Home / Programs / Infrastructure & cloud architecture

Architecture program

Infrastructure & cloud architecture

For cloud and infrastructure architects — learn how to plan the overall platform: landing zones, network topology, compute placement, security boundaries, DR, and cost — not how to design application code.

Weekends only 6 weekends · 36 hours AWS SA Pro & GCP PCA prep

What you will learn

  • Define what a cloud platform must provide to application teams — and what stays their responsibility
  • Design multi-account landing zones with guardrails, not cowboy accounts
  • Plan network topologies that scale: hub-spoke, segmentation, ingress/egress, hybrid connectivity
  • Place workloads on the right compute and managed services for ops reality
  • Architect identity, shared services, DR tiers, and security boundaries across the estate
  • Present and defend designs in architecture reviews — with ADRs stakeholders trust
  • Prepare for AWS Solutions Architect Professional and GCP Professional Cloud Architect exams

This is not application architecture

We do not teach microservice decomposition or API design. We teach the infrastructure layer beneath applications — the landing zone, network, platform services, and guardrails that architects and platform teams own so product teams can ship safely.

Weekend 1

The infrastructure architect's scope

Who owns what in a modern engineering org. Gathering requirements from security, finance, compliance, and product — translating them into platform capabilities.

  • Platform team vs product team boundaries
  • Non-functional requirements: availability, RPO/RTO, compliance, cost
  • Stakeholder interviews and constraint mapping
  • Reference architectures vs bespoke snowflakes
WorkshopWrite a platform requirements brief for a fictional fintech migrating to cloud.

Weekend 2

Landing zones & multi-account strategy

AWS Organizations and GCP folder hierarchies as architecture tools. OUs, SCPs, organization policies, and the account vending machine pattern.

  • Account per environment vs account per workload — trade-offs
  • Shared services account: DNS, logging, security tooling
  • Guardrails that prevent disaster without blocking developers
  • Account factory automation concepts (Control Tower, Landing Zone Accelerator)
WorkshopDesign OU/account diagram with SCP guardrails documented.

Weekend 3

Network architecture at scale

Hub-spoke, transit gateways, shared VPC, private connectivity, DNS strategy, and egress control — the diagrams architects live in.

  • IP address planning and growth headroom
  • Segmentation: prod vs non-prod, PCI zones, DMZ patterns
  • Ingress: WAF, CDN, API gateway placement
  • Egress filtering, NAT consolidation, and cost
  • Hybrid: VPN, Direct Connect, Interconnect — when hybrid still matters
WorkshopNetwork diagram with traffic flows annotated for security review.

Weekend 4

Compute placement & shared platform services

Where workloads land: VMs, Kubernetes, serverless, managed databases. Shared messaging, caching, and data boundaries application teams consume.

  • Decision matrix: lift-shift vs refactor vs rebuild
  • Kubernetes as platform vs serverless for spiky workloads
  • Shared RDS/Cloud SQL, Kafka/EventBridge, object storage patterns
  • Data residency and cross-border replication constraints
WorkshopPlatform placement map for a portfolio of 12 applications.

Weekend 5

Identity, security, resilience & cost

Four lenses every architecture review must pass. Federation at scale, zero-trust boundaries, DR tiers, and FinOps for architects.

  • Enterprise SSO, RBAC models, break-glass procedures
  • Encryption standards, key management, audit log centralization
  • Multi-AZ vs multi-region; active-active vs pilot light vs backup-restore
  • Tagging taxonomy, chargeback/showback, capacity forecasting
WorkshopDR tier matrix + security boundary diagram for same fictional org.

Weekend 6

Architecture review capstone & cert prep

Present a full infrastructure architecture to peers. Defend trade-offs. Receive structured feedback. Map gaps to AWS SA Pro and GCP PCA study plans.

  • ADR writing — one decision per record, explicit alternatives rejected
  • Review board simulation — security and finance challengers
  • Evolution roadmap: MVP platform vs target state in 18 months
  • Professional-level exam scenarios and case study approach
Capstone45-minute architecture presentation with Q&A — portfolio ready.

Certification alignment

AWS Solutions Architect – Professional GCP Professional Cloud Architect TOGAF concepts (awareness)

Enroll in Infrastructure & cloud architecture

Submit your details for this program — we will confirm batch dates and next steps.

Enrollment form

Step 1: Enter email and click Send code.

Step 2: Check inbox and spam, then enter the code.