Google Professional Cloud DevOps Engineer Study Guide

Google Cloud Professional Cloud DevOps Engineer Certificate Exam Study Guide

Professional Cloud DevOps Engineer Preparation Details

Preparing for the Professional Cloud DevOps Engineer exam means mastering how Google-recommended methodologies and tools support the full systems development lifecycle. This guide walks through every domain in the official exam guide, from bootstrapping a Google Cloud organization to building secure CI/CD pipelines, applying SRE practices, and optimizing observability and cost.

Each objective below is paired with official Google Cloud documentation so you can study the exact concepts the exam covers, from Shared VPC and Cloud Deploy to SLOs and FinOps. You can also explore more GCP certification study guides on the GCP Certification category page to keep building your skills.

Professional Cloud DevOps Engineer Materials

CourseraGoogle Cloud DevOps Engineer Professional Certificate
UdemyGCP Google Cloud Professional DevOps Engineer Certification
WhizlabsGoogle Cloud DevOps Fundamentals

Section 1: Bootstrapping and maintaining a Google Cloud organization (~20% of the exam)

1.1 Designing the overall resource hierarchy for an organization. Considerations include:

Organizing resources (e.g., application-centric, projects, folders)

About resource hierarchy

Organize resources

Create folders

Shared networking (e.g., Shared VPC, VPC Network Peering, Private Service Connect)

Shared VPC

VPC Network Peering

Private Service Connect

Multi-project monitoring and logging

Configure a metrics scope

Aggregated sinks overview

Identity and Access Management (IAM) roles and organization-level policies

IAM overview

Roles and permissions

Organization Policy overview

Creating and managing service accounts

Service accounts overview

Create service accounts

Data residency

Data residency

Restrict resource locations

1.2 Managing infrastructure. Considerations include:

Infrastructure-as-code tooling and managed services (e.g., Infrastructure Manager, Cloud Foundation Toolkit, Config Connector, GitOps, Terraform, Helm)

Infrastructure Manager overview

Config Connector overview

Terraform blueprints and modules for Google Cloud

Managing infrastructure as code with Terraform, Cloud Build, and GitOps

Making infrastructure changes using Google-recommended practices and blueprints

Enterprise foundations blueprint

Deployment methodology

Terraform blueprints and modules for Google Cloud

Automation with scripting (e.g., Python, Go)

Python Cloud Client Libraries

Go Cloud Client Libraries

1.3 Designing a CI/CD architecture stack in Google Cloud, hybrid, and multi-cloud environments. Considerations include:

Continuous integration (CI) with Cloud Build

Overview of Cloud Build

Cloud Build triggers

Continuous delivery (CD) with Cloud Deploy, including Kustomize and Skaffold

Overview of Cloud Deploy

Use Skaffold with Cloud Deploy

Manage manifests in Cloud Deploy

Artifact Registry configuration

Artifact Registry overview

Store artifacts in Artifact Registry

Widely used third-party tooling (e.g., Git, Jenkins, Argo CD, Packer, kpt)

Connect to a GitHub repository

Integrating with Jenkins

Build multi-cluster infrastructure with GKE fleets and Argo CD

Security of CI/CD tooling

Software supply chain security

Binary Authorization overview

1.4 Managing multiple environments (e.g., staging, production). Considerations include:

Managing ephemeral environments

Overview of Cloud Deploy

Managing infrastructure as code with Terraform, Cloud Build, and GitOps

Managing configuration and policy

Explore GKE documentation

Organization Policy overview

Managing Google Kubernetes Engine (GKE) clusters across an enterprise (e.g., fleets)

Fleet management

Plan fleet features

Safe and secure patching and upgrading practices

About GKE cluster upgrades

Maintenance windows and exclusions

Node upgrade strategies

1.5 Enabling secure cloud development environments. Considerations include:

Configuring and managing cloud development environments (e.g., Cloud Workstations, Cloud Shell)

Cloud Workstations overview

How Cloud Shell works

Bootstrapping environments with required tooling (e.g., custom images, IDE, Cloud SDK)

Configure Cloud Shell

Cloud SDK

Leveraging AI to assist with development and operations (e.g., Gemini Code Assist, Gemini Cloud Assist, Gemini CLI)

Gemini Code Assist Standard and Enterprise overview

Gemini for Google Cloud overview

Gemini CLI

Section 2: Building and implementing CI/CD pipelines, including continuous testing, for application, infrastructure, and machine learning workloads (~25% of the exam)

2.1 Designing pipelines. Considerations include:

CI/CD of applications and infrastructure

Overview of Cloud Build

Overview of Cloud Deploy

Managing infrastructure as code with Terraform, Cloud Build, and GitOps

Artifact management with Artifact Registry

Artifact Registry overview

Building artifacts

Deployment to hybrid and multi-cloud environments (e.g., GKE)

Deploy to a Google Kubernetes Engine cluster

Fleet management

CI/CD pipeline triggers

Cloud Build triggers

Configuring deployment processes (e.g., approval flows)

Cloud Build triggers

Manage rollouts

2.2 Implementing and managing pipelines. Considerations include:

Auditing and tracking deployments (e.g., Artifact Registry, Cloud Build, Cloud Deploy, Cloud Audit Logs)

Cloud Audit Logs overview

Manage rollouts

Deployment strategies (e.g., canary, blue/green, rolling, traffic splitting, feature flags) and defining success metrics based on application or ML pipeline telemetry

Use a canary deployment strategy

Rollbacks, gradual rollouts, and traffic migration

Deploy to Compute Engine

Troubleshooting and mitigating deployment issues

Troubleshooting build errors and more

Troubleshoot Cloud Run issues

2.3 Managing pipeline configuration and secrets. Considerations include:

Key management (e.g., Cloud Key Management Service)

Cloud Key Management Service overview

Configuration and secret management (e.g., Secret Manager, Certificate Manager, Parameter Manager, Workload Identity Federation)

Secret Manager overview

Certificate Manager overview

Parameter Manager overview

Workload Identity Federation

Build versus runtime secret injection

Secret Manager overview

Cloud Key Management Service overview

2.4 Securing the deployment pipeline. Considerations include:

Artifact Analysis and vulnerability scanning

Artifact Analysis overview

Container scanning overview

Artifact analysis and vulnerability scanning

Software supply chain security (e.g., Binary Authorization, Supply-chain Levels for Software Artifacts [SLSA] framework)

Software supply chain security

Binary Authorization overview

Safeguard deployments

IAM policies based on environment

IAM overview

Organization Policy overview

Section 3: Applying site reliability engineering practices (~18% of the exam)

3.1 Balancing change, velocity, and reliability of the service. Considerations include:

Defining SLIs (e.g., availability, latency), SLOs, and SLAs

Concepts in service monitoring

Service level objectives overview

Error budgets (e.g., Cloud Service Mesh definitions)

Designing SLOs

Creating an alerting policy for an SLO

Opportunity cost of risk and reliability (e.g., number of “nines”)

Concepts in service monitoring

Monitoring SLOs

3.2 Managing service lifecycle. Considerations include:

Service management (e.g., planning, deployment, maintenance, retirement)

About GKE cluster upgrades

Manage rollouts

Capacity planning (e.g., quotas, limits, reservations, Dynamic Workload Scheduler)

Cloud Quotas overview

About reservations

About future reservation requests in calendar mode

Choose a reservation type

Autoscaling (e.g., managed instance groups, Cloud Run, GKE)

Autoscaling groups of instances

About instance autoscaling in Cloud Run services

About GKE cluster autoscaling

3.3 Mitigating incident impact on users. Considerations include:

Draining/redirecting traffic

Connection draining

Rollbacks, gradual rollouts, and traffic migration

Adding capacity

Autoscaling groups of instances

About reservations

Rollback strategies

Manage rollouts

Rollbacks, gradual rollouts, and traffic migration

Section 4: Implementing observability practices and troubleshooting issues (~25% of the exam)

4.1 Instrumenting and collecting telemetry. Considerations include:

Collecting and importing logs (e.g., Ops Agent, OpenTelemetry, Cloud Audit Logs, VPC Flow Logs, Cloud Service Mesh)

Ops Agent overview

Cloud Audit Logs overview

VPC Flow Logs

Optimizing logs (e.g., filtering, sampling, exclusions, cost management, source considerations)

Cloud Logging overview

Aggregated sinks overview

Collecting metrics (e.g., from applications, platforms, networking, Cloud Service Mesh, Google Cloud Managed Service for Prometheus, hybrid/multi-cloud environments)

Cloud Monitoring overview

Configuring your metrics scopes

Collect OpenTelemetry Protocol (OTLP) metrics and traces

Creating synthetic monitors to proactively probe application endpoints and workflows

Cloud Monitoring overview

Creating custom metrics, including log-based metrics

Log-based metrics overview

List and chart log-based metrics

4.2 Managing and analyzing logs. Considerations include:

Analyzing logs using the Logs Explorer and the Logging query language

Logging query language

View and analyze logs

Build and save queries by using the Logging query language

Exporting and retaining logs (e.g., routing to BigQuery, Pub/Sub, Cloud Storage)

Route logs to supported destinations

Aggregated sinks overview

Handling sensitive data (e.g., using log processors to redact personally identifiable information [PII], protected health information [PHI])

Classification, redaction, and de-identification

Redacting sensitive data from text

Using Gemini Cloud Assist for AI-powered log analysis

Gemini for Google Cloud overview

Use Gemini Cloud Assist in the Google Cloud console

4.3 Managing metrics, dashboards, and alerts. Considerations include:

Analyzing metrics using the Metrics Explorer

Create charts with Metrics Explorer

Managing dashboards (e.g., creating, filtering, sharing, playbooks, PromQL)

Dashboards overview

Create and manage custom dashboards

Configuring alerting and alerting policies (e.g., SLIs, SLOs, cost control)

Create metric-threshold alerting policies

Configure log-based alerting policies

Integrating with third-party alerting tools (e.g., webhooks, PagerDuty, Rootly)

Create and manage notification channels

Create and manage notification channels by API

Leveraging Gemini Cloud Assist for metrics interpretation

Gemini for Google Cloud overview

Use Gemini Cloud Assist in the Google Cloud console

4.4 Capturing and analyzing distributed traces. Considerations include:

Utilizing tracing frameworks (e.g., OpenTelemetry)

Cloud Trace overview

Instrument for Cloud Trace

Analyzing trace waterfalls and spans

Find and explore traces

Correlating trace IDs with structured logs

Correlate log entries

Link log entries with traces

Employing Gemini Cloud Assist for trace analysis

Gemini for Google Cloud overview

4.5 Troubleshooting issues. Considerations include:

Infrastructure issues

Troubleshoot GKE

Troubleshoot load balancing in GKE

CI/CD pipeline issues

Troubleshooting build errors and more

Application issues

Troubleshoot Cloud Run issues

Troubleshoot Error Reporting

Observability issues

Troubleshoot Cloud Profiler

Performance and latency issues

Cloud Profiler overview

Find and explore traces

Section 5: Optimizing performance and cost (~12% of the exam)

5.1 Collecting performance information in Google Cloud. Considerations include:

Application performance monitoring

Observability in Google Cloud

What is application performance monitoring (APM)?

Cloud Profiler overview

Active Assist insights and recommendations

What is Active Assist

Active Assist dashboard overview

Find recommendations with Active Assist

5.2 Implementing FinOps practices for optimizing resource utilization and costs. Considerations include:

Observability costs

View and manage metric usage

Spot virtual machines (VMs)

Spot VMs

Run fault-tolerant workloads at lower costs with Spot VMs

Optimizing resource usage for cost and efficiency

Best practices for running cost-optimized Kubernetes applications on GKE

Best practices for cost-optimized Cloud Run services

Infrastructure cost planning (e.g., committed-use discounts, sustained-use discounts, network tiers)

Committed use discounts

Sustained use discounts

Network Service Tiers overview

Leveraging Google Cloud recommenders (e.g., cost, security, performance, manageability, reliability)

What is Active Assist

Get recommendations for committed use discounts (CUD)

Optimizing individual workload costs (e.g., GKE, Cloud Run, Compute Engine)

Best practices for running cost-optimized Kubernetes applications on GKE

Best practices for cost-optimized Cloud Run services

Committed use discounts (CUDs) for Compute Engine

Wrapping Up Professional Cloud DevOps Engineer

That covers every domain of the Professional Cloud DevOps Engineer exam guide, from organization bootstrapping and CI/CD pipeline design through SRE practices and cost-aware observability. Working through each linked doc alongside the official exam guide will give you hands-on familiarity with the tools graders expect you to know, like Cloud Build, Cloud Deploy, Cloud Monitoring, and Cloud Trace.

Take your time with the SRE and FinOps sections especially, since they blend conceptual knowledge with practical Google Cloud configuration. You can also explore more GCP certification study guides on the GCP Certification category page to keep building your skills. Have a question or tip? Leave a comment below.

Receive Updates on Google Cloud DevOps Exam


Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the Google Cloud DevOps Study Guide in Your Network

You may also like