How do I create a mind map for Google Cloud certifications?
Create a central node "Google Cloud" with branches for the major service categories: Compute (Compute Engine, GKE, Cloud Run, App Engine, Cloud Functions), Storage (Cloud Storage, Persistent Disk, Filestore), Databases (Cloud SQL, Cloud Spanner, Bigtable, Firestore, Memorystore), Networking (VPC, Cloud Load Balancing, Cloud CDN, Cloud DNS), and Data and AI (BigQuery, Dataflow, Pub/Sub, Vertex AI). Add a decision tree branch for service selection scenarios, which are heavily tested on the Associate Cloud Engineer and Professional Cloud Architect exams.
Google Cloud Platform has grown to over 200 services, but the Associate Cloud Engineer (ACE) and Professional Cloud Architect (PCA) exams focus on a core subset. The challenge for candidates is not just memorizing what each service does but understanding which service to choose in scenario-based questions. A structured mind map approach makes service relationships and selection criteria visual and retrievable.
Google Cloud Certification Paths and Exam Focus
Before building your maps, understand what each certification tests:
| Certification | Exam Code | Focus | Service Depth |
|---|---|---|---|
| Associate Cloud Engineer | ACE | Deploy and manage solutions | 50-60 services |
| Professional Cloud Architect | PCA | Design and architect systems | 80+ services |
| Professional Data Engineer | PDE | Data pipelines and ML | Data/AI services deeply |
| Professional Cloud Security Engineer | PCSE | Security and compliance | IAM, VPC SC, DLP |
| Professional Cloud DevOps Engineer | PCDE | CI/CD, SRE, monitoring | Operations stack |
The ACE is the recommended entry point. Your ACE mind map will serve as the foundation for professional-level certification maps.
ACE Mind Map Structure
Compute Branch
Compute Engine
- Virtual machines with configurable CPU, memory, GPU
- Machine families: General Purpose (N2, E2), Compute Optimized (C2), Memory Optimized (M2), Accelerator Optimized (A2)
- Pricing: On-demand, Committed Use Discounts (1 or 3 year), Preemptible/Spot VMs
Google Kubernetes Engine (GKE)
- Managed Kubernetes cluster
- Autopilot mode: Google manages node configuration
- Standard mode: user manages node configuration
- Use when: containerized workloads needing orchestration
Cloud Run
- Fully managed serverless containers
- Scales to zero when not in use
- Use when: stateless HTTP workloads, no Kubernetes expertise required
App Engine
- Platform-as-a-Service for web applications
- Standard environment: sandboxed, fast scaling, limited runtimes
- Flexible environment: Docker containers, slower scaling, custom runtimes
Cloud Functions
- Serverless event-driven function execution
- First-generation and second-generation (based on Cloud Run)
- Use when: lightweight event processing, simple integrations
| Service | When to Choose |
|---|---|
| Compute Engine | Full OS control, lift-and-shift, GPU workloads |
| GKE Standard | Kubernetes, complex container orchestration |
| GKE Autopilot | Kubernetes, team does not manage nodes |
| Cloud Run | Stateless containers, HTTP, auto-scaling to zero |
| App Engine Standard | Web apps, rapid scaling, limited runtimes |
| Cloud Functions | Event triggers, lightweight code, no container needed |
Storage Branch
Cloud Storage
- Object storage: Standard, Nearline, Coldline, Archive
- Standard: frequent access
- Nearline: access less than once per month
- Coldline: access less than once per quarter
- Archive: long-term retention, rarely accessed
- Uniform bucket-level access or fine-grained ACLs
Persistent Disk
- Block storage attached to Compute Engine instances
- Types: Standard (HDD), Balanced (SSD), SSD (high IOPS), Extreme
- Can be attached to multiple VMs in read-only mode
Filestore
- Managed NFS file share
- Shared access from multiple Compute Engine instances
- Tiers: Basic HDD, Basic SSD, High Scale SSD, Enterprise
"Cloud Storage is Google Cloud's universal answer to object storage. When an exam question mentions unstructured data, files, backups, or media, Cloud Storage is typically the correct service. The storage class selection depends entirely on access frequency and retrieval cost tolerance." -- Google Cloud Associate Cloud Engineer Study Guide, Dan Sullivan
Database Branch
Cloud SQL
- Managed relational databases: MySQL, PostgreSQL, SQL Server
- High availability with automatic failover
- Read replicas for performance scaling
- Use when: existing relational database workload, transactional data
Cloud Spanner
- Globally distributed relational database
- Horizontal scalability with SQL and strong consistency
- Use when: global transactions, financial systems, high-availability relational needs
Bigtable
- Managed wide-column NoSQL database
- Petabyte-scale, millisecond latency
- Use when: time-series data, IoT data, AdTech, large analytical workloads
Firestore
- Managed document database (NoSQL)
- Real-time sync for mobile and web applications
- Datastore mode for backend applications, Native mode for client apps
Memorystore
- Managed Redis or Memcached
- In-memory caching layer
- Use when: session management, caching, leaderboards
BigQuery
- Serverless data warehouse for analytics
- SQL-based analysis of petabyte-scale datasets
- Columnar storage, separated compute/storage
- Note: BigQuery is analytics, not transactional; often listed under Data but tested as a database choice
| Database | Model | Key Use Case |
|---|---|---|
| Cloud SQL | Relational (managed) | Existing SQL workloads, OLTP |
| Cloud Spanner | Relational (global) | Global transactions, financial |
| Bigtable | Wide-column NoSQL | Time-series, IoT, high throughput |
| Firestore | Document NoSQL | Mobile/web apps, real-time sync |
| BigQuery | Columnar warehouse | Analytics, reporting, BI |
Networking Branch
VPC (Virtual Private Cloud)
- Global resource: subnets are regional
- VPC peering: connect two VPCs
- Shared VPC: centralized network management across projects
- VPC Service Controls: security perimeter around services
Cloud Load Balancing
- Global: HTTP(S), SSL Proxy, TCP Proxy
- Regional: Network TCP/UDP, Internal HTTP(S), Internal TCP/UDP
- Cross-region load balancing with anycast IP
Cloud CDN
- Content Delivery Network integrated with HTTP(S) Load Balancing
- Caches static content at Google's edge nodes globally
Cloud DNS
- Managed authoritative DNS service
- Public and private zones
- Integration with Google Cloud resources
Cloud Interconnect
- Dedicated Interconnect: private connection to Google network
- Partner Interconnect: through connectivity provider
- Use when: high-bandwidth, low-latency connection from on-premises
IAM and Security Branch
Identity and Access Management
- Principals: Google Account, Service Account, Google Group, Cloud Identity domain
- Roles: Basic (Owner/Editor/Viewer), Predefined (service-specific), Custom
- Policy hierarchy: Organization > Folder > Project > Resource
Service Accounts
- Represent non-human identities (applications, VMs)
- Keys: Google-managed (automatic rotation) vs User-managed (manual rotation)
- Workload Identity Federation: authenticate without service account keys
Cloud KMS
- Managed cryptographic key lifecycle
- Customer-Managed Encryption Keys (CMEK): you control keys
- Cloud EKM: keys held outside Google
Security Command Center
- Centralized security and risk management
- Standard tier (free) vs Premium tier (threat detection, compliance)
- Findings: vulnerability, threat, posture
"IAM policy inheritance flows down the resource hierarchy. A permission granted at the organization level applies to all folders, projects, and resources below it. A deny policy can restrict permissions regardless of what is granted lower in the hierarchy." -- Google Cloud documentation
Professional Cloud Architect Additional Maps
The PCA exam adds design and architecture scenarios not tested on the ACE. Extend your mind map with:
Reliability and SRE Branch
- SLO (Service Level Objective): target reliability (e.g., 99.9% availability)
- SLA (Service Level Agreement): commitment to customers
- Error budget: (1 - SLO) x time period; burn rate determines alerting
Cost Optimization Branch
- Committed Use Discounts: 1-year (20-57% discount), 3-year (37-70%)
- Sustained Use Discounts: automatic for Compute Engine (up to 30%)
- Preemptible/Spot VMs: 60-91% discount, can be terminated by Google
Migration Branch
- 6Rs: Rehost, Replatform, Repurchase, Refactor, Retire, Retain
- Migration Fit Assessment: workload suitability matrix
- Transfer Appliance for large data migrations
"Professional Cloud Architect scenarios frequently ask about the trade-offs between reliability, cost, and operational complexity. The best solution is not always the most available or cheapest independently -- it is the one that meets the stated requirements within the given constraints." -- Professional Cloud Architect Study Guide
Building Your GCP Maps with Coggle
Coggle works particularly well for Google Cloud mind maps because of its collaborative features and clean export options:
Recommended map hierarchy:
- One master GCP map (all categories, 2 branches deep)
- Separate detailed maps per domain: Compute, Storage, Database, Networking, Data/AI, IAM
Color coding suggestions:
- Blue: Compute services
- Orange: Storage services
- Green: Database services
- Purple: Networking services
- Yellow: Data and AI services
- Red: Security and IAM services
Collaboration use: Share your Coggle map link with study partners for asynchronous review and annotation.
Frequently Asked Questions
How many Google Cloud services should I include in my ACE mind map? The ACE exam focuses on approximately 50-60 services at meaningful depth. Prioritize services that appear most frequently in practice exam questions: Compute Engine, GKE, Cloud Run, Cloud Storage, Cloud SQL, BigQuery, VPC, Cloud Load Balancing, IAM, and Cloud Monitoring. Secondary services (Dataflow, Pub/Sub, Cloud Spanner) appear less frequently but should be included at a basic level.
How is a Google Cloud mind map different from an AWS mind map? The structure is similar but GCP has unique concepts that need dedicated branches: the VPC global vs subnet regional distinction (different from AWS where VPCs are regional), the project hierarchy (Organization/Folder/Project), Shared VPC and VPC Service Controls, and the distinction between Autopilot and Standard GKE. These GCP-specific concepts are frequently tested and warrant prominent placement in your map.
Should I create separate maps for ACE and PCA? Build a comprehensive ACE map first, then extend it for PCA rather than creating a separate map. PCA adds architecture and design branches (reliability SLOs, cost optimization, migration strategies) to the same service foundation. Starting fresh for PCA wastes the investment in your ACE map.
References
- Google Cloud. (2024). Associate Cloud Engineer Exam Guide. https://cloud.google.com/learn/certification/cloud-engineer
- Google Cloud. (2024). Professional Cloud Architect Exam Guide. https://cloud.google.com/learn/certification/cloud-architect
- Sullivan, D. (2022). Official Google Cloud Certified Associate Cloud Engineer Study Guide, 2nd Edition. Sybex/Wiley.
- Google Cloud. (2024). Google Cloud Architecture Framework. https://cloud.google.com/architecture/framework
- Buzan, T. (2006). The Ultimate Book of Mind Maps. Harper Collins.
- Google Cloud. (2024). Google Cloud Products and Solutions. https://cloud.google.com/products