CloudTech (Pvt) Ltd is a pioneer in cloud technologies. We provide software development & training services utilizing the latest web / mobile / cloud/media standards. We owned more than 100+ freeware and shareware products developed since 2007 and utilizes by thousands of customers worldwide.

Get In Touch

Our contact information shown below

phone
051-2700027

Call 9am to 6pm

phone
support@mediasoftpro.com

online support

phone
Islamabad, Pakistan

F11 Markaz, Islamabad

DevOps Training in Islamabad: Master AWS DevOps Tools for Infrastructure Automation

Elevate your AWS expertise and revolutionize your infrastructure management with our in-depth training program: "Comprehensive AWS DevOps Infrastructure Automation." In today's dynamic technological landscape, the ability to automate and optimize infrastructure operations is crucial. This specialized training equips you with the skills and knowledge needed to leverage AWS DevOps tools for seamless infrastructure management.

Join us for an immersive and hands-on journey through the world of infrastructure automation using AWS DevOps tools. Our seasoned instructors will guide you through every step, from fundamental concepts to advanced strategies, ensuring you develop a holistic understanding of the subject matter.

πŸ› οΈ Training Focus: Automation & Cloud-Native Deployment
⏳ Duration: 1-2 Months
πŸ‘₯ Seats Available: 10 Maximum
πŸ’° Fees: Call or Whatsapp

πŸ“ž For booking & details, Contact via WhatsApp

☁️ DevOps [AWS Track]

Currently available in Islamabad

DevOps in 2026 is no longer a single role β€” it has fractured into specialisations: platform engineering, SRE, cloud security, ML Ops, and FinOps. But every one of those paths starts from the same foundation: Linux, networking, containers, CI/CD, and Infrastructure as Code on a major cloud platform. This course builds that foundation on AWS β€” the most widely used cloud platform in the world and the one that appears in the majority of remote DevOps job postings targeting Pakistan's IT export market.

The core program is designed to be completed in 4–5 weeks and covers everything a working DevOps engineer needs to be productive on day one: automated pipelines, containerised deployments, infrastructure as code, observability, and cost control. Advanced specialisations β€” Kubernetes, security, ML infrastructure, multi-cloud, and platform engineering β€” are offered as separate add-on tracks, each 2–3 weeks, so students can go deep on the areas most relevant to their career goals without paying for everything at once.

πŸ’‘ Why AWS DevOps in 2026

  • AWS holds over 31% of the global cloud market β€” more than Azure and Google Cloud combined β€” making it the single most valuable cloud platform to know
  • GitHub Actions has replaced Jenkins as the default CI/CD platform β€” simpler, cheaper, and better integrated with modern development workflows
  • Terraform remains the most employer-demanded IaC tool globally β€” appearing in the vast majority of senior DevOps and platform engineering job postings
  • Containers and Kubernetes are now baseline skills for any cloud infrastructure role β€” not advanced topics
  • The shift-left security movement means DevOps engineers are now expected to own security scanning, secrets management, and compliance in the pipeline β€” not just deployment
  • FinOps has become a mandatory skill as organisations try to control rapidly growing cloud bills
  • Remote DevOps roles from Pakistan pay significantly above local market rates β€” AWS certification + hands-on project experience is the fastest path to these positions

πŸ“š Core Program β€” 4 to 5 Weeks

(Foundation every DevOps engineer needs before specialising)

Week 1 β€” Linux, Networking & Shell Automation

DevOps starts with Linux. Every container, every EC2 instance, every CI/CD runner is a Linux environment. This week builds the operating system and networking knowledge that everything else sits on top of.

  1. Linux fundamentals for DevOps: process management, systemd services, file permissions, user management, and the /proc and /sys filesystems
  2. Shell scripting in Bash: variables, conditionals, loops, functions, error handling with set -euo pipefail, and writing production-grade automation scripts
  3. Text processing tools: grep, awk, sed, cut, sort, uniq, jq for JSON, and yq for YAML β€” the DevOps data transformation toolkit
  4. File system and storage: inodes, hard links, soft links, mount points, LVM, and disk usage analysis
  5. Networking fundamentals: TCP/IP, subnets (CIDR notation), routing tables, DNS resolution, NAT, and how packets move through a cloud VPC
  6. Linux networking tools: ip, ss, netstat, curl, wget, dig, nslookup, tcpdump, and nc for debugging connectivity
  7. TLS/SSL: how certificates work, the certificate chain, Let's Encrypt, and inspecting certificates with openssl
  8. SSH: key generation, SSH config files, agent forwarding, tunnelling, and hardening SSH server configuration
  9. Cron and systemd timers: scheduling recurring tasks reliably on Linux
  10. Vim and nano: enough editor proficiency to edit files on remote servers without a GUI
  11. Git advanced workflows: rebasing, cherry-picking, reflog, bisect, signed commits, and monorepo patterns
  12. Python for DevOps automation: writing scripts with boto3, subprocess, pathlib, and argparse β€” replacing Bash for complex automation
Week 2 β€” Docker & Containers in Depth

Containers are the unit of deployment in modern cloud infrastructure. This week covers Docker from first principles to production-quality container builds and multi-container orchestration.

  1. Container fundamentals: namespaces, cgroups, and the Linux kernel features that make containers possible β€” not just how to use Docker but why it works
  2. Docker architecture: the Docker daemon, containerd, runc, image layers, and the union filesystem (OverlayFS)
  3. Writing production Dockerfiles: multi-stage builds, minimal base images (distroless, alpine, scratch), non-root users, and build cache optimisation
  4. Docker image security: scanning with Trivy and Docker Scout, removing secrets from build context, and .dockerignore
  5. Docker networking: bridge, host, overlay, and macvlan drivers β€” inter-container communication and exposing ports
  6. Docker volumes: bind mounts vs named volumes, tmpfs, and managing persistent data in containers
  7. Docker Compose: multi-container application stacks β€” depends_on, health checks, environment files, and profiles
  8. Container registries: AWS ECR β€” pushing, pulling, tagging strategies, lifecycle policies, and cross-account access
  9. Container resource limits: CPU and memory limits in Docker β€” preventing noisy neighbour problems
  10. Docker in CI/CD: building and pushing images in GitHub Actions β€” layer caching in CI and multi-platform builds (ARM + AMD64) with buildx
  11. Debugging containers: docker exec, docker logs, docker inspect, and attaching to running containers
  12. Docker security: AppArmor/seccomp profiles, read-only root filesystems, and capability dropping
Week 3 β€” AWS Core Services & Infrastructure as Code with Terraform

AWS from the perspective of a DevOps engineer β€” not a developer using console buttons, but an infrastructure engineer provisioning everything as code, with proper networking, security, and automation.

AWS fundamentals for DevOps:

  1. AWS account structure: root account, IAM users, roles, policies, and the principle of least privilege in practice
  2. VPC architecture: subnets (public/private), route tables, internet gateways, NAT gateways, VPC endpoints, and security groups vs NACLs
  3. EC2: instance types, AMIs, launch templates, user data scripts, instance profiles, EBS volumes, and EC2 Auto Scaling Groups
  4. Load balancers: ALB (Layer 7) vs NLB (Layer 4) β€” target groups, health checks, listener rules, and SSL termination
  5. S3: bucket policies, versioning, lifecycle rules, cross-region replication, and S3 as a Terraform state backend
  6. RDS: managed PostgreSQL and MySQL β€” parameter groups, snapshots, read replicas, and Multi-AZ for high availability
  7. ElastiCache: Redis clusters β€” node types, replication groups, and failover
  8. IAM in depth: role assumption, cross-account roles, OIDC identity providers for GitHub Actions, and IAM Access Analyzer
  9. Route 53: hosted zones, record types, health checks, routing policies (weighted, latency, failover), and DNS validation for ACM certificates
  10. ACM (Certificate Manager): provisioning and renewing TLS certificates for ALB and CloudFront
  11. AWS CLI and aws-vault: authenticating securely, profile management, and scripting AWS operations

Terraform for AWS:

  1. Terraform core concepts: providers, resources, data sources, locals, variables, and outputs
  2. HCL in depth: expressions, functions, for_each, count, dynamic blocks, and the depends_on meta-argument
  3. Terraform state: local state vs remote state, S3 + DynamoDB locking, state isolation per environment
  4. Terraform modules: writing reusable VPC, ECS, and RDS modules β€” module versioning and the Terraform Registry
  5. Workspaces and environment promotion: dev β†’ staging β†’ production with separate state files
  6. Provisioning a complete AWS environment with Terraform: VPC, subnets, security groups, EC2 Auto Scaling, ALB, RDS, and S3
  7. Terraform Cloud and Atlantis: team-based IaC workflows with plan-on-PR and apply-on-merge
  8. Drift detection: identifying infrastructure that has diverged from Terraform state
  9. Checkov: static analysis of Terraform code for security misconfigurations before applying
  10. Terragrunt: DRY Terraform configurations across multiple environments
Week 4 β€” CI/CD with GitHub Actions & ECS Deployments

The complete pipeline: from code push to production deployment, automated, secure, and repeatable. GitHub Actions is the primary CI/CD platform β€” ECS Fargate is the production container hosting target.

GitHub Actions in depth:

  1. GitHub Actions architecture: workflows, jobs, steps, runners (GitHub-hosted and self-hosted), and the event model
  2. Workflow triggers: push, pull_request, schedule, workflow_dispatch, and repository_dispatch
  3. Jobs and dependencies: needs, matrix builds, and parallel job execution
  4. Secrets and variables: GitHub secrets, environment secrets, and OIDC-based AWS authentication without stored access keys
  5. Composite actions and reusable workflows: building a shared action library for your organisation
  6. Caching in GitHub Actions: actions/cache for npm, pip, Docker layers, and Terraform providers
  7. Environments and protection rules: requiring manual approval before deploying to production
  8. GitHub Actions security: pinning action versions to commit SHAs, least-privilege OIDC roles, and secret scanning
  9. Self-hosted runners on EC2: cost-efficient runners for large teams with private network access requirements

ECS Fargate deployments:

  1. ECS architecture: clusters, task definitions, services, tasks, and the Fargate launch type
  2. Task definitions: container definitions, resource limits, environment variables from Secrets Manager, log configuration with awslogs
  3. ECS services: desired count, deployment configuration (rolling update vs blue/green), and service auto-scaling
  4. Blue/green deployments with CodeDeploy: zero-downtime deployments β€” shifting traffic between task set versions
  5. ECS service discovery: AWS Cloud Map for service-to-service communication within a VPC
  6. ECS Exec: accessing running containers for debugging without SSH
  7. Complete CI/CD pipeline: GitHub Actions β†’ Trivy scan β†’ Docker build β†’ push to ECR β†’ Terraform plan β†’ register new task definition β†’ ECS service update β†’ smoke test β†’ notify
  8. Rollback strategy: automatic rollback on deployment failure and manual rollback procedures
  9. Lambda deployments: packaging Lambda functions, deploying with Terraform, and versioning with aliases
Week 5 β€” Observability, Security Basics & FinOps

The three concerns that occupy the most time in a working DevOps engineer's week: understanding what your systems are doing, keeping them secure, and keeping the bill reasonable.

Observability:

  1. The three pillars: metrics, logs, and traces β€” and why you need all three to debug production incidents
  2. CloudWatch Logs: log groups, log streams, structured JSON logging, metric filters, and log insights queries
  3. CloudWatch Metrics: built-in AWS metrics, custom metrics with PutMetricData, and metric math
  4. CloudWatch Alarms: threshold alarms, composite alarms, and routing alerts to SNS β†’ Slack / PagerDuty
  5. CloudWatch Dashboards: building operational dashboards for ECS services, RDS, and Lambda
  6. AWS X-Ray: distributed tracing for Lambda and ECS β€” trace maps and segment analysis
  7. OpenTelemetry with AWS: the ADOT (AWS Distro for OpenTelemetry) Collector β€” receiving OTel spans and metrics and forwarding to CloudWatch and X-Ray
  8. Container Insights: ECS and EC2 cluster-level metrics β€” CPU, memory, network, and storage per task
  9. Structured logging best practices: correlation IDs, request tracing fields, and log level discipline

AWS security fundamentals:

  1. AWS Secrets Manager: storing and rotating database credentials, API keys, and certificates β€” application integration patterns
  2. AWS Systems Manager Parameter Store: lightweight secrets and configuration β€” SecureString parameters and path-based organisation
  3. IAM best practices: MFA enforcement, service control policies, permission boundaries, and Access Analyzer findings
  4. Security groups and NACLs: layered network security β€” stateful vs stateless filtering
  5. AWS GuardDuty: threat detection β€” understanding findings and automating remediation
  6. AWS Config: tracking resource configuration changes and compliance rules
  7. S3 security: blocking public access, bucket policies, server-side encryption, and VPC endpoint access
  8. Shift-left security in CI/CD: Trivy for container scanning, tfsec/Checkov for Terraform, and git-secrets for credential leak prevention

FinOps and cost control:

  1. AWS cost visibility: Cost Explorer, cost allocation tags, and per-team/per-service cost tracking
  2. AWS Budgets: setting budget alerts and automated actions when thresholds are breached
  3. Rightsizing: identifying over-provisioned EC2 and RDS instances with Compute Optimizer
  4. Reserved Instances and Savings Plans: committing to usage for 30–70% savings β€” 1-year vs 3-year, partial vs full upfront
  5. Spot Instances: using spot for fault-tolerant workloads (CI runners, batch jobs, stateless services) β€” interruption handling
  6. S3 storage classes: S3 Intelligent-Tiering, Glacier, and lifecycle policies to reduce storage costs
  7. NAT Gateway cost optimisation: one of the most consistently surprising AWS cost items β€” VPC endpoints as a replacement
  8. Data transfer costs: understanding cross-AZ, cross-region, and internet egress pricing

πŸš€ Advanced Add-On Tracks

(Each track is 2–3 weeks β€” additional fee per track. Can be taken in any order after completing the core program.)

Advanced Track 1: Kubernetes & EKS (3 weeks)

Kubernetes is the most in-demand DevOps skill in the market and the most complex. This track dedicates three weeks to learning it properly β€” not just running deployments but understanding the internals, operating clusters safely, and building the platform layer on top of EKS.

Week 1 β€” Kubernetes fundamentals:

  1. Kubernetes architecture: control plane (API server, etcd, scheduler, controller manager) and worker nodes (kubelet, kube-proxy, container runtime)
  2. Core objects: Pods, ReplicaSets, Deployments, StatefulSets, DaemonSets, Jobs, and CronJobs β€” when each is appropriate
  3. Services: ClusterIP, NodePort, LoadBalancer, and ExternalName β€” service discovery with DNS
  4. Ingress and Ingress Controllers: NGINX Ingress, AWS ALB Ingress Controller β€” TLS termination and path-based routing
  5. ConfigMaps and Secrets: injecting configuration and sensitive data into Pods
  6. Persistent Volumes: PV, PVC, StorageClass, and the AWS EBS CSI driver for dynamic volume provisioning
  7. Namespaces and RBAC: isolating teams and workloads, ClusterRoles vs Roles, and ServiceAccounts
  8. Resource requests and limits: LimitRanges, ResourceQuotas, and the QoS classes (Guaranteed, Burstable, BestEffort)
  9. Health checks: liveness, readiness, and startup probes β€” writing probes that Kubernetes can trust
  10. Pod scheduling: nodeSelector, affinity/anti-affinity, taints and tolerations, and PodDisruptionBudgets
  11. Rolling updates and rollbacks: Deployment update strategy, maxUnavailable, maxSurge, and kubectl rollout

Week 2 β€” EKS in production:

  1. EKS cluster provisioning with Terraform: the eks Terraform module, managed node groups, Fargate profiles, and cluster add-ons
  2. EKS networking: the AWS VPC CNI plugin, pod IP assignment, security groups for pods, and network policy with Calico
  3. IAM Roles for Service Accounts (IRSA): giving Kubernetes pods least-privilege AWS permissions without static credentials
  4. EKS cluster upgrades: the upgrade sequence β€” control plane first, then node groups β€” zero-downtime upgrade strategy
  5. Karpenter: the next-generation Kubernetes node autoscaler β€” NodePools, NodeClaims, and consolidation
  6. Cluster Autoscaler: the traditional approach β€” understanding when to use Karpenter vs Cluster Autoscaler
  7. HPA and VPA: Horizontal and Vertical Pod Autoscalers β€” metrics-based scaling with custom metrics from Prometheus
  8. EKS add-ons: CoreDNS, kube-proxy, AWS EBS CSI driver, and the AWS Load Balancer Controller β€” managed via Terraform
  9. Secrets management on EKS: External Secrets Operator with AWS Secrets Manager β€” syncing secrets to Kubernetes automatically
  10. EKS observability: Container Insights with Fluent Bit log forwarding, Prometheus + Grafana on EKS, and AWS Managed Prometheus

Week 3 β€” GitOps and advanced deployment patterns:

  1. Helm: packaging Kubernetes applications β€” writing charts, values files, hooks, and managing chart releases
  2. Kustomize: environment-specific overlays without duplicating manifests β€” base + overlays pattern
  3. ArgoCD: the GitOps continuous delivery tool β€” Applications, ApplicationSets, the App of Apps pattern, and sync policies
  4. FluxCD: the CNCF-native GitOps alternative β€” source controller, kustomize controller, and helm controller
  5. Image update automation: automatically promoting new container image tags through environments
  6. Sealed Secrets and External Secrets: managing secrets safely in a GitOps repository
  7. Progressive delivery with Argo Rollouts: canary deployments, blue/green deployments, and automated analysis for rollback decisions
  8. Service mesh basics with Istio: traffic management, mTLS between services, and observability β€” an overview for when a mesh is needed
Advanced Track 2: AWS Security & Compliance Engineering (2 weeks)

Security is no longer optional in DevOps β€” regulated industries, enterprise clients, and companies handling user data require a DevSecOps approach where security is automated into the pipeline and infrastructure, not bolted on at the end.

Week 1 β€” Infrastructure security:

  1. AWS Security Hub: centralised security findings across GuardDuty, Inspector, Config, Macie, and IAM Access Analyzer
  2. AWS Inspector v2: continuous vulnerability scanning for EC2, Lambda, and container images in ECR
  3. AWS Macie: discovering and protecting sensitive data (PII, credentials) in S3
  4. KMS (Key Management Service): CMKs, key policies, envelope encryption, and rotating keys for RDS, S3, EBS, and Secrets Manager
  5. AWS WAF: web application firewall rules β€” OWASP managed rule groups, rate limiting, and geo-blocking for ALB and CloudFront
  6. AWS Shield: DDoS protection tiers β€” Shield Standard vs Shield Advanced
  7. VPC security hardening: private subnets for all workloads, VPC Flow Logs analysis, and network ACL layering
  8. AWS CloudTrail: auditing all API calls β€” trail configuration, log file integrity validation, and alerting on suspicious activity
  9. AWS Control Tower and landing zones: multi-account governance β€” OU structure, guardrails, and account vending machine

Week 2 β€” DevSecOps pipeline and compliance:

  1. Shift-left security pipeline: integrating Trivy (containers), Checkov (IaC), Semgrep (SAST), OWASP Dependency-Check, and Gitleaks (secrets) into GitHub Actions
  2. Software Bill of Materials (SBOM): generating SBOMs with Syft and storing in ECR for audit and vulnerability tracking
  3. Container image signing with Cosign: signing images at build time and verifying signatures before deployment
  4. Supply chain security: SLSA (Supply chain Levels for Software Artifacts) framework and provenance attestation
  5. Open Policy Agent (OPA) and Kyverno: policy-as-code for Kubernetes β€” admission controllers that enforce security standards at deployment time
  6. Secrets rotation automation: automatic rotation of RDS, Redshift, and third-party API credentials with Secrets Manager rotation Lambdas
  7. Compliance frameworks on AWS: SOC 2, ISO 27001, and PCI-DSS controls mapped to AWS services β€” AWS Audit Manager for evidence collection
  8. Incident response on AWS: runbooks for common security incidents, isolating compromised resources, and forensic investigation with CloudTrail and VPC Flow Logs
Advanced Track 3: Serverless & Event-Driven Architecture on AWS (2 weeks)

Serverless is the fastest path to zero-ops infrastructure β€” no servers to patch, no clusters to manage, and pay-per-execution pricing. This track covers the full AWS serverless ecosystem and event-driven architecture patterns.

  1. Lambda deep dive: execution environment, cold starts, the Init phase, SnapStart, concurrency (reserved and provisioned), and the Lambda power tuning tool
  2. Lambda layers: sharing code and dependencies across functions β€” packaging custom runtimes
  3. Lambda function URLs: built-in HTTPS endpoints without API Gateway
  4. API Gateway: REST API vs HTTP API vs WebSocket API β€” integration types, custom authorisers, throttling, and caching
  5. Lambda deployment strategies: blue/green with aliases, weighted routing for canary releases, and Terraform for Lambda deployments
  6. AWS Step Functions: orchestrating multi-step serverless workflows β€” state machines, Express Workflows vs Standard Workflows, and error handling
  7. EventBridge: the event bus for AWS β€” event patterns, rules, targets, and building event-driven architectures across AWS services
  8. EventBridge Pipes: point-to-point integrations between event sources and targets with filtering and enrichment
  9. SQS: standard vs FIFO queues β€” message visibility, dead-letter queues, long polling, and Lambda event source mapping
  10. SNS: fan-out patterns β€” topic subscriptions, message filtering, and SQS+SNS integration
  11. Kinesis Data Streams: real-time data streaming β€” shards, consumers, and Lambda event source mapping for stream processing
  12. DynamoDB: the serverless database β€” partition keys, sort keys, GSIs, LSIs, DynamoDB Streams, TTL, and on-demand billing
  13. AppSync: managed GraphQL on AWS β€” resolvers backed by DynamoDB, Lambda, and HTTP endpoints
  14. Serverless Framework and AWS SAM: tools for defining and deploying serverless applications as code
  15. Serverless observability: Lambda Power Tools for Python/Node.js β€” structured logging, tracing, and metrics as first-class primitives
Advanced Track 4: Platform Engineering & Advanced IaC (2 weeks)

Platform Engineering is the fastest-growing DevOps specialisation β€” building the internal developer platform that lets development teams self-serve infrastructure without becoming cloud experts themselves.

  1. Platform Engineering principles: golden paths, paved roads, and the platform team's mission to reduce cognitive load for developers
  2. AWS CDK: defining AWS infrastructure in TypeScript, Python, or Go β€” L1, L2, and L3 constructs and CDK Pipelines for self-mutating infrastructure
  3. Pulumi: infrastructure as real code β€” TypeScript and Python Pulumi programs, stacks, and state management
  4. Terraform advanced patterns: module composition, provider aliasing, dynamic provider configuration, and writing Terraform tests with the native test framework
  5. Terraform Stacks (preview): the new native deployment orchestration for multi-environment Terraform workflows
  6. Backstage: the Spotify-open-sourced internal developer portal β€” service catalogue, TechDocs, scaffolding templates, and AWS plugin integration
  7. Service cataloguing: defining and publishing golden path templates that provision full application infrastructure from a single Backstage template
  8. AWS Service Catalog: curated CloudFormation and Terraform products that developers can self-serve without direct IAM permissions
  9. Internal developer platform metrics: DORA metrics (deployment frequency, lead time, MTTR, change failure rate) β€” measuring platform effectiveness
  10. Policy as code at scale: OPA Conftest for validating Terraform plans, CloudFormation templates, and Kubernetes manifests before apply
  11. Multi-account AWS strategy: AWS Organizations, SCPs, delegated admin, and account-per-environment vs account-per-team patterns
  12. AWS Control Tower customisations: adding custom guardrails, lifecycle event hooks, and account factory automation
Advanced Track 5: ML Infrastructure & DataOps on AWS (2 weeks)

As AI workloads move into production, DevOps engineers increasingly need to provision and operate the GPU infrastructure, ML pipelines, and data platforms that data science teams depend on. This track covers the infrastructure side of ML engineering.

  1. AWS SageMaker infrastructure: training job resource provisioning, managed spot training, and SageMaker Studio domain setup
  2. GPU instance types on AWS: p3, p4d, g4dn, g5 β€” when to use each and cost comparison with SageMaker managed compute
  3. S3 as a data lake: partitioned Parquet datasets, S3 event notifications, and organising a data lake with landing, raw, curated, and serving layers
  4. AWS Glue: serverless ETL β€” Glue crawlers, Glue Data Catalog, Glue jobs in Python/Spark, and Glue Studio
  5. AWS Athena: serverless SQL over S3 β€” partition projection, workgroups, and cost control with result reuse
  6. Apache Airflow on AWS (MWAA): managed workflow orchestration β€” DAG deployment, connections, and worker scaling
  7. AWS Batch: managed batch computing for CPU and GPU workloads β€” job definitions, job queues, and compute environments
  8. MLflow on AWS: running the MLflow tracking server on ECS or EC2 with S3 artifact store and RDS backend
  9. Model serving infrastructure: deploying models to SageMaker Real-Time Endpoints, Serverless Inference, and Batch Transform
  10. Feature Store on AWS: SageMaker Feature Store β€” online and offline stores, feature groups, and ingestion pipelines
  11. Data pipeline CI/CD: testing and deploying Glue jobs and Airflow DAGs with GitHub Actions
  12. Data infrastructure cost control: Athena query cost management, Glue DPU optimisation, and S3 Intelligent-Tiering for data lake cost reduction
Advanced Track 6: SRE & Advanced Observability (2 weeks)

Site Reliability Engineering is the discipline of applying software engineering to operations problems β€” defining SLOs, automating toil, and building the systems that prevent incidents before they happen and recover faster when they do.

Week 1 β€” Advanced observability stack:

  1. Prometheus in production: scraping configuration, service discovery, recording rules, and federation for large-scale metrics
  2. PromQL in depth: rate, irate, increase, histogram_quantile, topk, and writing useful alerting rules
  3. Grafana: building production dashboards β€” templating, variables, annotations, and on-call alert routing
  4. Loki: log aggregation without indexing overhead β€” LogQL queries, label design, and Promtail / Fluent Bit agents
  5. Tempo: distributed tracing storage β€” trace ID correlation between Grafana, Loki, and Tempo
  6. Grafana OnCall: on-call schedule management, escalation policies, and alert grouping
  7. OpenTelemetry Collector: the OTel Collector as a central telemetry pipeline β€” receivers, processors, exporters, and pipelines
  8. AWS Managed Grafana and AWS Managed Prometheus: the managed observability stack on AWS β€” setup, workspace configuration, and cost

Week 2 β€” SRE practice:

  1. SLIs, SLOs, and error budgets: defining meaningful service level indicators, setting realistic objectives, and calculating error budget consumption
  2. Alerting on SLOs: multi-window, multi-burn-rate alerts β€” the Google SRE approach to actionable alerting
  3. Incident management: the incident lifecycle (detect β†’ respond β†’ mitigate β†’ resolve β†’ review), roles, communication templates, and tooling
  4. Post-mortems: blameless post-mortem culture, the timeline reconstruction technique, and action item tracking
  5. Chaos engineering on AWS: AWS Fault Injection Simulator (FIS) β€” running controlled experiments that inject EC2 failures, network latency, and AZ outages
  6. Resilience testing: validating Auto Scaling Group failover, RDS Multi-AZ switchover, and ECS service recovery times
  7. Toil reduction: identifying repetitive manual operational work and automating it with Lambda, Systems Manager Automation, and EventBridge
  8. Capacity planning: using CloudWatch metrics and Cost Explorer data to forecast resource needs and plan scaling ahead of traffic growth

πŸ“… Schedule & Timings

Choose one group only based on your availability. Max 5 candidates per group to ensure individual attention and hands-on lab support.

Weekday Groups:

  • Group 1: Mon–Wed, 10 AM – 1 PM
  • Group 2: Mon–Wed, 4 PM – 7 PM

Weekend Groups:

  • Group 3: Sat & Sun, 10 AM – 2 PM
  • Group 4: Sat & Sun, 4 PM – 8 PM

πŸ“ Location: In-house training in Islamabad
πŸ“± Online option may be arranged for out-of-city participants

πŸ› οΈ Core Program Tools & Technologies

  • OS & Scripting: Ubuntu Linux, Bash, Python (boto3), vim
  • Containers: Docker, Docker Compose, AWS ECR, Trivy, Docker Scout
  • AWS Services: VPC, EC2, ALB/NLB, ECS Fargate, RDS, ElastiCache, S3, IAM, Route 53, ACM, Secrets Manager, CloudWatch, X-Ray, GuardDuty, Config
  • IaC: Terraform, Terragrunt, Checkov, tfsec
  • CI/CD: GitHub Actions (OIDC auth, matrix builds, reusable workflows, self-hosted runners)
  • Observability: CloudWatch, AWS X-Ray, OpenTelemetry (ADOT Collector)
  • Security: AWS Secrets Manager, KMS, IAM Access Analyzer, GuardDuty, AWS WAF
  • Cost: AWS Cost Explorer, AWS Budgets, Compute Optimizer

πŸ“‹ Advanced Track Summary

  • Track 1: Kubernetes & EKS β€” 3 weeks (Helm, ArgoCD, Karpenter, GitOps, Argo Rollouts)
  • Track 2: AWS Security & Compliance Engineering β€” 2 weeks (DevSecOps pipeline, OPA, SBOM, Cosign)
  • Track 3: Serverless & Event-Driven Architecture β€” 2 weeks (Lambda, Step Functions, EventBridge, DynamoDB)
  • Track 4: Platform Engineering & Advanced IaC β€” 2 weeks (CDK, Pulumi, Backstage, multi-account)
  • Track 5: ML Infrastructure & DataOps β€” 2 weeks (SageMaker, Glue, Athena, MWAA, MLflow)
  • Track 6: SRE & Advanced Observability β€” 2 weeks (Prometheus, Grafana, Loki, Tempo, chaos engineering)

🎯 AWS Certifications Aligned

  • Core program: AWS Solutions Architect Associate, AWS SysOps Administrator Associate
  • Track 1 (EKS): Kubernetes CKA (Certified Kubernetes Administrator)
  • Track 2 (Security): AWS Security Specialty
  • Track 3 (Serverless): AWS Developer Associate
  • Track 4 (Platform): AWS DevOps Engineer Professional, HashiCorp Terraform Associate
  • Track 5 (ML): AWS Machine Learning Specialty
  • Track 6 (SRE): AWS SysOps Administrator Professional

βœ… Prerequisites

  • Comfortable using the Linux command line (navigating directories, editing files, running commands)
  • Basic understanding of how web applications work (HTTP, DNS, servers)
  • Familiar with at least one programming language for scripting (Python preferred)
  • Git basics: clone, commit, push, pull, branch
  • No prior AWS or DevOps experience required for the core program

🎯 Who This Is For

  • Backend or full-stack developers who want to own the infrastructure layer
  • System administrators transitioning to cloud-native DevOps roles
  • Engineers targeting remote DevOps, SRE, or platform engineering roles
  • Technical leads who need to make infrastructure and deployment decisions for their teams
  • Anyone pursuing AWS certification with hands-on practical training to complement exam prep

πŸ’³ Course Fee & Booking

  • βŒ› Core Program Duration: 4–5 Weeks
  • βž• Each Advanced Track: 2–3 additional weeks (additional fee per track)
  • πŸ“¦ Available Advanced Tracks: Kubernetes & EKS Β· Security & Compliance Β· Serverless & Event-Driven Β· Platform Engineering Β· ML Infrastructure & DataOps Β· SRE & Observability
  • πŸ”’ Seats: 5 only per group

πŸ‘‰ Click here to book via WhatsApp