Course Objectives

1. Determine if cloud solution is appropriate 1.1 Explain advantages provided by cloud to stakeholders • Describe cloud infrastructure • Distinguish between IaaS, PaaS, and SaaS • Show how cloud allows building applications cheaper than with traditional models • Show how cloud allows building applications faster than with traditional models 1.2 Explain cost to stakeholders • Identify the use case (new development or transition of existing product or service) • Identify the resources that will be required to construct the service or product using cloud-hosted components (include compute, data, and network costs) • Identify support plan that will be required to meet performance, availability, scalability, and reliability (PASR) criteria • Consider factors that go into return on investment 1.3 Explain performance to stakeholders • Identify performance criteria • Consider what solutions meet the criteria • Assess cost and availability of technical expertise 1.4 Explain reliability to stakeholders • Identify reliability criteria, including network speeds • Consider what solutions meet the criteria • Understand service-level agreement (SLA) with cloud provider • Consider disaster-recovery and backup plans (including backup redundancy or replication factor) 1.5 Explain availability to stakeholders • Identify the use case (new development or transition of existing product or service) • Identify any upstream or downstream SLAs that will govern availability requirements • Establish availability metrics • Assess the SLA offered by the cloud-hosted solution 1.6 Explain scalability to stakeholders • Identify the use case (new development or transition of existing product or service) • Understand that rules can be set to adjust resources based on need 1.7 Recommend off-the-shelf (OTS) or custom solutions as needed • Identify the use case (new development or transition of existing product or service) • Evaluate if existing OTS offering meets performance, availability, scalability, and reliability needs • Evaluate technical effort needed for custom solution • Evaluate if custom solution can exceed OTS on PASR criteria 2. Developing cloud architecture 2.1 Choose between public, private, and hybrid cloud implementations • Identify the security and privacy requirements for the solution (focusing on networking options that each provides) • Consider limits imposed by tenancy in various cloud implementations 2.2 Draw an architectural diagram (show data flows) • Break down the proposed solution into compute, data, and networking components • Produce logical groupings for the components • Mark data flows between components (including the protocol) • Identify system and component boundaries (including responsibility model) 2.3 Define requirements • Decide whether to virtualize server, network, storage, and desktop • Be aware of design patterns like microservices and serverless • Consider networking infrastructure, storage devices, memory, and end-user devices required 2.4 Identify how services communicate through application programming interfaces (APIs) • Identifying services with which the application needs to integrate • Interact using an API 2.5 Create virtual machines • Determine the operating system for the virtual machines • Choose the appropriate size for the virtual machines • Decide on geographic setting for the virtual machines (latency, legal requirements) • Configure options (e.g., time limitations, scaling, backups) for the virtual machines 2.6 Identify data storage requirements • Distinguish between structured and unstructured data • Determine amount of storage needed • Consider location of storage • Consider storage security 3. Implementing the cloud development life cycle 3.1 Create content in virtual environments • Understand that a source-code management system needs to be set up • Install and configure the prerequisite packages in the virtual environment • Save changes and keep track of the codes in a source code management system (such as Github) 3.2 Perform testing • Provide different test cases, test scenarios, and test scripts • Run the tests and report the bugs iteratively 3.3 Structure the overall cloud-based solution • Integrate systems and applications within the selected environment • Integrate systems and applications with legacy systems • Integrate systems and applications with third-party applications • Distinguish between containers and virtual machines • Know when to choose containers over virtual machines 3.4 Deploy application on server • Decide on the strategy to deploy a new application, replacing a previous one • Understand version control • Identify cloud-hosted solutions to create code and data pipelines (e.g., cloud-native CI/CD offerings and workflow automation like GitHub Actions) • Identify existing CI/CD practices 4. Managing cloud operations 4.1 Manage operational costs • Understand usage-based pricing • Scale up and scale down to meet demand cost-effectively 4.2 Develop business continuity and disaster recovery policy • Identify potential risks and disaster scenarios • Establish on-premise vs offsite backup strategy 4.3 Provide support to users • Identify protection and security policies for external and internal users • Provide application and hardware support for internal users • Provide training tools for internal and external users 4.4 Monitoring cloud systems • Log events • Monitor hardware and software (e.g., interpret graphs and dashboards) • Understand notifications or alerts for provisioning backup 5. Understanding cloud governance 5.1 Comply with privacy and regulatory requirements • Identify relevant privacy requirements based on geographical and domain constraints (e.g. BIPA, HIPAA, PDP, FERPA, COPPA, GDPR, CCPA, etc.) as well as organization-specific policies • Identify cloud-provider compliance for these privacy regulations • Assess types of data managed within the environment • Assess location and storage of data • Be aware of NIST and ISO frameworks and standards 5.2 Comply with ethical guidelines • Consider the impact of bias, lack of transparency, and lack of accountability • Explain potential bias and transparency challenges with prebuilt services 5.3 Managing cloud security • Understand options and concepts for identity verification and authentication, including digital identity and multifactor authentication • Understand access policies and authorizations (e.g., options for access, vendor-provided roles vs. custom roles and permissions, and access hygiene, including least privilege access, removal of access when not needed, disabling accounts) • Understand the importance of data security and encryption • Understand options to protect against unauthorized access in cloud environments (including intrusion detection and prevention, firewalls)