Hands-on Lab — PMLE Google Cloud Professional Machine Learning Engineer

Last reviewed: May 2026

Build the AWS services on the PMLE exam with plain Terraform — one block at a time, each tied back to an exam domain. The same code works on OpenTofu.

Overview

By the end of this lab you'll have provisioned, with plain Terraform, the smallest realistic PMLE substrate — a Cloud Storage artifacts bucket for model files + training data, a Vertex AI Workbench instance for experimentation, and a Vertex AI Endpoint for serving predictions. Four blocks; every PMLE training + deployment workflow composes on this base.

Drop the snippets into a single main.tf, run terraform init, then terraform apply step-by-step.

Note: the trained model itself isn't provisioned via Terraform — models are uploaded after training via gcloud ai models upload or the Vertex AI SDK. The endpoint provisioned here is ready to host a model; the model deployment is a separate post-terraform apply step.

Prerequisites

Terraform >= 1.5 or OpenTofu >= 1.6.
A GCP project you own (with billing attached).
gcloud CLI authenticated as ADC.
Replace your-project-id in the provider block.

Cost note

Two line items bill while idle:

Vertex AI Workbench (e2-standard-4): ~$100/month while running. Stop the instance via the Vertex AI Workbench console after each session.
Vertex AI Endpoint with no deployed model: free (you pay only when a model is deployed and serving traffic).
GCS Standard: 5 GB/month free.

~~$100/month if the Workbench is left running 24/7. Stop it after each lab session. Once you deploy a model to the endpoint, expect roughly $0.20/hour for n1-standard-2 serving (~~$144/month if always-on).

Steps

1.Provider, project services, naming

Enable Vertex AI, Cloud Notebooks (for Workbench), and Cloud Storage APIs.

terraform {
  required_version = ">= 1.5"

  required_providers {
    google = { source = "hashicorp/google", version = "~> 6.0" }
  }
}

provider "google" {
  project = "your-project-id" # REPLACE
  region  = "us-central1"
}

locals {
  labels = {
    project    = "certlabpro-pmle"
    managed_by = "terraform"
  }
}

resource "google_project_service" "aiplatform" {
  service            = "aiplatform.googleapis.com"
  disable_on_destroy = false
}

resource "google_project_service" "notebooks" {
  service            = "notebooks.googleapis.com"
  disable_on_destroy = false
}

resource "google_project_service" "storage" {
  service            = "storage.googleapis.com"
  disable_on_destroy = false
}

2.Provision a Cloud Storage bucket for ML artifacts + training data

Provisions:

Cloud Storage

PMLE-recommended bucket layout: one regional bucket per ML project, with subfolders for data/raw/, data/processed/, models/, and pipelines/. We provision a single bucket — naming convention follows <project-name>-ml-<region>-<random>. Standard storage class for hot training-data access; lifecycle rule to Nearline after 90 days.

resource "random_id" "suffix" {
  byte_length = 4
}

resource "google_storage_bucket" "ml" {
  name                        = "certlabpro-pmle-ml-${random_id.suffix.hex}"
  location                    = "us-central1"
  uniform_bucket_level_access = true
  force_destroy               = true # lab-only

  versioning {
    enabled = true # PMLE-recommended for model artifacts
  }

  lifecycle_rule {
    condition {
      age = 90
    }
    action {
      type          = "SetStorageClass"
      storage_class = "NEARLINE"
    }
  }

  labels = local.labels

  depends_on = [google_project_service.storage]
}

3.Provision a Vertex AI Workbench instance for experimentation
Provisions:
- Vertex AI Workbench
Vertex AI Workbench is the PMLE-canonical experimentation seat — managed Jupyter on a GCE VM, pre-loaded with PyTorch, TensorFlow, scikit-learn, and the Vertex AI SDK. We provision an e2-standard-4 instance; bump to GPU instance types (n1-standard-8 + nvidia-tesla-t4) for actual training workloads.

Stop the instance via the Workbench console when not actively using it — ~$100/month otherwise.
```
resource "google_workbench_instance" "main" {
  name     = "certlabpro-pmle-workbench"
  location = "us-central1-a"

  gce_setup {
    machine_type = "e2-standard-4"

    boot_disk {
      disk_size_gb = 150
      disk_type    = "PD_STANDARD"
    }

    data_disks {
      disk_size_gb = 100
      disk_type    = "PD_STANDARD"
    }
  }

  labels = local.labels

  depends_on = [google_project_service.notebooks]
}
```
4.Provision a Vertex AI Endpoint as the prediction surface
Provisions:
- Vertex AI
Vertex AI Endpoints are PMLE's deployment primitive — every served model lives behind an endpoint. The shape: (1) train a model (via Workbench / Vertex AI Training / AutoML), (2) upload it to the Vertex AI Model Registry (gcloud ai models upload), (3) deploy the model to an endpoint. PMLE exam tests this model → endpoint → traffic-split shape as the standard serving pattern.

We provision an endpoint with no deployed model — it's free until a model is attached. Deploy a model via:
```
gcloud ai models deploy MODEL_ID \
  --endpoint certlabpro-pmle-endpoint \
  --machine-type n1-standard-2 \
  --region us-central1
```
With four blocks in place (provider+APIs, artifacts bucket, Workbench seat, Endpoint surface), the PMLE serving substrate is complete. Real PMLE workflows layer Vertex AI Pipelines (Kubeflow), Vertex AI Experiments, Vertex AI Model Monitoring, Vertex AI Feature Store, and Vertex AI Vizier on this base.
```
resource "google_vertex_ai_endpoint" "main" {
  name         = "certlabpro-pmle-endpoint"
  display_name = "PMLE lab endpoint"
  location     = "us-central1"

  labels = local.labels

  depends_on = [google_project_service.aiplatform]
}
```

Cleanup

terraform destroy tears down everything. The Workbench instance stops billing immediately on destroy (~$100/month saved). The Endpoint has no deployed model so it was free anyway; if you deployed a model after terraform apply, undeploy it first via gcloud ai endpoints undeploy-model or the destroy will fail. GCS bucket destroys with force_destroy = true.

What this lab doesn't cover

PMLE covers many Vertex AI surfaces this lab can't fit — Vertex AI Pipelines (Kubeflow Pipelines + Vertex Pipelines SDK), Vertex AI Training (custom training jobs + hyperparameter tuning), Vertex AI AutoML (tabular / vision / NLP / forecasting auto-train), Vertex AI Feature Store (online + offline serving), Vertex AI Model Monitoring (drift + skew detection), Vertex AI Experiments (tracking + comparison), Vertex AI Vizier (Bayesian hyperparameter optimization), Vertex AI Matching Engine (vector similarity search), Vertex AI Tensorboard, Vertex AI Predictions in batch mode, BigQuery ML (in-database ML training), the Generative AI Studio + Model Garden + Vertex AI Agent Builder ([[gcp-gail]]), TPU pods for large-model training, Vertex AI Pipelines templates, the Vertex AI Workbench User-Managed vs Instance distinction (legacy → managed migration).

We stick to the GCS + Workbench + Endpoint primitives because they're the PMLE-canonical training + serving spine. Every other Vertex AI service plugs into this base — Pipelines orchestrate training jobs that write models to GCS and register them; Feature Store reads features into training jobs; Model Monitoring watches the endpoint deployed in Step 4. Master the substrate; the higher-level constructs compose.

For service-by-service conceptual coverage, see the Browse, Playbook, and Editorial sections of this cert page.

← Back to PMLE hub

Overview

Drop the snippets into a single main.tf, run terraform init, then terraform apply step-by-step.

Cost note

Two line items bill while idle:

Vertex AI Workbench (e2-standard-4): ~$100/month while running. Stop the instance via the Vertex AI Workbench console after each session.
Vertex AI Endpoint with no deployed model: free (you pay only when a model is deployed and serving traffic).
GCS Standard: 5 GB/month free.

Steps

1.Provider, project services, naming

Enable Vertex AI, Cloud Notebooks (for Workbench), and Cloud Storage APIs.

terraform {
  required_version = ">= 1.5"

  required_providers {
    google = { source = "hashicorp/google", version = "~> 6.0" }
  }
}

provider "google" {
  project = "your-project-id" # REPLACE
  region  = "us-central1"
}

locals {
  labels = {
    project    = "certlabpro-pmle"
    managed_by = "terraform"
  }
}

resource "google_project_service" "aiplatform" {
  service            = "aiplatform.googleapis.com"
  disable_on_destroy = false
}

resource "google_project_service" "notebooks" {
  service            = "notebooks.googleapis.com"
  disable_on_destroy = false
}

resource "google_project_service" "storage" {
  service            = "storage.googleapis.com"
  disable_on_destroy = false
}

2.Provision a Cloud Storage bucket for ML artifacts + training data

Provisions:

Cloud Storage

resource "random_id" "suffix" {
  byte_length = 4
}

resource "google_storage_bucket" "ml" {
  name                        = "certlabpro-pmle-ml-${random_id.suffix.hex}"
  location                    = "us-central1"
  uniform_bucket_level_access = true
  force_destroy               = true # lab-only

  versioning {
    enabled = true # PMLE-recommended for model artifacts
  }

  lifecycle_rule {
    condition {
      age = 90
    }
    action {
      type          = "SetStorageClass"
      storage_class = "NEARLINE"
    }
  }

  labels = local.labels

  depends_on = [google_project_service.storage]
}

3.Provision a Vertex AI Workbench instance for experimentation

Provisions:

Vertex AI Workbench

Vertex AI Workbench is the PMLE-canonical experimentation seat — managed Jupyter on a GCE VM, pre-loaded with PyTorch, TensorFlow, scikit-learn, and the Vertex AI SDK. We provision an e2-standard-4 instance; bump to GPU instance types (n1-standard-8 + nvidia-tesla-t4) for actual training workloads.

Stop the instance via the Workbench console when not actively using it — ~$100/month otherwise.

resource "google_workbench_instance" "main" {
  name     = "certlabpro-pmle-workbench"
  location = "us-central1-a"

  gce_setup {
    machine_type = "e2-standard-4"

    boot_disk {
      disk_size_gb = 150
      disk_type    = "PD_STANDARD"
    }

    data_disks {
      disk_size_gb = 100
      disk_type    = "PD_STANDARD"
    }
  }

  labels = local.labels

  depends_on = [google_project_service.notebooks]
}

4.Provision a Vertex AI Endpoint as the prediction surface

Provisions:

Vertex AI

Vertex AI Endpoints are PMLE's deployment primitive — every served model lives behind an endpoint. The shape: (1) train a model (via Workbench / Vertex AI Training / AutoML), (2) upload it to the Vertex AI Model Registry (gcloud ai models upload), (3) deploy the model to an endpoint. PMLE exam tests this model → endpoint → traffic-split shape as the standard serving pattern.

We provision an endpoint with no deployed model — it's free until a model is attached. Deploy a model via:

gcloud ai models deploy MODEL_ID \
  --endpoint certlabpro-pmle-endpoint \
  --machine-type n1-standard-2 \
  --region us-central1

With four blocks in place (provider+APIs, artifacts bucket, Workbench seat, Endpoint surface), the PMLE serving substrate is complete. Real PMLE workflows layer Vertex AI Pipelines (Kubeflow), Vertex AI Experiments, Vertex AI Model Monitoring, Vertex AI Feature Store, and Vertex AI Vizier on this base.

resource "google_vertex_ai_endpoint" "main" {
  name         = "certlabpro-pmle-endpoint"
  display_name = "PMLE lab endpoint"
  location     = "us-central1"

  labels = local.labels

  depends_on = [google_project_service.aiplatform]
}

Cleanup

What this lab doesn't cover

For service-by-service conceptual coverage, see the Browse, Playbook, and Editorial sections of this cert page.

Hands-on Lab — PMLE Google Cloud Professional Machine Learning Engineer

Overview

Prerequisites

💰Cost note

Steps

Cleanup

What this lab doesn't cover

Hands-on Lab — PMLE Google Cloud Professional Machine Learning Engineer

Overview

Prerequisites

💰Cost note

Steps

Cleanup

What this lab doesn't cover

Cost note

Cost note