DevSecOps Training

With AI ML & Realtime

Projects

Duration : 13 weeks
Online
 Meet Your Coach

Explore transformative DevOps solutions, Kubernetes expertise,

and AWS & Azure Cloud innovation guided by Murali Dulam,
your dedicated coach at ITasCode. With extensive industry
experience.

Founder @ ITasCode Pvt Ltd & Product Operations @ FIRA|

Solution Architecture | DevSecOps, Kubernetes & Cloud
Consultant |

22 80+ 5000+
 DevSecOps - AWS & Azure
Training With AI ML & Realtime
Projects
Software Development Overview – 2 Hours
Software Development Lifecycle Stages
Challenges in Traditional Software Development Lifecycle Stages
Streamline software delivery with Security & Importance of DevSecOps strategies
section 1

Explore DevOps , DevSecOps & Cloud Job Roles

Future DevSecOps, Cloud and Kubernetes Trends
DevSecOps, Cloud and Kubernetes Role in AI, Machine Learning (ML) Edge
Computing and IOT
DevSecOps, Cloud and Kubernetes role in Low-Code and No-Code Platforms
Importance of the Agile in the Software Development Process

Cloud Computing Overview – 2 Hours

What is Cloud Computing? Definitions, history, and evolution.
Traditional IT vs. Cloud Computing: A comparative analysis with Realtime use case
Key Characteristics of Cloud Computing: On-demand self-service, broad network
section 2

access, resource pooling, rapid elasticity, measured service.

Benefits1 and Advantages of Cloud Computing: Cost savings, scalability, agility
Cloud Computing Service and Deployment Models

4
 DevSecOps - AWS & Azure
Training With Realtime Projects

• Virtualization – 30 minutes
• What is virtualization? Different ways to host your apps.
section 4

• On-premises, VMs, Cloud, and Containers explained.

• Pros and cons of each hosting type.
• Which one is best for you?
• Hands-on practice with the key technologies.

• Linux Basics – 1 hour

• What is Linux? Why use it?
• Linux Operating System overview
• Essential Linux commands
• Working with the command line
section 5

• Users, permissions, and package management

• Text editors
• Networking commands
• system administration Commands

• Azure & AWS Cloud Overview – 3 Hours

• IAAS & PAAS Service in Azure & AWS
• Azure & AWS High availability
section 6

• Azure & AWS Storage

• Azure & AWS CLI
 • Git Version Control – 5 hours
• What is Git? Why use it? (Version control, collaboration, real-world project
examples)
• Install & configure Git (username, email, setting up SSH keys).
• Staging & committing changes (add, commit, status, writing good commit
section 7

messages).
• Ignoring files and viewing differences (gitignore, diff, handling sensitive data).
• Branching: Creating, merging, and deleting (branch, merge, feature branches,
hotfixes).
• Working with remote repositories (clone, push, pull, fetch, collaborating with a
team).
• Pull requests and code reviews (PRs, giving and receiving feedback).
• Resolving merge conflicts (merge conflict resolution, common conflict scenarios).
• Basic Git workflow (feature branching, GitFlow - optional, choosing a workflow for
your team).
• Using Git with a code editor (VSCode, etc., integrating Git into your development
environment).
• Resetting and reverting changes (reset, revert, undoing mistakes).
• Hands-on exercises and assignments (simulating real-world development tasks).
Sseecctitoionn85

• Build Tools (Maven & .NET) -2hours

• What are build tools? Why do we need them?
• Problems without build tools (manual work, errors).
• Maven overview (POM, dependencies, lifecycle).
• Understanding Maven project structure.
• .NET build overview (MSBuild, NuGet).
• Understanding .NET project structure.
• Maven vs .NET builds.
• identifying key areas in the developer workflow for automation
• Hands-on: Building projects with Maven and .NET.
 • Azure DevOps -9 Hours
• What is Azure DevOps? Why use it? (CI/CD, collaboration, project management)
section 9

• Agentic AI DevSecOps
• CI/CD basics (what it is, why it's important, benefits).
• Azure DevOps pipelines (building, testing, and releasing, stages, jobs).
• YAML pipelines (defining pipelines with code, syntax, templates).
• Working with code (Azure Repos, branching strategies, pull requests).
• Testing and code quality (SonarQube, static/dynamic analysis).
• Deployments (blue/green, deployment groups, environments).
• Package management (Azure Artifacts, publishing, consuming).
• Integrating with other tools (IaC - Terraform/Bicep, Kubernetes, configuration
management).
• Agents (hosted, self-hosted, managing agents).
• Build types (different build configurations).
• Scheduled and triggered builds.
• Security and permissions in Azure DevOps.
• Monitoring and reporting.
• Hands-on exercises and assignments (real-world scenarios)

• Docker – 9 Hours
• Why containers? (Problems with old ways, benefits of Docker: portability, efficiency)
• Docker basics (images, containers, volumes, networks, registries).
section 10

• Installing Docker (for your OS).

• Working with images (build, run, push, pull, inspect, layers).
• Working with containers (start, stop, manage, logs, attach, exec).
• Dockerfile (creating images, instructions: FROM, RUN, COPY, CMD, ENTRYPOINT, ENV,
ARG).
• Docker Compose (multi-container apps, defining services, networking).
• Docker Hub (sharing images, public vs. private registries).
• Security (image scanning, vulnerability management).
• Container networking (bridge, host, overlay networks, port mapping).
• Docker volumes (persistent storage, data management).
• Multi-stage builds (optimizing image size).
• Advanced Dockerfile tricks (env vars, health checks).
• Docker security best practices.
• Docker monitoring & logging.
• Docker & CI/CD.
• Hands-on exercises (containerizing applications, using Docker Compose).
• Terraform – 9 Hours
Module 1: Introduction to Infrastructure as Code (IaC)
• Overview of Infrastructure as Code
• Benefits of IaC
• Introduction to Terraform
Module 2: Setting Up Terraform
• Installing Terraform
• Configuring Credentials (AWS, Azure, GCP)
• Basic Terraform Commands (init, plan, apply, destroy)
Module 3: Terraform Configuration Language (HCL)
• Understanding HCL Syntax
• Resources, Providers, and State Management
• Basic Networking Concepts in Terraform
Module 4: Working with Variables
• Input Variables & Variable Types
• Variable Definitions (variables.tf, terraform.tfvars)
• Output Variables
Module 5: Creating Virtual Machines with Terraform
• Defining Compute Resources
• Configuring Virtual Machines in Cloud Providers
• Managing Dependencies & Resource Attributes
Module 6: Three-Tier Architecture with Terraform
• Designing Web, Application, and Database Tiers
• Terraform Configurations for Multi-Tier Deployments
Module 7: Terraform Data Sources
• Querying Existing Infrastructure
• Using Data Sources for Dynamic Configurations
Module 8: Remote Backend & State Management
• Configuring Remote Backend ( Azure Blob, etc.)
• State Locking & Collaboration
Module 9: Advanced Terraform Concepts
• Output Values
• Local Values (locals)
• Conditional Expressions
Module 10: Network Security with Terraform
• Security Groups & Firewall Rules
• Best Practices for Securing Cloud Resources
Module 13: Terraform Provisioners
• Local & Remote Exec Provisioners
• File Provisioners
• Best Practices & Limitations
Module 11: Null Resource & Provisioners
• Using null_resource for Custom Actions
• Handling Dependency Chains
Module 12: Scaling Infrastructure with Terraform
• Using count for Multiple Resource Creation
• Dynamic Naming with for_each & prefix
Module 13: Terraform Modules
• Creating & Using Modules
• Module Composition & Reusability
• Public & Private Module Registries
Module 14: Terraform Automation with CI/CD
• Integrating Terraform with Azure DevOps
• Automated Testing & Deployment Pipelines
Module 15: Final Project & Assignment
• End-to-End Terraform Deployment
• Best Practices Review
• Troubleshooting & Debugging
 • Kubernetes – Part1 - 7Hours
• Introduction to Kubernetes: What is Kubernetes? (Container orchestration
platform). Why use it? (Scalability, portability, resilience). Benefits (Automated
deployments, resource efficiency). Use cases (Microservices, web apps, data
section 11
processing).
• Kubernetes Architecture: Master/control plane components: API Server
(Interface for interacting with the cluster). etcd (Distributed key-value store for
cluster data). Scheduler (Assigns pods to nodes). Controller Manager (Manages
controllers for various resources).
• Kubernetes Architecture: Worker node components: kubelet (Node agent,
manages pods). kube-proxy (Network proxy, handles service routing). Container
runtime (Docker, containerd, CRI-O, runs containers).
• Kubernetes Architecture: Data flow and component interaction: How requests
are processed, how deployments and updates are orchestrated, understanding the
communication between components.
• Kubernetes Setup: Cloud-managed Kubernetes (AKS,Onprem): Setting up and
managing Kubernetes comparing features and pricing.
• Kubernetes Setup: Kubeadm for on-premises deployments: Setting up a
production-ready Kubernetes cluster on your own infrastructure.
• Kubectl: Managing resources: Command-line tool for interacting with the
Kubernetes API, creating, getting, describing, deleting, editing, applying,
executing commands in containers, viewing logs.
• Pods: Basic pod concepts, pod lifecycle: The smallest deployable unit in
Kubernetes, containing one or more containers, understanding the pod lifecycle
(pending, running, succeeded, failed).
• Pods: Multi-container pods, use cases: Running multiple containers within a
single pod, common use cases (sidecars, logging agents).
• Pods: Init containers, purpose and usage: Containers that run before the main
application containers, used for initialization tasks.
• ConfigMaps: Managing application configuration: Storing configuration data as
key-value pairs, injecting configuration into pods.
• Secrets: Handling sensitive data: Storing sensitive data like passwords and API
keys, securely accessing secrets from pods.
• Namespaces: Logical isolation of resources: Creating isolated environments
within a Kubernetes cluster.
• Services: Exposing applications (NodePort): Exposing a service on a static port on
each node, accessible from outside the cluster.
• Services: Exposing applications (LoadBalancer): Exposing a service using a cloud
provider's load balancer, making it accessible externally.
 • Kubernetes – Part2 – 5 hours
• Services: Exposing applications (ClusterIP): Exposing a service on an internal IP
section 11
address, accessible only within the cluster.
• Services: Ingress controllers and external access: Managing external access to
services using Ingress controllers, providing routing and TLS termination.
• Storage: Volumes (hostPath, emptyDir): Providing storage to containers, hostPath
mounts a directory from the host node, emptyDir provides temporary storage
within a pod.
• Storage: Persistent Volumes (PVs and PVCs): Abstracting storage from the
underlying infrastructure, PersistentVolumes are provisioned by administrators,
PersistentVolumeClaims are requested by users.
• Storage: Storage Classes and dynamic provisioning: Defining different types of
storage using StorageClasses, dynamically provisioning PersistentVolumes on
demand.
• Deployments: Rolling updates and rollbacks: Updating applications with zero
downtime, rolling out new versions gradually, rolling back to previous versions if
necessary.
• Deployments: Blue/green and canary deployments: Advanced deployment
strategies for minimizing downtime and risk.
• Deployments: Horizontal Pod Autoscaler (HPA): Automatically scaling the number
of pod replicas based on resource utilization.
• Deployments: ReplicaSets and managing replicas: Ensuring the desired number of
pod replicas are running.
• Helm: Package manager, charts, repositories: Managing Kubernetes applications
using Helm charts, packaging and deploying applications.
• Helm: Templating and hooks: Using Go templates for dynamic configuration of
Helm charts, using hooks to perform actions during the Helm release lifecycle.
• Security: RBAC (Role-Based Access Control): Controlling access to Kubernetes
resources based on roles and permissions.
• .
 • DaemonSets: Running a pod on each node: Ensuring a specific pod runs on
section 11 every node in the cluster.
• Jobs and CronJobs: Batch and scheduled tasks: Running one-time tasks and
scheduled tasks.
• StatefulSets: Managing stateful applications: Managing applications that require
persistent storage and stable network identities.
• Networking: CNI (Container Network Interface): Interface for plugging in
different networking solutions into Kubernetes.
•
• Hands-on Projects: Real-world application deployments: Practical exercises and
projects to reinforce learning.
 • Generative AI, ML & IOT - Cloud & DevSecOps -4 Hours

• I. GenAI & ML Basics

What is GenAI? - Defining Generative AI and its capabilities.
section 12
•
• Why it's important. - Exploring the impact and potential of GenAI.
• ML refresh. - Brief overview of key machine learning concepts.
• Cloud & DevSecOps for GenAI. - Why cloud platforms and secure development are
essential.

• II. Building GenAI Apps

• App basics. - Understanding the structure of a GenAI application.
• Code setup. - Configuring a development environment.
• Example apps. - Building simple GenAI applications.

• III. GenAI & Copilot

• GenAI platforms. - Exploring cloud platforms for GenAI development.
• Model deployment. - Deploying trained models for use.
• Using Copilots. - Integrating AI assistants into workflows.

• IV. Small Language Models (SLMs)

• What are SLMs? - Defining and explaining smaller language models.
• How they work. - Simplified explanation of SLM operation.
• SLM uses. - Practical applications of SLMs.

• V. Large Language Models (LLMs) & RAG

• What are LLMs? - Understanding the power of large language models.
• RAG explained. - How Retrieval Augmented Generation works.
• Using LLMs. - Prompt engineering and fine-tuning.

• VI. Agentic AI
• What is it? - Defining agentic AI and autonomous agents.
• How it's used. - Applications of agentic AI.

• VII. Cloud for GenAI

• Azure . – Azure OpenAI services for GenAI and ML.
• AWS . - AWS Bedrock services for GenAI and ML.

• VIII. DevSecOps
• Security basics. - Fundamental security concepts for GenAI.
• DevSecOps for GenAI. - Secure development practices for GenAI.

• IX. GenAI & IoT

• IoT basics. - Introduction to the Internet of Things.
• GenAI for IoT. - Combining GenAI with IoT data.

•
• MCP Server Integration
• GoogleA2A protocol
•
• X. Final Project
• Build a GenAI app. - Developing a practical GenAI application.
• Use cloud & DevSecOps. - Applying cloud services and secure practices.
•
•
 • Ansible Automation - 8 Hours
section 13
• I. Introduction to Ansible
• What is Ansible? Benefits of automation, use cases.
• Ansible Architecture: Control node, managed nodes, modules,
playbooks.
• Idempotency and Declarative Language.

• II. Ansible Installation

• Installing Ansible on the control node (Linux, macOS, Windows).
• Setting up the environment.
• Verifying the installation.

• III. Ansible Ad-hoc Commands

• Basic ad-hoc commands: Running simple tasks on managed
nodes.
• Using -m for modules, -a for arguments.
• Examples: pinging hosts, running commands, copying files.

• IV. Ansible Inventory

• Understanding the Ansible inventory file.
• Defining hosts and groups.
• Using variables in the inventory.
• Dynamic inventory (brief overview).

• V. Ansible Ad-hoc Commands & Inventory

• Combining ad-hoc commands with inventory groups.
• Targeting specific hosts or groups.
• Running commands on multiple hosts.

• VI. Ansible Configuration & Playbook

• Introduction to Ansible Playbooks: YAML-based automation scripts.
• Playbook structure: plays, tasks, modules.
• Basic playbook example: running a command on a group of hosts.

• VII. Ansible Configuration File

• Understanding the ansible.cfg file.
• Configuring Ansible settings: inventory path, remote user, etc.

• VIII. YAML Script

• Introduction to YAML: Syntax and data structures.
• YAML for Ansible: Writing playbooks and configuration files.
section 13 • Ansible Automation

• IX. YAML & Ansible PlayBook

• Combining YAML and Ansible: Writing more complex playbooks.
• Using multiple tasks, variables, and modules.

• X. Setup additional Ansible Managed nodes

• Preparing managed nodes for Ansible control.
• SSH key-based authentication.
• Connectivity testing.

• XI. Modules - Playbooks

• Exploring Ansible modules: Core, extras, and community modules.
• Using modules in playbooks: Managing packages, services, files,
etc.

• XII. Playbooks with Multi tasks

• Creating playbooks with multiple tasks.
• Controlling task execution order.

• XIII. Notify and Handlers

• Using handlers for event-driven automation.
• notify and listen: Triggering handlers based on task results.

• XIV. Gatherfacts-Material
• Understanding Ansible facts: Gathering information about
managed nodes.
• Using facts in playbooks: Conditional logic, variable substitution.

• XV. Conditions-Packages using conditions

• Conditional execution: Using when clauses to control task
execution.
• Managing packages based on conditions.

• XVI. Notify and Handlers - Gatherfacts-Conditions-Packages using

conditions
• Combining handlers, facts, and conditions in playbooks.
• Complex automation scenarios.

• XVII. Variables
• Defining and using variables in Ansible: Inventory variables,
playbook variables, extra vars.
• Variable precedence.
 • Ansible Automation
section 13
• IX. YAML & Ansible PlayBook
• Combining YAML and Ansible: Writing more complex playbooks.
• Using multiple tasks, variables, and modules.

• X. Setup additional Ansible Managed nodes

• Preparing managed nodes for Ansible control.
• SSH key-based authentication.
• Connectivity testing.

• XI. Modules - Playbooks

• Exploring Ansible modules: Core, extras, and community modules.
• Using modules in playbooks: Managing packages, services, files,
etc.

• XII. Playbooks with Multi tasks

• Creating playbooks with multiple tasks.
• Controlling task execution order.

• XIII. Notify and Handlers

• Using handlers for event-driven automation.
• notify and listen: Triggering handlers based on task results.

• XIV. Gatherfacts-Material
• Understanding Ansible facts: Gathering information about
managed nodes.
• Using facts in playbooks: Conditional logic, variable substitution.

• XV. Conditions-Packages using conditions

• Conditional execution: Using when clauses to control task
execution.
• Managing packages based on conditions.

• XVI. Notify and Handlers - Gatherfacts-Conditions-Packages using

conditions
• Combining handlers, facts, and conditions in playbooks.
• Complex automation scenarios.

• XVII. Variables
• Defining and using variables in Ansible: Inventory variables,
playbook variables, extra vars.
• Variable precedence.
 • Ansible Automation
section 13

• XVIII. Tomcat Setup

• Automating Tomcat installation and configuration using Ansible.
• Example playbook for Tomcat deployment.

• XIX. Ansible Tags Error handling

• Using tags to organize and run specific parts of a playbook.
• Error handling in playbooks: block, rescue, always.

• XX. Ansible Roles

• Introduction to Ansible Roles: Reusable units of automation.
• Role structure: tasks, vars, templates, handlers, etc.

• XXI. Ansible Datadog Roles Realtime use case

• Creating and using Ansible roles for Datadog integration.
• Real-time monitoring use case.

• XXII. Ansible Real-time Use Case Project

• Capstone project: Building a real-world automation solution using
Ansible.
• Example projects: Web server deployment, database
configuration, cloud infrastructure management.
 • Datadog Observability – 2 Hours

• I. Intro to Observability
• Monitoring vs. Observability: Understanding the difference between
section 15
traditional monitoring and the more comprehensive approach of
observability.
• Why it matters: Exploring the benefits of observability for
understanding complex systems and improving performance.

• II. Datadog Basics

• What is Datadog?: Overview of the Datadog platform and its
capabilities for monitoring and observability.
• Key features: Highlighting the core features of Datadog, such as
metrics, traces, logs, and dashboards.

• III. Datadog Setup

• Account setup: Steps to create a Datadog account and get started.
• Agent install: Instructions for installing the Datadog agent on
different

• IV. Docker Monitoring

• Datadog & Docker: How Datadog integrates with Docker to monitor
containers.
• Container metrics & logs: Collecting and analyzing metrics and logs
from Docker containers.

• V. Kubernetes Monitoring
• Datadog & Kubernetes: Integrating Datadog with Kubernetes for
cluster and application monitoring.
• Pod & service monitoring: Monitoring the health and performance of
Kubernetes pods and services.

• VI. Azure DevOps Monitoring

• Datadog & Azure DevOps: Connecting Datadog to Azure DevOps for
CI/CD pipeline monitoring.
• Pipeline monitoring: Tracking the performance and health of Azure
DevOps pipelines.

• VII. Project
• Real-time monitoring project: Hands-on project applying Datadog to
monitor a real-world application or infrastructure.
 • GitHub Actions Automation – 4 Hours

• I. Introduction to GitHub Actions

• GitHub Actions Overview: What are GitHub Actions? (CI/CD platform,
section 17

automation)
• Why GitHub Actions? (Benefits, use cases, integration with GitHub)
• Key Concepts: Workflows, jobs, steps, actions, runners.

• II. GitHub Actions Build Workflow & Syntax

• Workflow Files: Creating and configuring workflow files
(.github/workflows/*.yml).
• YAML Syntax: Understanding the YAML syntax used in workflow files.
• Workflow Triggers: Events that trigger workflows (push, pull request,
schedule, etc.).
• Defining Jobs: Specifying jobs within a workflow, dependencies between
jobs.
• Defining Steps: Defining individual steps within a job, using actions and
commands.
• Building and Testing: Automating build and test processes.
• Releases and Tags: Automating release creation and tagging based on
events.

• III. GitHub Action Runners

• What are Runners?: Understanding GitHub-hosted and self-hosted runners.
• GitHub-hosted Runners: Using GitHub's infrastructure for running
workflows.
• Self-hosted Runners: Setting up and managing your own runners.
• Choosing the Right Runner: Considerations for selecting a runner type.

• IV. GitHub Actions with Kubernetes

• Kubernetes Integration: Connecting GitHub Actions to Kubernetes.
• Deploying to Kubernetes: Automating deployments to Kubernetes clusters.
• Kubernetes Actions: Using pre-built actions for Kubernetes interactions.
• Example Workflow: Building and deploying a containerized application to
Kubernetes.

• V. GitHub Actions Real-time Project

• Real-time Project: Applying GitHub Actions to a real-world CI/CD scenario,
integrating all the learned concepts. This could include building, testing,
containerizing, and deploying an application.
 • DevSecOps Tools: Securing the Development Lifecycle -8 Hours
section 19 & 20

• Module 1: Introduction to DevSecOps and Core Concepts

• The importance of security in modern software development
• Understanding the DevSecOps lifecycle
• Shift-left security principles
• Key DevSecOps practices and benefits

• Module 2: Secrets Management with HashiCorp Vault

• Introduction to secrets management and its challenges
• Overview of HashiCorp Vault architecture and features
• Vault installation and configuration
• Authentication methods in Vault (e.g., AppRole, Kubernetes)
• Secret engines and their usage (e.g., KV, database, PKI)
• Dynamic secrets and their advantages
• Access control policies and best practices
• Vault integration with CI/CD pipelines
• Hands-on labs: Setting up Vault, managing secrets, integrating with applications

• Module 3: Static Code Analysis with SonarQube

• Introduction to static code analysis and its benefits
• Overview of SonarQube architecture and features
• SonarQube installation and configuration
• Understanding SonarQube rules and quality profiles
• Analyzing code quality and security vulnerabilities
• Customizing SonarQube rules and reports
• Integrating SonarQube with CI/CD pipelines
• Hands-on labs: Analyzing code, setting up quality gates, customizing rules.

• Module 4: Dynamic Application Security Testing (DAST) with OWASP ZAP

• Introduction to dynamic application security testing (DAST)
• Overview of OWASP ZAP architecture and features
• ZAP installation and configuration
• Using ZAP for automated and manual vulnerability scanning
• Generating and interpreting ZAP reports
• Integrating ZAP with CI/CD pipelines
• Hands-on labs: Performing scans, analyzing reports, configuring ZAP.
section 21 & 22

• DevSecOps Tools: Securing the Development Lifecycle

• Module 5: Artifact Vulnerability Scanning with JFrog Xray

• Introduction to software composition analysis (SCA)
• Overview of JFrog Xray architecture and features
• Xray installation and configuration
• Integrating Xray with JFrog Artifactory
• Generating and interpreting Xray reports
• Integrating Xray with CI/CD pipelines

• Module 7: Integrating DevSecOps Tools into CI/CD Pipelines

• Designing secure CI/CD pipelines
• Infrastructure as Code (IaC) security
• Integrating Vault, SonarQube, ZAP, Xray, and KubeLinter into pipelines
• Automating security testing and vulnerability scanning
• Implementing security gates and approvals
• Monitoring and reporting on security metrics
• Best practices for DevSecOps pipeline automation
• Hands-on labs: Building a secure CI/CD pipeline using the covered tools.