Managing Implementation
Implementation is the bridge from a signed-off design to something running
A scenario reaches this domain once the architecture is decided: now the question is how a team actually ships it and what they type to do so. The exam keeps two concerns separate, and the whole domain hangs on not blurring them. First, what advice you give a delivery team: which deployment strategy fits the risk, how the build half and the release half of a pipeline divide, and how an API is exposed to its consumers. Second, how a human or a script touches Google Cloud at all: the command-line tools, the Infrastructure as Code (IaC, describing infrastructure in version-controlled files instead of clicking the console), and the client libraries an application calls. The classic trap is reaching for the wrong tier of automation, scripting a fleet with one-off gcloud commands when the work is repeatable infrastructure that wants IaC, or hand-rolling a release that Cloud Deploy would gate and roll back for you.
The domain unfolds in two halves: advising the delivery, and the tooling that delivers
Deployment Advising covers the guidance an architect gives a team that owns the rollout. It separates three deployment tracks (infrastructure, the application, and the API surface), splits the pipeline at the artifact boundary so Cloud Build produces a tested image and Cloud Deploy promotes it through a target sequence, and picks a rollout strategy (recreate, rolling, blue-green, canary) by trading risk against cost and speed; it also fronts a managed API with an Apigee proxy rather than the raw backend. Programmatic Access then covers the hands on the keyboard: matching the access method to the work (a one-off command, application code, or repeatable IaC), the gcloud CLI and its bundled tools, the three IaC options (Terraform, Infrastructure Manager, Config Connector), and the single authentication strategy every client library shares, Application Default Credentials (ADC). Read deployment-advising for the what-to-recommend, programmatic-access for the how-to-do-it.
When two approaches both work, the exam rewards the repeatable, managed, declarative one
Across both halves the default that earns points is the one that removes manual steps and human risk. Prefer declarative IaC over imperative scripts because it is idempotent and reviewable; prefer a managed delivery service (Cloud Deploy) with an approval gate and one-command rollback over a hand-run deploy; prefer an attached service account over a downloaded key file; prefer gcloud storage over the legacy gsutil, and Cloud Client Libraries over the older Google API Client Libraries. The instinct generalizes: when answers tie on capability, pick the one that is repeatable, auditable, and lets Google operate the moving parts.
The two halves of Managing Implementation and what each decides
| Half | Core question | Signature services and tools | Drill into |
|---|---|---|---|
| Advising the delivery | How should the team ship and expose this? | Cloud Build, Cloud Deploy, deployment strategies, Apigee, Binary Authorization | Deployment Advising |
| Touching the platform | What do I run, script, or call to make it so? | gcloud CLI, Terraform, Infrastructure Manager, Config Connector, ADC, client libraries | Programmatic Access |