Book Image

Multi-Cloud Strategy for Cloud Architects - Second Edition

By : Jeroen Mulder

Book Image

Multi-Cloud Strategy for Cloud Architects - Second Edition

By: Jeroen Mulder

Overview of this book

Are you ready to unlock the full potential of your enterprise with the transformative power of multi-cloud adoption? As a cloud architect, you understand the challenges of navigating the vast array of cloud services and moving data and applications to public clouds. But with 'Multi-Cloud Strategy for Cloud Architects, Second Edition', you'll gain the confidence to tackle these complexities head-on. This edition delves into the latest concepts of BaseOps, FinOps, and DevSecOps, including the use of the DevSecOps Maturity Model. You'll learn how to optimize costs and maximize security using the major public clouds - Azure, AWS, and Google Cloud. Examples of solutions by the increasingly popular Oracle Cloud Infrastructure (OCI) and Alibaba Cloud have been added in this edition. Plus, you will discover cutting-edge ideas like AIOps and GreenOps. With practical use cases, including IoT, data mining, Web3, and financial management, this book empowers you with the skills needed to develop, release, and manage products and services in a multi-cloud environment. By the end of this book, you'll have mastered the intricacies of multi-cloud operations, financial management, and security. Don't miss your chance to revolutionize your enterprise with multi-cloud adoption.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Introduction to Multi-Cloud

Introduction to Multi-Cloud

Understanding multi-cloud concepts

Multi-cloud—more than just public and private

Introducing the main players in the field

Evaluating cloud service models

Setting out a real strategy for multi-cloud

Gathering requirements for multi-cloud

Understanding the business challenges of multi-cloud

Further reading

Collecting Business Requirements

Collecting Business Requirements

Analyzing the enterprise strategy for the cloud

Considering cloud adoption from enterprise architecture

Fitting cloud technology to business requirements

Applying the value streams of IT4IT

Keeping track of cloud developments—focusing on the business strategy

Creating a comprehensive business roadmap

Mapping the business roadmap to a cloud-fit strategy

Further reading

Starting the Multi-Cloud Journey

Starting the Multi-Cloud Journey

Understanding cloud vocabulary

Planning assessments

Executing technology mapping and governance

Planning transition and transformation

Exploring options for transformation

Service Designs for Multi-Cloud

Service Designs for Multi-Cloud

Introducing the scaffold for multi-cloud environments

Working with Well-Architected Frameworks

Understanding cloud adoption

Translating business KPIs into cloud SLAs

Using cloud adoption frameworks to align between cloud providers

Understanding identities and roles in the cloud

Creating the service design and governance model

Further reading

Managing the Enterprise Cloud Architecture

Managing the Enterprise Cloud Architecture

Defining architecture principles for multi-cloud

Using quality attributes in architecture

Defining principles from use cases

Creating the architecture artifacts

Change management and validation as the cornerstone

Validating the architecture

Further reading

Controlling the Foundation Using Well-Architected Frameworks

Controlling the Foundation Using Well-Architected Frameworks

Understanding BaseOps and the foundational concepts

Managing the base infrastructure

Managing the landing zones using policies

Understanding the need for demarcation

Further reading

Designing Applications for Multi-Cloud

Designing Applications for Multi-Cloud

Architecting for resilience and performance

Starting with business requirements

Using the principles of the 12-factor app

Accelerating application design with PaaS

Designing SaaS solutions

Performance KPIs in a public cloud—what’s in it for you?

Optimizing your multi-cloud environment

Optimizing in OCI

Use case: creating solutions for business continuity and disaster recovery

Further reading

Creating a Foundation for Data Platforms

Creating a Foundation for Data Platforms

Choosing the right platform for data

Building and sizing a data platform

Designing for interoperability and portability

Overcoming the challenges of data gravity

Managing the foundation for data lakes

Further reading

Creating a Foundation for IoT

Creating a Foundation for IoT

Choosing the right platform for IoT

Monitoring IoT ecosystems

Designing for connectivity to the cloud

Connecting IoT with IPv6, LoRa, and 5G

Further reading

Managing Costs with FinOps

Managing Costs with FinOps

Understanding the principles of FinOps

Define guidelines for the provisioning of cloud resources

Define cost policies for provisioning

Understanding account hierarchy

Understanding license agreements

Define tagging standards

Validate and manage billing

Validating invoices

Further reading

Maturing FinOps

Maturing FinOps

Setting up a FinOps team

Using maturity models for FinOps

Introducing cost-aware design

Transformation to managed FinOps in multi-cloud

Avoiding pitfalls in FinOps transformation

Further reading

Cost Modeling in the Cloud

Cost Modeling in the Cloud

Evaluating the types of cloud costs

Building a cost model

Working principles of showback and chargeback

Further reading

Implementing DevSecOps

Implementing DevSecOps

Understanding the need for DevSecOps

Starting with implementing a DevSecOps culture

Setting up CI/CD

Working with CI/CD in multi-cloud

Exploring tools for CI/CD

Following the principles of Security by Design

Securing development and operations using automation

Further Reading

Defining Security Policies

Defining Security Policies

Understanding security policies

Understanding the dynamics of security and compliance

Defining the baseline for security policies

Implementing security policies

Managing security policies

Manage risks with Cloud Security Posture Management

Further reading

Implementing Identity and Access Management

Implementing Identity and Access Management

Understanding identity and access management

Using a central identity store with Active Directory

Designing access management across multi-cloud

Working with least-privilege access

Exploring Privileged Access Management (PAM)

Enabling account federation in multi-cloud

Further reading

Defining Security Policies for Data

Defining Security Policies for Data

Storing data in multi-cloud concepts

Understanding data encryption

Securing access, encryption, and storage keys

Securing raw data for big data modeling

Further reading

Implementing and Integrating Security Monitoring

Implementing and Integrating Security Monitoring

Understanding SIEM and SOAR

Setting up the requirements for integrated security

Exploring multi-cloud monitoring suites

Further reading

Developing for Multi-Cloud with DevOps and DevSecOps

Developing for Multi-Cloud with DevOps and DevSecOps

Introducing DevOps and CI/CD

Using push and pull principles in CI

Using the DevSecOps Maturity Model

Manage traceability and auditability

Automating security best practices using frameworks

Further reading

Introducing AIOps and GreenOps in Multi-Cloud

Introducing AIOps and GreenOps in Multi-Cloud

Understanding the concept of AIOps

Optimizing cloud environments using AIOps

Exploring AIOps tools for multi-cloud

Introducing GreenOps

Further reading

Conclusion: The Future of Multi-Cloud

Conclusion: The Future of Multi-Cloud

The growth and adoption of multi-cloud

Understanding the concept of SRE

Working with risk analysis in SRE

Applying monitoring principles in SRE

Applying principles of SRE to multi-cloud—building and operating distributed systems

Further reading

Other Books You May Enjoy

Other Books You May Enjoy

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Defining Security Policies

Whatever we do in the cloud needs to be secure. Cloud providers only provide tools. You need to define how to use these tools. In order to determine what these tools should do, you need to think about what type of assets you want to protect and how you need to protect them. There are quite a number of security baselines—for example, the baseline as defined by the Center for Internet Security (CIS), which provides guidelines.

In this chapter, we will learn what a security framework is and why it’s important as a starting point for security policies. We will discover what we need to protect in our cloud environments. Next, we will look at the globally adopted CIS benchmark for Azure, AWS, GCP, Alibaba Cloud, and OCI and learn how to implement CIS using the security suites of these platforms. We will then learn what the difference is between security governance and management, and lastly, study Cloud Security Posture Management ...