Competencies: Cloud > Cloud Architecture

Cloud Architecture

Body of Knowledge

Topic	Description	Relevance	Career Tracks
Cloudflare Pages	JAMstack deployment platform with automatic builds from Git, preview deployments, custom domains, and edge network distribution. Part of the Cloudflare ecosystem including Workers, KV, and R2.	Medium	DevOps, Platform, Frontend
Cloudflare Access	Zero-trust network access solution providing identity-aware proxy, application policies, tunnel-based connectivity, and integration with identity providers for secure access to internal resources without VPN.	High	Security Engineer, Platform Engineer, DevSecOps
Cloud Architecture Concepts	Foundational cloud computing principles including service models (IaaS/PaaS/SaaS), shared responsibility model, cloud security architecture, multi-region design, auto-scaling, and cloud-native application patterns.	Critical	Cloud Architect, Solutions Architect, Platform Engineer
CDN / Edge Networking	Content delivery network concepts and implementation including edge caching, cache invalidation, geographic distribution, edge computing, and optimization strategies for global content delivery.	Medium	Platform Engineer, DevOps Engineer, Site Reliability Engineer
Cloud IAM Concepts	Identity and access management principles for cloud environments including RBAC, ABAC, least privilege, policy-based access control, service accounts, and cross-account access patterns.	High	Cloud Security Engineer, IAM Specialist, Security Architect
Well-Architected Framework	Operational excellence, security, reliability, performance efficiency, cost optimization pillars	Critical	Cloud Architect, Solutions Architect, Platform Engineer
Cloud Cost Management	FinOps practices, cost allocation, reserved capacity, spot instances, rightsizing	High	Cloud Architect, FinOps Engineer, Platform Engineer
Cloud Migration Strategies	Rehost, replatform, refactor, repurchase, retire patterns; migration planning	High	Cloud Architect, Solutions Architect, Infrastructure Engineer
Serverless Architecture	FaaS patterns, event-driven design, serverless databases, cold start optimization	High	Cloud Architect, Backend Developer, DevOps Engineer
Cloud Networking Patterns	Hub-spoke topology, transit gateways, private connectivity, service endpoints	High	Cloud Architect, Network Engineer, Solutions Architect
Disaster Recovery	RPO/RTO planning, cross-region replication, backup strategies, failover automation	Critical	Cloud Architect, SRE, Infrastructure Engineer

Topic

Description

Relevance

Career Tracks

Cloudflare Pages

JAMstack deployment platform with automatic builds from Git, preview deployments, custom domains, and edge network distribution. Part of the Cloudflare ecosystem including Workers, KV, and R2.

Medium

DevOps, Platform, Frontend

Cloudflare Access

Zero-trust network access solution providing identity-aware proxy, application policies, tunnel-based connectivity, and integration with identity providers for secure access to internal resources without VPN.

High

Security Engineer, Platform Engineer, DevSecOps

Cloud Architecture Concepts

Foundational cloud computing principles including service models (IaaS/PaaS/SaaS), shared responsibility model, cloud security architecture, multi-region design, auto-scaling, and cloud-native application patterns.

Critical

Cloud Architect, Solutions Architect, Platform Engineer

CDN / Edge Networking

Content delivery network concepts and implementation including edge caching, cache invalidation, geographic distribution, edge computing, and optimization strategies for global content delivery.

Medium

Platform Engineer, DevOps Engineer, Site Reliability Engineer

Cloud IAM Concepts

Identity and access management principles for cloud environments including RBAC, ABAC, least privilege, policy-based access control, service accounts, and cross-account access patterns.

High

Cloud Security Engineer, IAM Specialist, Security Architect

Well-Architected Framework

Operational excellence, security, reliability, performance efficiency, cost optimization pillars

Critical

Cloud Architect, Solutions Architect, Platform Engineer

Cloud Cost Management

FinOps practices, cost allocation, reserved capacity, spot instances, rightsizing

High

Cloud Architect, FinOps Engineer, Platform Engineer

Cloud Migration Strategies

Rehost, replatform, refactor, repurchase, retire patterns; migration planning

High

Cloud Architect, Solutions Architect, Infrastructure Engineer

Serverless Architecture

FaaS patterns, event-driven design, serverless databases, cold start optimization

High

Cloud Architect, Backend Developer, DevOps Engineer

Cloud Networking Patterns

Hub-spoke topology, transit gateways, private connectivity, service endpoints

High

Cloud Architect, Network Engineer, Solutions Architect

Disaster Recovery

RPO/RTO planning, cross-region replication, backup strategies, failover automation

Critical

Cloud Architect, SRE, Infrastructure Engineer

Personal Status

Topic	Level	Evidence	Active Projects	Gaps
Cloudflare Pages	Intermediate	Antora documentation deployed via Cloudflare Pages — automatic builds on push, custom domains, preview deployments for PRs	Hub Aggregator	No Cloudflare Workers, no edge functions, no KV storage
Cloudflare Access	Intermediate	Zero-trust access policies for documentation sites; understand Cloudflare Tunnel concepts, application policies, identity provider integration	Hub Aggregator	No Cloudflare Gateway, no WARP deployment, no full Cloudflare Zero Trust stack
Cloud Architecture Concepts	Intermediate	CISSP covers cloud service models (IaaS/PaaS/SaaS), shared responsibility, cloud security; understand but have not implemented	CISSP Study Guide	No hands-on cloud architecture — no multi-region, no auto-scaling, no cloud-native design
CDN / Edge Networking	Intermediate	Cloudflare CDN for documentation sites; understand caching, edge locations, purge strategies	Hub Aggregator	No multi-CDN strategy, no custom cache rules, no edge computing
Cloud IAM Concepts	Intermediate	CISSP covers IAM principles; Vault policies model access control; understand RBAC, ABAC, least privilege	CISSP Study Guide, Secrets Vault	No AWS IAM policies, no Azure RBAC, no GCP IAM; cannot write cloud IAM from scratch

Topic

Level

Evidence

Active Projects

Gaps

Cloudflare Pages

Intermediate

Antora documentation deployed via Cloudflare Pages — automatic builds on push, custom domains, preview deployments for PRs

Hub Aggregator

No Cloudflare Workers, no edge functions, no KV storage

Cloudflare Access

Intermediate

Zero-trust access policies for documentation sites; understand Cloudflare Tunnel concepts, application policies, identity provider integration

Hub Aggregator

No Cloudflare Gateway, no WARP deployment, no full Cloudflare Zero Trust stack

Cloud Architecture Concepts

Intermediate

CISSP covers cloud service models (IaaS/PaaS/SaaS), shared responsibility, cloud security; understand but have not implemented

CISSP Study Guide

No hands-on cloud architecture — no multi-region, no auto-scaling, no cloud-native design

CDN / Edge Networking

Intermediate

Cloudflare CDN for documentation sites; understand caching, edge locations, purge strategies

Hub Aggregator

No multi-CDN strategy, no custom cache rules, no edge computing

Cloud IAM Concepts

Intermediate

CISSP covers IAM principles; Vault policies model access control; understand RBAC, ABAC, least privilege

CISSP Study Guide, Secrets Vault

No AWS IAM policies, no Azure RBAC, no GCP IAM; cannot write cloud IAM from scratch