Reference
This module's "source of truth" is the set of Semester 9 modules you already completed. The capstone is where those ideas land in one real project, so the reference here points back at them, not at a new reading list.
Source Roles
| Source | Role | Why it is here |
|---|---|---|
| S9 M01: Cloud Platform Fundamentals | Primary | Shared-responsibility framing for platform choice |
| S9 M02: Infrastructure as Code | Primary | State, backends, module composition, drift |
| S9 M03: Container Orchestration | Selective | Only if your topology is Kubernetes-shaped |
| S9 M04: CI/CD Pipelines and Release Engineering | Primary | Workflow anatomy, release discipline, rollback |
| S9 M05: Cloud Security and Observability | Primary | Least-privilege, OIDC, secrets, smoke-test signals |
| S8 M04: Scale, Reliability, Performance | Support | MTTR, zero-downtime, operational cost of complexity |
Read Only If Stuck
Cluster 1: A Minimal Deployable Capstone
- S9 M01: Cloud Platform Fundamentals -- platform choice under shared-responsibility
- S8 M04: Scale, Reliability, Performance -- topology sizing and operational cost
- GitHub Actions documentation -- verify deploy paths for candidate platforms
- DORA software delivery performance metrics -- why small, frequent deploys outperform large ones
Cluster 2: Capstone IaC
- S9 M02: Infrastructure as Code -- Terraform state, backend, module composition
- S9 M05: Cloud Security and Observability -- secrets management and least-privilege
- Terraform: State -- authoritative definition of state
Cluster 3: Capstone Pipeline
- S9 M04: CI/CD Pipelines and Release Engineering -- workflow anatomy
- S9 M05: Cloud Security and Observability -- OIDC and pipeline permissions
- S9 M03: Container Orchestration -- only if topology is k8s-shaped
- GitHub Actions documentation -- triggers, permissions, environments
- Configuring OIDC in AWS (GitHub Docs) -- setup reference
- Preview Environments action (GitHub Marketplace) -- reference implementation
Cluster 4: Safe Release
- S9 M04: CI/CD Pipelines and Release Engineering -- rollback patterns
- S8 M04: Scale, Reliability, Performance -- MTTR and zero-downtime change
- Expand and Contract -- Tim Wellhausen -- canonical write-up
- Martin Fowler: Feature Flag -- taxonomy and retirement argument
- DORA metrics guide -- time-to-restore-service
Cluster 5: Evidence of a Deployed System
- S9 M04: CI/CD Pipelines and Release Engineering -- release-notes and runbook discipline
- S9 M05: Cloud Security and Observability -- observability signals used in the runbook's "Verify"
- Google SRE: Testing for Reliability -- production probes and stress tests
Optional Deep Dive
- Google SRE Workbook: Canarying Releases -- more sophisticated progressive-delivery patterns, beyond this capstone's scope but worth a skim
- Additional cloud-vendor deploy guides linked from your chosen platform's official docs, if and only if a specific decision in your capstone requires one
Concept-to-Source Map
| Primary concept | Best source if stuck | Why this source |
|---|---|---|
| Choosing "small enough" cloud | S9 M01: Cloud Platform Fundamentals | Only place where shared responsibility is developed end-to-end |
| The capstone deployment topology | S8 M04: Scale, Reliability, Performance | Frames topology as an operational-cost choice, not a fashion choice |
| Environment strategy on a budget | S9 M04: CI/CD Pipelines and Release Engineering | Env promotion is the pipeline's topology |
| Terraform for the capstone | S9 M02: Infrastructure as Code | State, backend, scope handled together |
| Module reuse vs inline | S9 M02: Infrastructure as Code | Composition patterns |
| Secrets and config | S9 M05: Cloud Security and Observability | Least-privilege and rotation |
| GitHub Actions workflow | S9 M04: CI/CD Pipelines and Release Engineering | Workflow anatomy and triggers |
| OIDC to cloud | Configuring OIDC in AWS (GitHub Docs) | Only authoritative setup doc |
| Preview vs staging | S9 M04: CI/CD Pipelines and Release Engineering | Environment-promotion patterns |
| Rollback rehearsal | S8 M04: Scale, Reliability, Performance | MTTR is developed there |
| DB migrations with release | Expand and Contract -- Tim Wellhausen | Clearest canonical write-up |
| Feature flags | Martin Fowler: Feature Flag | Taxonomy and retirement |
| Smoke tests | Google SRE: Testing for Reliability | Production-probe framing |
| Release notes | S9 M04: CI/CD Pipelines and Release Engineering | Release-engineering discipline |
| Deployment runbook | S9 M04: CI/CD Pipelines and Release Engineering | Runbook authoring |