Book Image

Multi-Cloud Strategy for Cloud Architects - Second Edition

By : Jeroen Mulder
Book Image

Multi-Cloud Strategy for Cloud Architects - Second Edition

By: Jeroen Mulder

Overview of this book

Are you ready to unlock the full potential of your enterprise with the transformative power of multi-cloud adoption? As a cloud architect, you understand the challenges of navigating the vast array of cloud services and moving data and applications to public clouds. But with 'Multi-Cloud Strategy for Cloud Architects, Second Edition', you'll gain the confidence to tackle these complexities head-on. This edition delves into the latest concepts of BaseOps, FinOps, and DevSecOps, including the use of the DevSecOps Maturity Model. You'll learn how to optimize costs and maximize security using the major public clouds - Azure, AWS, and Google Cloud. Examples of solutions by the increasingly popular Oracle Cloud Infrastructure (OCI) and Alibaba Cloud have been added in this edition. Plus, you will discover cutting-edge ideas like AIOps and GreenOps. With practical use cases, including IoT, data mining, Web3, and financial management, this book empowers you with the skills needed to develop, release, and manage products and services in a multi-cloud environment. By the end of this book, you'll have mastered the intricacies of multi-cloud operations, financial management, and security. Don't miss your chance to revolutionize your enterprise with multi-cloud adoption.

Related Content you might be interested in

Small book image
Enterprise DevOps for Architec...
Jeroen Mulder
Nov, 2021 | 288 pages
Small book image
Azure for Decision Makers
David Rendoacuten | Jason Milgram...
Sep, 2023 | 146 pages
Small book image
Optimizing Your Modernization...
Mridula Grandhi
Jul, 2023 | 418 pages
Table of Contents (23 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Introduction to Multi-Cloud
Introduction to Multi-Cloud
Understanding multi-cloud concepts
Multi-cloud—more than just public and private
Introducing the main players in the field
Evaluating cloud service models
Setting out a real strategy for multi-cloud
Gathering requirements for multi-cloud
Understanding the business challenges of multi-cloud
Summary
Questions
Further reading
2
Collecting Business Requirements
Collecting Business Requirements
Analyzing the enterprise strategy for the cloud
Considering cloud adoption from enterprise architecture
Fitting cloud technology to business requirements
Applying the value streams of IT4IT
Keeping track of cloud developments—focusing on the business strategy
Creating a comprehensive business roadmap
Mapping the business roadmap to a cloud-fit strategy
Summary
Questions
Further reading
3
Starting the Multi-Cloud Journey
Starting the Multi-Cloud Journey
Understanding cloud vocabulary
Planning assessments
Executing technology mapping and governance
Planning transition and transformation
Exploring options for transformation
Summary
Questions
4
Service Designs for Multi-Cloud
Service Designs for Multi-Cloud
Introducing the scaffold for multi-cloud environments
Working with Well-Architected Frameworks
Understanding cloud adoption
Translating business KPIs into cloud SLAs
Using cloud adoption frameworks to align between cloud providers
Understanding identities and roles in the cloud
Creating the service design and governance model
Summary
Questions
Further reading
5
Managing the Enterprise Cloud Architecture
Managing the Enterprise Cloud Architecture
Defining architecture principles for multi-cloud
Using quality attributes in architecture
Defining principles from use cases
Creating the architecture artifacts
Change management and validation as the cornerstone
Validating the architecture
Summary
Questions
Further reading
6
Controlling the Foundation Using Well-Architected Frameworks
Controlling the Foundation Using Well-Architected Frameworks
Understanding BaseOps and the foundational concepts
Managing the base infrastructure
Managing the landing zones using policies
Understanding the need for demarcation
Summary
Questions
Further reading
7
Designing Applications for Multi-Cloud
Designing Applications for Multi-Cloud
Architecting for resilience and performance
Starting with business requirements
Using the principles of the 12-factor app
Accelerating application design with PaaS
Designing SaaS solutions
Performance KPIs in a public cloud—what’s in it for you?
Optimizing your multi-cloud environment
Optimizing in OCI
Use case: creating solutions for business continuity and disaster recovery
Summary
Questions
Further reading
8
Creating a Foundation for Data Platforms
Creating a Foundation for Data Platforms
Choosing the right platform for data
Building and sizing a data platform
Designing for interoperability and portability
Overcoming the challenges of data gravity
Managing the foundation for data lakes
Summary
Questions
Further reading
9
Creating a Foundation for IoT
Creating a Foundation for IoT
Choosing the right platform for IoT
Monitoring IoT ecosystems
Designing for connectivity to the cloud
Connecting IoT with IPv6, LoRa, and 5G
Summary
Questions
Further reading
10
Managing Costs with FinOps
Managing Costs with FinOps
Understanding the principles of FinOps
Define guidelines for the provisioning of cloud resources
Define cost policies for provisioning
Understanding account hierarchy
Understanding license agreements
Define tagging standards
Validate and manage billing
Validating invoices
Summary
Questions
Further reading
11
Maturing FinOps
Maturing FinOps
Setting up a FinOps team
Using maturity models for FinOps
Introducing cost-aware design
Transformation to managed FinOps in multi-cloud
Avoiding pitfalls in FinOps transformation
Summary
Questions
Further reading
12
Cost Modeling in the Cloud
Cost Modeling in the Cloud
Evaluating the types of cloud costs
Building a cost model
Working principles of showback and chargeback
Summary
Questions
Further reading
13
Implementing DevSecOps
Implementing DevSecOps
Understanding the need for DevSecOps
Starting with implementing a DevSecOps culture
Setting up CI/CD
Working with CI/CD in multi-cloud
Exploring tools for CI/CD
Following the principles of Security by Design
Securing development and operations using automation
Summary
Questions
Further Reading
14
Defining Security Policies
Defining Security Policies
Understanding security policies
Understanding the dynamics of security and compliance
Defining the baseline for security policies
Implementing security policies
Managing security policies
Manage risks with Cloud Security Posture Management
Summary
Questions
Further reading
15
Implementing Identity and Access Management
Implementing Identity and Access Management
Understanding identity and access management
Using a central identity store with Active Directory
Designing access management across multi-cloud
Working with least-privilege access
Exploring Privileged Access Management (PAM)
Enabling account federation in multi-cloud
Summary
Questions
Further reading
16
Defining Security Policies for Data
Defining Security Policies for Data
Storing data in multi-cloud concepts
Understanding data encryption
Securing access, encryption, and storage keys
Securing raw data for big data modeling
Summary
Questions
Further reading
17
Implementing and Integrating Security Monitoring
Implementing and Integrating Security Monitoring
Understanding SIEM and SOAR
Setting up the requirements for integrated security
Exploring multi-cloud monitoring suites
Summary
Questions
Further reading
18
Developing for Multi-Cloud with DevOps and DevSecOps
Developing for Multi-Cloud with DevOps and DevSecOps
Introducing DevOps and CI/CD
Using push and pull principles in CI
Using the DevSecOps Maturity Model
Manage traceability and auditability
Automating security best practices using frameworks
Summary
Questions
Further reading
19
Introducing AIOps and GreenOps in Multi-Cloud
Introducing AIOps and GreenOps in Multi-Cloud
Understanding the concept of AIOps
Optimizing cloud environments using AIOps
Exploring AIOps tools for multi-cloud
Introducing GreenOps
Summary
Questions
Further reading
20
Conclusion: The Future of Multi-Cloud
Conclusion: The Future of Multi-Cloud
The growth and adoption of multi-cloud
Understanding the concept of SRE
Working with risk analysis in SRE
Applying monitoring principles in SRE
Applying principles of SRE to multi-cloud—building and operating distributed systems
Summary
Questions
Further reading
21
Other Books You May Enjoy
Other Books You May Enjoy
22
Index
Index

Understanding identity and access management

Identity and access management (IAM) is all about controlling access to IT systems that are critical to a business. A key element of IAM is Role-Based Access Control, or RBAC for short. In an RBAC model, we define who is allowed to have access to systems, what their role is, and what they are allowed to do according to that role. An important principle of RBAC is least privilege, meaning that a system administrator will only get the rights assigned that are required to perform the job. For example, a database administrator needs access to the database, but it’s not very likely that they will need access to network switches too.

In this chapter, we will discuss concepts such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM). Before we go into those, let’s have a look at the basics of IAM. There are three...

Previous Section
End of Section 2
Next Section