We have reached the last subchapter of the book. Throughout this chapter, you have discovered the resources that will accompany you beyond these pages: the official documentation and Skill Builder (34.1), YouTube and podcasts (34.2), and communities (34.3). Now let's bring it all together in the idea that closes your training: how to stay up to date in a sustainable way throughout your entire career. And, when we finish, we will say goodbye by celebrating the journey you have completed: from zero to expert.
The Challenge: The Cloud Never Stops Evolving
We've said it before, but it's the key to this subchapter: AWS and the cloud are constantly changing. New services, improvements, best practices that evolve... This is not a threat, it's part of the nature of this exciting field. The challenge is not to "catch up once," but to stay up to date continuously and sustainably, without getting overwhelmed.
Analogy: staying up to date in the cloud is like staying physically fit. You don't achieve it with a single exhausting workout and then nothing; you achieve it with moderate and regular exercise over time. A little each week, sustained, keeps you in shape much better than a brutal, isolated effort. The same goes for cloud knowledge: a bit of constant learning beats sporadic cramming.
The Strategy: Small, Sustainable Habits
The key is not to study a lot all at once (that's not sustainable), but to integrate learning into your routine in a light and consistent way. Combining the resources from the chapter:
A sustainable routine (example): 📰 From time to time → skim through updates (r/aws, newsletters) 🎧 On your commutes → listen to a cloud podcast 📺 When you feel like it → watch a video about something that interests you 👥 Regularly → participate a bit in a community 🔨 Every so often → BUILD a small project (the best way to learn!) 📚 When you need it → go deeper with a course or the documentation
You don't have to do everything: choose what fits your life and keep it up over time. A little, but consistent.
💡 The golden rule: building teaches the most. Of all the resources, practicing by building (as in Chapter 33) is what consolidates the most. Always keep a small project on hand: it's the best way for what you learn to really stick and to keep growing.
Don't Get Overwhelmed: It's Impossible (and Unnecessary) to Know Everything
One last important piece of advice for your peace of mind: no one knows everything about AWS, not even the top experts. It's too big. That's not your goal. Your goal is to have a solid foundation (which you already have with this book) and to know where and how to learn what you need when you need it.
What you DON'T need: to know everything by heart (impossible) What you DO have already: a solid foundation + knowing where to keep learning = everything you need to grow without limits
⚠️ Don't compare yourself or get overwhelmed by how much there is to know. All experts started where you are, and all keep learning every day. The feeling of "how much I have left" is not a sign that you're doing badly: it's the reality of a huge and living field, and it's shared by everyone who works in this. Move at your own pace, with consistency, enjoying the journey.
Real world example: someone who finished the book fears "falling behind" in a field that changes so quickly. But instead of getting overwhelmed, they adopt a sustainable routine: they listen to a cloud podcast on their commutes, skim through r/aws updates for a bit each week, watch a video when they're interested in a topic, and — most importantly — always keep a small project on hand to practice. They don't study intensively or stressfully; they simply integrate a bit of cloud into their routine, consistently. Over the months, they realize they're perfectly up to date, have kept growing, and enjoy the process, without it being a sacrifice. The secret wasn't working super hard, but light consistency. And so, year after year, they remain an up-to-date and competent professional.
What You Should Remember
- The cloud evolves constantly; the challenge is not to catch up once, but to stay up to date continuously and sustainably, as a light habit. Like staying fit: moderate and regular exercise, not brutal, isolated efforts.
- The strategy: small, sustainable habits that integrate learning into your routine, combining the resources from the chapter (updates, podcasts, videos, community, and above all, building). Choose what fits you and keep it up over time.
- 💡 Building teaches the most (Ch. 33): always keep a small project on hand.
- ⚠️ Don't get overwhelmed: no one knows everything about AWS, nor do you need to. You already have a solid foundation and know where to keep learning: that's all you need to grow without limits. Move at your own pace, with consistency and enjoyment.
And Here Ends Our Journey... Which Is Only Your Beginning
You have reached the end of the book. Take a moment to think about the path you've traveled.
You started, in Chapter 1, with nothing but curiosity to understand what "the cloud" is. And look at all you've learned now:
The journey you've completed: Part I → You understood what the cloud and AWS are, and took your first steps Part II → You learned infrastructure as code with Terraform Part III → You mastered compute, storage, and networking Part IV → You built architectures that scale and are resilient Part V → You automated everything with CI/CD and best practices Part VI → Security, observability, costs, and high availability Part VII → Advanced patterns, multi-account, and platform engineering Part VIII → Certifications, projects, and resources to keep growing
You went from not knowing what a server was to being able to design, build, and operate complete cloud architectures, automated with infrastructure as code, secure, scalable, and well managed. That is a huge achievement, and you did it, page by page, concept by concept.
Congratulations from the heart. 🎉 You have made the journey from zero to expert.
But remember what we saw in this last chapter: this ending is, in reality, a beginning. Now you have the foundation, the tools, and the resources to keep growing without limits. The world of the cloud is vast and exciting, and it's full of things to build... and many of them will be built by you.
Don't be afraid to make mistakes: every mistake is a lesson. Don't compare yourself to anyone: every expert started where you started. And above all, never stop building, because that's where, by creating real things, true mastery is forged.
Thank you for taking this journey. Now go, deploy your first real project, join the community, keep learning... and enjoy everything the cloud allows you to create.
The journey from zero to expert is over.
Your journey as an expert has just begun.
Good luck, and see you in the cloud! ☁️🚀
Cloud, AWS & Terraform — From Zero to Expert
Chapter 1 · What is cloud computing
- 1.1 The traditional client-server model
- 1.2 Problems the cloud came to solve
- 1.3 On-premise vs cloud vs hybrid
- 1.4 The three service models: IaaS, PaaS, SaaS
- 1.5 The five pillars of cloud (according to NIST)
- 1.6 Real advantages: elasticity, pay-as-you-go, global availability
Chapter 2 · The cloud market and major providers
- 2.1 AWS, Azure and GCP: differences and market share
- 2.2 Why learn AWS first
- 2.3 Concepts that are universal among providers
Chapter 3 · Regions, availability zones and edge
- 3.1 What is an AWS region and how to choose it
- 3.2 Availability Zones: high availability by design
- 3.3 Edge locations and CloudFront
- 3.4 Latency, resilience and data sovereignty
Chapter 4 · Compute: EC2
- 4.1 Instances: types, families and when to choose each
- 4.2 AMIs, key pairs and Security Groups
- 4.3 Instance lifecycle
- 4.4 Elastic IPs and Placement Groups
- 4.5 Savings Plans vs Reserved vs On-Demand vs Spot
Chapter 5 · Storage: S3
- 5.1 Buckets, objects and keys
- 5.2 Storage classes (Standard, IA, Glacier…)
- 5.3 Versioning and object lifecycle
- 5.4 Bucket policies and ACLs
- 5.5 Static website hosting
Chapter 6 · Networking: VPC
- 6.1 What is a VPC and why you need it
- 6.2 Public and private subnets
- 6.3 Internet Gateway and NAT Gateway
- 6.4 Route Tables and Network ACLs
- 6.5 VPC Peering and endpoints
Chapter 7 · Identity and access: IAM
- 7.1 Users, groups, roles and policies
- 7.2 The principle of least privilege
- 7.3 Identity-based vs resource-based policies
- 7.4 MFA and temporary credentials (STS)
- 7.5 IAM security best practices
Chapter 8 · Managed databases
- 8.1 RDS: engines, Multi-AZ and read replicas
- 8.2 Aurora and its advantages over vanilla RDS
- 8.3 DynamoDB: key-value / document model
- 8.4 ElastiCache for in-memory cache
- 8.5 When to use each type of database
Chapter 9 · Why Infrastructure as Code
- 9.1 Problems with manual provisioning
- 9.2 Declarative vs imperative IaC
- 9.3 Terraform vs CloudFormation vs Pulumi vs CDK
- 9.4 The plan → apply → destroy cycle
Chapter 10 · HCL: the Terraform language
- 10.1 Resource, variable, output, locals blocks
- 10.2 Data types: string, number, bool, list, map, object
- 10.3 Expressions, references and built-in functions
- 10.4 Conditionals and loops (count, for_each, for)
Chapter 11 · Providers and state
- 11.1 How the AWS provider works
- 11.2 The terraform.tfstate file and its importance
- 11.3 Local state vs remote state (S3 + DynamoDB)
- 11.4 Essential commands: init, plan, apply, destroy, fmt, validate
Chapter 12 · Your first real infrastructure in Terraform
- 12.1 Create a VPC with subnets from scratch
- 12.2 Launch a public EC2 instance
- 12.3 Associate a Security Group and an Elastic IP
- 12.4 Outputs and references between resources
- 12.5 Team workflow: PR review of plans
Chapter 13 · Load balancing and auto scaling
- 13.1 Application Load Balancer vs Network Load Balancer
- 13.2 Target Groups, listeners and rules
- 13.3 Auto Scaling Groups: policies and metrics
- 13.4 Warm pools and lifecycle hooks
Chapter 14 · Serverless with Lambda
- 14.1 The Lambda execution model
- 14.2 Triggers: API Gateway, S3, DynamoDB Streams, SQS
- 14.3 Dependency management and layers
- 14.4 Cold starts and strategies to reduce them
- 14.5 Limits and anti-patterns
Chapter 15 · Messaging and events
- 15.1 SQS: standard vs FIFO queues, DLQ
- 15.2 SNS: topics, subscriptions, fan-out
- 15.3 EventBridge: event buses and rules
- 15.4 Patterns: pub/sub, decoupling, saga
Chapter 16 · Content delivery and DNS
- 16.1 Route 53: record types and routing policies
- 16.2 CloudFront: distributions, caches and origins
- 16.3 ACM: free SSL/TLS certificates
- 16.4 WAF integrated with CloudFront
Chapter 17 · Containers on AWS
- 17.1 Docker: quick review of key concepts
- 17.2 ECR: private image registry
- 17.3 ECS: task definitions, services, Fargate vs EC2
- 17.4 EKS: when Kubernetes and when not
Chapter 18 · Modules: reuse and composition
- 18.1 Anatomy of a Terraform module
- 18.2 Input variables, outputs and dependencies
- 18.3 Local modules vs Terraform Registry modules
- 18.4 Module versioning with Git tags
- 18.5 Design of generic vs domain-specific modules
Chapter 19 · Workspaces and environment management
- 19.1 Terraform workspaces: use cases and limitations
- 19.2 Directory strategy per environment (dev/stg/prod)
- 19.3 Terragrunt: DRY for environment configurations
- 19.4 Environment variables and .tfvars files
Chapter 20 · Remote backends and locking
- 20.1 Configure S3 + DynamoDB as backend
- 20.2 State locking: avoiding team corruption
- 20.3 State migration between backends
- 20.4 terraform import: bring existing resources into state
Chapter 21 · Infrastructure testing
- 21.1 Terraform validate and fmt in CI
- 21.2 Checkov and tfsec: static security analysis
- 21.3 Terratest: integration tests in Go
- 21.4 Contract testing between modules
Chapter 22 · Terraform in CI/CD
- 22.1 Basic pipeline: lint → plan → apply in GitHub Actions
- 22.2 Atlantis: GitOps for Terraform
- 22.3 Terraform Cloud / HCP Terraform
- 22.4 Drift detection and automatic reconciliation
Chapter 23 · Defense in depth
- 23.1 AWS Organizations and Service Control Policies
- 23.2 AWS Config: continuous compliance
- 23.3 GuardDuty: threat detection
- 23.4 Security Hub: centralized view
- 23.5 KMS: key management and rotation
- 23.6 Secrets Manager vs Parameter Store
Chapter 24 · Observability: logs, metrics and traces
- 24.1 CloudWatch Logs, metrics and alarms
- 24.2 CloudWatch Dashboards and Contributor Insights
- 24.3 X-Ray: distributed tracing
- 24.4 OpenTelemetry on AWS
- 24.5 Managed Grafana and Managed Prometheus
Chapter 25 · Cost optimization
- 25.1 AWS Cost Explorer and budgets with alerts
- 25.2 Trusted Advisor and Compute Optimizer
- 25.3 Rightsizing: how to detect overprovisioning
- 25.4 Savings Plans vs Reserved Instances: strategic decision
- 25.5 FinOps: culture and processes to control spending
Chapter 26 · High availability and disaster recovery
- 26.1 RTO and RPO: defining objectives
- 26.2 Strategies: backup/restore, pilot light, warm standby, multi-site
- 26.3 Route 53 health checks and automatic failover
- 26.4 AWS Backup: centralized backup policy
Chapter 27 · AWS Well-Architected Framework
- 27.1 The six pillars: operational excellence, security, reliability, performance efficiency, cost optimization, sustainability
- 27.2 Well-Architected Tool: formal reviews
- 27.3 How to apply the framework in design decisions
Chapter 28 · Serverless architectures at scale
- 28.1 Event-driven architecture with Lambda + EventBridge
- 28.2 Saga pattern for distributed transactions
- 28.3 Step Functions: orchestration of complex workflows
- 28.4 Lambda@Edge and CloudFront Functions
Chapter 29 · Data platforms on AWS
- 29.1 Data Lake with S3, Glue and Athena
- 29.2 Kinesis Data Streams and Firehose for streaming
- 29.3 Redshift: data warehousing at scale
- 29.4 Lake Formation: data governance
Chapter 30 · Multi-account and landing zones
- 30.1 Why separate workloads into different accounts
- 30.2 AWS Control Tower and Account Factory
- 30.3 Centralized log and security management
- 30.4 Terraform at multi-account scale with shared modules
Chapter 31 · Platform Engineering and Internal Developer Platform
- 31.1 Golden paths and abstractions over Terraform
- 31.2 AWS Service Catalog
- 31.3 Backstage as a developer portal
- 31.4 Terraform modules as internal product
Chapter 32 · Relevant AWS certifications
- 32.1 Cloud Practitioner: is it worth it?
- 32.2 Solutions Architect Associate → Professional
- 32.3 DevOps Engineer Professional
- 32.4 Specialty: Security, Database, Networking
- 32.5 HashiCorp Terraform Associate
Chapter 33 · Projects to consolidate what you've learned
- 33.1 Project 1: serverless blog (S3 + CloudFront + Lambda + DynamoDB)
- 33.2 Project 2: REST API with ECS Fargate + RDS + ALB
- 33.3 Project 3: data platform with Glue + Athena + Redshift
- 33.4 Project 4: multi-account landing zone with Terraform and Control Tower