set up security groups, deploy RDS database, practice IAM policies

Cloud CLI & SDK

What to Learn:
AWS CLI or Azure CLI installation and configuration, basic CLI commands for all services, authentication and profiles, using SDKs (boto3 for Python), automation basics
Free Resources:
  • AWS CLI documentation
  • boto3 Python library docs
  • CLI tutorials and examples
Hands-On Practice:
Perform all previous tasks using CLI instead of console, write Python scripts using boto3, automate resource creation
2

Infrastructure as Code (IaC)

Duration: 6-8 weeks

Terraform Fundamentals

What to Learn:
IaC concepts and benefits, Terraform basics (providers, resources, variables, outputs), Terraform workflow (init, plan, apply, destroy), state management, modules and reusability, remote state with S3/Azure Storage
Free Resources:
  • HashiCorp Terraform tutorials (official)
  • Terraform course by freeCodeCamp
  • Terraform documentation
Hands-On Practice:
Recreate your previous AWS/Azure infrastructure using Terraform, create reusable modules, implement remote state, version control your IaC

CloudFormation / ARM Templates (Optional)

What to Learn:
Native IaC tools (CloudFormation for AWS, ARM for Azure), template syntax (JSON/YAML), stacks and stack sets, parameters and outputs, nested stacks, when to use vs Terraform
Free Resources:
  • AWS CloudFormation documentation
  • Azure ARM template tutorials
  • Sample templates from AWS/Azure
Hands-On Practice:
Create CloudFormation templates for common patterns, deploy stacks, update and rollback, use nested stacks

Configuration Management (Ansible)

What to Learn:
Ansible for cloud (vs servers), dynamic inventory from cloud, cloud modules (ec2, azure_rm), playbooks for application deployment, roles for organization, integrating with Terraform
Free Resources:
  • Ansible cloud modules documentation
  • Ansible + AWS/Azure tutorials
  • Sample cloud playbooks
Hands-On Practice:
Use Terraform to provision infrastructure, use Ansible to configure and deploy applications, create end-to-end automation
3

Containers & Orchestration

Duration: 8-10 weeks

Docker Fundamentals

What to Learn:
Containers vs VMs, Docker architecture, images and containers, Dockerfile creation, Docker Hub and registries, volumes and networking, Docker Compose for multi-container apps, best practices and security
Free Resources:
  • Docker official tutorials
  • Docker crash course (freeCodeCamp)
  • Play with Docker (hands-on lab)
Hands-On Practice:
Containerize a web application, create Dockerfile with multi-stage builds, push to Docker Hub, use Docker Compose for full stack (web + database)

Kubernetes Fundamentals

What to Learn:
Kubernetes architecture (nodes, pods, control plane), deployments and replica sets, services and networking, config maps and secrets, persistent volumes, namespaces, kubectl commands, YAML manifest files
Free Resources:
  • Kubernetes official tutorials
  • Kubernetes for beginners (TechWorld with Nana)
  • Play with Kubernetes (free lab)
Hands-On Practice:
Set up local Kubernetes (minikube or kind), deploy applications, expose services, scale deployments, rolling updates, use ConfigMaps and Secrets

Managed Kubernetes Services

What to Learn:
EKS (AWS), AKS (Azure) or GKE (Google), creating managed clusters, node groups and scaling, cloud-specific integrations (load balancers, storage), Helm for package management, monitoring and logging in Kubernetes
Free Resources:
  • AWS EKS workshop
  • Azure AKS tutorials
  • Helm documentation
Hands-On Practice:
Create EKS/AKS cluster using Terraform, deploy applications with Helm, set up ingress controllers, implement auto-scaling, configure monitoring
4

Cloud Security & Compliance

Duration: 4-6 weeks

Identity & Access Management

What to Learn:
IAM best practices, least privilege principle, roles vs users, service accounts, MFA enforcement, federated access, resource-based policies, cross-account access, auditing with CloudTrail/Azure Monitor
Free Resources:
  • AWS IAM best practices guide
  • Azure identity security documentation
  • Cloud security fundamentals
Hands-On Practice:
Implement least privilege IAM policies, use roles for applications, enable MFA, set up CloudTrail logging, audit access patterns

Network Security

What to Learn:
Security groups and NACLs, VPC best practices (public/private subnets), VPN and Direct Connect, AWS PrivateLink/Azure Private Link, WAF (Web Application Firewall), DDoS protection, encryption in transit and at rest
Free Resources:
  • AWS VPC security best practices
  • Cloud network security guide
  • Zero trust architecture concepts
Hands-On Practice:
Design secure VPC architecture, implement security groups with minimal rules, set up VPN, enable encryption, configure WAF

Security Tools & Compliance

What to Learn:
AWS Config/Azure Policy for compliance, Security Hub/Security Center, automated security scanning, secrets management (AWS Secrets Manager, Azure Key Vault), compliance frameworks (SOC 2, ISO 27001 basics), incident response basics
Free Resources:
  • AWS Security Hub documentation
  • Cloud compliance frameworks overview
  • Security automation tutorials
Hands-On Practice:
Enable Security Hub, create Config rules, implement automated remediation, use Secrets Manager, conduct security audit
5

CI/CD & DevOps Practices

Duration: 6-8 weeks

CI/CD Fundamentals

What to Learn:
CI/CD concepts and benefits, GitLab CI or GitHub Actions, build pipelines, automated testing, artifact storage, deployment strategies (blue-green, canary), rollback procedures
Free Resources:
  • GitHub Actions documentation
  • GitLab CI/CD tutorials
  • CI/CD pipeline examples
Hands-On Practice:
Create CI/CD pipeline that builds Docker images, runs tests, pushes to registry, deploys to Kubernetes, implement automated rollback

Monitoring & Observability

What to Learn:
CloudWatch/Azure Monitor, custom metrics and alarms, log aggregation (CloudWatch Logs, ELK), distributed tracing, Prometheus and Grafana, alerting strategies, dashboards creation
Free Resources:
  • CloudWatch documentation
  • Prometheus & Grafana tutorials
  • Observability best practices
Hands-On Practice:
Set up comprehensive monitoring, create custom metrics, configure alerts, build Grafana dashboards, implement log analysis

Cost Optimization

What to Learn:
Cloud cost management strategies, right-sizing resources, reserved instances and savings plans, spot instances for non-critical workloads, auto-scaling policies, cost monitoring and budgets, resource tagging, cost allocation reports
Free Resources:
  • AWS Cost Optimization guide
  • Azure cost management tutorials
  • FinOps practices
Hands-On Practice:
Analyze current spend, implement tagging strategy, set up budgets and alerts, identify optimization opportunities, implement auto-scaling
6

Portfolio & Job Preparation

Duration: 4-6 weeks

Build Your Cloud Portfolio

What to Create:
Complete cloud infrastructure projects showcasing your skills, GitHub repositories with IaC code, documentation and architecture diagrams, blog posts explaining your projects, video demos (optional)
Portfolio Projects:
  • 3-tier web app on AWS/Azure with IaC
  • Kubernetes cluster with CI/CD pipeline
  • Serverless application (Lambda/Functions)
  • Multi-region, highly available architecture
  • Cost optimization case study

Cloud Certifications (Highly Recommended)

Recommended Path:
Start: AWS Cloud Practitioner or Azure Fundamentals (beginner level)
Next: AWS Solutions Architect Associate or Azure Administrator Associate
Advanced: AWS Solutions Architect Professional or Azure Solutions Architect Expert
Specialized: Kubernetes CKA, security certifications
Why Certifications Matter:
Cloud certifications are highly valued in the industry, help you pass resume screening, provide structured learning path, validate your knowledge to employers

Interview Preparation

What to Prepare:
Cloud service deep dives (be able to explain EC2, VPC, S3, etc.), architecture design questions, troubleshooting scenarios, security best practices, cost optimization strategies, IaC and automation discussions, real-world project experiences
Practice Resources:
  • Cloud engineer interview questions (GitHub)
  • System design interview prep
  • Mock architecture whiteboarding

Essential Tech Stack

Master these technologies to become job-ready

Cloud Platforms

  • AWS (EC2, S3, VPC, RDS, Lambda)
  • Azure (VMs, Blob, VNet, SQL Database)
  • Google Cloud (optional)

Infrastructure as Code

  • Terraform
  • CloudFormation or ARM Templates
  • Ansible
  • Git for version control

Containers & Orchestration

  • Docker
  • Kubernetes
  • EKS / AKS / GKE
  • Helm
  • Docker Compose

CI/CD & Automation

  • GitHub Actions or GitLab CI
  • Jenkins (optional)
  • AWS CodePipeline
  • Bash/Python scripting

Monitoring & Logging

  • CloudWatch / Azure Monitor
  • Prometheus & Grafana
  • ELK Stack (optional)
  • X-Ray / Application Insights

Networking & Security

  • VPC / Virtual Networks
  • Security Groups / NSGs
  • IAM policies
  • SSL/TLS certificates
  • VPN & PrivateLink

Portfolio Projects to Build

Build these projects to showcase your skills to employers

🏗️

3-Tier Web Application on AWS

Deploy complete 3-tier architecture (web, app, database) using Terraform. Include VPC with public/private subnets, Auto Scaling, Load Balancer, RDS and S3. Implement security best practices and monitoring.

AWS Terraform VPC Load Balancer Auto Scaling
🐳

Kubernetes Microservices Platform

Deploy microservices application on EKS/AKS with service mesh, ingress controller, horizontal pod autoscaling, and monitoring stack (Prometheus/Grafana). Implement CI/CD pipeline for automated deployments.

Kubernetes EKS/AKS Helm CI/CD Monitoring

Serverless Application

Build serverless REST API using Lambda/Functions, API Gateway, DynamoDB/Cosmos DB. Implement authentication, monitoring and CI/CD. Include infrastructure as code and comprehensive documentation.

Lambda API Gateway DynamoDB Serverless Framework
🌍

Multi-Region Disaster Recovery

Design and implement highly available, multi-region architecture with automated failover. Include database replication, Route 53/Traffic Manager routing, backup strategies and disaster recovery documentation.

High Availability Multi-Region DR Planning Automation
🔒

Security Hardened Infrastructure

Build infrastructure following CIS benchmarks and security best practices. Implement automated compliance checking, security scanning, secrets management and incident response procedures.

Security Compliance Automation Best Practices
💰

Cost Optimization Project

Analyze existing cloud infrastructure, identify cost-saving opportunities, implement optimizations (right-sizing, reserved instances, auto-scaling). Document savings achieved with detailed reports.

Cost Analysis Optimization FinOps Reporting

Free Learning Resources

Best free resources to master cloud engineering

🎓 Cloud Platform Training

  • AWS Skill Builder (free tier)
  • Microsoft Learn (Azure)
  • Google Cloud Skills Boost
  • AWS Free Tier (12 months)
  • Azure Free Account

📺 YouTube Channels

  • TechWorld with Nana
  • freeCodeCamp (AWS/Cloud)
  • A Cloud Guru (some free)
  • Cloud Academy tutorials
  • Stephane Maarek

📖 Documentation

  • AWS Documentation
  • Azure Docs
  • Terraform Registry
  • Kubernetes Docs
  • Docker Documentation

💻 Hands-On Labs

  • AWS Workshops
  • Azure Sandbox environments
  • Play with Docker
  • Play with Kubernetes
  • Terraform tutorials

💬 Communities

  • Reddit r/aws
  • Reddit r/azure
  • CNCF Slack (Kubernetes)
  • AWS re:Post
  • DevOps communities

📚 Certification Prep

  • AWS Certified Solutions Architect
  • Azure Administrator Associate
  • CKA (Kubernetes Administrator)
  • ExamPro free courses (YouTube)
  • Practice exams (Tutorials Dojo)

Ready to Start Your Cloud Journey?

Have questions about this roadmap? Need guidance on your cloud learning path? We're here to help you succeed.

Get Free Guidance →