Participant Handbook

Sector
IT-ITeS

Sub - Sector
Future Skills
Occupation
Cloud Computing
Reference ID: SSC/Q8303, Version 3.0
NSQF Level 5

Cloud Application
Developer
Published by
IT – ITeS Sector Skill Council NASSCOM
Sector Skill Council Contact Details:
Address: Plot No. – 7, 8, 9 & 10 Sector – 126, Noida, Uttar Pradesh – 201303
New Delhi – 110049
Website: www.sscnasscom.com
Phone: 0120 4990111 – 0120 4990172

All Rights Reserved©2024

Second Edition, August, 2024
Copyright©2024
IT – ITeS Sector Skill Council NASSCOM
Sector Skill Council Contact Details:
Address: Plot No. – 7, 8, 9 & 10 Sector – 126, Noida, Uttar Pradesh – 201303
New Delhi – 110049
Website: www.sscnasscom.com
Phone: 0120 4990111 – 0120 4990172
This book is sponsored by IT – ITeS Sector Skill Council NASSCOM
Under Creative Commons Licence: CC-BY-SA

This license lets others remix, tweak, and build upon your work even for commercial purposes, as long as they
credit you and license their new creations under the identical terms. This license is often compared to
“copyleft” free and open-source software licenses. All new works based on yours will carry the same license, so
any derivatives will also allow commercial use. This is the license used by Wikipedia and is recommended for
materials that would benefit from incorporating content from Wikipedia and similarly licensed projects.

Disclamer
The information contained herein has been obtained from sources reliable to IT – ITES Sector Skill Council
NASSCOM. NASSCOM disclaims all warranties to the accuracy, completeness or adequacy of such information.
NASSCOM shall have no liability for errors, omissions, or inadequacies, in the information contained herein, or
for interpretations thereof. Every effort has been made to trace the owners of the copyright material included in
the book. The publishers would be grateful for any omissions brought to their notice for acknowledgements in
future editions of the book. No entity in NASSCOM shall be responsible for any loss whatsoever, sustained by
any person who relies on this material. The material in this publication is copyrighted. No parts of this
publication may be reproduced, stored or distributed in any form or by any means either on paper or electronic
media, unless authorized by the NASSCOM.
 Skilling is building a be er India.
If we have to move India towards
development then Skill Development
should be our mission.

iii
 Cer ficate
COMPLIANCE TO
QUALIFICATION PACK - NATIONAL OCCUPATIONAL
STANDARDS
is hereby issued by the
IT-ITeS Sector Skills Council NASSCOM
for

SKILLING CONTENT: PARTICIPANT HANDBOOK

Complying to Na onal Occupa onal Standards of
Job Role/Qualifica oPack: Cloud Applica on Developer QP No. SSC/Q8303, NSQF Level 5

Date of Issuance: 28/07/2022

Valid up to*: 28/07/2025
Autorised Signatory
*Valid up to the next review date of the Qualification Pack or the (IT-ITeS Sector Skills Council NASSCOM)
‘Valid up to’ date men onedabove (whichever is earlier)

iv
Acknowledgments
This participant's handbook meant for Cloud Application Developer is a sincere attempt to ensure the
availability of all the relevant information to the existing and prospective job holders in this job role. We
have compiled the content with inputs from the relevant Subject Matter Experts (SMEs) and industry
members to ensure it is the latest and authentic. We express our sincere gratitude to all the SMEs and
industry members who have made invaluable contributions to the completion of this participant's
handbook.

This handbook will help deliver skill-based training in the Cloud Application Developer. We hope that it
will benefit all the stakeholders, such as participants, trainers, and evaluators. We have made all efforts to
ensure the publication meets the current quality standards for the successful delivery of QP/NOS-based
training programs. We welcome and appreciate any suggestions for future improvements to this
handbook.

v
Par cipant Handbook

About this book

This par cipant handbook has been designed to serve as a guide for par cipants who aim to obtain the
required knowledge and skills to undertake various ac vi es in the role of a Cloud Applica on Developer.
Its content has been aligned with the latest Qualifica on Pack (QP) prepared for the job role. With a
qualified trainer's guidance, the par cipants will be equipped with the following for working efficiently in
the job role:
· Knowledge and Understanding: The relevant opera onal knowledge and understanding to
perform the required tasks.
· Performance Criteria: The essen al skills through hands-on training to perform the required
opera ons to the applicable quality standards.
· Professional Skills: The Ability to make appropriate opera onal decisions about the field of work.
The handbook details the relevant ac vi es to be carried out by a Cloud Applica on Developer. A er
studying this handbook, job holders will be adequately skilled in carrying out their du es according to the
applicable quality standards. The handbook is aligned with the following Na onal Occupa onal
Standards (NOS) detailed in the latest and approved version of Cloud Applica on Developer QP:
· SSC/N8318: Develop func onal and non-func onal requirements for the defined scope of the
applica on
· SSC/N8319: Design the applica on architecture to ensure scalable, resilient, and fault-tolerant
cloud applica ons
· SSC/N8320: Develop and maintain secure, resilient and highly available cloud applica ons
· SSC/N8321: Migrate applica ons to u lize the full poten al of the cloud pla orm
· SSC/N8322: Package so ware for secure and successful deployment on the cloud
· SSC/N8323: Monitor and manage cloud applica ons and the deployed systems
· SSC/N9014: Maintain an inclusive, environmentally sustainable workplace
· DGT/VSQ/N0102: Employability Skills (60 Hours)
The handbook has been divided into an appropriate number of units and sub-units based on the
content of the relevant QP. We hope it will facilitate easy and structured learning for the par cipants,
allowing them to obtain enhanced knowledge and skills.
The handbook has been divided into an appropriate number of units and sub-units based on the content
of the relevant QP. We hope it will facilitate easy and structured learning for the par cipants, allowing
them to obtain enhanced knowledge and skills.

Symbols Used

Key Learning Exercise Notes Unit Ac vi y

Outcomes Objectives

vi
 Cloud Application Developer

Table of Contents
S.No. Modules and Units Page No.
1. Basics of Cloud Computing and Regulatory Standards (Bridge Module) 1
UNIT 1.1: Basics of Cloud Computing 3
UNIT 1.2: Regulatory Standards in Cloud Computing 26
UNIT 1.3: Roles & Responsibilities of Cloud Application Developer 36
2. Development Tools and Usage (Bridge Module) 46
UNIT 2.1: Programming Concepts in Cloud Computing 48
UNIT 2.2: Development Tools and Usage in Cloud Application Development 62
3. Application Requirements (SSC/8318) 74
UNIT 3.1: Application Requirements Fundamentals 76
UNIT 3.2: Advanced Application Requirements and Cloud Integration 94
4. Application Architecture (SSC/N8319) 117
UNIT 4.1: Impact Analysis and Application Basics 119
UNIT 4.2: Cloud Application Infrastructure and Security 127
UNIT 4.3: Disaster Recovery and Best Practices 135
5. Application Development (SSC/N8320) 147
UNIT 5.1: Cloud Application Development Fundamentals 149
UNIT 5.2: Advanced Cloud Application Development 156
6. Application Migration (SSC/N8321) 179
UNIT 6.1: Understanding Cloud Application Migration 181
UNIT 6.2: Cloud-Native Applications and Migration Techniques 188
7. Software Packaging and Deployment (SSC/N8322) 203
UNIT 7.1: Software Packaging for Cloud Deployment 205
UNIT 7.2: Containerized Deployment and Automation 214
8. Application Performance Monitoring (SSC/N8323) 234
UNIT 8.1: Understanding Application Performance 236
UNIT 8.2: Performance Monitoring and Optimization 241
9. Inclusive and Environmentally Sustainable Workplaces (SSC/N9014) 258
Unit 9.1 Sustainable Practices in the Workplace 260
Unit 9.2 Diversity and Equity Promotion Strategies in the Workplace 269
10. Employability Skills (60 Hours) – DGT/VSQ/N0102 283
It is recommended that all trainings include the appropriate Employability
skills Module. Content for the same can be accessed
h ps://www.skillindiadigital.gov.in/content/list

11. Annexure 285

Annexure -QR Code-Video Link 286

vii
Par cipant Handbook

viii
1. Basics of Cloud
Computing and
Regulatory
Standards (Bridge
Module)

Unit 1.1 - Basics of Cloud Compu ng

Unit 1.2 - Regulatory Standards in Cloud Compu ng
Unit 1.3 - Roles & Responsibili es of Cloud Applica on
Developer

Bridge Module
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:
1) Explain the term “cloud compu ng” and provide an overview of its essen al characteris cs.

2) Discuss the evolu on of cloud compu ng and the significance of cloud compu ng in the IT landscape.

3) Examine the key business drivers for the adop on of cloud technologies.

4) List the use cases and applica ons of cloud technologies across various industry ver cals.

5) Explain the types of cloud deployment models (such as private cloud, public cloud, hybrid cloud,
mul -cloud, etc.).

6) Explain the types of cloud service models (such as SaaS, PaaS, IaaS, etc.).

7) Demonstrate the differences among various cloud deployment models as well as cloud service
models using appropriate pla orms.

8) Explain basic concepts of cloud compu ng such as virtualiza on, scalability, data separa on, cloud
security controls, etc.

9) Outline popular cloud compu ng tools/pla orms.

10) Study the regula ons, standards, and laws governing cloud compu ng environment in an
organiza on.

11) Outline the general principles and basic concepts of data management standards across the globe.

12) Evaluate various compliance mechanisms associated with cloud compu ng.

13) Create a cloud account to work hands-on with various cloud services.

2
 Cloud Application Developer

UNIT 1.1: Basics of Cloud Compu ng

Unit Objectives
At the end of this unit, you will be able to:
1. Define the term "cloud compu ng" and summarize its essen al characteris cs.
2. Evaluate the evolu on of cloud compu ng and assess its significance in the IT landscape.
3. Analyze the key business drivers for the adop on of cloud technologies.
4. Categorize the use cases and applica ons of cloud technologies across various industry ver cals.
5. Differen ate between various cloud deployment models (such as private cloud, public cloud, hybrid
cloud, mul -cloud, etc.).
6. Classify the types of cloud service models (such as SaaS, PaaS, IaaS, etc.).
7. Illustrate the differences among various cloud deployment models as well as cloud service models
using appropriate pla orms.
8. Describe basic concepts of cloud compu ng such as virtualiza on, scalability, data separa on, cloud
security controls, etc.

1.1.1 IT-ITeS Sector

The Informa on Technology (IT) and Informa on Technology Enabled Services (ITeS) sector have played a
pivotal role in propelling India's economic growth.
IT, which stands for informa on technology, encompasses ac vi es related to crea ng, managing,
storing, and exchanging informa on through technology.

Fig. 1.1.1 IT sector

On the other hand, ITeS, or Informa on Technology Enabled Services, focuses on leveraging technology to
enhance the efficiency of organiza onal processes.

3
Par cipant Handbook

· IT is the study of the design, management, development, implementa on, and support of
computer-based informa on systems, typically about computer hardware and applica on
so ware.
· ITES is part of IT. ITES Self means IT with enabled services. ITES is the study of outsourced service
which has arisen due to involvement in various fields of IT such as banking and finance, BPO, call
centers, etc.
IT has evolved as a major contributor to India's GDP and plays a vital role in driving growth of the economy
in terms of employment, export promo on, and revenue genera on.
In FY22, the IT sector contributed 7.4% of India's GDP, and by 2025, it is an cipated to make up 10% of
India's GDP.
According to Na onal Associa on of So ware and Service Companies (NASSCOM), the Indian IT
industry's revenue touched US$ 227 billion in FY22, a 15.5% YoY growth.
Difference between IT and ITeS in terms of their func ons, output, skills, and impact:

Aspect IT (Informa on Technology) ITeS (Informa on Technology

Enabled Services)
Defini on Develops so ware and manages Uses IT to enhance business
tech systems. processes and services.

Core Func ons Focuses on so ware, systems, and Leverages IT for customer support
networks. and non-core func ons.

Nature of Work Creates and maintains so ware and Outsources business processes for
apps. efficiency.

Output Tangibility Produces tangible tech solu ons. Provides intangible services like
improved processes.

Skill Requirements Technical skills in programming and Mix of tech, domain,

systems. communica on skills for services.

Examples So ware development, tech Customer support outsourcing,

consul ng. BPO, data entry services.

Global Compe veness Enhances through tech innova on. Drives efficiency, cost reduc on,
and specialized services.

Rela onship Overlaps as IT o en enables ITeS. -

Economic Impact Contributes to growth, tech export, Enhances efficiency, reduces costs,
jobs. provides employment.

Services offered by the ITES

ITeS offers various services such as medical transac on and coding, e-CRM (Customer Rela onship
Management), data mining and edi ng, electronic publishing, and more.

4
 Cloud Application Developer

Fig. 1.1.2 ITeS sector

Some other ITES services are listed below.

· KPO (Knowledge Process Outsourcing)
· BPO (Business Process Outsourcing)
· LPO (Legal Process Outsourcing)
· GPO (Game Process Outsourcing)
· Call Centres
· Opera ons at Back Office
· Logis cs Management.
Famous Indian IT-ITES companies
· CMC Limited
· HCL Technologies Limited
· Infosys Technologies Limited
· TCS (Tata Consultancy Services Ltd)
· Tech Mahindra Limited
· NIIT Technologies
Fig. 1.1.3 IT-ITES companies
Vantages of ITES
· Through Business Process Outsourcing (BPO), organiza ons can broaden their capabili es,
fostering increased versa lity. BPO is a significant component of ITES.
· The improved organiza onal versa lity in ITES is achieved by accelera ng company processes,
events, and assignments.
· Efficient and advantageous use of chain partners and outsourcing of company processes enhance
the pace of specific company du es and func ons, par cularly in Supply Chain Management
(SCM).

5
Par cipant Handbook

Fig. 1.1.4 Applica on of IT services

1.1.2 BPM Sector

The BPM sector in India has emerged as a key player in the global outsourcing landscape, providing a
range of services like customer support, finance, and HR outsourcing to businesses worldwide.

India's appeal lies in its skilled workforce, cost-effec veness, and robust technological infrastructure.
Major players include TCS, Infosys BPO, Wipro BPM, and Genpact, opera ng globally.

Fig. 1.1.5 BPM sector

6
 Cloud Application Developer

· Employment and Talent: Significant contributor to Indian employment, drawing on the country's
English-proficient and skilled workforce.

· Technological Landscape: Embracing technologies like RPA, AI, and machine learning to enhance
opera onal capabili es.

Indian government ini a ves support the growth of the IT-ITeS and BPM sectors through policies and

Aspect IT-ITeS Sector BPM Sector

Focus Diverse IT services and technology Uses IT to enhance business

solu ons. processes and services.

Core Ac vi es So ware development, IT Outsourcing non-core business

infrastructure. processes.

Output Tangible IT solu ons, so ware. Intangible process op miza on

services.

Client Interac on Tech solu ons, system Collabora on for process

development. improvement.

Skill Requirements Technical, programming. Mix of technical and process-

oriented skills.

Examples IT services, so ware development. BPO, customer support

outsourcing.

Global Compe veness Tech innova on, global solu ons. Business efficiency, cost reduc on
globally.

Economic Impact Economic growth, tech innova on. Opera onal efficiency, job
crea on in processes.

7
Par cipant Handbook

1.2.1 Organiza ons in the IT-ITeS Sector

in the dynamic realm of Informa on Technology and IT-enabled Services (IT-ITeS), a myriad of
organiza ons spearheads innova ons, drive technological advancements, and offer comprehensive
solu ons.

Fig. 1.1.6 IT-ITeS sector

Here are some well-known organiza ons in the IT-ITeS sector:

Organiza on Type of Work in IT-ITeS Sector

Tata Consultancy Services So ware development, IT consul ng, business solu ons.
(TCS)

Infosys Limited IT services, consul ng, business process outsourcing (BPO).

Wipro Limited IT services, consul ng, technology solu ons.

HCL Technologies IT services, so ware development, infrastructure

management.

Cognizant Technology IT consul ng, technology services, business process

Solu ons outsourcing.

8
 Cloud Application Developer

IT services, telecommunica ons, business process

Tech Mahindra
outsourcing.

Accenture IT consul ng, technology services, outsourcing.

Capgemini IT services, consul ng, technology solu ons.

IBM (Interna onal

IT services, so ware, hardware, cogni ve solu ons.
Business Machines)

Oracle Corpora on Database management, cloud services, enterprise so ware.

Microso Corpora on So ware development, cloud services, hardware.

Amazon Web Services Cloud compu ng services, infrastructure as a service (IaaS).

(AWS)

Google LLC Internet services, cloud compu ng, so ware development.

Intel Corpora on Semiconductor manufacturing, hardware, technology

solu ons.

Cisco Systems, Inc. Networking hardware, so ware, telecommunica ons.

1.1.4 Cloud Compu ng

Cloud compu ng is like ren ng computer power and storage on the internet. Instead of owning and
maintaining your own computers, you can use remote servers hosted by companies. These servers are
accessible over the internet, allowing you to store data, run applica ons, and perform various compu ng
tasks without the need for physical hardware.

It's like having a virtual computer in the "cloud" that you can access any me, anywhere, as long as you
have an internet connec on.

9
Par cipant Handbook

Fig. 1.1.7 IT-ITeS sector

Cloud compu ng is a revolu onary paradigm that has transformed the way IT resources are accessed,
delivered, and managed.

Essen al Characteris cs of Cloud Compu ng:

· On-Demand Self-Service: Users can provision and manage compu ng resources as needed,
without requiring human interven on from service providers.

· Broad Network Access: Cloud services are accessible over the internet from a variety of devices,
promo ng universal network access.

· Resource Pooling: Providers pool compu ng resources to serve mul ple customers, op mizing
efficiency and resource u liza on.

· Rapid Elas city: Resources can be rapidly scaled up or down based on demand, allowing for
flexibility and cost-effec veness.

· Measured Service: Usage of cloud resources is monitored, controlled, and billed based on
consump on, providing transparency and accountability.

Indian Examples of Cloud Compu ng:

· Amazon Web Services (AWS): AWS offers a comprehensive suite of cloud services, including
compu ng power, storage, and databases, widely used by businesses and startups in India.

· Microso Azure: Azure provides a variety of cloud services and products, enabling organiza ons
to build, deploy, and manage applica ons seamlessly in the cloud.

· Google Cloud Pla orm (GCP): GCP offers a range of cloud services, including data storage,
machine learning, and applica on development tools, suppor ng Indian businesses in their digital

10
 Cloud Application Developer

transforma on journey.

· Tata Consultancy Services (TCS) ION: TCS ION is an example of a cloud-based solu on developed
by an Indian IT company, providing businesses with scalable and secure cloud services.

In summary, cloud compu ng has become a cornerstone of the IT-ITeS sector, providing scalable and cost-

1.1.5 Evolu on of Cloud Compu ng

The evolu on of cloud compu ng marks a transforma ve journey in the realm of informa on technology.
It has redefined the way businesses and individuals access, manage, and deploy compu ng resources.
The significance of this evolu on lies in its ability to provide scalable and flexible solu ons, enabling
innova on, cost efficiency, and global accessibility.
Key Steps in the Evolu on:
· Conceptualiza on (1990s): The concept of cloud compu ng began with the idea of u lity
compu ng, where compu ng resources could be provided on a pay-as-you-go basis, similar to
tradi onal u lity services.
· Virtualiza on and Web Services (Early 2000s): The advent of virtualiza on technologies allowed
for the crea on of virtual machines, enabling be er resource u liza on. Web services became
founda onal, with Amazon Web Services (AWS) introducing Elas c Compute Cloud (EC2) in 2006.
· Prolifera on of Cloud Services (Mid-2000s Onward): The mid-2000s saw the rise of various cloud
service providers offering a range of services, including infrastructure (IaaS), pla orms (PaaS), and
so ware (SaaS).
· Scalability and Global Reach (2010s): Cloud compu ng gained prominence for its scalability,
allowing organiza ons to scale resources up or down based on demand. The global reach of cloud
services facilitated interna onal collabora on and data accessibility.

Fig. 1.1.8 Evolu on of the cloud

Significance in the IT Landscape:

· Cost Efficiency: Cloud compu ng eliminates the need for significant upfront investments in

11
Par cipant Handbook

hardware and infrastructure, allowing businesses to pay for resources as they use them.
· Scalability and Flexibility: The ability to scale resources up or down based on demand provides
unparalleled flexibility, ensuring that organiza ons can adapt to changing needs quickly.
· Innova on and Time-to-Market: Cloud services provide a pla orm for rapid development and
deployment, reducing me-to-market for new applica ons and innova ons.
· Global Accessibility: Cloud compu ng enables access to data and applica ons from anywhere
with an internet connec on, fostering global collabora on and remote work.
Indian Examples:
· Reliance Jio and Microso Partnership: In 2019, Reliance Jio announced a partnership with
Microso Azure to offer cloud services to businesses in India, enhancing the country's digital
infrastructure.
· Na onal Informa cs Centre (NIC): NIC has played a crucial role in implemen ng cloud services for
various government projects in India, contribu ng to the country's digital transforma on.
· Tata Consultancy Services (TCS): TCS leverages cloud compu ng for delivering so ware solu ons
and services globally, showcasing the integra on of cloud technologies in Indian IT enterprises.
The evolu on of cloud compu ng has undoubtedly shaped the modern IT landscape, providing a
founda on for technological innova on and driving the digital transforma on of businesses, both
globally and within India.

1.1.6 Key Business Drivers for Cloud Technology Adop on

The adop on of cloud technologies is driven by several compelling factors that align with the strategic
goals and opera onal needs of businesses.

Analyzing these key drivers provides insights into why organiza ons choose to leverage cloud solu ons,
ushering in a new era of efficiency, innova on, and compe veness.

Fig. 1.1.9 Business drivers of cloud compu ng

12
 Cloud Application Developer

Key Business Drivers:

· Cost Efficiency: Cloud services eliminate the need for substan al upfront investments in hardware
and infrastructure. Businesses can operate on a pay-as-you-go model, op mizing costs based on
actual usage.

Example: Startups and SMEs in India o en turn to cloud pla orms like AWS or Azure to avoid high
ini al capital expenditures and scale their opera ons as they grow.

· Scalability and Flexibility: Cloud pla orms offer the ability to scale resources up or down swi ly in
response to changing demands. This ensures that businesses can adapt to varying workloads and
seize new opportuni es.

Example: E-commerce companies in India experience fluctua ons in website traffic, and
leveraging the scalability of the cloud allows them to handle peak loads during events or sales.

· Innova on and Time-to-Market: Cloud compu ng provides a conducive environment for rapid
development and deployment of applica ons. This accelerates innova on cycles, reducing me-
to-market for new products and services.

Example: Indian so ware development firms use cloud services to build, test, and deploy
applica ons faster, keeping pace with the dynamic market demands.

· Global Accessibility and Collabora on: Cloud technologies enable seamless access to data and
applica ons from anywhere with an internet connec on, fostering collabora on across
geographical boundaries.

Example: Mul na onal corpora ons in India leverage cloud collabora on tools to facilitate real-
me communica on and project collabora on among globally dispersed teams.

· Security and Compliance: Cloud providers invest heavily in robust security measures and
compliance cer fica ons. Adop ng cloud services allows businesses to benefit from cu ng-edge
security without having to manage it in-house.
Example: Financial ins tu ons in India adhere to strict regulatory requirements, and they u lize
cloud solu ons with advanced security features to ensure data protec on and compliance.

· Disaster Recovery and Business Con nuity: Cloud pla orms offer reliable backup and recovery
solu ons, ensuring data resilience in the face of unexpected disrup ons. This contributes to
enhanced business con nuity strategies.
Example: Organiza ons in India deploy cloud-based disaster recovery solu ons to safeguard
cri cal data and applica ons, minimizing down me during unforeseen events.

Analyzing these key business drivers underscores the strategic advantages that cloud technologies bring
to organiza ons. Whether op mizing costs, fostering innova on, ensuring global accessibility, or
enhancing security, the adop on of cloud technologies has become a strategic impera ve for businesses,
including those in the dynamic landscape of India.

13
Par cipant Handbook

1.1.7 Categorizing Cloud Technology Use Cases

Categorizing the use cases and applica ons of cloud technologies across different industry ver cals
highlights the versa lity and transforma ve impact of cloud compu ng.

By understanding specific applica ons, businesses can tailor their adop on of cloud solu ons to meet
industry-specific needs, fostering efficiency, innova on, and growth.

Categoriza on of Cloud Technology Use Cases:

· Healthcare Industry:

Use Cases:
· Electronic Health Records (EHR) management in secure cloud environments.

· Medical imaging storage and analysis for diagnos cs.

· Remote pa ent monitoring and telehealth services.

Example: Apollo Hospitals in India u lizes cloud pla orms to manage vast amounts of pa ent data
securely and enhance telemedicine services.
· Financial Services Sector:

Use Cases:
· Secure storage and processing of financial transac ons.
· Fraud detec on and preven on using advanced analy cs.

· Regulatory compliance management with cloud-based solu ons.

Example: HDFC Bank in India employs cloud services to enhance the scalability and security of its
digital banking applica ons.
· Manufacturing and Supply Chain:

Use Cases:
· Supply chain op miza on through cloud-based logis cs.
· Predic ve maintenance of manufacturing equipment.

· Collabora ve product design and data management.

Example: Automo ve manufacturers in India leverage cloud technologies for real- me supply chain
visibility and collabora ve design processes.
· Educa on Sector:

Use Cases:

· Cloud-based learning management systems (LMS).

· Virtual classrooms and online collabora on tools.

· Data analy cs for student performance and engagement.

14
 Cloud Application Developer

Example: Indian educa onal ins tu ons adopt cloud-based pla orms like Google Workspace for
Educa on to facilitate online learning and collabora on.

· Retail and E-commerce:

Use Cases:
· Cloud-based inventory management and order processing.

· Personalized customer experiences through data analy cs.

· E-commerce website hos ng and scalability.

Example: Flipkart, a leading e-commerce pla orm in India, relies on cloud services to manage its vast
product catalogue and ensure seamless user experiences during peak shopping periods.
· Telecommunica ons:

Use Cases:
· Network func on virtualiza on (NFV) for agile infrastructure.
· Cloud-based customer rela onship management (CRM).
· Data analy cs for network performance op miza on.

Example: Telecom operators in India leverage cloud technologies to enhance network flexibility and
deploy new services rapidly.

Fig. 1.1.10 Cloud compu ng use cases

15
Par cipant Handbook

Categorizing cloud technology use cases across various industry ver cals showcases the adaptability and
value that cloud compu ng brings to diverse business sectors. The examples from India demonstrate how
organiza ons within the country leverage cloud solu ons to address industry-specific challenges and
drive innova on in their respec ve domains.

1.1.8 Cloud Deployment Models

"Cloud Deployment Models" refer to various approaches and strategies for deploying and managing
compu ng resources in a cloud compu ng environment. These models define how the cloud
infrastructure is organized, who has access to it, and how it meets specific business requirements.

Fig. 1.1.11 Cloud deployment model

Understanding cloud deployment models is essen al for organiza ons as they determine how compu ng
resources are provisioned and managed. Each deployment model offers dis nct advantages, and
businesses o en opt for a combina on to meet specific needs. Exploring these models provides insights
into tailoring cloud infrastructure to organiza onal requirements.

Cloud Deployment Models:

· Private Cloud: A private cloud is dedicated to a single organiza on, offering enhanced security and
control over data and resources.

· Use Cases: Industries with stringent data privacy requirements, such as finance and
healthcare, o en deploy private clouds.
· Example: ICICI Bank in India u lizes a private cloud to manage sensi ve financial data
and applica ons securely.

16
 Cloud Application Developer

· Public Cloud: Public clouds are shared infrastructure provided by a third-party service provider,
offering cost-effec ve scalability and accessibility over the internet.

· Use Cases: Startups and businesses with dynamic workloads o en leverage public
clouds for flexibility and cost efficiency.
· Example: Zomato, an Indian food delivery pla orm, relies on the public cloud for its
scalable and agile IT infrastructure.

· Hybrid Cloud: Hybrid clouds combine elements of private and public clouds, allowing data and
applica ons to be shared between them.

· Use Cases: Organiza ons with varying workload demands or specific data residency
requirements benefit from the flexibility of a hybrid model.
· Example: Tata Motors in India may adopt a hybrid cloud to integrate manufacturing data
stored in a private cloud with public cloud-based analy cs for business insights.

· Mul -Cloud: Mul -cloud involves using services from mul ple cloud providers, offering
redundancy, risk mi ga on, and the ability to choose the best features from each provider.
· Use Cases: Businesses seeking to avoid vendor lock-in and enhance resilience may opt
for a mul -cloud strategy.
· Example: Tech Mahindra, an Indian IT services company, might use a mul -cloud
approach to leverage specialized services from different providers based on client
requirements.

· Community Cloud: Community clouds are shared by mul ple organiza ons with common
concerns, such as regulatory compliance or security requirements.
· Use Cases: Government agencies or organiza ons within a specific industry
collabora ng on shared projects may u lize community clouds.

· Example: The Goods and Services Tax Network (GSTN) in India might use a community
cloud to facilitate secure data sharing among various tax-related en es.

Exploring these cloud deployment models allows organiza ons, including those in India, to make strategic
decisions aligning with their specific needs and considera ons. The choice of deployment model plays a
crucial role in shaping an organiza on's approach to managing and leveraging cloud resources.

1.1.9 Types of Cloud Service Models

Cloud service models categorize the level of services provided by cloud providers, offering a spectrum of
op ons for users based on their specific requirements.

Understanding these models is crucial for organiza ons as they determine the level of control and

17
Par cipant Handbook

responsibility they have over their applica ons and infrastructure in the cloud.

Classifica on of Cloud Service Models: This table provides a concise overview of the key differences
among IaaS, PaaS, SaaS, and FaaS/Serverless Compu ng, covering aspects like user control, use cases,
and examples for each model.

Aspect IaaS PaaS (Pla orm as a SaaS (So ware as FaaS/Serverless

(Infrastructure as Service) a Service) Compu ng
a Service) (Func on as a
Service)

Descrip on Provides Offers a pla orm Delivers so ware Enables developers

virtualized allowing developers applica ons over to execute code in
compu ng to build, deploy, and the internet, response to events
resources over manage applica ons elimina ng the without managing
the internet. without dealing need for local underlying
with underlying installa on or infrastructure.
infrastructure. management.

User More control over Focuses on Minimal control Developers have

Control infrastructure and applica on over applica on or control over code,
configura ons. development, less infrastructure; but less control
control over end-users u lize over underlying
underlying ready-to-use infrastructure.
infrastructure. so ware.

Use Cases Suited for Ideal for developers Ideal for end-users Ideal for
organiza ons focusing on looking for ready- applica ons with
needing scalable applica on to-use so ware variable workloads
and flexible development solu ons and intermi ent
infrastructure without worrying accessible through execu on
without managing about hardware or a web browser. requirements.
physical networking
hardware. complexi es.

Examples Tata Heroku (PaaS Zoho Corpora on AWS Lambda

Communica ons pla orm) (SaaS applica ons (Serverless
(IaaS provider) like Zoho CRM and compu ng service)
Zoho Docs)

18
 Cloud Application Developer

Classifying cloud service models helps organiza ons choose the right level of abstrac on and control
based on their specific needs.

Fig. 1.1.12 Cloud service models

These models empower businesses, including those in India, to focus on their core competencies without
the burden of managing underlying infrastructure or so ware.

1.1.10 Differences in Cloud Deployment and Service Models

Understanding the differences between cloud deployment models and service models is crucial for
organiza ons as they navigate the cloud compu ng landscape. These dis nc ons influence how
compu ng resources are organized, accessed, and managed.

Differences in Cloud Deployment Models:

· Private Cloud:

o The State Bank of India (SBI) may deploy a private cloud for secure financial transac ons
and customer data.

· Public Cloud:

o Zomato, an Indian food delivery pla orm, leverages a public cloud for scalable and cost-
effec ve IT infrastructure.

19
Par cipant Handbook

· Hybrid Cloud:
o Tata Motors might use a hybrid cloud to integrate its private manufacturing data with public
cloud analy cs for insights.

· Mul -Cloud:
o Tech Mahindra may adopt a mul -cloud strategy, using AWS for storage and Azure for
machine learning services.

Differences in Cloud Service Models:

· IaaS (Infrastructure as a Service):

o Tata Communica ons offers IaaS solu ons, allowing businesses in India to access virtual
servers and storage on-demand.

· PaaS (Pla orm as a Service):

o Heroku, a cloud pla orm, provides PaaS services, allowing developers to deploy and
manage applica ons without managing underlying infrastructure.

· SaaS (So ware as a Service):

o Zoho Corpora on offers SaaS applica ons like Zoho CRM and Zoho Docs, enabling
businesses in India to access produc vity tools online.

· FaaS/Serverless Compu ng (Func on as a Service):

o AWS Lambda provides serverless compu ng services, allowing developers to run code
without provisioning or managing servers.

Illustra ng the differences among cloud deployment models and service models highlights the
strategic choices organiza ons make to meet their specific needs. These models, exemplified by Indian
organiza ons, underscore the diversity of approaches in leveraging cloud compu ng for enhanced
efficiency, flexibility, and innova on.

1.1.11 Concepts of Cloud Compu ng

Understanding fundamental concepts in cloud compu ng is essen al for grasping how organiza ons
leverage the cloud to enhance their IT capabili es.

Key concepts like virtualiza on, scalability, data separa on, and security controls form the founda on of
efficient and secure cloud opera ons.

20
 Cloud Application Developer

Fig. 1.1.13 Cloud compu ng

Basic Concepts of Cloud Compu ng:

· Virtualiza on: Virtualiza on involves crea ng virtual versions of compu ng resources, such as
servers or storage, allowing mul ple virtual instances to run on a single physical machine.
Example: Indian organiza ons may use virtualiza on to efficiently allocate and manage
compu ng resources, op mizing hardware u liza on.

· Scalability: Scalability refers to the ability to increase or decrease compu ng resources based on
demand, ensuring op mal performance and cost efficiency.
Example: E-commerce pla orms in India employ scalability to handle increased website traffic
during fes ve seasons or promo onal events.

· Data Separa on: Data separa on involves isola ng and securing data to prevent unauthorized
access, ensuring confiden ality and compliance.

Example: Financial ins tu ons in India implement robust data separa on prac ces to protect
sensi ve customer informa on and maintain regulatory compliance.

· Cloud Security Controls: Cloud security controls include measures like encryp on, access
controls, and authen ca on mechanisms to safeguard data and applica ons in the cloud.

Example: Indian enterprises use cloud security controls provided by pla orms like AWS or Azure
to protect their assets from cyber threats and unauthorized access.

· Mul -Tenancy: Mul -tenancy allows mul ple users or organiza ons to share the same cloud
resources, while maintaining isola on of data and applica ons.

Example: Cloud service providers in India offer mul -tenancy features, allowing different
businesses to use shared resources securely.

21
Par cipant Handbook

· Automa on: Automa on involves the use of scripts or tools to streamline and manage repe ve
tasks, improving efficiency and reducing manual interven on.
Example: Indian IT companies may leverage automa on to deploy and manage applica ons on
the cloud, ensuring consistency and minimizing errors.

· Service Level Agreements (SLAs): SLAs define the terms and condi ons of the service provided by
a cloud provider, including performance, availability, and support commitments.
Example: Cloud service agreements with providers like Microso Azure or Google Cloud specify
the levels of service and support Indian organiza ons can expect.

Mastering these basic concepts of cloud compu ng empowers organiza ons, including those in India, to
harness the full poten al of the cloud for agility, cost-effec veness, and security in their IT opera ons.

1.1.12 Cloud Compu ng Tools/Pla orms

A plethora of cloud compu ng tools and pla orms exists, providing a diverse set of services to cater to
various business needs. These tools empower organiza ons to manage, deploy, and op mize their
applica ons and data in the cloud.

Fig. 1.1.14 Cloud compu ng pla orms

Exploring some of the popular cloud compu ng pla orms showcases the breadth of op ons available for
businesses, including those in India.

Popular Cloud Compu ng Tools/Pla orms:

22
 Cloud Application Developer

· Amazon Web Services (AWS): AWS is a comprehensive cloud pla orm offering a wide range of
services, including compu ng power, storage, databases, machine learning, and more.
Steps:
· Create an AWS account.

· Access the AWS Management Console.

· U lize services like Amazon EC2 for compu ng or Amazon S3 for storage.
Example: Ola, a prominent ride-sharing service in India, relies on AWS for scalable and reliable
cloud infrastructure.

· Microso Azure: Azure is Microso 's cloud pla orm providing services like virtual compu ng,
storage, AI, and analy cs.
Steps:

· Sign up for an Azure account.

· Navigate the Azure portal to deploy virtual machines or u lize Azure Blob Storage.
Example: Flipkart, one of India's largest e-commerce pla orms, uses Microso Azure for its cloud
compu ng needs.

· Google Cloud Pla orm (GCP): GCP offers a suite of cloud services, including compu ng, storage,
machine learning, and data analy cs, powered by Google's infrastructure.

Steps:
· Create a GCP account.

· Use services like Google Compute Engine or BigQuery for data analy cs.
Example: ShareChat, a popular social media pla orm in India, u lizes GCP for scalable and
efficient cloud opera ons.

· IBM Cloud: IBM Cloud provides a range of cloud compu ng services, including AI, data analy cs,
and hybrid cloud solu ons.

Steps:
· Register for an IBM Cloud account.
· Explore services like IBM Watson for AI or IBM Cloud Object Storage.

Example: Bhar Airtel, one of India's leading telecommunica ons companies, collaborates with
IBM for cloud services to enhance its digital capabili es.

· Oracle Cloud: Oracle Cloud offers cloud infrastructure and applica ons, with a focus on databases,
enterprise applica ons, and cloud services.

Steps:

23
Par cipant Handbook

· Sign up for an Oracle Cloud account.

· U lize services such as Oracle Autonomous Database or Oracle Cloud Infrastructure.
Example: Infosys, a major IT services company in India, partners with Oracle Cloud to deliver
innova ve solu ons to clients.

Fig. 1.1.15 Cloud compu ng pla orms

These popular cloud compu ng pla orms provide a robust founda on for organiza ons globally and
within India to leverage cloud services for enhanced scalability, agility, and innova on in their opera ons.

24
 Cloud Application Developer

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/
watch?v=M988_fsOSWo
What is Cloud Compu ng?

25
Par cipant Handbook

UNIT 1.2: Regulatory Standards in Cloud Compu ng

Unit Objectives
At the end of this unit, you will be able to:
1. Study the regula ons, standards, and laws governing the cloud compu ng environment in an
organiza on.

2. Outline the general principles and basic concepts of data management standards across the globe.

3. Evaluate various compliance mechanisms associated with cloud compu ng.

4. Create a cloud account to work hands-on with various cloud services.

9. Outline popular cloud compu ng tools/pla orms.

1.1.1 IT-ITeS Sector

Naviga ng the regulatory landscape is crucial when adop ng cloud compu ng in an organiza on. Various
regula ons, standards, and laws govern data protec on, privacy, and security, ensuring compliance and
safeguarding sensi ve informa on.

Fig. 1.2.1 Cloud compu ng compliance

26
 Cloud Application Developer

Understanding these aspects is essen al for organiza ons, including those in India, to adhere to legal
requirements in the cloud compu ng environment.

Regula ons, Standards, and Laws:

· Data Protec on Laws: Data protec on laws mandate how personal data is collected, processed,
and stored. Compliance ensures individuals' privacy rights are respected.
Steps:

· Familiarize with the General Data Protec on Regula on (GDPR) for European data
subjects.
· Comply with India's Personal Data Protec on Bill, which sets guidelines for data
processing within the country.
Example: The Personal Data Protec on Bill in India outlines principles for data processing and
individual rights, aligning with global privacy standards.

· Industry-Specific Regula ons: Certain industries have specific regula ons governing data
handling. Compliance is mandatory to ensure the protec on of sensi ve informa on.
Steps:

· In healthcare, adhere to the Health Insurance Portability and Accountability Act (HIPAA)
for pa ent data protec on.

· Adhere to the Payment Card Industry Data Security Standard (PCI DSS) in financial
opera ons to ensure the secure handling of payment informa on.
Example: The Reserve Bank of India (RBI) mandates strict adherence to cybersecurity guidelines
for banks and financial ins tu ons.

· Cloud Security Standards: Cloud security standards set guidelines for securing cloud
environments and protec ng data. Adherence is crucial for maintaining a secure infrastructure.
Steps:
· Implement controls outlined in the ISO/IEC 27001 standard for informa on security
management.

· Follow the Cloud Security Alliance (CSA) best prac ces for securing cloud deployments.

Example: Companies in India align with ISO/IEC 27001 to establish and maintain robust
informa on security management systems in the cloud.

· Government Regula ons: Governments may enact regula ons specific to cloud compu ng,
ensuring na onal security and data sovereignty.

Steps:

27
Par cipant Handbook

· Stay updated on India's Informa on Technology (Reasonable Security Prac ces and
Procedures and Sensi ve Personal Data or Informa on) Rules, 2011.

· Follow the guidelines provided by the Ministry of Electronics and Informa on Technology
(MeitY) for the secure adop on of cloud services.

Example: MeitY in India releases guidelines and advisories to enhance cybersecurity and protect
cri cal informa on infrastructure.

Compliance with regula ons, standards, and laws in the cloud compu ng environment is cri cal for
organiza ons to uphold data privacy, security, and legal obliga ons. Indian organiza ons, in par cular,
must navigate a complex regulatory landscape to ensure seamless and lawful cloud adop on.

1.2.2 General Principles and Basic Concepts of Data

Management Standards
Data management standards provide a framework for organiza ons to organize, store, process, and
protect their data. Adhering to global principles ensures consistency, interoperability, and security in
handling data.

Fig. 1.2.2 Data management standards

28
 Cloud Application Developer

Understanding these fundamental concepts is vital for organiza ons to establish robust data
management prac ces worldwide.

General Principles and Basic Concepts:

· Data Governance: Data governance establishes policies, procedures, and responsibili es for
managing data throughout its lifecycle, ensuring quality, integrity, and compliance.

Steps:
· Define roles and responsibili es for data stewards and custodians.

· Implement policies for data classifica on, access controls, and lifecycle management.

Example: The Securi es and Exchange Board of India (SEBI) outlines data governance principles
for financial ins tu ons to ensure transparency and accountability.

· Data Quality Management: Data quality management focuses on maintaining accurate,

consistent, and reliable data by addressing issues such as completeness, accuracy, and meliness.

Steps:
· Establish data quality standards and metrics.
· Implement data profiling, cleansing, and valida on processes.

Example: The Reserve Bank of India (RBI) mandates data quality management prac ces to ensure
the accuracy and reliability of financial data.

· Data Lifecycle Management: Data lifecycle management involves managing data from crea on to
disposal, including storage, retrieval, archival, and eventual dele on.

Steps:
· Define data reten on and archival policies.
· Implement secure data destruc on procedures.
Example: The Na onal Informa cs Centre (NIC) in India follows data lifecycle management
prac ces for efficient handling of government data.

· Metadata Management: Metadata management involves capturing and managing metadata

(data about data) to enhance understanding, traceability, and discoverability of data assets.
Steps:

· Establish a metadata repository.

· Define metadata standards and tagging conven ons.

Example: The Unique Iden fica on Authority of India (UIDAI) uses metadata management to
track and manage Aadhaar-related data.

29
Par cipant Handbook

· Data Security and Privacy: Data security and privacy standards focus on safeguarding sensi ve
informa on, preven ng unauthorized access, and ensuring compliance with privacy regula ons.
Steps:
· Implement encryp on, access controls, and authen ca on mechanisms.

· Comply with data protec on laws such as the General Data Protec on Regula on (GDPR).
Example: The Telecom Regulatory Authority of India (TRAI) enforces data security and privacy
measures to protect telecom customer data.

Embracing these general principles and basic concepts of data management standards globally ensures
that organiza ons, including those in India, establish a robust founda on for effec ve, secure, and
compliant data management prac ces.

1.2.3 Compliance Mechanisms in Cloud Compu ng

Ensuring compliance with regula ons and industry standards is a cri cal aspect of adop ng cloud
compu ng. Various compliance mechanisms help organiza ons adhere to legal requirements, maintain
data integrity, and secure sensi ve informa on in the cloud.

Fig. 1.2.3 Cloud compu ng standards

30
 Cloud Application Developer

Understanding these mechanisms is essen al for organiza ons, including those in India, to navigate the
complex landscape of cloud compliance.

Compliance Mechanisms in Cloud Compu ng:

· Cer fica ons and Audits: Cer fica ons, such as ISO/IEC 27001 for informa on security
management, and audits validate that a cloud service provider adheres to specific security and
compliance standards.
Steps:

· Choose cloud providers with relevant cer fica ons.

· Regularly conduct third-party audits to assess compliance.
Example: Indian businesses may choose cloud providers like Microso Azure, which holds ISO/IEC
27001 cer fica on, ensuring adherence to interna onal security standards.

· Data Residency and Sovereignty: Compliance with data residency and sovereignty regula ons
ensures that data is stored and processed within specific geographical boundaries, mee ng legal
requirements.
Steps:

· Understand data protec on laws and regula ons in the jurisdic on.

· Choose cloud providers with data centers located in compliance with these regula ons.
Example: Adhering to India's data residency requirements, organiza ons may opt for cloud
providers like AWS, which has data centers in the country.

· Encryp on and Data Protec on: Implemen ng strong encryp on mechanisms and data
protec on measures help safeguard sensi ve informa on during storage, transmission, and
processing.

Steps:
· Use encryp on for data at rest and in transit.

· Employ access controls to restrict unauthorized access.

Example: Companies in India may u lize cloud services like Google Cloud, which offers robust
encryp on features for data security.

· Regulatory Compliance Frameworks: Adhering to regulatory compliance frameworks specific to

industries, such as healthcare (HIPAA) or finance (PCI DSS), ensures alignment with sector-specific
data protec on requirements.

Steps:
· Understand and implement controls specified in relevant regulatory frameworks.

31
Par cipant Handbook

· Regularly update policies to align with changing regula ons.

Example: Healthcare providers in India may choose cloud solu ons like IBM Cloud, which
complies with HIPAA regula ons for handling medical data securely.

· Contractual Agreements: Robust contractual agreements between cloud service providers and
organiza ons outline specific terms, responsibili es, and compliance measures, ensuring mutual
understanding.
Steps:

· Review and nego ate contractual terms.

· Clearly define data ownership, security, and compliance obliga ons.

Example: Organiza ons in India may engage with cloud providers like Oracle Cloud, establishing
detailed contractual agreements to address compliance requirements.

U lizing these compliance mechanisms allows organiza ons to confidently adopt cloud compu ng while
mee ng legal obliga ons, safeguarding data, and maintaining the trust of stakeholders.

Indian businesses can choose cloud providers and implement measures that align with both interna onal
and local compliance standards.

1.2.4 Crea ng a Cloud Account

Crea ng a cloud account is the first step towards gaining hands-on experience with various cloud services.
Whether it's Amazon Web Services (AWS), Microso Azure, Google Cloud Pla orm (GCP), or another
provider, this process allows you to explore, experiment, and learn about cloud compu ng.

Fig. 1.2.4 Cloud apps

32
 Cloud Application Developer

Below are generalized steps you can follow, though specifics may vary based on the cloud provider.

Steps to Create a Cloud Account:

Note: The following steps are general guidelines; you should refer to the specific cloud provider's official
website for accurate and updated instruc ons.

· Amazon Web Services (AWS):

¨ Visit AWS Website:

o Go to AWS.
¨ Create an AWS Account:

o Click on "Create an AWS Account."

o Follow the on-screen instruc ons to provide necessary informa on.

¨ Payment Informa on:

o AWS may require payment informa on, although certain services may be
available within a free er.
¨ Iden ty Verifica on:
o Complete the iden ty verifica on process to ac vate your account.

· Microso Azure:
¨ Access Azure Portal:

o Go to Azure portal.

¨ Start Free or Create Account:

o Click on "Start free" or "Create account."

o Sign in with your Microso account or create a new one.

¨ Provide Informa on:

o Follow the prompts to provide necessary informa on and set up your account.
¨ Payment Informa on:

o Azure may require credit card informa on, but it offers free services within
specific limits.

· Google Cloud Pla orm (GCP):

¨ Visit GCP Console:

o Go to Google Cloud Console.
¨ Get Started for Free:

33
Par cipant Handbook

o Click on "Get Started for Free" or "Try Free."

o Sign in with your Google account or create a new one.

¨ Set Up Your Account:

o Follow the steps to set up your account and project.
¨ Payment Informa on:

o GCP also offers a limited free er for certain services; you may need to provide
payment informa on.

· Indian Examples:

o AWS: Indian businesses like Tata Motors leverage AWS for scalable and secure cloud
infrastructure.
o Azure: Flipkart, one of India's largest e-commerce pla orms, relies on Microso Azure for
its cloud compu ng needs.

o GCP: ShareChat, a popular social media pla orm in India, u lizes Google Cloud for scalable
and efficient cloud opera ons.

Crea ng a cloud account opens up a world of possibili es for hands-on learning and experimenta on with
various cloud services, allowing you to explore the features and capabili es offered by different cloud
providers. Always be mindful of any associated costs and explore the available free ers for prac ce.

34
 Cloud Application Developer

Notes

35
Par cipant Handbook

UNIT 1.3: Roles & Responsibili es of Cloud Applica on Developer

Unit Objectives
At the end of this unit, you will be able to:
1. Explain the Roles & Responsibili es of "Cloud Applica on Developer ".

1.3.1 Roles & Responsibili es of "Cloud Applica on

Developer"
A Cloud Applica on Developer plays a pivotal role in designing, developing, and maintaining applica ons
that operate in cloud environments. As organiza ons increasingly adopt cloud technologies, the
responsibili es of a Cloud Applica on Developer become crucial for ensuring efficient, scalable, and
secure cloud-based solu ons.

Fig. 1.3.1 Cloud applica on developer

Roles & Responsibili es:

· Applica on Design and Development:

Responsibility: Architect and develop cloud-na ve applica ons, leveraging cloud services and
best prac ces.
Steps:

o Design scalable and resilient architectures.

o Develop applica ons using cloud-na ve frameworks and technologies.

36
 Cloud Application Developer

· Con nuous Integra on and Delivery (CI/CD):

Responsibility: Implement and manage CI/CD pipelines for seamless applica on deployment and
updates.

Steps:
o Set up automated tes ng and integra on processes.
o Ensure con nuous delivery of so ware updates.

· Cloud Migra on and Op miza on:

Responsibility: Re-engineer applica ons for cloud migra on and op mize their performance in
cloud environments.

Steps:

o Assess exis ng applica ons for cloud readiness.

o Op mize applica ons for cost efficiency and resource u liza on.

· Lifecycle Management:
Responsibility: Manage the en re applica on lifecycle, from development to deployment and
maintenance.
Steps:

o Monitor and troubleshoot applica on performance.

o Implement updates and enhancements as needed.

· Collabora on and Communica on:

Responsibility: Communicate effec vely with cross-func onal teams, stakeholders, and
management.
Steps:
o Collaborate with Dev Ops, QA, and other teams in the development pipeline.

o Provide regular updates on project progress.

· Security Integra on:

Responsibility: Integrate and implement security controls to protect applica ons and data in the
cloud.

Steps:
o Implement encryp on, access controls, and secure coding prac ces.

o Stay informed about cloud security best prac ces and updates.

37
Par cipant Handbook

· Learning and Adop on of New Technologies:

Responsibility: Stay abreast of emerging cloud technologies and con nuously upgrade skills.

Steps:
o A end training sessions and cer fica ons.
o Experiment with new cloud services and tools.

The role of a Cloud Applica on Developer is mul faceted, requiring a blend of technical exper se,
collabora on skills, and a commitment to staying updated with the evolving cloud landscape.

As organiza ons in India embrace cloud technologies, the contribu on of Cloud Applica on Developers
becomes integral to achieving success in the digital realm.

1.3.2 Do's and Don'ts for a "Cloud Applica on Developer"

As a Cloud Applica on Developer, adhering to best prac ces is crucial for designing, developing, and
maintaining effec ve cloud-based solu ons.

Fig. 1.3.2 Do's and don'ts

38
 Cloud Application Developer

Here are some Do's and Don'ts to guide professionals in this role:

Do's Don'ts

Stay Updated with Cloud Technologies: Keep Neglect Security Measures: Don't forget to
learning about the latest tools and services in implement measures like encryp on and access
cloud compu ng to stay current. controls to protect your applica ons and data.

Embrace Cloud-Na ve Development: Use Ignore Collabora on with Other Teams: Work
m o d e r n c l o u d - n a v e p r a c c e s , l i k e closely with other teams like DevOps and QA; avoid
microservices and serverless, for building working in isola on.
scalable applica ons.

Implement Security Best Prac ces: Priori ze Overlook Cost Management: Keep an eye on your
security with encryp on, secure coding, and cloud costs to avoid unexpected expenses and
regular security updates. op mize resource usage.

Collaborate with Cross-Func onal Teams: Depend Solely on Tradi onal Development
Work together with different teams for a Approaches: Embrace cloud-na ve prac ces
smoother development process. instead of s cking to tradi onal development
methods.

Op mize for Scalability and Performance: Skip Con nuous Monitoring: Regularly monitor
Design applica ons that can handle growth and your applica ons to catch and fix performance
perform well under different condi ons. issues early.

Automate Processes with CI/CD: Use Underes mate the Importance of Documenta on:
con nuous integra on and delivery for Document your code and processes for be er
automated tes ng and deployment. collabora on and troubleshoo ng.

Monitor and Troubleshoot Proac vely: Stay Avoid Adop ng CI/CD Prac ces: Don't neglect the
proac ve in iden fying and solving issues benefits of automated tes ng and con nuous
before they impact users. deployment.

Follow Cloud Cost Op miza on Prac ces: Neglect Proac ve Troubleshoo ng: Be proac ve in
Manage your cloud costs effec vely to avoid iden fying and addressing poten al issues before
unnecessary expenses. they become cri cal.

Document Code and Architectures: Keep Ignore Scalability Requirements: Consider future
thorough documenta on to assist your team growth when designing applica ons; don't overlook
and future developers. scalability.

Par cipate in Con nuous Learning: Keep Stop Learning and Upda ng Skills: Stay curious and
upda ng your skills through training and con nue learning, as the cloud landscape evolves.
cer fica ons.

39
Par cipant Handbook

Following these Do's and avoiding the corresponding Don'ts will help you navigate the cloud development
landscape effec vely and contribute to the success of your projects.

1.3.3 Personal A ributes of a "Cloud Applica on Developer"

The personal a ributes of a Cloud Applica on Developer are essen al for success in the dynamic and
collabora ve field of cloud compu ng.

Here are some key personal a ributes that are valuable for a Cloud Applica on Developer:

· Effec ve Communica on Skills: Facilitates collabora on with cross-func onal teams and ensures
effec ve project communica on.

· Collabora on and Teamwork: Promotes a harmonious work environment and contributes to the
success of the overall development process.

· Problem-Solving Ap tude: Enables proac ve iden fica on and resolu on of challenges in cloud-
based applica ons.

· Adaptability and Flexibility: Cloud environments evolve rapidly; adaptability ensures effec ve
response to changes.

· Con nuous Learning Mindset: Enables the developer to evolve with the dynamic nature of cloud
compu ng.

· A en on to Security: Ensures the implementa on of robust security controls for safeguarding

applica ons and data.

· Innova ve Thinking: Drives the development of efficient and innova ve cloud-based

applica ons.

· Analy cal and Cri cal Thinking: Essen al for op mizing applica on performance and making
data-driven decisions.

· Detail-Oriented Approach: Minimizes errors, enhances code quality, and supports effec ve
troubleshoo ng.

· Zeal to Learn New Things: Drives the con nuous improvement of skills and the adop on of
innova ve approaches.

· Time Management Skills: Ensures the mely delivery of high-quality cloud applica ons.

· Customer-Centric Approach: Ensures the development of user-friendly and impac ul cloud

solu ons

40
 Cloud Application Developer

Fig. 1.3.3 Personal a ributes for cloud applica on developer

1.3.4 Career Opportuni es of a "Cloud Applica on Developer"

Developing a cloud applica on entails construc ng a cloud-based applica on through various so ware
development stages, ensuring readiness for launch into the market.

Leading cloud applica on development teams leverage DevOps prac ces and tools such as Kubernetes to
op mize the development and deployment processes.

Fig. 1.3.4 Prac ces in cloud compu ng

41
Par cipant Handbook

Cloud Applica on Developer' may have these op ons for pursuing their career:

· Cloud So ware Engineer: Design and develop cloud-na ve applica ons for leading tech
companies.

· Cloud Solu ons Architect: Lead the design of scalable and secure cloud solu ons for enterprises.

· DevOps Engineer: Op mize development workflows and automate deployment processes.

· Cloud Security Engineer: Implement and maintain security measures for cloud applica ons and
infrastructure.

· Machine Learning Engineer (with Cloud): Contribute to AI and data science projects using cloud
services.

· Full-Stack Cloud Developer: Create end-to-end solu ons with both front-end and back-end
development skills.

· Cloud Consultant: Provide expert advice on cloud adop on and op miza on.

· Cloud Product Manager: Oversee the development of successful cloud-based products.

· Cloud Opera ons Engineer: Manage and op mize cloud infrastructure for high availability.

· IoT Cloud Developer: Develop IoT applica ons leveraging cloud pla orms.

· Cloud Data Engineer: Design and implement data pipelines and analy cs solu ons in the cloud.

· Cloud Training and Cer fica on Specialist: Provide training programs on cloud technologies for
professionals and organiza ons.

42
 Cloud Application Developer

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is the fundamental concept behind "cloud compu ng," and how does it differ from
tradi onal compu ng?
2. Why is the evolu on of cloud compu ng considered significant in the IT landscape?
3. What are some key business drivers that mo vate organiza ons to adopt cloud technologies?
4. Can you provide examples of use cases for cloud technologies across industry ver cals?
5. How do cloud deployment models play a crucial role in shaping an organiza on's IT
infrastructure?
Fill-in-the-Blanks:
1. Cloud service models include __________, __________, and __________.
A) Infrastructure as a Service (IaaS)
B) So ware as a Service (SaaS)
C) Pla orm as a Service (PaaS)
2. One essen al characteris c of cloud compu ng is __________, allowing resources to be scaled
up or down based on demand.
A) Elas city
B) Rigidity
3. __________ is a popular virtualiza on technology in cloud compu ng, enabling mul ple
virtual machines to run on a single physical host.
A) VirtualBox,
B) VMware
4. The _____ deployment model involves the use of both on-premises and cloud infrastructure.
A) Public Cloud
B) Hybrid Cloud
5. The __________ principle emphasizes ensuring that data is secure and separated logically in a
cloud environment.
A) Data Fusion
B) Data Separa on
True/False Ques ons:
1. Cloud service models include only So ware as a Service (SaaS) and Infrastructure as a Service
(IaaS).
2. Mul -cloud deployment involves using a single cloud service provider for all organiza onal
needs.
3. Cloud security controls are not necessary, as the cloud provider handles all security aspects.
4. Popular cloud compu ng tools/pla orms include only open-source solu ons.
5. Compliance mechanisms associated with cloud compu ng remain consistent across different
industries and regions.

43
Par cipant Handbook

Notes

44
 Cloud Application Developer

45
2. Development Tools
and Usage

Unit 2.1 - Programming Concepts in Cloud Compu ng

Unit 2.2 - Development Tools and Usage in Cloud Applica on

Bridge Module
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:
1. Evaluate the programming concepts applicable to cloud compu ng.

2. Discuss popular tools/pla orms used for programming in cloud environment.

3. Use appropriate tools for building, debugging, tes ng, tuning, and maintaining programs.

4. Use scrip ng languages to automate tasks and write simple programs in cloud environment.

5. Use various cloud compu ng pla orms and services.

6. Describe the procedure to assess so ware development needs and changes.

7. Discuss coding principles and best prac ces.

8. Configure opera ng system components.

47
 Cloud Application Developer

UNIT 2.1: Programming Concepts in Cloud Compu ng

Unit Objectives
At the end of this unit, you will be able to:
1. Evaluate the programming concepts applicable to cloud compu ng.
2. Discuss coding principles and best prac ces.
3. Use scrip ng languages to automate tasks and write simple programs in a cloud environment.
4. Discuss popular tools/pla orms used for programming in the cloud environment.

2.1.1 Future Skills Sub-sector

Future skills encompass the array of competencies, capabili es, and knowledge projected to be highly
sought-a er in the forthcoming job market. These skills are an cipated to assist individuals in naviga ng
the swi ly changing technological, economic, and social landscape of the future.

Fig. 2.1.1 Future skills

NASSCOM (Na onal Associa on of So ware and Service Companies) is an industry associa on in India
with a focus on the IT-BPM (Informa on Technology-Business Process Management) sector.

Fig. 2.1.2 NASSCOM

48
Par cipant Handbook

Opera ng under NASSCOM, a Skills of the Future Workgroup was established, featuring industry
representa ves, to comprehend the repercussions of technological disrup ons. Led by BCG (Boston
Consul ng Group), a study was conducted to delineate future skilling and reskilling ini a ves capable of
addressing the digital disrup on wave. The research iden fied technologies poised for substan al
growth, associated job roles, and the requisite skills for those technologies.

FutureSkills is dedicated to 155+ skills across 70+ job roles spanning 10 emerging technologies, including
Ar ficial Intelligence, Blockchain, Big Data Analy cs, Cloud Compu ng, Cyber Security, Internet of Things,
Mobile Tech, Robo c Process Automa on, Virtual Reality, and 3D Prin ng.

FutureSkills Prime, India's Technology Skilling Hub, is a collabora ve effort by NASSCOM and MeitY,
aiming to transform India into a Digital Talent Na on.

FutureSkills Prime serves as an innova ve and progressive ecosystem, equipping learners with cu ng-
edge skills crucial in today's rapidly evolving digital landscape.

With NASSCOM as the driving force, the IT-ITeS industry has risen to the occasion through the FutureSkills
Ini a ve – an industry-driven learning ecosystem.

Fig. 2.1.3 FutureSkills prime

49
 Cloud Application Developer

2.1.2 Diverse Occupa ons within Future Skills Sub-sector

The diverse occupa ons within the Future Skills sub-sector encompass a wide range of roles that are
essen al for addressing the evolving demands of the digital landscape. These occupa ons reflect the
need for a mul dimensional skill set that goes beyond tradi onal job roles.

Some examples of diverse occupa ons within the Future Skills sub-sector may include:

· Data Analysts: Responsible for analyzing and interpre ng complex data sets to derive meaningful
insights, suppor ng informed decision-making.

· Cybersecurity Specialists: Focus on safeguarding digital systems, networks, and data from cyber
threats, ensuring the security and integrity of informa on.

· User Experience (UX) Designers: Design and enhance the overall user experience of digital
products, ensuring they are intui ve, user-friendly, and align with user expecta ons.

· Ar ficial Intelligence (AI) Engineers: Develop and implement AI algorithms and solu ons,
leveraging machine learning and data science to create intelligent applica ons.

· Cloud Architects: Design and manage cloud infrastructure, enabling organiza ons to leverage
cloud services for scalability, flexibility, and efficiency.

· Digital Marke ng Specialists: Employ digital channels and strategies to promote products or
services, u lizing analy cs to op mize marke ng campaigns.

· Augmented Reality (AR) and Virtual Reality (VR) Developers: Create immersive digital
experiences using AR and VR technologies, applicable in diverse fields such as gaming, educa on,
and healthcare.

· Blockchain Developers: Work on developing secure and transparent blockchain-based solu ons
for applica ons like secure transac ons and smart contracts.

· DevOps Engineers: Bridge the gap between development and opera ons, focusing on
collabora on, automa on, and con nuous improvement in the so ware development lifecycle.

· Content Creators and Managers: Develop and manage digital content for various pla orms,
including websites, social media, and other online channels.

· Robo c Process Automa on (RPA) Specialists: Implement automa on solu ons using RPA
technologies to streamline and op mize repe ve business processes.

· IoT (Internet of Things) Specialists: Design and implement solu ons involving interconnected
devices, contribu ng to the development of smart and interconnected systems.

50
Par cipant Handbook

Fig. 2.1.4 Diverse occupa ons in futureskills

These occupa ons highlight the interdisciplinary nature of the Future Skills sub-sector, where
professionals need a combina on of technical, analy cal, crea ve, and collabora ve skills to excel in their
roles. The diversity of occupa ons underscores the need for a versa le workforce capable of addressing
the mul faceted challenges of the digital era.

51
 Cloud Application Developer

2.1.3 Applicability of Programming Concepts to Cloud

Compu ng
Programming in the cloud involves understanding and applying specific concepts tailored to the dynamic
and distributed nature of cloud compu ng. Evalua ng these programming concepts is crucial for
developing scalable, efficient, and resilient cloud applica ons.

Steps:

· Scalability and Elas city: Cloud applica ons must scale seamlessly based on demand, and
elas city ensures resources expand or contract dynamically.
o Importance: Enables handling varying workloads efficiently.

o Example: In India, during fes val seasons, e-commerce pla orms experience increased
traffic, demanding scalable cloud applica ons to handle the surge.

· Distributed Compu ng: Cloud applica ons o en operate across distributed resources, requiring
developers to design for distributed compu ng.

o Importance: Facilitates efficient u liza on of resources across various geographical

loca ons.
o Example: Distributed databases in cloud-based healthcare systems managing pa ent
records across mul ple clinics.

· Service-Oriented Architecture (SOA): SOA involves designing applica ons as a collec on of

loosely coupled services, enhancing flexibility and maintainability.
o Importance: Simplifies applica on development and integra on in the cloud.

o Example: Indian banking systems adop ng SOA for seamless integra on of various financial
services.

· Data Storage and Management: Effec ve management of data in distributed cloud

environments, u lizing services like databases and data lakes.

o Importance: Ensures data availability, accessibility, and reliability.

o Example: Cloud-based agricultural pla orms in India managing diverse data sources for
precision farming.

· Security and Compliance: Programming for cloud environments involves incorpora ng robust
security measures and adhering to compliance standards.
o Importance: Safeguards sensi ve data and ensures regulatory compliance.

o Example: Government ini a ves in India adop ng cloud solu ons with stringent security
and compliance requirements.

· Event-Driven Programming: Cloud applica ons o en respond to events or triggers, requiring

event-driven programming for efficient handling.

52
Par cipant Handbook

o Importance: Enhances responsiveness and agility in cloud applica ons.

o Example: E-commerce pla orms in India using event-driven programming for real- me
order processing and inventory updates.

Fig. 2.1.5 Concepts to cloud compu ng

Examples:
· Aadhaar Authen ca on Services:
o Programming Concept Applied: Scalability and Elas city.
o Explana on: The Aadhaar Authen ca on Services in India need to handle variable loads
efficiently, especially during government-related ac vi es.
· Goods and Services Tax Network (GSTN):
o Programming Concept Applied: Service-Oriented Architecture (SOA).
o Explana on: GSTN in India relies on a service-oriented architecture to integrate various tax-
related services seamlessly.
· Na onal Digital Health Mission (NDHM):
o Programming Concept Applied: Data Storage and Management.
o Explana on: NDHM u lizes cloud-based solu ons for efficient storage and management of
health records across the country.

Understanding and applying these programming concepts is essen al for developers to harness the full
poten al of cloud compu ng in diverse Indian contexts.

53
 Cloud Application Developer

2.1.4 Coding Principles and Best Prac ces

Coding principles and best prac ces are essen al guidelines that developers follow to write high-quality,
maintainable, and efficient code. In the context of cloud applica on development, adhering to these
principles becomes crucial for crea ng robust and scalable applica ons.

Fig. 2.1.6 Coding principles

Steps:

· Modularity and Code Reusability: Break code into modular components, promo ng reusability
and ease of maintenance.

o Importance: Enhances scalability and reduces redundancy in cloud applica ons.

o Example: Indian e-commerce pla orms use modular components for checkout, cart
management, and user authen ca on, promo ng code reuse.

· Scalability and Performance Op miza on: Write code that scales horizontally and op mizes
performance for varying workloads.
o Importance: Ensures applica ons can handle increased demand in cloud environments.
o Example: Scalable coding prac ces applied to handle spikes in traffic during online sales
events in India.

· Error Handling and Logging: Implement robust error-handling mechanisms and comprehensive
logging for effec ve debugging and issue resolu on.

o Importance: Facilitates quick iden fica on and resolu on of issues in cloud applica ons.

o Example: Indian financial applica ons use extensive logging for audi ng and rapid issue
resolu on.

54
Par cipant Handbook

· Security-Centric Coding: Priori ze security considera ons in code design, incorpora ng measures
like input valida on and encryp on.
o Importance: Safeguards against security vulnerabili es and protects sensi ve data.

o Example: Indian government portals apply security-centric coding prac ces to protect
ci zen data and ensure confiden ality.

· Documenta on and Comments: Document code comprehensively and include comments to

enhance readability and ease of collabora on.

o Importance: Assists other developers and ensures the sustainability of the codebase in
cloud projects.
o Example: Documenta on prac ces followed in Indian so ware development firms to
maintain a clear understanding of code func onality.

Examples:

· Unified Payments Interface (UPI) Integra on:

o Coding Principle Applied: Modularity and Code Reusability.

o Explana on: UPI integra ons in various Indian applica ons o en reuse modular
components for payment processing, ensuring a consistent and reliable user experience.

· Traffic Management in Smart Ci es:

o Coding Principle Applied: Scalability and Performance Op miza on.

o Explana on: Coding prac ces applied in traffic management systems for smart ci es in
India ensure the system can handle increased data and user demands during peak mes.

· Goods and Services Tax Network (GSTN) Security Measures:

o Coding Principle Applied: Security-Centric Coding.

o Explana on: GSTN in India follows stringent security-centric coding prac ces to safeguard
against poten al vulnerabili es and protect sensi ve tax-related data.

· Arogya Setu Contact Tracing App:

o Coding Principle Applied: Documenta on and Comments.
o Explana on: The Arogya Setu app in India is extensively documented, facilita ng
transparency and understanding of the codebase for developers and stakeholders.

Adhering to coding principles and best prac ces is crucial for the success of cloud applica ons, especially
in the context of India's diverse and dynamic technological landscape

55
 Cloud Application Developer

2.1.5 Scrip ng Languages to Automate Tasks and Write

Simple Programs
Scrip ng languages play a pivotal role in automa ng tasks and wri ng efficient programs, especially in
cloud environments where agility and automa on are paramount. Leveraging scrip ng languages
enables developers to streamline rou ne processes, enhance produc vity, and op mize resource
u liza on in the cloud.

Fig. 2.1.7 Scrip ng languages

Steps:
· Selec ng a Scrip ng Language:
o Descrip on: Choose a suitable scrip ng language based on the cloud environment's
compa bility and the specific tasks to be automated.
o Importance: Ensures seamless integra on with cloud services and pla orms.
o Example: Using Python for automa on in Amazon Web Services (AWS) due to its extensive
library support and AWS SDK.
· Iden fying Target Tasks for Automa on:
o Descrip on: Iden fy repe ve or me-consuming tasks that can be automated to improve
efficiency.
o Importance: Targets areas where automa on can have a significant impact on produc vity.
o Example: Automa ng the provisioning of virtual machines in Microso Azure using
PowerShell scripts.

55
Par cipant Handbook

· Wri ng Automa on Scripts:

o Descrip on: Develop scripts to automate iden fied tasks, ensuring simplicity and clarity in
the code.
o Importance: Facilitates easy maintenance and modifica on of scripts.
o Example: Wri ng a Bash script to automate rou ne backup tasks in a cloud-based Linux
server.
· Tes ng and Debugging:
o Descrip on: Thoroughly test and debug the scripts to ensure they func on correctly in the
cloud environment.
o Importance: Prevents errors and ensures the reliability of automated processes.
o Example: Tes ng and debugging a script that automates the deployment of containers in a
cloud-based Kubernetes cluster.
· v.Integra on with Cloud Services:
o Descrip on: Integrate the scripts with relevant cloud services and APIs to enable seamless
interac on.
o Importance: Enhances the script's func onality and ensures effec ve u liza on of cloud
resources.
o Example: Integra ng a script with the Google Cloud Storage API to automate data backups
in Google Cloud Pla orm (GCP).
Examples:
· Automated Data Backup for E-Governance Portals:
o Scrip ng Language Used: Python
o Explana on: E-Governance portals in India use Python scripts to automate data backup
processes, ensuring data integrity and availability.

Fig. 2.1.8 E-governance

57
 Cloud Application Developer

· Cloud-Based Educa onal Pla orms:

o Scrip ng Language Used: JavaScript (Node.js)

o Explana on: Educa onal pla orms in India leverage JavaScript scripts to automate tasks
like user authen ca on and content delivery in cloud-based learning environments.

· Healthcare Data Processing in Cloud:

o Scrip ng Language Used: PowerShell

o Explana on: Healthcare systems in India u lize PowerShell scripts for automa ng the
processing of medical data in cloud environments, ensuring efficiency and accuracy.

· Automated Resource Scaling for E-Commerce:

o Scrip ng Language Used: Ruby
o Explana on: E-commerce pla orms in India employ Ruby scripts to automate the scaling of
resources based on demand, op mizing performance during peak traffic periods.

Leveraging scrip ng languages for automa on in the cloud is a common prac ce in various sectors in
India, streamlining processes and enhancing the overall efficiency of cloud-based opera ons.

2.1.6 Tools/Pla orms used for Programming in the Cloud

Environment
Programming in the cloud environment involves u lizing a range of tools and pla orms designed to
enhance development, deployment, and management of applica ons. These tools and pla orms
streamline the development lifecycle, offering features tailored to the dynamic nature of cloud
compu ng

Fig. 2.1.9 Programming in cloud environment

58
Par cipant Handbook

Steps:

· Integrated Development Environments (IDEs): Select an IDE that supports cloud development,
offering features such as code edi ng, debugging, and integrated deployment.
o Importance: Enhances developer produc vity and streamlines the coding process in the
cloud.

o Example: Visual Studio Code with Azure Extension for seamless cloud development in
Microso Azure.

· Containeriza on Tools: Employ containeriza on tools to encapsulate applica ons and

dependencies, ensuring consistency across different environments.
o Importance: Simplifies deployment and scaling in cloud-na ve architectures.
o Example: Docker for containeriza on, widely used in India for building portable and
scalable applica ons.

· Con nuous Integra on/Con nuous Deployment (CI/CD) Pla orms: Implement CI/CD pla orms
to automate the building, tes ng, and deployment of applica ons in cloud environments.
o Importance: Facilitates faster and more reliable so ware delivery.

o Example: Jenkins, commonly used in India for automa ng the CI/CD pipeline in cloud-
based projects.

· Configura on Management Tools: U lize configura on management tools to automate and

manage infrastructure configura ons in the cloud.

o Importance: Ensures consistency and scalability in cloud environments.

o Example: Ansible, widely adopted in India for configuring and managing cloud
infrastructure.

· Serverless Frameworks:
Leverage serverless frameworks for building and deploying applica ons without managing server
infrastructure.
o Importance: Enhances efficiency and reduces opera onal overhead.

o Example: AWS Serverless Applica on Model (SAM), used in India for serverless applica on
development in AWS.
Examples:

· E-Governance Portals with Visual Studio Code:

o Tool/Pla orm Used: Visual Studio Code with Azure Extension

o Explana on: Indian e-governance portals o en u lize Visual Studio Code with Azure
Extension for efficient cloud development, especially in Microso Azure environments.

59
 Cloud Application Developer

· Containeriza on in Indian FinTech Apps with Docker:

o Tool/Pla orm Used: Docker

o Explana on: Indian FinTech applica ons adopt Docker for containeriza on, ensuring
consistent and scalable deployment across various financial services.

· CI/CD Automa on in Indian E-Commerce with Jenkins:

o Tool/Pla orm Used: Jenkins
o Explana on: Indian e-commerce pla orms employ Jenkins for automa ng the CI/CD
pipeline, facilita ng rapid and reliable so ware delivery.

· Ansible for Cloud Infrastructure in Indian Healthcare:

o Tool/Pla orm Used: Ansible

o Explana on: Healthcare systems in India rely on Ansible for configura on management
and automa on of cloud infrastructure.

· AWS Serverless Applica ons in Indian Startups:

o Tool/Pla orm Used: AWS Serverless Applica on Model (SAM)

o Explana on: Startups in India leverage AWS SAM for developing serverless applica ons,
reducing infrastructure management complexi es.

These tools and pla orms contribute to the efficiency and effec veness of cloud development in India,
suppor ng diverse industries in adop ng cloud-na ve prac ces.

60
Par cipant Handbook

Notes

61
Par cipant Handbook

UNIT 2.2: Development Tools and Usage in Cloud Applica on

Development

Unit Objectives
At the end of this unit, you will be able to:
1. Use appropriate tools for building, debugging, tes ng, tuning, and maintaining programs.
2. Use various cloud compu ng pla orms and services.
3. Describe the procedure to assess so ware development needs and changes.
4. Configure opera ng system components.

2.2.1 Tools for Building, Debugging, Tes ng, Tuning and

Maintaining Programs
Efficient cloud applica on development involves the use of a comprehensive set of tools that cover the
en re so ware development lifecycle.

Fig. 2.2.1 Debugging of tes ng programs

These tools aid in building, debugging, tes ng, tuning, and maintaining programs, ensuring a streamlined
and error-free development process in the cloud environment.

62
 Cloud Application Developer

Steps:

· Building Programs: Employ build tools to compile source code into executable binaries or
deployable ar facts.

o Importance: Ensures the crea on of deployable packages for cloud applica ons.
o Example: Maven for building Java applica ons, widely used in India for projects requiring
robust build processes.

· Debugging Applica ons: U lize debugging tools integrated into IDEs or standalone debuggers to
iden fy and resolve issues in the code.
o Importance: Facilitates efficient troubleshoo ng during the development phase.
o Example: Visual Studio Debugger for debugging .NET applica ons, commonly used in
Indian so ware development.

· Tes ng Programs: Implement tes ng frameworks and tools to automate the tes ng process,
ensuring the reliability of the applica on.

o Importance: Validates the func onality and performance of the program.

o Example: JUnit for Java applica ons, widely adopted in India for unit tes ng in cloud
projects.

· Tuning Performance: Employ profiling and performance tuning tools to iden fy and op mize
bo lenecks in the code.

o Importance: Enhances the applica on's efficiency and responsiveness in cloud

environments.

o Example: YourKit Profiler for Java applica ons, used in India for performance tuning in
cloud-based systems.

· Maintaining Programs: Use version control systems and collabora on tools to manage code
changes, updates, and collabora on among team members.

o Importance: Facilitates collabora on and ensures code maintainability in the cloud

development lifecycle.
o Example: Git for version control, extensively used in India for collabora ve so ware
development.
Examples:

· Maven for E-Governance Projects:

o Tool Used: Maven

o Explana on: E-Governance projects in India o en use Maven for building Java applica ons,
ensuring a standardized build process.

63
Par cipant Handbook

· Visual Studio Debugger in Indian IT Services:

o Tool Used: Visual Studio Debugger
o Explana on: IT services companies in India leverage Visual Studio Debugger for debugging
.NET applica ons, ensuring the reliability of so ware solu ons.

· JUnit Tes ng in Indian Banking Applica ons:

o Tool Used: JUnit

o Explana on: Banking applica ons in India implement JUnit for unit tes ng, verifying the
correctness of so ware func onali es.

· YourKit Profiler for Cloud Healthcare Solu ons:

o Tool Used: YourKit Profiler

o Explana on: Healthcare solu ons in India u lize YourKit Profiler for Java applica ons to
tune performance in cloud-based systems.

· Git for Collabora ve Development in Indian Startups:

o Tool Used: Git

o Explana on: Startups in India rely on Git for version control and collabora ve
development, ensuring efficient code management.

By integra ng these tools into the cloud development process, developers in India can build, debug, test,
tune, and maintain programs effec vely, contribu ng to the success of diverse projects across industries.

2.2.2 Cloud Compu ng Pla orms and Services

Leveraging various cloud compu ng pla orms and services is fundamental for developing scalable,
flexible, and cost-effec ve applica ons. Cloud pla orms provide a wide array of services, allowing
developers to build, deploy, and manage applica ons without the need for on-premises infrastructure.

Fig. 2.2.1 Debugging of tes ng programs

64
 Cloud Application Developer

Steps:

· Pla orm Selec on: Choose a cloud compu ng pla orm based on the specific requirements of the
project. Popular pla orms include AWS, Azure, Google Cloud, and others.

o Importance: Determines the set of services and features available for applica on
development.
o Example: Selec ng AWS for its extensive service offerings when developing cloud-based
solu ons in an Indian e-commerce project.

· Compute Services: U lize compute services such as virtual machines (VMs), containers, and
serverless compu ng to run applica ons.
o Importance: Enables scalable and flexible compu ng resources based on demand.

o Example: Deploying microservices using containeriza on in an Indian healthcare

applica on on Google Cloud's Kubernetes Engine.

· Storage Services: Leverage storage services for efficient data management, including object
storage, file storage, and database solu ons.

o Importance: Facilitates data storage, retrieval, and management in a scalable manner.

o Example: Using Amazon S3 for storing mul media content in an Indian media streaming
applica on.

· Networking Services: Configure networking services for connec ng and securing applica ons,
including load balancers, content delivery networks (CDNs), and virtual networks.
o Importance: Ensures reliable and secure communica on between applica on
components.

o Example: Implemen ng a content delivery network in an Indian e-learning pla orm to

op mize content delivery for users across different regions.

· Iden ty and Access Management (IAM): Implement IAM services to control access and
permissions for users and applica ons.

o Importance: Enhances security by managing user iden es and restric ng unauthorized

access.
o Example: Configuring IAM roles and policies for secure access control in an Indian financial
so ware applica on on Azure.
Examples:

· E-Governance Portal on Microso Azure:

o Pla orm Used: Microso Azure

o Services Leveraged: Azure Virtual Machines, Azure Blob Storage, Azure Virtual Network
o Explana on: An Indian e-governance portal u lizes Azure for hos ng virtual machines,

65
Par cipant Handbook

storing data, and ensuring a secure virtual network.

· E-Commerce Applica on on AWS:

o Pla orm Used: Amazon Web Services (AWS)

o Services Leveraged: AWS EC2, Amazon S3, AWS Lambda

o Explana on: An Indian e-commerce applica on deploys virtual machines, u lizes S3 for
storage, and leverages serverless func ons with AWS Lambda.

· Google Cloud for Healthcare Analy cs:

o Pla orm Used: Google Cloud Pla orm (GCP)

o Services Leveraged: Google Kubernetes Engine (GKE), Google Cloud Storage

o Explana on: A healthcare analy cs pla orm in India uses GCP's Kubernetes Engine for
container orchestra on and Google Cloud Storage for data storage.

· Media Streaming Service on IBM Cloud:

o Pla orm Used: IBM Cloud
o Services Leveraged: IBM Cloud Object Storage, IBM Cloud CDN

o Explana on: An Indian media streaming service u lizes IBM Cloud for object storage and
content delivery through CDN.

· Educa onal Pla orm on Oracle Cloud:

o Pla orm Used: Oracle Cloud

o Services Leveraged: Oracle Compute, Oracle Database Cloud Service
o Explana on: An educa onal pla orm in India u lizes Oracle Cloud for compu ng resources
and managed database services.

By harnessing the capabili es of various cloud compu ng pla orms and services, developers in India can
create innova ve and scalable solu ons across diverse industries. The choice of pla orm and services
depends on specific project requirements and desired func onali es.

2.2.3 Assess So ware Development Needs and Changes

Assessing so ware development needs and changes is a crucial process to ensure that the evolving
requirements of a project are met effec vely. This procedure involves systema cally evalua ng the
exis ng so ware, understanding user feedback, and iden fying areas for improvement or modifica on.

66
 Cloud Application Developer

Fig. 2.2.3 So ware development needs

Steps:

· User Feedback and Requirements Gathering: Collect feedback from end-users and stakeholders
to understand their needs and expecta ons.

o Importance: Provides valuable insights into user experiences and iden fies poten al areas
for enhancement.
o Example: In Indian e-commerce pla orms, gathering feedback from customers helps in
assessing user sa sfac on and iden fying features that need improvement.

· Impact Analysis: Conduct an impact analysis to assess how proposed changes or new features
may affect the exis ng system.

o Importance: Helps in understanding the poten al implica ons on the overall so ware
architecture and func onality.
o Example: Indian banking so ware undergoes impact analysis before introducing new
financial products to ensure seamless integra on and compliance.

· Technical Assessment: Evaluate the technical feasibility of proposed changes, considering factors
like compa bility, scalability, and maintainability.
o Importance: Ensures that the proposed changes align with the technical capabili es and
constraints of the exis ng so ware.

o Example: Assessing the technical feasibility of integra ng new payment gateways in Indian
e-wallet applica ons.

· Cost-Benefit Analysis: Perform a cost-benefit analysis to weigh the poten al advantages of the
proposed changes against the associated costs.

o Importance: Assists in decision-making by iden fying whether the benefits jus fy the

67
Par cipant Handbook

investment in so ware changes.

o Example: Indian healthcare management systems conduct cost-benefit analyses before
implemen ng updates to op mize pa ent care processes.

· Regulatory and Compliance Review: Ensure that any proposed changes comply with relevant
regula ons and industry standards.
o Importance: Mi gates legal risks and ensures the so ware remains compliant with the
applicable norms.

o Example: Evalua ng changes to tax calcula on algorithms in Indian financial so ware to

comply with updated tax regula ons.

· Stakeholder Communica on and Approval: Communicate proposed changes to relevant

stakeholders and seek their approval before implementa on.

o Importance: Ensures transparency and aligns development efforts with organiza onal
goals.

o Example: Indian government so ware undergoes stakeholder approval processes before

implemen ng changes to ensure alignment with policy objec ves.
Examples:

· Mobile Banking App Enhancement for User Experience:

o Procedure Followed: Impact Analysis, User Feedback, Stakeholder Communica on

o Explana on: A popular Indian bank assessed user feedback, conducted an impact analysis,
and communicated proposed changes before enhancing its mobile banking app to improve
user experience.

· E-commerce Pla orm Feature Addi on:

o Procedure Followed: Technical Assessment, Cost-Benefit Analysis, Stakeholder
Communica on

o Explana on: An Indian e-commerce pla orm assessed the technical feasibility and
conducted a cost-benefit analysis before adding a new feature, ensuring alignment with
business goals.

· Educa onal So ware Update for Regulatory Compliance:

o Procedure Followed: Regulatory and Compliance Review, Technical Assessment
o Explana on: Educa onal so ware in India underwent a regulatory compliance review and
technical assessment before an update to align with changing educa onal norms.

· Healthcare Management System Op miza on:

o Procedure Followed: User Feedback, Cost-Benefit Analysis, Stakeholder Communica on

o Explana on: A healthcare management system in India gathered user feedback,

68
 Cloud Application Developer

conducted a cost-benefit analysis, and communicated proposed op miza ons before

implementa on to enhance pa ent care processes.

Assessing so ware development needs and changes in India involves a systema c approach that
considers user feedback, technical aspects, regulatory requirements, and stakeholder approval to ensure
successful so ware enhancements.

2.2.4 Configure Opera ng System Components

Configuring opera ng system components is a cri cal aspect of op mizing performance and ensuring the
stability of a system. In the context of cloud applica on development, understanding how to configure
opera ng system components is essen al for crea ng an environment that supports the efficient
execu on of applica ons and services.

Fig. 2.2.4 Configuring opera ng system components

Steps:

· System Resource Configura on: Adjust system resource se ngs such as CPU alloca on, memory
limits, and disk space to op mize performance.

o Importance: Ensures that the opera ng system allocates resources effec vely to meet the
requirements of running applica ons.
o Example: In Indian cloud-based infrastructure, configuring AWS EC2 instances to allocate
appropriate resources based on the workload.

· Network Configura on: Configure network se ngs, including IP addresses, rou ng tables, and
firewall rules, to establish connec vity and secure communica on.

o Importance: Enables applica ons to communicate within the network and ensures
network security.

69
Par cipant Handbook

o Example: Configuring networking components in a cloud-based data center in India to

facilitate seamless communica on between services.

· User and Permission Management: Manage user accounts, groups, and permissions to control
access to system resources and enhance security.

o Importance: Ensures that only authorized users have access to specific components and
func onali es.
o Example: Configuring user permissions in Indian government portals to restrict access to
sensi ve informa on.

· Service Configura on: Configure and manage system services and daemons to ensure they start
automa cally and run efficiently.
o Importance: Facilitates the smooth opera on of essen al services and applica ons.

o Example: Configuring Apache or Nginx web servers in Indian e-commerce pla orms to
handle web traffic efficiently.

· File System Configura on: Adjust file system se ngs, including file permissions and storage
quotas, to organize and secure data effec vely.

o Importance: Op mizes storage u liza on and safeguards data integrity.

o Example: Configuring file system permissions for cloud-based storage solu ons in Indian
educa onal pla orms.
Examples:

· Resource Configura on for Government Cloud Services:

o Configura on Focus: System Resource Configura on
o Explana on: In Indian government cloud services, AWS instances are configured to allocate
appropriate resources based on the demand for various e-governance applica ons.

· Network Configura on for Telemedicine Pla orms:

o Configura on Focus: Network Configura on

o Explana on: Telemedicine pla orms in India configure network se ngs to ensure secure
and reliable communica on between healthcare providers and pa ents.

· User Management in Financial So ware:

o Configura on Focus: User and Permission Management

o Explana on: Financial so ware in Indian banks configures user accounts and permissions
to control access to sensi ve financial data and transac ons.

· Service Configura on for E-Learning Pla orms:

· Configura on Focus: Service Configura on

70
 Cloud Application Developer

o Explana on: E-learning pla orms in India configure web servers to efficiently handle the
delivery of educa onal content and interac ve features.

· File System Configura on for Healthcare Data Storage:

o Configura on Focus: File System Configura on
o Explana on: Healthcare data storage solu ons in India configure file systems to organize
and secure pa ent health records and medical data.

Configuring opera ng system components is a founda onal step in crea ng a stable and efficient
environment for cloud applica on development in India, catering to diverse industries and use cases.

71
Par cipant Handbook

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is significance of evalua ng programming concepts in the context of cloud compu ng?
2. Name 1 popular cloud compu ng pla orm used for programming in the cloud environment.
3. Why is using appropriate tools crucial for building, debugging, and maintaining programs in the
cloud?
4. How do scrip ng languages contribute to automa on in a cloud environment?
5. Give an example of a coding principle that promotes best prac ces in so ware development.
Fill-in-the-Blanks:

1. Evalua ng programming concepts in cloud compu ng involves understanding how code

interacts with _______.
a. Hardware
b. Virtualized environments
2. _______ is a widely used integrated development environment (IDE) for cloud development.
a. Visual Studio Code
b. Notepad
3. Primary goal of using scrip ng languages in the cloud is to _______ tasks and enhance
automa on.
a. Complicate
b. Automate
4. _______ is a key component of cloud development that helps ensure efficient resource
alloca on.
a. Cost-Benefit Analysis
b. System Resource Configura on
5. Configuring opera ng system components includes adjustments to network se ngs, such as
IP addresses and _______.
a. Load Balancers
b. Rou ng Tables
True/False Ques ons:
1. Evalua ng programming concepts in cloud compu ng mainly focuses on low-level hardware
details.
2. Visual Studio Code is an example of a popular integrated development environment for cloud
development.
3. Scrip ng languages are not suitable for automa on tasks in the cloud environment.
4. Cost-Benefit Analysis is not a considera on in the use of scrip ng languages for cloud
automa on.
5. Configuring opera ng system components includes managing user accounts and permissions.

72
 Cloud Application Developer

Notes

73
Par cipant Handbook

74
3. Application
Requirements

Unit 3.1 - Applica on Requirements Fundamentals

Unit 3.2 - Advanced Applica on Requirements and Cloud

Integra on

SSC/8318
 Cloud Application Developer

Key Learning Outcomes

At the end of this module, you will be able to:

1. Define the func onal and non-func onal requirements of an applica on and how to define the
scope of an applica on.
2. Discuss how to iden fy interfacing systems and sub-systems and the corresponding applica on
boundaries.
3. Discuss best prac ces for documen ng business processes and major func onali es of an
applica on.

4. Explain how to decide on an applica on's intended opera ng environment.

5. Discuss what are visual proper es of an applica on.
6. Describe the term “Service Level Agreement” (SLA) and discuss the mechanisms to improve it.

7. Explain how to capture and represent visual proper es of an applica on.

8. Discuss the concepts of Database Management Systems (DBMS).
9. Describe SQL and NoSQL databases.

10. Explain how to determine the capacity and scalability requirement for any applica on.
11. Discuss the basics of applica on security.
12. Explain the concepts of Iden ty and Access Management (IAM).

13. Outline the importance of various stakeholders in determining the requirements of cloud
applica ons.

14. Create user stories as a reference to understand interac on between an applica on and its users.
15. Demonstrate the integra on of DBMS and various systems deployed on cloud.

16. Demonstrate methods to scale up or scale down any applica on using auto-scaling tools.

17. Demonstrate how to manage access to different systems and sub-systems to ensure security of the
applica on.
18. Demonstrate how to implement approaches and methods to iden fy any maintainability,
portability, and security of an applica on.

19. Demonstrate how to implement cloud features to manage security and regulatory standards.

20. Prepare and update the documents rela ng to applica on features and specifica ons.

75
Par cipant Handbook

UNIT 3.1: Applica on Requirements Fundamentals

Unit Objectives
At the end of this unit, you will be able to:
1. Define the func onal and non-func onal requirements of an applica on and how to define the scope
of an applica on.

2. Discuss how to iden fy interfacing systems and sub-systems and the corresponding applica on
boundaries.

3. Discuss best prac ces for documen ng business processes and major func onali es of an
applica on.
4. Explain how to decide on an applica on's intended opera ng environment.

5. Discuss what are visual proper es of an applica on.

6. Describe the term “Service Level Agreement” (SLA) and discuss the mechanisms to improve it.
7. Explain how to capture and represent visual proper es of an applica on.

8. Discuss the concepts of Database Management Systems (DBMS).

9. Describe SQL and NoSQL databases.

3.1.1 Func onal and Non-Func onal Requirements of an

Applica on
Defining the func onal and non-func onal requirements of an applica on is a crucial step in the so ware
development process.

Func onal requirements outline the specific features and capabili es an applica on must have, while
non-func onal requirements focus on aspects like performance, usability, and security.

Fig. 3.1.1 Func onal and non-func onal requirements

76
 Cloud Application Developer

Addi onally, defining the scope of an applica on involves determining the boundaries and objec ves of
the project.

Steps:

· Func onal Requirements Defini on: Iden fy and document the specific func onali es the
applica on must perform to meet user needs.
o Importance: Forms the basis for development and ensures alignment with user
expecta ons.

o Example: In an Indian e-commerce applica on, func onal requirements may include user
account crea on, product browsing, and online payment features.

· Non-func onal Requirements Defini on: Specify criteria related to performance, reliability,
security, and usability that the applica on must meet.

o Importance: Ensures the applica on's overall quality and user experience.
o Example: Non-func onal requirements for an Indian banking applica on may include a
response me of less than two seconds for transac on processing and adherence to
security standards.

· Scope Defini on: Clearly define the boundaries and objec ves of the applica on, outlining what
is within and outside the project's purview.

o Importance: Prevents scope creep and provides a clear understanding of project goals.

o Example: For an Indian educa on pla orm, the scope may be defined to include course
management but exclude external cer fica on processes.

· Stakeholder Collabora on: Collaborate with stakeholders, including end-users, clients, and
development teams, to gather input on requirements and scope.

o Importance: Ensures that the defined requirements align with the needs and expecta ons
of all stakeholders.

o Example: In an Indian healthcare applica on, collabora on with medical professionals and
pa ents helps define requirements related to data security and user interfaces.

· Documenta on and Valida on: Document the gathered requirements and scope details in a clear
and comprehensive manner. Validate with stakeholders to ensure accuracy.

o Importance: Serves as a reference for development teams and provides a basis for project
valida on.
o Example: Documen ng requirements for an Indian government portal to include ci zen
services and valida on through feedback from government officials and ci zens.
Examples:

· Func onal Requirements in E-Governance Projects:

78
Par cipant Handbook

Example: In Indian e-governance projects, func onal requirements include online form
submission, document verifica on, and status tracking for ci zen services.
· Non-func onal Requirements in Indian Healthcare Apps:

Example: Non-func onal requirements for healthcare apps in India may specify a response me
of less than one second for retrieving pa ent records securely.

· Scope Defini on in Indian Financial So ware:

Example: In Indian financial so ware development, the scope may be defined to include core
banking func onali es and exclude non-banking financial services.
· Stakeholder Collabora on in E-Learning Pla orms:

Example: Collabora on with educators and students in Indian e-learning pla orms helps define
requirements related to course management and user interfaces.
· Documenta on and Valida on in Indian Government Portals:
Example: Documen ng requirements for Indian government portals includes ci zen services like
tax filing, with valida on through user acceptance tes ng and government audits.

By following these steps and considering relevant Indian examples, developers can effec vely define the
func onal and non-func onal requirements of an applica on and establish a clear scope for successful
so ware development.

3.1.2 Iden fy Interfacing Systems & Sub-Systems and

Corresponding Applica on Boundaries
Iden fying interfacing systems and sub-systems, along with defining corresponding applica on
boundaries, is essen al for ensuring seamless integra on and func onality within a so ware project.

79
 Cloud Application Developer

Fig. 3.1.2 Systems & sub-systems and corresponding applica on boundaries

This process involves understanding how different components interact and delinea ng the limits of the
applica on's reach.

Steps:

· System Analysis: Conduct a comprehensive analysis of the so ware ecosystem to iden fy

external systems and sub-systems that the applica on needs to interface with.
o Importance: Ensures a thorough understanding of the applica on's external
dependencies.

80
Par cipant Handbook

o Example: In the development of an Indian logis cs applica on, interfacing systems may
include payment gateways, GPS services, and inventory management systems.

· Define Data Exchange Points: Iden fy specific points where data is exchanged between the
applica on and interfacing systems or sub-systems.
o Importance: Ensures clarity on data flow and helps establish communica on protocols.

o Example: In an Indian e-commerce pla orm, data exchange points may include order
processing with payment gateways and inventory updates with suppliers.

· Establish Communica on Protocols: Define the communica on protocols and data formats for
interfacing with external systems.

o Importance: Ensures compa bility and seamless data exchange between different
components.
o Example: In an Indian healthcare applica on, communica on protocols may be established
for interoperability with external medical record systems.

· iv.pplica on Boundary Defini on: Clearly define the boundaries of the applica on, indica ng
what is internal and what interfaces with external systems.
o Importance: Provides a visual representa on of the applica on's scope and helps manage
dependencies.
o Example: In the development of an Indian educa onal portal, the applica on boundary
may encompass student management and course content delivery, while interfacing with
external cer fica on bodies.

· Consider Security Measures: Evaluate security measures for data exchange points to protect
sensi ve informa on during interac ons with external systems.
o Importance: Mi gates security risks and ensures data confiden ality and integrity.

o Example: In Indian banking so ware, security measures are implemented for interfacing
with external payment gateways to safeguard financial transac ons.

Examples:

· Interfacing Systems in Indian Transporta on Apps:

o Example: Indian ride-sharing apps interface with payment systems, mapping services, and
traffic data for a seamless user experience.

· Data Exchange Points in Indian Agriculture So ware:

o Example: Agriculture so ware in India may have data exchange points with weather
forecas ng services and agricultural supply chain systems.

· Communica on Protocols in Indian Retail Solu ons:

o Example: Retail solu ons in India establish communica on protocols for inventory

81
 Cloud Application Developer

management systems, POS terminals, and online sales pla orms.

· Applica on Boundary in Indian Telecom Pla orms:

o Example: In Indian telecom pla orms, the applica on boundary may include user account
management and billing, interfacing with external telecommunica on networks.

· Security Measures in Indian Healthcare Management Systems:

o Example: Healthcare management systems in India implement security measures when

interfacing with external laboratories for test result retrieval.

Iden fying interfacing systems, defining applica on boundaries, and ensuring secure interac ons are
vital for successful so ware development, and these steps are applicable across various industries,
including the diverse landscape of the Indian technology ecosystem.

3.1.3 Documen ng Business Processes and Major

Func onali es of an Applica on
Effec vely documen ng business processes and major func onali es is crucial for streamlined
applica on development. Adop ng best prac ces ensures clarity and facilitates collabora on among
stakeholders.

Fig. 3.1.3 Process of app development

82
Par cipant Handbook

Steps:

· Stakeholder Collabora on: Engage with stakeholders, like in an Indian banking app, to
understand and document processes such as loan approvals.

· Standardized Formats: Use standardized documenta on formats (UML, flowcharts) for

consistency, as seen in Indian e-commerce pla orms.

· Sequen al Flow: Present processes sequen ally, clarifying step-by-step procedures. Example:
Sequen al documenta on in Indian educa onal portals.

· Decision Points: Document decision points and branching scenarios to capture system logic
complexi es, such as in an Indian healthcare app.

· Data Defini on: Clearly define input and output data to ensure consistency, like defining
customer details for order processing in Indian retail so ware.

Examples:

· Government Portals:
o Example: Collaborate with officials in Indian e-governance portals for ci zen services
documenta on.

· Telecom Solu ons:

o Example: Use standardized scenarios in Indian telecom solu ons for billing processes.

· Transporta on Apps:
o Example: Sequen al documenta on in Indian ride-sharing apps illustrates the user
journey.

· Agriculture So ware:
o Example: Decision points in Indian agriculture so ware depict varied irriga on strategies
based on weather data.

· Healthcare Management Systems:

o Example: Clearly define pa ent informa on in Indian healthcare systems for appointment
scheduling.

By adhering to these concise steps and examples, Indian so ware developers can ensure efficient
documenta on prac ces, promo ng clarity and collabora on throughout the applica on development
lifecycle.

83
 Cloud Application Developer

3.1.4 Applica on's Intended Opera ng Environment

Choosing the right opera ng environment for an applica on is cri cal for performance and user
sa sfac on, requiring alignment with user preferences and technical specifica ons.

Fig. 3.1.4 Cloud compu ng environment

Steps:
· User and Technical Requirements: Understand user preferences and technical requirements to
ensure compa bility.
· Pla orm Diversity and Market Trends: Evaluate pla orm diversity and stay informed about
market trends to make informed decisions.
· Priori ze User Experience: Priori ze seamless user experience by selec ng an intui ve opera ng
environment.
Examples:
· E-Governance Mobile App:
Example: A mobile app for e-governance in India may choose Android for its widespread usage.
· Web-based Educa onal Pla orm:
Example: An Indian educa onal pla orm might priori ze cross-browser compa bility for diverse
user environments.
· Enterprise So ware:
Example: Enterprise so ware in India may priori ze compa bility with widely used Windows
opera ng systems.
· Healthcare App:
Example: A healthcare app in India might choose iOS to align with user preferences for Apple
devices.
· Financial So ware:
Example: Financial so ware in India may opt for mul -pla orm compa bility, catering to both
Windows and macOS users.

84
Par cipant Handbook

3.1.5 Visual Proper es of an Applica on

The visual proper es of an applica on play a crucial role in shaping user experience, encompassing
elements that users see and interact with. Understanding and carefully designing these visual aspects
contribute significantly to the overall appeal and usability of the applica on.

Fig. 3.1.5 Visual applica on anatomy

KeyVisual Proper es

· User Interface (UI) Design: Cra a visually appealing and intui ve UI design that enhances the
overall look and feel of the applica on.

o Importance: Influences user engagement and sa sfac on.

· Color Scheme and Branding: Choose an appropriate color scheme aligned with the brand iden ty,
ensuring consistency across the applica on.
o Importance: Enhances brand recogni on and establishes a cohesive visual iden ty.

· Typography and Font Selec on: Opt for readable and aesthe cally pleasing fonts, considering
font size and style for op mal readability.
o Importance: Impacts the legibility of content and contributes to the overall visual appeal.

· Iconography and Imagery: Use clear and meaningful icons and images that complement the
applica on's purpose and content.

85
 Cloud Application Developer

o mportance: Enhances visual communica on and user understanding.

Examples:

· E-commerce Pla orm UI:

o Example: An Indian e-commerce pla orm may employ a visually intui ve UI design,
incorpora ng vibrant colors and clear typography for an engaging shopping experience.

· Banking App Branding:

o Example: A banking applica on in India might adopt a professional color scheme and
typography to ins ll trust and align with the financial ins tu on's brand.

· Educa onal App Iconography:

o Example: An Indian educa onal app could use educa onal-themed icons and imagery to
visually represent subjects and topics, aiding student comprehension.

· Healthcare App Color Scheme:

o Example: A healthcare applica on in India may u lize a calming color scheme to evoke a
sense of trust and comfort among users.

· Government Portal Typography:

Example: A government portal in India may priori ze clear and accessible typography for
informa on dissemina on, ensuring readability for a diverse audience.

By carefully considering and implemen ng these visual proper es, Indian applica on developers can
create a visually appealing and user-friendly experience that resonates with their target audience.

3.1.6 Service Level Agreement (SLA) Overview

A Service Level Agreement (SLA) is a formal contract outlining agreed-upon service levels between a
provider and a customer, common in industries like IT and telecommunica ons.
Mechanisms to Improve SLA:
· Clear Metrics:
o Descrip on: Clearly define performance metrics and KPIs.
o Importance: Provides clarity and facilitates accurate performance assessment.
· Realis c Targets:
o Descrip on: Set realis c, achievable targets.
o Importance: Prevents over commitment and ensures feasibility.
· Monitoring and Repor ng:

86
Par cipant Handbook

o Descrip on: Implement robust monitoring and repor ng.

o Importance: Enables proac ve issue iden fica on and fosters transparency.
· Review and Revision:
o Descrip on: Periodically review and revise the SLA.
o Importance: Ensures relevance to evolving business needs.
· v.Communica on:
o Descrip on: Foster open communica on and collabora on.
o Importance: Enhances problem-solving efficiency and builds partnership.
· vi.Incen ves and Penal es:
o Descrip on: Introduce incen ves and penal es.
o Importance: Mo vates high-quality service and commitment.
· vii.Escala on Procedures:
o Descrip on: Define structured escala on procedures.
o Importance: Resolves cri cal issues efficiently and minimizes down me.
· viii.Training:
o Descrip on: Invest in staff training and skill development.
o Importance: Enhances service delivery and reduces errors.
· Documenta on and Audits:
o Descrip on: Maintain comprehensive documenta on and conduct compliance audits.
o Importance: Ensures compliance and minimizes misunderstandings.
· Customer Feedback:
o Descrip on: Establish mechanisms for collec ng customer feedback.
o Importance: Enables con nuous improvement based on customer perspec ves.F

Fig. 3.1.6 Service level agreements in cloud compu ng

By incorpora ng these mechanisms, organiza ons can establish and con nuously improve effec ve SLAs,
mee ng business needs and maintaining posi ve customer rela onships.

87
 Cloud Application Developer

3.1.7 Capture and Represent Visual Proper es of Applica on

Capturing and represen ng an applica on's visual proper es is crucial for a user-friendly interface. It
involves defining guidelines, crea ng wireframes, designing mockups, and tes ng for usability.

Fig. 3.1.7 E Commerce Pla orm design

Steps:

· Define Guidelines: Establish design guidelines for consistent visual representa on.

· Create Wireframes: Develop wireframes outlining the applica on's structure.

· Design Mockups: Descrip on: Build detailed design mockups with colors, fonts, and images.

· Interac ve Prototypes: Develop interac ve prototypes for a dynamic representa on.

· Gather Feedback: Collect stakeholder feedback and adjust based on input.

· Usability Tes ng: Conduct usability tes ng to iden fy areas for improvement.

Examples:

· E-commerce Pla orm Design:

Example: Indian e-commerce pla orms priori ze vibrant and user-friendly designs.

· Banking App Visual Iden ty:

Example: Indian banking apps focus on a clean and trustworthy visual iden ty.

88
Par cipant Handbook

· Educa onal App UI:

Example: Educa onal apps in India use engaging interfaces for an enhanced learning experience.

· Healthcare App Design:

Example: Healthcare applica ons in India emphasize calming and informa ve visuals.

· Government Portal UX:

Example: Indian government portals focus on clear and accessible design for diverse users.

Following these concise steps and considering Indian examples ensures an effec ve representa on of an
applica on's visual proper es.

3.1.8 Concepts of Database Management Systems (DBMS)

A Database Management System (DBMS) is a so ware applica on that facilitates the efficient
organiza on, storage, retrieval, and management of data in databases. It provides a structured
framework for interac ng with databases, offering several key concepts:

Fig. 3.1.8 Database system

· Data Model: A DBMS defines a data model that structures how data is organized and stored.
Common models include rela onal, hierarchical, and object-oriented.

89
 Cloud Application Developer

o Importance: Establishes the founda on for data representa on and rela onships.

· Database Schema: The database schema outlines the structure of the database, defining tables,
fields, rela onships, and constraints.
o Importance: Ensures a standardized organiza on of data for consistency and integrity.

· Query Language: DBMS provides a query language (e.g., SQL - Structured Query Language) to
interact with the database, allowing users to retrieve, update, and manipulate data.
o Importance: Enables seamless communica on between users and the database.

· Data Integrity: DBMS enforces data integrity through constraints like primary keys, foreign keys,
and unique constraints, ensuring accuracy and reliability.
o Importance: Prevents inconsistencies and errors within the database.

· Transac on Management: DBMS manages transac ons, ensuring the atomicity, consistency,
isola on, and durability (ACID proper es) of database opera ons.

o Importance: Guarantees the reliability and integrity of data even in the event of failures.

· Concurrency Control: DBMS implements mechanisms for handling concurrent access to the
database by mul ple users or applica ons, preven ng data conflicts.

o Importance: Maintains data consistency in mul -user environments.

· Indexing and Query Op miza on: DBMS uses indexing techniques and query op miza on
strategies to enhance the speed of data retrieval and improve overall system performance.

o Importance: Op mizes data access and retrieval opera ons for efficiency.

· Security and Authoriza on: DBMS provides security features to control access to the database,
including user authen ca on, authoriza on levels, and encryp on.

· Importance: Safeguards sensi ve data and ensures data privacy.

· Backup and Recovery: DBMS supports backup and recovery mechanisms to prevent data loss.
Regular backups and restore op ons are crucial for data con nuity.
o Importance: Mi gates the impact of accidental data loss or system failures.

· Data Dic onary: A data dic onary within DBMS stores metadata about the database, including
informa on about tables, columns, constraints, and rela onships.
o Importance: Facilitates data management and documenta on.

Understanding these fundamental concepts is essen al for effec vely u lizing DBMS in crea ng and
managing robust databases. DBMS plays a central role in organizing and maintaining structured data,
ensuring its availability, integrity, and security.

90
Par cipant Handbook

3.1.9 SQL and NoSQL databases

SQL databases are ver cally scalable, while NoSQL databases are horizontally scalable.

Fig. 3.1.9 Difference between SQL and NoSQL

SQL Databases:

SQL (Structured Query Language) databases are rela onal databases that use a structured and tabular
format to organize and store data. They follow the principles of the rela onal model, emphasizing
predefined schemas and rela onships between tables.

· Data Structure: Data is stored in tables with predefined schemas, and rela onships between
tables are established using keys. Example: MySQL, PostgreSQL, Oracle Database.

· Scalability: Tradi onally, scaling SQL databases ver cally by adding more powerful hardware has
been the common approach. Some modern databases, however, support horizontal scaling.

· Use Cases: SQL databases are suitable for applica ons with complex rela onships between
en es, where data integrity is crucial, such as financial systems, CRM, and e-commerce
pla orms.

· Consistency: SQL databases priori ze ACID proper es (Atomicity, Consistency, Isola on,
Durability), ensuring strong consistency and data integrity.

NoSQL Databases:

NoSQL databases are non-rela onal databases designed to handle unstructured, semi-structured, or
rapidly changing data. They offer flexible schemas and horizontal scalability.

· Data Structure: Descrip on: Data is stored in various formats, including key-value pairs,
documents, wide-column stores, or graphs, allowing for dynamic and schema-less data. Example:
MongoDB, Cassandra, Redis, Couchbase.

· Scalability: NoSQL databases excel at horizontal scaling, distribu ng data across mul ple servers

91
 Cloud Application Developer

or clusters to handle increasing loads efficiently.

· Use Cases: NoSQL databases are suitable for applica ons with large amounts of data and high
transac on rates, such as real- me big data processing, IoT applica ons, and content
management systems.

· Consistency: NoSQL databases priori ze CAP theorem (Consistency, Availability, Par on

tolerance) and may sacrifice strong consistency for improved availability and par on tolerance.

Comparison:

· Flexibility:
o SQL: Rigid schema with predefined tables and rela onships.

o NoSQL: Flexible schema or schema-less, accommoda ng dynamic and evolving data.

· Scalability:

o SQL: Tradi onally scaled ver cally; some support horizontal scaling.

o NoSQL: Well-suited for horizontal scaling, distribu ng data across mul ple nodes.

· Complexity:

o SQL: Well-suited for complex queries and transac ons.

o NoSQL: Op mized for simple queries, scalability, and flexibility.

· Use Cases:

o SQL: Ideal for applica ons with complex rela onships and transac onal requirements.
o NoSQL: Ideal for applica ons with large-scale data, varied data types, and high throughput.

· Consistency:
o SQL: Emphasizes strong consistency (ACID proper es).
o NoSQL: Emphasizes flexibility, sacrificing strong consistency for improved availability and
par on tolerance.

Choosing between SQL and NoSQL databases depends on the specific requirements of the applica on,
including data structure, scalability needs, and desired consistency models.

92
Par cipant Handbook

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/
watch?v=E_v5hhetIrQ
Func onal VS Non- Func onal Requirements

93
 Cloud Application Developer

UNIT 3.2: Advanced Applica on Requirements and Cloud

Integra on

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how to determine the capacity and scalability requirement for any applica on.
2. Discuss the basics of applica on security.
3. Explain the concepts of Iden ty and Access Management (IAM).

4. Outline the importance of various stakeholders in determining the requirements of cloud

applica ons.
5. Create user stories as a reference to understand interac on between an applica on and its users.
6. Demonstrate the integra on of DBMS and various systems deployed on cloud.

7. Demonstrate methods to scale up or scale down any applica on using auto-scaling tools.

8. Demonstrate how to manage access to different systems and sub-systems to ensure security of the
applica on.
9. Demonstrate how to implement approaches and methods to iden fy any maintainability, portability,
and security of an applica on.

10. Demonstrate how to implement cloud features to manage security and regulatory standards.

11. Prepare and update the documents rela ng to applica on features and specifica ons.

3.2.1 Determining Capacity and Scalability for an Applica on

Ensuring an applica on can handle its expected load and scale to meet growing demands is crucial for
performance and user sa sfac on. Determining capacity and scalability involves assessing current needs
and planning for future growth.

Fig. 3.2.1 Scalability for an applica on

94
Par cipant Handbook

Steps:

· Performance Analysis: Evaluate the applica on's current performance under normal and peak
loads.
o Importance: Provides insights into the applica on's current limita ons.

· Define Key Metrics: Iden fy performance metrics like response me and throughput.

o Importance: Establishes measurable criteria for performance evalua on.

· User Load Es ma on: Es mate expected user load based on historical data and growth
projec ons.

o Importance: Helps an cipate poten al increases in demand.

· Scalability Planning: Determine desired scalability, whether ver cal or horizontal.

o Importance: Guides the choice of scalability strategy.

· Performance Tes ng: Conduct tes ng under simulated loads to validate capacity and iden fy
scaling thresholds.
o Importance: Validates assump ons and ensures readiness for expected loads.

· Monitoring and Alerts: Implement monitoring tools and set up alerts to track key metrics.
o Importance: Enables proac ve response to performance issues and scaling needs.

· Load Balancing Strategies: Implement load balancing mechanisms for even distribu on of traffic.
o Importance: Enhances resource u liza on and ensures consistent performance.

Example:

Consider an e-commerce pla orm experiencing increased traffic during holidays. Analysis and tes ng
reveal the need for horizontal scaling. Load balancing is implemented to distribute traffic, ensuring
op mal performance during peak periods. Monitoring and alerts are set up for proac ve issue response.
This approach ensures current needs are met, allowing seamless scalability for future growth.

3.2.2 Basics of Applica on Security

Applica on security is paramount to protect sensi ve data and ensure the integrity of so ware systems.
Understanding the basics helps developers implement robust safeguards against poten al threats.

95
 Cloud Application Developer

Fig. 3.2.2 Applica on security in cloud

Key Concepts:

· Authen ca on and Authoriza on: Implement strong authen ca on mechanisms to verify user
iden es. Authoriza on ensures users access only appropriate resources.

o Importance: Prevents unauthorized access and protects sensi ve informa on.

· Data Encryp on: Encrypt data both in transit and at rest to secure it from unauthorized access or
intercep on.

o Importance: Safeguards sensi ve informa on from poten al breaches.

· Input Valida on: Validate and sani ze user inputs to prevent injec on a acks and ensure data
integrity.
o Importance: Guards against malicious input that could exploit vulnerabili es.

· Session Management: Implement secure session management to protect user sessions from
hijacking or unauthorized access.
o Importance: Ensures the confiden ality of user interac ons.

· Security Patching: Regularly update and patch so ware to address known vulnerabili es and
protect against poten al exploits.
o Importance: Mi gates the risk of exploita on due to outdated so ware.

96
Par cipant Handbook

Example:

Consider a banking applica on that employs mul -factor authen ca on (MFA) for user logins. In addi on
to a password, users are required to verify their iden ty through a second factor, such as a one- me code
sent to their mobile device. This enhances authen ca on security and significantly reduces the risk of
unauthorized access, even if passwords are compromised. The applica on's approach aligns with the
basics of applica on security by implemen ng robust authen ca on measures to protect user accounts
and sensi ve financial data.

3.2.3 Concepts of Iden ty and Access Management (IAM)

Iden ty and Access Management (IAM) is a cri cal component of cybersecurity, focusing on the secure
management of user iden es and their access to various resources within an organiza on's IT
infrastructure.

Key Concepts:

· Iden ty Verifica on: Authen cate and verify the iden ty of users accessing systems, applica ons,
or data.

o Importance: Ensures that users are who they claim to be before gran ng access.

· Access Control: Define and enforce access controls to determine what resources users can access
and what ac ons they can perform.
o Importance: Limits unauthorized access and prevents privilege misuse.

· Single Sign-On (SSO): Enable users to access mul ple systems or applica ons with a single set of
creden als, streamlining authen ca on.
o Importance: Enhances user experience and reduces the risk of password fa gue.

· Role-Based Access Control (RBAC): Assign permissions based on users' roles within an
organiza on. Users inherit access rights associated with their roles.
o Importance: Simplifies access management and aligns with organiza onal hierarchies.

· Mul -Factor Authen ca on (MFA): Require users to provide mul ple forms of verifica on (e.g.,
password and token) for enhanced security.

o Importance: Adds an extra layer of protec on, especially when sensi ve data is involved.

97
 Cloud Application Developer

Fig. 3.2.3 Iden ty and access management in AWS

Example:

Consider a corporate network where employees use IAM to access various resources. Each employee has
a unique digital iden ty ed to their role within the organiza on. Through IAM, the system verifies their
iden ty with a username and password (single factor) and, for addi onal security, may request a
fingerprint scan (mul -factor). Access controls are defined based on their roles, ensuring that employees
can only access the resources relevant to their job func ons. This IAM framework enhances security,
streamlines access management, and ensures that only authorized individuals have appropriate levels of
access within the organiza on.

3.2.4 Importance of Various Stakeholders in Determining

Cloud Applica on Requirements
The collabora on of diverse stakeholders is crucial in shaping the requirements of cloud applica ons.
Involving key par cipants ensures that the applica on aligns with business objec ves, user needs, and
complies with regulatory standards.

Key Importance:

· Business Owners: Business owners define the strategic goals, objec ves, and expected outcomes
from the cloud applica on.
o Importance: Ensures that the applica on supports overarching business objec ves and
provides a tangible return on investment (ROI).

· End Users: End users contribute insights into usability, func onality, and user experience
expecta ons.

98
Par cipant Handbook

o Importance: Enhances user sa sfac on and adop on by tailoring the applica on to meet
user needs and preferences.

· IT Teams and Developers: IT teams and developers understand the technical requirements,
constraints, and integra on points.

o Importance: Facilitates the crea on of a technically sound and interoperable cloud

applica on.

· Security Experts: Security experts assess poten al risks, vulnerabili es, and compliance
requirements.

o Importance: Ensures the implementa on of robust security measures, safeguarding data

and ensuring regulatory compliance.

· Regulatory and Compliance Teams: Regulatory and compliance teams iden fy legal and industry-
specific requirements.
o Importance: Ensures adherence to data protec on laws, industry standards, and other
regulatory obliga ons.

Fig. 3.2.4 Cloud applica on offering process and stakeholders

Example:
Consider a healthcare organiza on migra ng pa ent records to a cloud-based Electronic Health Record
(EHR) system. Business owners emphasize the need for efficient data access and improved pa ent care.
End users, including healthcare providers, highlight the importance of an intui ve interface for quick and
accurate data entry. IT teams and developers focus on scalable infrastructure and seamless integra on
with exis ng systems. Security experts priori ze encryp on and access controls to maintain pa ent
confiden ality. Regulatory teams ensure compliance with healthcare data protec on laws. By involving
these stakeholders, the cloud applica on is designed to meet both business and regulatory requirements
while addressing the prac cal needs of healthcare professionals, ul mately enhancing pa ent care and
data security.

99
 Cloud Application Developer

3.2.5 User Stories for Understanding Interac on Between

an Applica on and Users
User stories provide a narra ve framework to capture the func onality, features, and interac ons that
users expect from an applica on. They are concise descrip ons that help ar culate user needs and guide
the development process.

Example User Stories:

· As a Regular User,
o I want to easily navigate through the applica on's interface
o So that I can quickly access the features I use frequently.

· As an Online Shopper,
o I want to add items to my cart and proceed to checkout with minimal steps
o So that I can complete my purchase efficiently and without frustra on.

· As a Project Manager,
o I want to view and track the progress of tasks assigned to team members

o So that I can manage project melines effec vely.

· As a Social Media User,

o I want to customize privacy se ngs for my posts and profile

o So that I can control who has access to my personal informa on.

· As a News App Subscriber,

o I want to receive personalized news recommenda ons based on my preferences

o So that I can stay informed about topics that interest me.

· As a Travel Enthusiast,

o I want to easily search and filter des na ons based on my budget and preferences
o So that I can plan my trips efficiently and discover new places to explore.

· As a Fitness App User,

o I want to track my daily workouts and set personal fitness goals

o So that I can monitor my progress and stay mo vated to achieve my fitness targets

100
Par cipant Handbook

Fig. 3.2.5 User stories

These user stories represent diverse scenarios and user perspec ves, ranging from seamless naviga on to
specific feature requests. They guide the development team in understanding and priori zing user needs,
ensuring that the applica on aligns with user expecta ons and provides a posi ve user experience.

3.2.6 Integra on of DBMS and Various Systems Deployed

on Cloud
Integra ng a Database Management System (DBMS) with various systems on the cloud is essen al for
seamless data flow and interoperability. This integra on ensures that different components of a cloud-
based ecosystem can effec vely communicate and share informa on.

Example:

Fig. 3.2.6 Cloud Compu ng in E-commerce

101
 Cloud Application Developer

Scenario: E-Commerce Pla orm

Step 1: Cloud Infrastructure Setup

Descrip on: Deploy an e-commerce pla orm on a cloud service provider, such as AWS or Azure.

Importance: Establish a scalable and reliable cloud environment for the e-commerce applica on.

Step 2: Database Deployment

Descrip on: Set up a cloud-based DBMS, like Amazon RDS or Azure SQL Database, to store product
informa on, user data, and transac on records.

Importance: Centralize and manage data in a scalable and secure cloud database.

Step 3: API Integra on

Descrip on: Develop APIs to facilitate communica on between the e-commerce applica on and the
cloud-based DBMS.

Importance: Enables seamless data exchange between the applica on frontend and the backend
database.

Step 4: Order Processing System Integra on

Descrip on: Integrate the order processing system with the DBMS to update inventory levels and track
sales.

Importance: Ensures real- me synchroniza on of inventory data and order informa on.

Step 5: User Authen ca on and Authoriza on

Descrip on: Implement user authen ca on and authoriza on mechanisms, connec ng the user
management system with the DBMS.

Importance: Secures access to sensi ve user data and ensures proper user authoriza on.

Step 6: Analy cs Integra on

Descrip on: Connect analy cs tools to the cloud-based DBMS to generate insights on customer behavior,
popular products, and sales trends.

Importance: Enables data-driven decision-making and enhances the overall business intelligence.

Step 7: Con nuous Monitoring and Op miza on

Descrip on: Implement monitoring tools to track system performance, database queries, and overall
integra on health.

Importance: Allows proac ve iden fica on of issues and op miza on for improved efficiency.

In this example, the integra on of a cloud-based DBMS with an e-commerce pla orm demonstrates the
coordina on of various systems. The cloud infrastructure, database, applica on frontend, order

102
Par cipant Handbook

processing system, user management, and analy cs tools seamlessly work together, ensuring a cohesive
and efficient e-commerce ecosystem. This integra on not only enhances data accessibility but also
supports real- me decision-making and scalability.

3.2.7 Scaling Up or Down an Applica on Using Auto-

Scaling Tools
Auto-scaling tools enable dynamic adjustments to the resources allocated to an applica on based on
demand. Scaling up adds resources during increased load, while scaling down reduces resources during
periods of lower demand. This ensures op mal performance and cost efficiency.

Example:

Scenario: Web Applica on Hos ng

Fig. 3.2.7 Web applica on hos ng

· Step 1: Ini al Resource Configura on

o Descrip on: Host a web applica on on a cloud pla orm and configure ini al resource
alloca on based on average expected demand.
o Importance: Provides a baseline for the auto-scaling tool to understand the applica on's
typical resource usage.

· Step 2: Auto-Scaling Policies

o Descrip on: Define auto-scaling policies specifying condi ons for scaling up (e.g., high CPU
usage) and scaling down (e.g., low traffic).

103
 Cloud Application Developer

o oImportance: Enables the auto-scaling tool to autonomously respond to changes in

demand.

· Step 3: Load Balancer Integra on

o Descrip on: Integrate a load balancer to distribute incoming traffic across mul ple
instances.

o Importance: Ensures effec ve resource u liza on and redundancy, facilita ng seamless

scaling.

· Step 4: Scaling Up (Out)

o Descrip on: When demand increases, the auto-scaling tool adds more instances to handle
the higher load.
o Importance: Maintains performance and responsiveness during periods of high traffic.

· Step 5: Scaling Down (In)

o Descrip on: During low-demand periods, the auto-scaling tool reduces the number of
instances to conserve resources and minimize costs.

o Importance: Op mizes resource alloca on, preven ng unnecessary expenditure during

idle periods.

· Step 6: Con nuous Monitoring and Op miza on

o Descrip on: Implement con nuous monitoring to assess performance and make
adjustments to auto-scaling policies as needed.
o Importance: Ensures the auto-scaling system remains aligned with the applica on's
evolving needs.

· Step 7: Cost Management

o Descrip on: Analyze cost implica ons and adjust auto-scaling parameters to balance
performance and budget constraints.

o Importance: Maximizes cost-efficiency while mee ng applica on performance

requirements.

In this example, a web applica on hos ng scenario demonstrates how auto-scaling tools dynamically
adjust resources based on real- me demand.

As traffic increases, the auto-scaling tool adds instances to handle the load, and during quieter periods, it
scales down to conserve resources and reduce costs. This adap ve approach ensures that the applica on
maintains op mal performance while effec vely managing resource u liza on and expenses.

104
Par cipant Handbook

3.2.8 Managing Access to Ensure Security of the Applica on

Effec vely managing access to various systems and sub-systems is cri cal for maintaining the security of
an applica on. Proper access controls help prevent unauthorized entry, protect sensi ve data, and
ensure compliance with security standards.
Example:
Scenario: Corporate Intranet Portal

Fig. 3.2.8 Corporate intranet portal

· Step 1: User Authen ca on

o Descrip on: Implement robust user authen ca on mechanisms, such as username-
password combina ons or mul -factor authen ca on (MFA).
o Importance: Verifies the iden ty of users before gran ng access to the corporate intranet.
· Step 2: Role-Based Access Control (RBAC)
o Descrip on: Adopt RBAC to assign specific roles and permissions based on job
responsibili es.

105
 Cloud Application Developer

o Importance: Restricts access to sensi ve informa on and func onali es based on users'
roles.
· Step 3: Privilege Escala on Controls
o Descrip on: Implement controls to prevent unauthorized privilege escala on, ensuring
users only have the necessary permissions.
o Importance: Mi gates the risk of unauthorized access to higher-level privileges.
· Step 4: Network Segmenta on
o Descrip on: Segment the network to isolate cri cal systems from non-cri cal ones, limi ng
poten al lateral movement by a ackers.
o Importance: Enhances overall network security and containment in case of a security
breach.
· Step 5: Encryp on of Data in Transit
o Descrip on: Enable encryp on protocols for data transmi ed between systems,
preven ng intercep on and eavesdropping.
o Importance: Safeguards sensi ve informa on during communica on between systems.
· Step 6: Regular Access Reviews
o Descrip on: Conduct regular access reviews to ensure permissions align with users'
current roles and responsibili es.
o Importance: Iden fies and rec fies any discrepancies or unauthorized access promptly.
· Step 7: Logging and Monitoring
o Descrip on: Implement comprehensive logging and monitoring to track user ac vi es and
detect any suspicious behavior.
o Importance: Facilitates proac ve iden fica on of security incidents and supports post-
incident analysis.
· Step 8: Incident Response Plan
o Descrip on: Develop an incident response plan to swi ly address and mi gate security
incidents.
o Importance: Ensures a coordinated and efficient response to poten al security breaches.
In this example, a corporate intranet portal employs mul ple layers of access control measures to
safeguard sensi ve corporate data. User authen ca on, role-based access controls, network
segmenta on, encryp on, regular access reviews, and robust logging collec vely contribute to the
security posture of the applica on. This approach ensures that access is granted only to authorized
personnel based on their roles, and the system is well-prepared to respond to any security incidents.

106
Par cipant Handbook

3.2.9 Implemen ng Approaches for Applica on

Maintainability, Portability, and Security
Ensuring the maintainability, portability, and security of an applica on is integral to its long-term success.
Implemen ng effec ve approaches and methods addresses these key aspects, facilita ng ongoing
development, adaptability, and protec on against poten al threats.

Example:

Scenario: Financial Management So ware

· Step 1: Code Documenta on Standards

o Descrip on: Enforce coding documenta on standards to provide clear and comprehensive
documenta on for developers.
o Importance: Simplifies maintenance by offering insights into code logic, making it easier for
new developers to understand and contribute.

· Step 2: Version Control System

o Descrip on: U lize a version control system (e.g., Git) to track changes, manage code
versions, and facilitate collabora on.
o Importance: Enhances maintainability by enabling developers to roll back to previous
versions, track changes, and collaborate efficiently.

· Step 3: Modulariza on and Code Structure

o Descrip on: Implement a modular code structure to break down the applica on into
manageable and reusable components.

o Importance: Enhances maintainability by isola ng changes to specific modules, making

updates and troubleshoo ng more efficient.

Fig. 3.2.9 Leading protec on for cloud-based applica ons

107
 Cloud Application Developer

· Step 4: Containeriza on (Portability)

o Descrip on: Adopt containeriza on technologies like Docker to encapsulate the
applica on and its dependencies.

o Importance: Improves portability by enabling consistent deployment across various

environments, reducing compa bility issues.

· Step 5: Regular Security Audits

o Descrip on: Conduct regular security audits and assessments to iden fy and address
poten al vulnerabili es.
o Importance: Ensures the proac ve iden fica on and mi ga on of security risks,
safeguarding against poten al threats.

· Step 6: Encryp on Prac ces

o Descrip on: Implement strong encryp on prac ces for data at rest and in transit.

o Importance: Enhances security by protec ng sensi ve data from unauthorized access,

ensuring confiden ality.

· Step 7: Regular So ware Updates and Patch Management

o Descrip on: Establish a robust process for applying so ware updates and patches
promptly.

o Importance: Ensures that the applica on is for fied against known vulnerabili es,
maintaining a secure opera onal environment.

· Step 8: Secure Configura on Management

o Descrip on: Implement secure configura on management prac ces for servers,
databases, and other components.
o Importance: Reduces the a ack surface and enhances security by elimina ng unnecessary
and poten ally risky configura ons.

In this example, a financial management so ware applica on incorporates prac ces to ensure
maintainability, portability, and security. Code documenta on, version control, modulariza on,
containeriza on for portability, regular security audits, encryp on, so ware updates, and secure
configura on management collec vely contribute to the overall robustness of the applica on. These
measures not only enhance the maintainability and portability of the so ware but also for fy its security
against poten al threats and vulnerabili es.

108
Par cipant Handbook

3.2.10 Implemen ng Cloud Features for Security and

Regulatory Standards
Leveraging cloud features is crucial for managing security and adhering to regulatory standards in cloud-
based applica ons. Implemen ng these features ensures that the applica on complies with industry
regula ons and maintains a high level of security.

Fig. 3.2.10 Cloud compu ng in healthcare

Example:

Scenario: Healthcare Data Management Applica on

· Step 1: Data Encryp on at Rest and in Transit

o Descrip on: Enable encryp on mechanisms to protect sensi ve healthcare data both
when stored (at rest) and during transmission (in transit).

o Importance: Safeguards pa ent informa on, ensuring confiden ality and compliance with
healthcare data protec on regula ons.

· Step 2: Role-Based Access Control (RBAC)

o Descrip on: Implement RBAC to control access to healthcare data based on user roles,
ensuring that only authorized personnel can access specific informa on.
o Importance: Aligns with healthcare privacy regula ons, limi ng access to sensi ve pa ent
data to authorized healthcare professionals.

109
 Cloud Application Developer

· Step 3: Audit Logging and Monitoring

o Descrip on: Set up comprehensive audit logging and monitoring to track user ac vi es
and system events.
o Importance: Supports regulatory compliance by providing an audit trail for access and
changes to healthcare data.

· Step 4: Compliance Dashboard

o Descrip on: Implement a compliance dashboard to provide real- me insights into the
applica on's adherence to regulatory standards.

o Importance: Facilitates proac ve monitoring and management of compliance status,

reducing the risk of non-compliance.

· Step 5: Regular Security Assessments

o Descrip on: Conduct regular security assessments and vulnerability scans to iden fy and
remediate poten al security risks.

o Importance: Ensures ongoing compliance with healthcare data security regula ons and
proac vely addresses vulnerabili es.

· Step 6: Geographical Data Storage Compliance

o Descrip on: Select cloud regions and data centers that comply with the geographical data
storage requirements of healthcare regula ons.
o Importance: Addresses data sovereignty and residency requirements, ensuring
compliance with regional data protec on laws.

· Step 7: Secure Collabora on Tools

o Descrip on: Implement secure collabora on tools with encryp on features for healthcare
professionals to communicate and share pa ent informa on securely.

o Importance: Enables secure communica on while adhering to healthcare regula ons on

pa ent confiden ality.

· Step 8: Automated Compliance Repor ng

o Descrip on: Implement automated tools to generate compliance reports and

documenta on for regulatory audits.

o Importance: Streamlines the audit process, providing evidence of adherence to security

and regulatory standards.

In this example, a healthcare data management applica on leverages various cloud features to ensure
security and regulatory compliance. Encryp on, RBAC, audit logging, compliance dashboard, security
assessments, geographical data storage compliance, secure collabora on tools, and automated
compliance repor ng collec vely contribute to crea ng a secure and compliant environment for
managing sensi ve healthcare data in the cloud.
These measures not only enhance security but also streamline regulatory compliance processes in the

110
Par cipant Handbook

3.2.11 Documen ng Applica on Features and Specifica ons:

Leveraging cloud features is crucial for managing security and adhering to regulatory standards in cloud-
based applica ons. Implemen ng these features ensures that the applica on complies with industry
regula ons and maintains a high level of security.

Maintaining comprehensive documenta on for applica on features and specifica ons is essen al for
effec ve communica on, collabora on among development teams, and future reference. This
documenta on serves as a reference point for developers, stakeholders, and anyone involved in the
applica on's lifecycle.

Fig. 3.2.11 Applica on features and specifica ons

Example:

Scenario: Project Management So ware

· Step 1: Ini al Documenta on

o Descrip on: Begin by documen ng the ini al project requirements, outlining the overall
goals, func onali es, and user expecta ons.

o Importance: Lays the founda on for subsequent documenta on and provides a clear
understanding of the project's scope.

· Step 2: User Stories and Use Cases

o Descrip on: Create user stories and use cases that detail how end-users will interact with

111
 Cloud Application Developer

the so ware and the expected outcomes.

o Importance: Helps in visualizing the user experience and guides development efforts based
on user-centric scenarios.

· Step 3: Technical Specifica ons

o Descrip on: Provide detailed technical specifica ons, including architecture, database
schema, API endpoints, and integra on points.

o Importance: Assists developers in understanding the technical intricacies of the applica on

and ensures consistency in implementa on.

· Step 4: Feature Descrip ons

o Descrip on: Document individual features, specifying their purpose, func onality, and any
dependencies on other features.
o Importance: Helps in tracking and priori zing feature development, fostering a structured
approach to implementa on.

· Step 5: Interface Design and Wireframes

o Descrip on: Include interface design documents and wireframes to illustrate the visual
representa on of the applica on.

o Importance: Guides UI/UX designers and developers in crea ng a consistent and visually
appealing user interface.

· Step 6: Test Cases and Scenarios

o Descrip on: Develop comprehensive test cases and scenarios to validate each feature's
func onality and performance.

o Importance: Ensures thorough tes ng and quality assurance, contribu ng to a robust and
error-free applica on.

· Step 7: Change Logs and Version History

o Descrip on: Maintain change logs and version history to track modifica ons, updates, and
enhancements made to the applica on.
o Importance: Facilitates transparency, accountability, and efficient collabora on among
development teams.

· Step 8: End-User Documenta on

o Descrip on: Create documenta on for end-users, providing instruc ons, guides, and FAQs
for using the applica on.

o Importance: Enhances user adop on and sa sfac on by offering clear guidance on using
the features and func onali es.

In this example, a project management so ware applica on systema cally documents its features and

112
Par cipant Handbook

specifica ons. From ini al project requirements to user stories, technical specifica ons, feature
descrip ons, interface design, test cases, change logs, version history, and end-user documenta on, each
document plays a crucial role in ensuring a well-documented and well-understood applica on
development process. This approach not only aids in development but also serves as a valuable resource
for future updates, maintenance, and collabora on among team members

113
 Cloud Application Developer

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is the purpose of documen ng user stories and use cases in applica on development?
2. How does RBAC contribute to enhancing the security of an applica on?
3. Why is it essen al to maintain change logs and version history in the so ware development
process?
4. What is the significance of conduc ng regular security assessments for cloud-based
applica ons?
5. Why do cloud applica ons benefit from automated compliance repor ng tools?

Fill-in-the-Blanks:

1. SLA stands for Service Level _______.

A) Assurance
B) Agreement
2. Visual proper es of an applica on include its _______ and _______.
A) Color, Speed
B) Layout, Performance
3. SQL is a language used for managing _______ databases.
A) Rela onal
B) NoSQL
4. In auto-scaling, applica ons can dynamically _______ or _______ resources based on
demand.
A) Expand, Contract
B) Shrink, Expand
5. Iden ty and Access Management (IAM) is concerned with controlling _______ to different
resources.
A) Access
B) Visibility

True/False Ques ons:

1. End-user documenta on is primarily created for developers to understand applica on
features.
2. Geographical data storage compliance ensures adherence to regional data protec on laws.
3. A change log helps track modifica ons, updates, and enhancements made to an applica on.
4. Auto-scaling tools are only beneficial for applica ons with constant and predictable traffic.
5. RBAC allows all users to have equal access to sensi ve data in an applica on.

114
Par cipant Handbook

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/
watch?v=o-CJ8ozJ3Jk
Iden ty and Access Management

115
 Cloud Application Developer

116
4. Application
Architecture

Unit 4.1 - Impact Analysis and Applica on Basics

Unit 4.2 - Cloud Applica on Infrastructure and Security
Unit 4.3 - Disaster Recovery and Best Prac ces

SSC/N8319
 Cloud Application Developer

Key Learning Outcomes

At the end of this module, you will be able to:

1. Explain what impact analysis is and why is it required.

2. Explain what an impact analysis document is and how to create one.
3. Explain the concepts of cloud-na ve and cloud-first applica on and their advantages.

4. Describe micro-services in the context of applica on development.

5. Describe the following terms: Service-Oriented Architecture (SOA); Serverless development; and
Infrastructure requirements of an applica on.
6. Explain how to decide on any applica on's intended opera ng environment.

7. Explain the term “containers” and describe their uses in cloud compu ng.
8. Outline popular load balancing and auto-scaling tools available to fulfil the scalability requirements
of an applica on.
9. Explain how to iden fy poten al security risks to applica ons deployed on cloud.

10. List the types of security tests that can be undertaken to iden fy security threats.
11. Outline popular security tools available to assess the security of any applica on.
12. Explain how to create a disaster recovery plan for IT systems, applica ons, and data.

13. Discuss the best prac ces related to cloud applica on architecture, and system backup and
recovery.

14. Outline the importance of various stakeholders in designing and securing cloud applica on
architecture.
15. Create cloud-na ve and cloud-first applica on architectures.

16. Demonstrate how to configure the opera ng environment for hos ng cloud-na ve applica ons.

17. Demonstrate how to implement applica on infrastructure configura ons required for hos ng
applica ons on cloud.
18. Demonstrate how to implement security controls and sanity checks in cloud systems to detect
threats and security breach.

19. Create a disaster recovery environment and perform sample backup of systems deployed on cloud
using appropriate tools.

118
Par cipant Handbook

UNIT 4.1: Impact Analysis and Applica on Basics

Unit Objectives
At the end of this unit, you will be able to:
1. Explain what impact analysis is and why it is required.

2. Explain what an impact analysis document is and how to create one.

3. Explain the concepts of cloud-na ve and cloud-first applica ons and their advantages.

4. Describe micro-services in the context of applica on development.

5. Describe the terms Service-Oriented Architecture (SOA), Serverless development, and Infrastructure
requirements of an applica on.

4.1.1 Impact Analysis

Impact analysis is a systema c process used to assess the poten al consequences and implica ons of a
proposed change within an organiza on's systems, processes, or applica ons. It is a crucial step in change
management to understand how altera ons may affect different elements of a system and its
surrounding environment.

Fig. 4.1.1 Leveraging the poten al of cloud compu ng

119
 Cloud Application Developer

Steps:
· Iden fying Changes: Begin by iden fying the proposed changes, whether they involve so ware
updates, system configura ons, or process modifica ons.
· Understanding Dependencies: Analyze the dependencies and rela onships between the
components affected by the change. This involves recognizing connec ons, interfaces, and
interac ons.
· Assessing Risks and Benefits: Evaluate the poten al risks associated with the proposed changes,
including disrup ons, errors, or unintended consequences. Simultaneously, iden fy poten al
benefits.
· Analyzing Workflows: Examine how the proposed changes may impact exis ng workflows,
ensuring that essen al processes remain intact and efficient.
· Evalua ng Resources: Assess the resource requirements for implemen ng the changes, including
me, personnel, and technology.

Example:

Consider an organiza on planning to upgrade its Customer Rela onship Management (CRM) so ware.
Impact analysis involves assessing how this change might affect customer data integrity, user interfaces,
integra on with other systems, and the overall efficiency of the sales and support teams. It helps in
iden fying poten al challenges, ensuring a smooth transi on, and minimizing disrup ons in customer
service and business opera ons.

4.1.2 Impact Analysis Document

An impact analysis document is a comprehensive report that systema cally outlines the poten al
consequences and effects of a proposed change within an organiza on. This document serves as a
roadmap for decision-makers, allowing them to understand the implica ons of the change on various
aspects of the business, such as processes, systems, and stakeholders.

Fig. 4.1.2 Impact analysis document

120
Par cipant Handbook

Steps:

· Define the Change: Clearly ar culate the proposed change, whether it involves so ware updates,
system configura ons, or process modifica ons.

· Iden fy Stakeholders: List and iden fy the stakeholders who will be impacted by the change. This
includes both internal and external par es.

· Document Dependencies: Outline the dependencies and rela onships between the components
affected by the change. This involves recognizing connec ons, interfaces, and interac ons.

· Assess Risks and Benefits: Evaluate poten al risks associated with the change, such as
disrup ons, errors, or unintended consequences. Simultaneously, highlight any an cipated
benefits.

· Describe Workflow Changes: Provide a detailed descrip on of how the proposed changes may
impact exis ng workflows. Ensure that essen al processes remain intact and efficient.

Example:

Suppose an organiza on is considering migra ng its customer database to a cloud-based pla orm. An
impact analysis document for this change would detail how the migra on could affect customer data
accessibility, system performance, integra on with other applica ons, and poten al cost implica ons.
This document assists decision-makers in making informed choices by presen ng a holis c view of the
an cipated effects and necessary prepara ons for the migra on.

4.1.3 Cloud-Na ve and Cloud-First Applica ons

Cloud-na ve and cloud-first applica ons represent modern paradigms in so ware development that
leverage cloud compu ng infrastructure. These concepts emphasize building and op mizing applica ons
specifically for cloud environments, fostering scalability, resilience, and efficiency.

Cloud-Na ve Applica ons:

Cloud-na ve applica ons are designed and developed with the cloud in mind from the outset. They
leverage cloud services, microservices architecture, and containeriza on to enhance flexibility,
scalability, and responsiveness. Cloud-na ve development prac ces priori ze con nuous integra on and
con nuous delivery (CI/CD) pipelines, enabling rapid deployment and updates.

Cloud-First Applica ons:

Cloud-first applica ons are designed to priori ze cloud deployment whenever feasible. While not
exclusively built for the cloud, these applica ons are architected with cloud principles in mind, allowing
them to seamlessly transi on and take full advantage of cloud capabili es.

121
 Cloud Application Developer

Advantages:

· Scalability:
o Cloud-Na ve: Scales effortlessly with dynamic workloads.
o Cloud-First: Adapts to increased demand by u lizing cloud resources.

· Resilience:
o Cloud-Na ve: Embraces microservices for fault isola on and improved fault tolerance.

o Cloud-First: Leverages cloud redundancy and failover mechanisms for enhanced resilience.

· Efficiency:
o Cloud-Na ve: Op mizes resource u liza on through containeriza on.

o Cloud-First: U lizes cloud resources efficiently for cost-effec ve opera ons.

Fig. 4.1.3 Key benefits of cloud-na ve applica ons

Example:

Consider a cloud-na ve e-commerce applica on that u lizes microservices architecture and

containeriza on for individual func ons like inventory management, payment processing, and user
authen ca on. On the other hand, a cloud-first applica on, while originally designed for on-premises
deployment, is adapted to leverage cloud resources for storage, enabling seamless scalability and
improved data accessibility.

4.1.4 Micro-services in Applica on Development

Microservices architecture is an approach to so ware development where a complex applica on is
broken down into small, independent, and modular services. Each microservice operates as a self-
contained unit, communica ng with others through well-defined APIs. This architectural style promotes
agility, scalability, and ease of maintenance.

122
Par cipant Handbook

Key Characteris cs:

· Decomposi on: Divide and Conquer: Applica ons are decomposed into smaller, manageable
services based on specific business func onali es.

· Independence: Isola on: Microservices operate independently, allowing developers to work on

individual services without affec ng the en re applica on.

· Autonomy: Self-Containment: Each microservice has its own database and business logic,
ensuring autonomy and minimizing dependencies.

· APIs for Communica on: Inter-Service Communica on: Microservices communicate through
well-defined APIs, enabling seamless collabora on.

· Scalability: Individual Scaling: Services can be scaled independently based on demand, improving
overall system scalability.

Example:

Consider an e-commerce pla orm adop ng microservices. Instead of a monolithic applica on handling
all func onali es (e.g., product catalogue, payment processing, user authen ca on), each of these
features becomes a microservice. The product catalogue service manages product informa on, the
payment service handles transac ons, and the user authen ca on service takes care of user iden ty. If
the payment service needs updates, developers can work on it without affec ng the en re system,
promo ng flexibility and faster development cycles.

Fig. 4.1.4 Characteris cs of micro-services architecture

123
 Cloud Application Developer

4.1.5 Service-Oriented Architecture (SOA)

Service-Oriented Architecture (SOA):

Service-Oriented Architecture (SOA) is an architectural style that structures an applica on as a collec on

of loosely coupled services. These services communicate with each other through standardized
protocols, facilita ng seamless integra on and interoperability.

Key Characteris cs:

· Modularity: Service Modularity: The applica on is decomposed into independent services, each
represen ng a specific business func on.

· Interoperability: Standardized Communica on: Services communicate using well-defined

protocols, ensuring compa bility across diverse systems.

· Reusability: Service Reusability: Individual services can be reused in mul ple applica ons,
promo ng efficiency and reducing redundancy.

Serverless Development:

Serverless development is a cloud compu ng paradigm where developers focus on wri ng code without
managing the underlying infrastructure. In a serverless model, cloud providers automa cally handle
scaling, maintenance, and resource alloca on.

Key Characteris cs:

· Event-Driven Architecture: Event Triggers: Func ons are executed in response to specific events
or requests, elimina ng the need for con nuous server provisioning.

· Cost Efficiency: Pay-as-You-Go Model: Costs are incurred only when func ons are executed,
making serverless development cost-effec ve.

Fig. 4.1.5 Service oriented architecture

124
Par cipant Handbook

Infrastructure Requirements of an Applica on:

Infrastructure requirements refer to the necessary hardware, so ware, and network components
needed to support the opera on of an applica on.

Key Considera ons:

· Scalability: Dynamic Scaling: The infrastructure should support the applica on's scalability needs,
allowing it to handle varying workloads.

· Security: Secure Architecture: Implementa on of security measures to protect against

unauthorized access and data breaches.

Example:

Consider a banking applica on using SOA, where services include customer account management,
transac on processing, and authen ca on. Serverless development might involve deploying func ons
triggered by events, such as processing a new transac on. Infrastructure requirements ensure the
applica on scales seamlessly based on user demand while maintaining robust security measures.

125
 Cloud Application Developer

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/watch
?v=NoFu_rpM7EQ
What is Cloud Na ve?

126
Par cipant Handbook

UNIT 4.2: Cloud Applica on Infrastructure and Security

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how to decide on any applica on's intended opera ng environment.

2. Explain the term “containers” and describe their uses in cloud compu ng.

3. Outline popular load balancing and auto-scaling tools available to fulfill the scalability requirements
of an applica on.

4. Explain how to iden fy poten al security risks to applica ons deployed on the cloud.

5. List the types of security tests that can be undertaken to iden fy security threats.

6. Outline popular security tools available to assess the security of any applica on.

4.2.1 Deciding on an Applica on's Intended Opera ng

Environment
Selec ng the right opera ng environment for an applica on is a crucial decision that impacts its
performance, scalability, and overall func onality. The chosen environment should align with the
applica on's requirements, considering factors like user experience, resource u liza on, and scalability.

Fig. 4.2.1 Cloud applica on development

Key Steps:

· Define Requirements: Clearly outline the applica on's func onal and non-func onal
requirements, considering aspects such as performance, security, and scalability.

127
 Cloud Application Developer

· Understand User Base: Iden fy the target audience and their preferences. Consider factors like
geographic loca on, device types, and connec vity.

· Assess Technical Compa bility: Evaluate the technical compa bility of the applica on with
different opera ng systems, databases, and middleware. Ensure seamless integra on with
exis ng infrastructure.

· Consider Deployment Model: Decide on the deployment model – whether on-premises, cloud-
based, or hybrid. Assess the advantages and challenges associated with each op on.

· Evaluate Resource U liza on: Analyze the resource u liza on pa erns of the applica on.
Consider factors such as CPU, memory, and storage requirements to determine the op mal
opera ng environment.

· Scalability Requirements: An cipate the scalability needs of the applica on. Choose an opera ng
environment that can easily scale based on user demand without compromising performance.

Example:

For a web-based e-commerce applica on, the intended opera ng environment may involve a cloud-
based infrastructure. This choice allows the applica on to leverage the scalability, flexibility, and cost-
effec veness of cloud services. Addi onally, considering the global user base, the cloud provides
distributed data centers for improved latency and responsiveness across different regions. The decision
aligns with the applica on's requirements for scalability, global accessibility, and efficient resource
u liza on.

4.2.2 Containers in Cloud Compu ng

Containers are lightweight, portable, and self-sufficient units that encapsulate an applica on along with
its dependencies, libraries, and run me. They provide consistency across various environments, making it
easier to deploy, scale, and manage applica ons in cloud compu ng.

Fig. 4.2.2 Containeriza on of cloud compu ng

128
Par cipant Handbook

Key Aspects:

· Isola on: Containers encapsulate applica ons and their dependencies, ensuring isola on from
the underlying infrastructure. Each container operates independently.

· Portability: Containers are portable across different environments, facilita ng seamless

deployment and execu on on any system that supports containeriza on.

· Resource Efficiency: Containers share the host opera ng system's kernel, op mizing resource
u liza on. They consume fewer resources compared to tradi onal virtual machines.
Uses in Cloud Compu ng:

· Deployment Consistency: Containers ensure consistent deployment across development,

tes ng, and produc on environments. The same containerized applica on can run uniformly
across diverse cloud pla orms.

· Microservices Architecture: Containers align with microservices architecture, allowing

developers to build, deploy, and scale individual services independently. Each microservice can be
containerized, promo ng modularity and agility.

· Scalability: Containers enable easy scaling by replica ng instances of the same containerized
applica on. Cloud pla orms can efficiently handle the orchestra on of containerized services to
meet varying workloads.

Example:

Consider a cloud-based e-commerce pla orm using containers to deploy its microservices. Each
microservice, such as user authen ca on, inventory management, and payment processing, is
encapsulated in a container. These containers can be deployed, scaled, and managed independently,
providing flexibility and ensuring consistent performance across different cloud providers or on-premises
environments. The containeriza on approach simplifies the deployment process and enhances the
pla orm's agility and scalability in response to changing user demands.

4.2.3 Load Balancing and Auto-Scaling Tools for Scalability

Load balancing and auto-scaling are cri cal components in achieving op mal performance and scalability
for applica ons. Load balancing ensures even distribu on of traffic among mul ple servers, while auto-
scaling dynamically adjusts resources based on demand.

Popular Load Balancing Tools:

· NGINX: NGINX is a high-performance web server and reverse proxy server that also func ons as a
load balancer. It efficiently distributes incoming traffic across mul ple servers to enhance
applica on availability and responsiveness.

129
 Cloud Application Developer

· Amazon Elas c Load Balancer (ELB): Amazon ELB is a fully managed load balancing service
provided by AWS. It automa cally scales to meet varying workloads, distribu ng traffic across
mul ple Amazon EC2 instances or containers within an applica on.

Popular Auto-Scaling Tools:

· AWS Auto Scaling: AWS Auto Scaling, part of the Amazon EC2 Auto Scaling service, automa cally
adjusts the number of instances in an Auto Scaling group based on defined policies. It ensures
op mal performance and cost-efficiency by adjus ng capacity in response to changing demand.

· Kubernetes Horizontal Pod Autoscaler (HPA): Kubernetes HPA automa cally adjusts the number
of pods (containers) in a deployment based on observed CPU u liza on or other custom metrics.
It ensures efficient resource u liza on and applica on responsiveness in a containerized
environment.

Fig. 4.2.3 Auto-scaling tools

Example:

Consider an e-commerce applica on hosted on AWS. Amazon ELB efficiently distributes incoming user
requests across mul ple EC2 instances, ensuring uniform load distribu on. Simultaneously, AWS Auto
Scaling dynamically adjusts the number of EC2 instances based on predefined policies, allowing the
applica on to seamlessly handle varying levels of traffic and maintain op mal performance. The
combina on of these tools enhances the applica on's scalability, reliability, and responsiveness.

4.2.4 Iden fying Security Risks to Cloud-Deployed Applica ons

Ensuring the security of applica ons deployed on the cloud is paramount to protect sensi ve data and
maintain the integrity of services. Iden fying poten al security risks is a proac ve approach to
implemen ng robust security measures.

130
Par cipant Handbook

Key Steps:

· Risk Assessment: Conduct a comprehensive risk assessment to iden fy poten al threats and
vulnerabili es specific to the cloud environment. Consider factors such as data breaches,
unauthorized access, and insecure configura ons.

· Data Encryp on Analysis: Evaluate the encryp on mechanisms in place for data at rest, in transit,
and during processing. Iden fy any weaknesses in encryp on protocols that could expose
sensi ve informa on.

· Access Controls Review: Review access controls and permissions to ensure that only authorized
personnel have appropriate access to resources. Iden fy any misconfigura ons or gaps in access
management that could lead to unauthorized access.

· Network Security Inspec on: Analyze the network architecture to iden fy vulnerabili es such as
open ports, weak firewall rules, and inadequate network segmenta on. Address any weaknesses
that could compromise the overall network security.

· Third-Party Integra on Assessment: Evaluate the security prac ces of third-party services and
APIs integrated into the applica on. Iden fy poten al risks associated with data exchanges and
communica on with external systems.

Fig. 4.2.4 Cloud compu ng security

Example:

Consider a cloud-based customer rela onship management (CRM) applica on. During a security
assessment, it is discovered that the applica on's data transfer between the client and server lacks proper
encryp on, making it suscep ble to eavesdropping. By iden fying this security risk, the development
team can implement secure communica on protocols (such as HTTPS) to encrypt data in transit,
enhancing the overall security posture of the CRM applica on.

131
 Cloud Application Developer

4.2.5 Types of Security Tests for Iden fying Threats

Security tes ng is crucial to iden fy vulnerabili es and poten al threats in applica ons deployed on the
cloud. Various tes ng techniques help assess the robustness of security measures and ensure the
protec on of sensi ve data.

Key Security Tests:

· Penetra on Tes ng: Penetra on tes ng, or ethical hacking, involves simula ng real-world cyber-
a acks to iden fy vulnerabili es. It assesses the effec veness of security controls and helps
uncover poten al weaknesses in the applica on's defenses.

· Vulnerability Scanning: Automated vulnerability scanning tools scan the applica on and its
infrastructure to iden fy known vulnerabili es. This test provides a systema c approach to
discovering weaknesses that malicious actors could exploit.

· Security Audi ng: Security audi ng involves a comprehensive review of the applica on's security
policies, configura ons, and access controls. It helps ensure compliance with security standards
and iden fies areas for improvement.

· Code Review: Manual or automated code reviews assess the applica on's source code for
security flaws. This includes iden fying common coding errors, insecure prac ces, and poten al
entry points for a ackers.

· Security Architecture Review: Evalua ng the overall security architecture of the applica on and
its infrastructure helps iden fy design flaws and weaknesses. This includes reviewing network
configura ons, data encryp on methods, and access controls.

Example:

In a penetra on test for a cloud-based e-commerce pla orm, ethical hackers simulate a DDoS
(Distributed Denial of Service) a ack to assess the pla orm's resilience against such threats. By
deliberately overwhelming the applica on with traffic, the test helps iden fy vulnerabili es in the
system's ability to handle unexpected spikes in traffic and ensures measures are in place to mi gate the
impact of a DDoS a ack.

4.2.6 Popular Security Tools for Applica on Assessment

Ensuring the security of applica ons deployed on the cloud requires the use of robust security tools.
These tools assist in iden fying vulnerabili es, assessing risks, and implemen ng effec ve security
measures.

132
Par cipant Handbook

Fig. 4.2.5 Security tools for applica on development

Key Security Tools:

· OWASP ZAP (Zed A ack Proxy): OWASP ZAP is an open-source security tes ng tool used for
finding vulnerabili es in web applica ons. It provides automated scanners and various tools for
both manual and automated tes ng to iden fy common security issues.

· Burp Suite: Burp Suite is a web applica on security tes ng tool designed for scanning, crawling,
and analyzing web applica ons. It helps iden fy vulnerabili es such as SQL injec on, cross-site
scrip ng (XSS), and security misconfigura ons.

· Nessus: Nessus is a widely used vulnerability scanning tool that helps iden fy security issues in
networks, applica ons, and systems. It provides comprehensive vulnerability assessments and
compliance checks.

· Wireshark: Wireshark is a network protocol analyzer that captures and inspects data on a
network. It helps security professionals analyze network traffic to detect security threats,
unauthorized access, and suspicious ac vi es.

· Nmap (Network Mapper): Nmap is a powerful open-source tool for network discovery and
security audi ng. It allows users to discover devices on a network, find open ports, and assess the
security posture of a system.

Example:

Using OWASP ZAP, a security professional can perform a thorough assessment of a cloud-based e-
commerce applica on. The tool can iden fy vulnerabili es such as injec on a acks, insecure direct
object references (IDOR), and cross-site request forgery (CSRF). By u lizing OWASP ZAP's features, the
applica on's security weaknesses are exposed, enabling the development team to address and mi gate
poten al risks.

133
 Cloud Application Developer

Notes

134
Par cipant Handbook

UNIT 4.3: Disaster Recovery and Best Prac ces

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how to create a disaster recovery plan for IT systems, applica ons, and data.

2. Discuss the best prac ces related to cloud applica on architecture and system backup and recovery.

3. Outline the importance of various stakeholders in designing and securing cloud applica on
architecture.

4. Create cloud-na ve and cloud-first applica on architectures.

5. Demonstrate how to configure the opera ng environment for hos ng cloud-na ve applica ons.

6. Demonstrate how to implement applica on infrastructure configura ons required for hos ng
applica ons on the cloud.

7. Demonstrate how to implement security controls and sanity checks in cloud systems to detect threats
and security breaches.

8. Create a disaster recovery environment and perform a sample backup of systems deployed on the
cloud using appropriate tools.

4.3.1 Crea ng a Disaster Recovery Plan for IT Systems,

Applica ons, and Data
A disaster recovery plan is crucial for mi ga ng the impact of unforeseen events on IT systems,
applica ons, and data. It involves pre-emp ve measures to ensure business con nuity and minimize
down me in the face of disasters.

Key Steps:

· Risk Assessment: Iden fy poten al risks and threats that could impact IT systems. Evaluate the
likelihood and poten al impact of each scenario, considering natural disasters, cyber-a acks, and
other poten al disrup ons.

· Define Recovery Objec ves: Clearly define recovery me objec ves (RTO) and recovery point
objec ves (RPO) for IT systems. These metrics determine the acceptable down me and data loss
in the event of a disaster.

· Data Backup and Storage: Implement regular data backups and store them securely offsite. U lize
cloud-based backup solu ons for redundancy and accessibility during a disaster.

135
 Cloud Application Developer

· Applica on Dependency Mapping: Map dependencies between applica ons and iden fy cri cal
components. Understand how different systems interconnect to priori ze recovery efforts
effec vely.

· Recovery Team and Communica on Plan: Establish a dedicated recovery team with assigned
roles and responsibili es. Develop a communica on plan to ensure seamless coordina on and
informa on dissemina on during a crisis.

Fig. 4.3.1 Disaster recovery plan

Example:

In the context of a financial ins tu on, the disaster recovery plan involves iden fying poten al risks such
as cyber-a acks, power outages, and natural disasters. The recovery objec ves are defined, specifying
that cri cal systems should be restored within a few hours with minimal data loss. Data backups are
regularly performed, and copies are securely stored in a geographically diverse data center. Applica on
dependency mapping reveals interdependencies between core banking systems and customer-facing
applica ons. A dedicated recovery team is formed, consis ng of IT specialists, communica on
coordinators, and management representa ves. The communica on plan includes no fica on
procedures, escala on paths, and regular updates to stakeholders. This comprehensive disaster recovery
plan ensures the financial ins tu on can swi ly recover its IT systems, applica ons, and data in the event
of a disrup ve incident.

136
Par cipant Handbook

4.3.2 Best Prac ces for Cloud Applica on Architecture

and System Backup/Recovery
Efficient cloud applica on architecture and robust backup/recovery systems are cri cal components of a
resilient IT infrastructure. Implemen ng best prac ces ensures op mal performance, scalability, and data
protec on.

Key Prac ces:

· Scalable and Modular Architecture: Design cloud applica ons using a scalable and modular
architecture to accommodate varying workloads. U lize microservices, containers, and serverless
compu ng for flexibility and efficient resource u liza on.

· Data Redundancy and Replica on: Implement data redundancy by replica ng cri cal data across
mul ple geographic loca ons. This ensures data availability even in the event of localized outages
or disasters.

· Regular Data Backups: Conduct regular backups of applica on data to prevent data loss. Leverage
automated backup solu ons and cloud storage for seamless and secure data preserva on.

· Disaster Recovery Planning: Develop a comprehensive disaster recovery plan outlining steps to
recover applica ons and data in case of a disrup ve event. Regularly test the recovery process to
validate its effec veness.

· Security Measures: Priori ze security in both architecture and backup processes. Implement
encryp on, access controls, and authen ca on mechanisms to safeguard sensi ve data.

Example:

Consider a cloud-based e-commerce pla orm that incorporates best prac ces for applica on
architecture and data backup. The pla orm employs microservices architecture, allowing for
independent scaling of different components. Cri cal data, such as customer informa on and transac on
records, is redundantly stored across mul ple data centers with automated backups performed daily. In
the event of a system failure or data corrup on, the disaster recovery plan outlines procedures to restore
the pla orm swi ly. Security measures include encryp on of sensi ve customer data during transmission
and storage, ensuring a secure environment for both the applica on and its backups. These best prac ces
collec vely contribute to the pla orm's resilience, providing a seamless and secure experience for users.

4.3.3 Importance of Various Stakeholders in Designing

and Securing Cloud Applica on Architecture
The success of cloud applica on architecture relies on collabora on among diverse stakeholders, each
contribu ng their exper se to ensure efficiency, security, and alignment with business objec ves.

137
 Cloud Application Developer

Key Importance:

· Business Stakeholders:

o Role: Define business requirements, goals, and expected outcomes.

o Importance: Ensures that the cloud architecture aligns with organiza onal objec ves,
promo ng agility, and cost-effec veness.

· IT and Security Teams:

o Role: Implement and manage security measures, access controls, and compliance.
o Importance: Protects sensi ve data, mi gates security risks, and ensures regulatory
compliance in the cloud environment.

· Developers and Architects:

o Role: Design and develop the technical aspects of the cloud applica on architecture.

o Importance: Ensures scalability, reliability, and adherence to best prac ces in coding and
architecture, op mizing applica on performance.

· Opera ons and Infrastructure Teams:

o Role: Manage cloud infrastructure, deployment, and monitoring.

o Importance: Ensures the availability, performance, and scalability of cloud applica ons by
effec vely managing infrastructure resources.

· End Users:
o Role: U lize and interact with the cloud applica on.

o Importance: Feedback from end users is vital for refining the user experience, iden fying
poten al issues, and ensuring the applica on meets user expecta ons.

Example:

Consider a healthcare organiza on migra ng its pa ent management system to the cloud. Business
stakeholders define requirements such as seamless access to pa ent records and scalability for future
expansion. IT and security teams implement encryp on, access controls, and compliance measures to
protect sensi ve pa ent data. Developers and architects design a scalable and user-friendly interface.
Opera ons teams manage the cloud infrastructure, ensuring op mal performance. End users, including
medical staff and administrators, provide feedback on the system's usability. Collabora on among these
stakeholders ensures the cloud applica on architecture meets business needs, adheres to security
standards, and provides a posi ve user experience in the healthcare domain.

138
Par cipant Handbook

4.3.4 Cloud-Na ve and Cloud-First Applica on Architectures

Cloud-na ve and cloud-first applica on architectures are designed to leverage the benefits of cloud
compu ng, emphasizing scalability, resilience, and efficiency. While both share common traits, they differ
in their approaches to leveraging cloud resources.

Key Characteris cs:

· Cloud-Na ve Architecture: Introduc on: Cloud-na ve focuses on building applica ons

specifically for the cloud environment, u lizing cloud-na ve services and principles.
Key Traits:
o Micro-services: Breaks down applica ons into small, independently deployable services.

o Containers: U lizes containeriza on for efficient deployment and scaling.

o DevOps Prac ces: Embraces automa on, con nuous integra on, and con nuous delivery.
o Dynamic Scaling: Adapts to varying workloads through automa c scaling.

· Cloud-First Architecture: Introduc on: Cloud-first involves migra ng exis ng applica ons to the
cloud or developing new ones with cloud services as a primary considera on.
Key Traits:
o Migra on of Legacy Systems: Transi ons exis ng applica ons to cloud infrastructure.

o Hybrid Deployments: Combines on-premises and cloud resources to op mize

performance.
o Cloud-Op mized Design: Adapts tradi onal applica ons to leverage cloud advantages.

o Focus on Cost-Efficiency: Ensures cost-effec ve use of cloud resources.

Example:

Consider a retail company adop ng a cloud-na ve approach to develop a new e-commerce pla orm. The
architecture employs micro-services for dis nct func onali es like inventory management and payment
processing. Containeriza on, using tools like Docker and Kubernetes, facilitates seamless deployment
and scaling. DevOps prac ces enable automated tes ng and con nuous delivery.

On the other hand, a healthcare provider, following a cloud-first strategy, migrates its pa ent records
system to the cloud. The migra on allows for efficient scalability and u lizes cloud storage while
maintaining connec vity with on-premises systems for compliance. This approach op mizes the
exis ng applica on for the cloud environment without complete redevelopment.

139
 Cloud Application Developer

4.3.5 Configuring the Opera ng Environment for Cloud-

Na ve Applica ons
Configuring the opera ng environment for hos ng cloud-na ve applica ons is a crucial step in ensuring
op mal performance, scalability, and resource u liza on. This process involves se ng up the
infrastructure to support the unique characteris cs of cloud-na ve architectures.

Key Steps:

· Choose Cloud Provider: Select a cloud provider based on the specific requirements and features
needed for the cloud-na ve applica on. Common providers include AWS, Azure, and Google
Cloud.

· Define Infrastructure as Code (IaC): U lize Infrastructure as Code tools like Terraform or AWS
CloudForma on to define and provision the required resources programma cally. This ensures
consistency and repeatability.

· Implement Containeriza on: Adopt containeriza on using tools such as Docker. Package the
applica on and its dependencies into containers for portability and efficient deployment across
various environments.

· Orchestra on with Kubernetes: Implement Kubernetes for container orchestra on. Kubernetes
manages the deployment, scaling, and opera on of applica on containers, providing resilience
and automa on.

· Set Up Con nuous Integra on/Con nuous Deployment (CI/CD): Establish CI/CD pipelines to
automate the tes ng and deployment processes. Tools like Jenkins or GitLab CI enable seamless
integra on of new code changes into the produc on environment.

Example:

Consider a so ware development company transi oning to a cloud-na ve approach. They choose AWS as
their cloud provider and define the infrastructure using Terraform scripts. Docker containers encapsulate
microservices, and Kubernetes is employed to orchestrate these containers across a cluster. CI/CD
pipelines integrated with GitLab automate the tes ng and deployment workflows, ensuring a
streamlined process for delivering updates to the cloud-na ve applica on.

4.3.6 Implemen ng Applica on Infrastructure Configura ons

for Cloud Hos ng
Configuring the opera ng environment for hos ng cloud-na ve applica ons is a crucial step in ensuring
op mal performance, scalability, and resource u liza on. This process involves se ng up the
infrastructure to support the unique characteris cs of cloud-na ve architectures. Implemen ng
applica on infrastructure configura ons for hos ng on the cloud involves se ng up the necessary

140
Par cipant Handbook

resources and services to support the applica on's opera on in a cloud environment. This process
ensures that the infrastructure is op mized for scalability, performance, and security.

Key Steps:

· Select Cloud Provider and Region: Choose a suitable cloud provider (e.g., AWS, Azure, Google
Cloud) and the specific region where the applica on will be hosted. Consider factors such as data
residency, latency, and compliance requirements.

· Define Networking Architecture: Set up virtual networks, subnets, and security groups to create a
secure and well-connected environment for the applica on. Implement proper network
segmenta on for enhanced security.

· Provision Compute Resources: U lize Infrastructure as Code (IaC) tools like Terraform or
CloudForma on to provision virtual machines or containers for hos ng the applica on. Define
resource specifica ons, such as CPU, memory, and storage.

· Configure Load Balancing: Implement load balancing to distribute incoming traffic across mul ple
instances of the applica on. This enhances availability and ensures efficient resource u liza on.

· Set Up Database Services: Configure database services based on the applica on's requirements.
Choose between managed database services or deploy and manage databases on virtual
machines as needed.

Example:

Consider a web applica on migra ng to AWS. The infrastructure is defined using AWS CloudForma on
templates, specifying the desired Amazon Virtual Private Cloud (VPC) configura on, EC2 instances for
hos ng the applica on, Elas c Load Balancer (ELB) for distribu ng traffic, and Amazon RDS for managing
the database. This infrastructure setup allows the applica on to run efficiently and scale seamlessly in
response to changing demands.

4.3.7 Implemen ng Security Controls and Sanity Checks in

Cloud Systems
Ensuring the security of cloud systems involves implemen ng robust controls and conduc ng regular
sanity checks to detect and mi gate poten al threats and security breaches. This proac ve approach is
crucial for safeguarding sensi ve data and maintaining the integrity of cloud-based applica ons.

Key Steps:

· Define Security Policies: Establish comprehensive security policies outlining access controls, data
encryp on standards, and incident response procedures. Align these policies with industry best
prac ces and compliance requirements.

141
 Cloud Application Developer

· U lize Iden ty and Access Management (IAM): Implement IAM solu ons to manage user access,
permissions, and authen ca on. Enforce the principle of least privilege to restrict access based on
specific roles and responsibili es.

· Implement Network Security Measures: Set up firewalls, intrusion detec on/preven on

systems, and network monitoring tools to safeguard the network infrastructure. Use Virtual
Private Clouds (VPCs) and network segmenta on for addi onal security.

· Regularly Update and Patch Systems: Keep all cloud-based systems, including opera ng systems
and so ware, up-to-date with the latest security patches. Regularly apply updates to address
vulnerabili es and enhance system resilience.

· Perform Security Audits and Penetra on Tes ng: Conduct regular security audits and
penetra on tes ng to iden fy poten al weaknesses in the system. Address vulnerabili es
promptly and ensure con nuous improvement in security measures.

Example:

Consider an organiza on using AWS for hos ng its cloud applica ons. The security controls include
implemen ng AWS IAM policies to manage user access, configuring AWS WAF (Web Applica on Firewall)
to protect against web-based a acks, and employing AWS Inspector for automated security assessments.
Regular security audits and penetra on tests are performed to iden fy and address poten al security
risks, ensuring a robust security posture in the cloud environment.

4.3.8 Crea ng Disaster Recovery Environment and Sample

Backup in Cloud
Establishing a disaster recovery (DR) environment is crucial for ensuring business con nuity in the event
of unforeseen disrup ons. This involves crea ng a comprehensive plan and u lizing appropriate cloud
tools to perform regular backups, safeguarding cri cal systems and data.

Key Steps:

· Define Recovery Objec ves: Clearly define the recovery me objec ves (RTO) and recovery point
objec ves (RPO) to determine the acceptable down me and data loss in case of a disaster.

· Select Cloud Backup Tools: Choose cloud-na ve backup tools provided by the cloud service
provider, such as AWS Backup, Azure Backup, or Google Cloud's Cloud Storage, based on the
pla orm used.

· Configure Backup Policies: Set up backup policies to automate the backup process. Specify the
frequency of backups, reten on periods, and the types of data to be backed up, ensuring
alignment with recovery objec ves.

142
Par cipant Handbook

· Implement Redundancy and Replica on: Leverage cloud features like mul -region redundancy
and data replica on to enhance resilience. Distribute data across geographically diverse loca ons
for improved availability.

· Perform Sample Backup: Execute a sample backup to validate the backup configura on and
ensure data recoverability. Verify that the backup process captures all cri cal data and systems.

Example:

Consider an organiza on using Microso Azure for cloud services. The disaster recovery plan includes
configuring Azure Backup to regularly back up virtual machines, databases, and cri cal files. The backup
policies are defined to perform incremental backups daily and retain data for a specified period. Periodic
tes ng involves performing sample restores to confirm the integrity of backups and the ability to recover
data in case of a disaster. This proac ve approach ensures a robust disaster recovery environment in the
cloud.

143
 Cloud Application Developer

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is the purpose of impact analysis in applica on development?
2. Why is crea ng an impact analysis document essen al for project management?
3. Differen ate between cloud-na ve and cloud-first applica ons.
4. What is the significance of micro-services in modern applica on development?
5. Explain the role of containers in cloud compu ng.

Fill-in-the-Blanks:

1. Impact analysis helps in assessing the _______ of changes on a project.

a) Timeframe
b) Implica ons
2. An impact analysis document typically includes details about changes, associated risks, and
proposed _______.
a) Solu ons
b) Challenges
3. Cloud-na ve applica ons are designed to leverage the full poten al of _______ environments.
a) Tradi onal
b) Cloud
4. Micro-services architecture promotes the development of applica ons as a collec on of _______
services.
a) Monolithic
b) Independent
5. _______ is a design approach where applica ons are developed without relying on tradi onal
servers.
a) Server-Oriented Architecture
b) Serverless Development

True/False Ques ons:

1. Decision on an applica on's intended opera ng environment is a cri cal aspect of the
development process.
2. Containers provide a standardized unit that can run applica ons across various cloud pla orms.
3. Load balancing and auto-scaling are tools used for maintaining sta c applica on performance.
4. Iden fying poten al security risks is not a crucial step when deploying applica ons on the cloud.
5. Disaster recovery plans are essen al only for large enterprises, not for smaller organiza ons.

144
Par cipant Handbook

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/watch
?v=6aReDnaNtEA
What is a Disaster Recovery Plan?

145
 Cloud Application Developer

146
5. Application
Development

Unit 5.1 - Cloud Applica on Development Fundamentals

Unit 5.2 - Advanced Cloud Applica on Development

SSC/N8320
 Cloud Application Developer

Key Learning Outcomes

At the end of this module, you will be able to:

1. List the types of applica on dependencies (such as Databases, Caching, Messaging Queues, Web
services, HTTP APIs etc.)

2. Explain the importance of mapping of applica on dependencies.

3. Explain how to map applica on dependencies.

4. Explain the procedure to create and manage databases using suitable DBMS.

5. Explain how to integrate DBMS with different systems deployed on cloud.

6. List popular caching solu ons available for cloud applica on.

7. Explain what message queues are and why are they used.

8. Explain what HTTP APIs, REST APIs and web-services are and how to create them.

9. Discuss the ways to scale applica ons. horizontally using auto-scaling and load balancing solu ons.

10. Explain how to leverage loosely coupled micro-services-based architecture.

11. Discuss how to secure applica ons deployed on cloud.

12. Explain how to manage security configura ons of applica ons.

13. Discuss how to encrypt data in transit and data at rest.

14. List popular encryp ons used to encrypt data.

15. Discuss the concepts of IAM.

16. Outline the importance of various stakeholders in cloud applica on development.

17. Discuss the best prac ces related to cloud applica on development.

18. Apply suitable tools and techniques to build resilient cloud applica ons.

19. Demonstrate how to query data from DBMS for different requirements of sample cloud
applica ons.

20. Demonstrate how to create micro-services for sample cloud applica ons.

21. Build secure APIs and services for sample cloud applica ons.

22. Demonstrate how to implement security configura ons and controls to ensure regulatory

148
Par cipant Handbook

UNIT 5.1: Cloud Applica on Development Fundamentals

Unit Objectives
At the end of this unit, you will be able to:
1. List various types of applica on dependencies including Databases, Caching, Messaging Queues,
Web services, and HTTP APIs.

2. Explain the significance of mapping applica on dependencies.

3. Demonstrate the procedure to map applica on dependencies.

4. Explain the procedure to create and manage databases using a suitable Database Management
System (DBMS).

5. Explain how to integrate DBMS with different systems deployed on the cloud.

5.1.1 Applica on Dependencies

Applica on dependencies are vital components that an applica on relies on to func on effec vely. These
dependencies encompass various aspects, each serving a specific purpose in the applica on ecosystem:

Fig. 5.1.1 Applica on dependency mapping so ware

· Databases: Databases store and manage structured data, providing a persistent and organized
storage solu on. Examples include MySQL, PostgreSQL, and MongoDB.

· Caching: Caching mechanisms enhance performance by temporarily storing frequently accessed

data. Redis and Memcached are popular caching solu ons.

149
 Cloud Application Developer

· Messaging Queues: Messaging queues facilitate communica on between different parts of an

applica on, ensuring seamless data flow. Examples include RabbitMQ and Apache Ka a.

· Web Services: Web services enable communica on and data exchange between applica ons over
the web. RESTful APIs and SOAP are common web service architectures.

· HTTP APIs: HTTP APIs (Applica on Programming Interfaces) allow applica ons to communicate
using the HTTP protocol. They are fundamental for web-based interac ons.

Example:

Consider an e-commerce applica on. It u lizes a rela onal database (e.g., PostgreSQL) for storing
product informa on, employs caching (using Redis) to op mize the retrieval of frequently accessed data,
u lizes a messaging queue (e.g., RabbitMQ) for order processing, interacts with external services through
web services, and exposes HTTP APIs for mobile app interac ons. Each dependency plays a crucial role in
ensuring the applica on's func onality and performance.

5.1.2 Significance of Mapping Applica on Dependencies

Mapping applica on dependencies is a crucial aspect of cloud applica on development, providing
insights into the intricate rela onships among various components.

Fig. 5.1.2 Mapping applica on dependencies

This process holds significant importance for several reasons:

· Iden fying Cri cal Components: By mapping dependencies, developers can pinpoint cri cal
components such as databases, caching mechanisms, messaging queues, web services, and HTTP

150
Par cipant Handbook

APIs. This iden fica on is essen al for understanding the core elements that contribute to the
applica on's func onality.

· Op mizing Performance: Understanding how different parts of an applica on depend on each

other helps in op mizing performance. It allows developers to streamline communica on
pathways, enhance data retrieval, and minimize latency, contribu ng to a more efficient
applica on.

· Resilience and Fault Tolerance: Dependency mapping aids in designing resilient applica ons. By
recognizing dependencies, developers can implement fault-tolerant strategies, ensuring that the
applica on can gracefully handle failures or disrup ons in specific components without
compromising overall func onality.

· Scalability Planning: Scalability is a key considera on in cloud environments. Mapping

dependencies facilitates effec ve scalability planning by revealing components that might
experience increased demand. Developers can then implement appropriate scaling mechanisms
for these components.

· Troubleshoo ng and Debugging: When issues arise, dependency mapping serves as a valuable
tool for troubleshoo ng and debugging. Developers can quickly iden fy the root cause of
problems and trace how changes in one component might affect others.

Example:

Consider an e-commerce applica on where the shopping cart func onality relies on both the database
for storing item details and a caching system for quick retrieval. Mapping these dependencies helps
ensure that any changes made to the database structure are reflected in the caching system, maintaining
consistency and performance.

5.1.3 Procedure to Map Applica on Dependencies

Mapping applica on dependencies is a systema c process that involves iden fying and visualizing the
rela onships among different components. This procedure is crucial for understanding how various
elements interact within a cloud applica on.

Here's a concise guide on how to map applica on dependencies:

· Iden fy Components: Begin by lis ng and categorizing the components of your cloud applica on.
This includes databases, caching mechanisms, messaging queues, web services, and HTTP APIs.

· Define Rela onships: Determine how each component interacts with others. Note down
dependencies and rela onships, specifying which components rely on data or services from
others.

151
 Cloud Application Developer

· Use Dependency Mapping Tools: Leverage specialized tools for dependency mapping. These
tools automa cally analyze your applica on's infrastructure, providing visual representa ons of
dependencies. Examples include AWS CloudMap, Azure Service Map, or third-party tools like
Datadog or Dynatrace.

· Document Dependencies: Create documenta on that outlines the iden fied dependencies. This
documenta on should be accessible to the development and opera ons teams, serving as a
reference for understanding the applica on's structure.

· Update Regularly: Dependencies can evolve over me with updates and changes to the
applica on. Regularly revisit and update the dependency mapping to ensure it accurately reflects
the current state of the applica on.

Example:

Consider a microservices-based e-commerce pla orm. The product catalog microservice depends on
both the database for retrieving product details and the payment gateway API for processing
transac ons. Mapping these dependencies visually reveals the cri cal connec ons, aiding developers in
maintaining and enhancing the applica on.

5.1.4 Procedure to Create and Manage Databases using

a DBMS
Crea ng and managing databases efficiently is crucial for cloud applica on development. A Database
Management System (DBMS) facilitates this process, providing a structured approach to handle data.

Fig. 5.1.3 Crea ng and managing databases

Here's a concise guide on the procedure:

152
Par cipant Handbook

· Select a Suitable DBMS: Choose a DBMS that aligns with your applica on's requirements. Op ons
include MySQL, PostgreSQL, MongoDB, or cloud-na ve solu ons like Amazon DynamoDB or
Azure Cosmos DB.
· Define Database Schema: Design the database schema by specifying tables, fields, and
rela onships. This step outlines the structure of your data and ensures data integrity.
· Create the Database: Use the chosen DBMS to create the database based on the defined schema.
This step establishes the founda onal structure for storing and retrieving data.
· Implement Data Storage Policies: Configure storage policies, such as indexing and par oning, to
op mize data retrieval and enhance database performance.
· Manage Security Se ngs: Implement security measures, including access controls and
authen ca on mechanisms, to protect the database from unauthorized access.
· Regular Backup and Recovery Procedures: Establish automated backup and recovery procedures
to safeguard against data loss. Regularly back up the database to a secure loca on.
· Monitor and Op mize Performance: Implement monitoring tools to track database
performance. Op mize queries, indexing, and other parameters based on performance metrics.
Example:
Consider an e-commerce applica on u lizing MySQL as its DBMS. The procedure involves defining a
schema with tables for products, orders, and customers. A er crea ng the database, configuring indexing
on frequently queried fields enhances search performance. Regular backups are scheduled to Amazon S3
for disaster recovery. Monitoring tools like AWS CloudWatch ensure the database operates efficiently.

5.1.5 Integra ng DBMS with Different Cloud Systems

Integra ng a Database Management System (DBMS) with various systems deployed on the cloud is
essen al for seamless data flow across applica ons.

Fig. 5.1.4 Cloud databases

153
 Cloud Application Developer

Here's a concise guide on the integra on process:

· Iden fy Integra on Requirements: Determine the specific integra on needs, including data
exchange formats, communica on protocols, and authen ca on methods.

· Choose Suitable Integra on Tools: Select appropriate integra on tools or middleware that
support the cloud environment and the DBMS. Cloud-na ve solu ons like AWS Lambda or Azure
Logic Apps are examples.

· Establish Connec on Parameters: Configure connec on parameters, including hostnames,

creden als, and access protocols, ensuring secure and authorized access to the DBMS.

· Implement Data Exchange Mechanisms: Define data exchange mechanisms, such as APIs or
direct database connec ons, to facilitate communica on between the DBMS and other cloud
systems.

· Ensure Data Consistency: Implement transac on controls and data consistency measures to
ensure reliable and accurate data transfer between systems.

· Tes ng and Valida on: Conduct thorough tes ng to validate the integra on. Verify that data is
accurately exchanged, and transac ons are appropriately handled.

Example:

Consider an e-commerce applica on using Amazon RDS (Rela onal Database Service) as the DBMS. To
integrate with a cloud-based analy cs system on AWS, AWS Glue—an ETL (Extract, Transform, Load)
service—can be employed. Connec on parameters are configured, and data is exchanged through AWS
Glue jobs, enabling the analy cs system to analyze and derive insights from the e-commerce database.

154
Par cipant Handbook

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/watch
?v=j09EQ-xlh88
What is Database | Types of Database | DBMS

155
 Cloud Application Developer

UNIT 5.2: Advanced Cloud Applica on Development

Unit Objectives
At the end of this unit, you will be able to:
1. List popular caching solu ons available for cloud applica ons.

2. Explain the purpose of message queues and their importance.

3. Explain what HTTP APIs, REST APIs, and web services are and how to create them.

4. Discuss the ways to scale applica ons horizontally using auto-scaling and load balancing solu ons.

5. Explain how to leverage a loosely coupled micro-services-based architecture.

6. Discuss how to secure applica ons deployed on the cloud.

7. Explain how to manage security configura ons of applica ons.

8. Discuss methods to encrypt data in transit and data at rest.

9. List popular encryp on methods used to secure data.

10. Explain the concepts of Iden ty and Access Management (IAM).

11. Outline the importance of various stakeholders in cloud applica on development.

12. Discuss best prac ces related to cloud applica on development.

13. Apply suitable tools and techniques to build resilient cloud applica ons.

14. Demonstrate how to query data from DBMS for different requirements in sample cloud applica ons.

15. Demonstrate how to create micro-services for sample cloud applica ons.

16. Build secure APIs and services for sample cloud applica ons.

17. Demonstrate how to implement security configura ons and controls to ensure regulatory
compliance.

18. Demonstrate authen ca on and access control mechanisms in sample cloud applica ons.

5.2.1 Popular Caching Solu ons for Cloud Applica ons

Caching plays a crucial role in enhancing the performance and responsiveness of cloud applica ons.
Here's an overview of popular caching solu ons suitable for cloud environments:

· Amazon Elas Cache: Amazon Elas Cache is a fully managed, in-memory caching service
compa ble with popular caching engines such as Redis and Memcached. It allows cloud
applica ons to seamlessly integrate caching capabili es, reducing database load and improving
response mes.

156
Par cipant Handbook

· Azure Cache for Redis: Azure Cache for Redis is a high-performance caching service on the
Microso Azure pla orm. It supports Redis, an open-source, in-memory data structure store,
providing caching func onali es for cloud applica ons hosted on Azure.

· Google Cloud Memorystore: Google Cloud Memorystore is a managed Redis service offered by
Google Cloud Pla orm (GCP). It enables cloud applica ons to leverage Redis caching for be er
performance, scalability, and reduced latency.

· Ehcache: Ehcache is an open-source, widely-used Java-based caching library. While it can be used
in various environments, it is adaptable to cloud applica ons, providing an effec ve caching
mechanism for Java-based systems.

Fig. 5.2.1 Caching and how it works

Example:

Consider a media streaming applica on hosted on AWS. By integra ng Amazon Elas Cache with Redis,
the applica on can cache frequently accessed content metadata, reducing the need to fetch data from
the database repeatedly. This results in faster response mes and improved overall user experience.

5.2.2 Purpose and Importance of Message Queues

Message queues play a crucial role in facilita ng communica on between various components of a
distributed system. They act as intermediaries for asynchronous communica on, allowing decoupling
between producers and consumers of messages. Here's a brief overview:

Message queues are essen al components in system architecture, enabling communica on between
different parts of a system without direct connec ons. Their asynchronous nature enhances system
scalability, reliability, and responsiveness.

Importance:

· Decoupling Components: Message queues decouple components by allowing them to

communicate without direct dependencies. Producers and consumers operate independently,
enhancing system flexibility.

157
 Cloud Application Developer

· Scalability: Asynchronous communica on through message queues supports be er scalability.

Components can handle varying workloads without direct synchroniza on, improving overall
system performance.

· Reliability: Message queues enhance system reliability by persis ng messages un l they are
successfully processed. This ensures that messages are not lost, even during system failures.

· Load Balancing: They enable load balancing by distribu ng messages among mul ple consumers.
This ensures efficient resource u liza on and prevents bo lenecks.

Example:

Consider an e-commerce applica on where order processing involves mul ple steps like payment
verifica on, inventory update, and shipping. Message queues can be employed to pass order-related
messages between these steps. If the payment verifica on service is temporarily unavailable, the
messages are queued, ensuring that the order processing con nues seamlessly once the service is back
online.

Fig. 5.2.2 Message queues

In summary, message queues are founda onal for building resilient, scalable, and loosely-coupled
systems in cloud applica ons.

5.2.3 Purpose and Importance of Message Queues

HTTP APIs, REST APIs, and web services are integral components of modern applica on development,
facilita ng communica on and data exchange between different so ware systems. Fig. 5.2.3 REST API

158
Par cipant Handbook

Fig. 5.2.3 REST API

Here's a concise overview:

· HTTP APIs: HTTP APIs (Applica on Programming Interfaces) are sets of rules that allow one
so ware applica on to interact with another over the HTTP protocol. They define endpoints,
methods, and data formats for seamless communica on.

· REST APIs: REST (Representa onal State Transfer) APIs adhere to a set of architectural principles,
emphasizing a stateless client-server communica on model. RESTful APIs use standard HTTP
methods (GET, POST, PUT, DELETE) to perform opera ons on resources, and they o en return data
in JSON format.

· Web Services: Web services are so ware systems designed to support interoperable machine-to-
machine interac on over a network. They can use various protocols, including HTTP, and are
typically used for communica on between different applica ons or services.

Crea ng HTTP APIs, REST APIs, and Web Services:

Crea ng these services involves defining endpoints, handling HTTP methods, and ensuring proper data
exchange. Here are general steps:

· Define Endpoints: Clearly define the endpoints that represent different func onali es or
resources. For example, an e-commerce API might have endpoints like /products or /orders.

· HTTP Methods and Ac ons: Assign HTTP methods (GET, POST, PUT, DELETE) to ac ons like
retrieving, crea ng, upda ng, or dele ng data. This aligns with RESTful principles.

159
 Cloud Application Developer

· Data Formats: Specify data formats for request and response payloads. JSON is a common choice
due to its simplicity and widespread support.

· Authen ca on and Authoriza on: Implement secure authen ca on mechanisms and

authoriza on checks to control access to your API.

Example:

Consider a social media applica on with a user-related API. An endpoint /users might support HTTP
methods such as GET (retrieve user details), POST (create a new user), PUT (update user details), and
DELETE (delete a user). The data format for requests and responses can be JSON.

In conclusion, HTTP APIs, REST APIs, and web services serve as crucial components in building
interoperable and scalable systems, allowing seamless communica on between various so ware
en es.

5.2.4 Scaling Applica ons Horizontally with Auto-Scaling

and Load Balancing
Scaling applica ons horizontally involves adding more instances of applica on components to distribute
the load and enhance performance. Auto-scaling and load balancing solu ons play pivotal roles in
achieving horizontal scalability, ensuring efficient resource u liza on and responsiveness.

Scaling Steps:

· Load Balancer Configura on: Set up a load balancer to evenly distribute incoming traffic among
mul ple instances of the applica on. This ensures that no single instance bears an excessive load,
op mizing performance.

· Auto-Scaling Policies: Implement auto-scaling policies based on predefined metrics such as CPU
u liza on, memory usage, or network traffic. When the load increases, auto-scaling mechanisms
automa cally add more instances, and when the load decreases, unnecessary instances are
removed.

· Dynamic Resource Provisioning: U lize cloud services that support dynamic resource
provisioning. Cloud pla orms like AWS, Azure, and Google Cloud provide auto-scaling features
that dynamically adjust resources based on demand.

Example:

Consider an e-commerce website experiencing increased traffic during a holiday sale. A load balancer
distributes incoming user requests across mul ple web servers. Auto-scaling policies are configured to
monitor CPU u liza on, and when it exceeds a certain threshold, new server instances are automa cally
launched to handle the increased load. Conversely, during low-traffic periods, unnecessary instances are
terminated to save costs.

160
Par cipant Handbook

In conclusion, combining load balancing with auto-scaling mechanisms allows applica ons to scale
horizontally, providing a responsive and reliable user experience during varying workloads. This approach
ensures op mal resource u liza on and adaptability to changing demand.

5.2.5 Leveraging Loosely Coupled Microservices-Based

Architecture
A microservices-based architecture involves breaking down an applica on into small, independent
services that communicate through well-defined APIs. The loosely coupled nature of microservices
enhances scalability, flexibility, and maintainability.

Leveraging Steps:

· Decomposi on of Services: Iden fy components of the applica on that can operate

independently and break them into individual microservices. Each microservice focuses on a
specific business capability.

· API Contracts and Standards: Define clear API contracts for communica on between
microservices. Establishing standards ensures seamless interac on, allowing services to evolve
independently without disrup ng the en re system.

· Containeriza on and Orchestra on: U lize containeriza on pla orms like Docker and
orchestra on tools such as Kubernetes. Containers encapsulate microservices, making them
portable across different environments while orchestra on manages their deployment and
scaling.

· Asynchronous Communica on: Implement asynchronous communica on pa erns, such as

message queues or event-driven architectures. This ensures that microservices can operate
independently, reac ng to events without direct dependencies on other services.

Example:

Consider an e-commerce applica on where different microservices handle user authen ca on, product
catalog, and order processing. These microservices communicate through well-defined APIs. If the
product catalog service needs an update, it can evolve independently without affec ng user
authen ca on or order processing. The use of containers allows seamless deployment across
development, tes ng, and produc on environments.

In summary, leveraging a loosely coupled microservices-based architecture involves breaking down

monolithic applica ons into smaller, independent services. Clear API contracts, containeriza on, and
asynchronous communica on enable each microservice to operate independently, promo ng agility
and scalability in applica on development and maintenance.

161
 Cloud Application Developer

5.2.6 Securing Cloud Applica ons

Securing applica ons in the cloud is paramount to protect sensi ve data and ensure the reliability of
services. A comprehensive security strategy involves mul ple layers of defense and adherence to best
prac ces.

Security Steps:

· Iden ty and Access Management (IAM): Implement robust IAM policies to control access to
cloud resources. Assign permissions based on the principle of least privilege, ensuring that users
and services have only the necessary access rights.

· Encryp on: Encrypt data in transit and at rest using strong encryp on algorithms. U lize HTTPS
for web traffic, implement encryp on mechanisms within databases, and leverage cloud-na ve
encryp on services.

· Network Security: Configure network security groups and firewalls to restrict access to necessary
ports. Implement Virtual Private Clouds (VPCs) to isolate resources and control traffic flow.

· Regular Audi ng and Monitoring: Set up con nuous monitoring and audi ng tools to detect
unusual ac vi es. Regularly review logs, alerts, and access pa erns to iden fy poten al security
threats.

· Patch Management: Keep all so ware and opera ng systems up to date with the latest security
patches. Regularly apply updates to address vulnerabili es and improve the overall security
posture.

Example:

Consider a cloud-based e-commerce pla orm. By implemen ng IAM, the pla orm ensures that only
authorized personnel can access sensi ve customer data. Encryp on is applied to protect customer
informa on during transac ons, both in transit and when stored in databases. Network security
measures, such as firewalls, restrict unauthorized access to cri cal services. Regular monitoring of access
logs and periodic audits helps iden fy and address any poten al security issues promptly.

In conclusion, securing applica ons in the cloud requires a mul -faceted approach. Incorpora ng IAM,
encryp on, network security, monitoring, and patch management helps create a robust security
framework, safeguarding applica ons and data from various threats.

5.2.7 Managing Security Configura ons of Applica ons

Effec vely managing security configura ons is crucial to for fy applica ons against poten al threats and
vulnerabili es. Security configura ons encompass se ngs and parameters that dictate how an
applica on behaves in terms of security.

162
Par cipant Handbook

Fig. 5.2.4 Security configura on management

Security Configura on Management Steps:

· Baseline Security Se ngs: Define baseline security se ngs for the applica on. This includes
configuring parameters such as access controls, encryp on, authen ca on mechanisms, and
logging.

· Regular Audits and Assessments: Conduct regular security audits and assessments to ensure that
configura ons align with security best prac ces. Regularly review and update configura ons
based on the changing threat landscape.

· Automa on Tools: U lize automa on tools for configura on management to streamline the
process and reduce the likelihood of human errors. Automa on ensures consistency and helps
promptly address any devia ons from the secure baseline.

· Version Control: Implement version control for security configura ons. Track changes made to
configura ons and maintain a history of modifica ons. This helps in iden fying unauthorized
changes and facilitates rollback if necessary.

· Compliance Checks: Regularly check configura ons against industry compliance standards and
regulatory requirements. Ensure that the applica on adheres to relevant security and privacy
regula ons.

163
 Cloud Application Developer

Example:

Consider an online banking applica on. To manage security configura ons effec vely, the applica on
establishes a baseline that mandates strong encryp on for sensi ve data during transac ons. Regular
automated audits are conducted to verify that all configura ons, including access controls and
authen ca on mechanisms, are in line with the established baseline. Version control ensures that any
changes made to configura ons are documented and reversible, allowing the applica on to maintain a
secure and compliant state.

In summary, managing security configura ons involves establishing a secure baseline, conduc ng regular
audits, leveraging automa on, implemen ng version control, and ensuring compliance with industry
standards. This approach enhances an applica on's resilience against evolving security challenges.

5.2.8 Encryp ng Data in Transit and Data at Rest

Data encryp on is a fundamental prac ce to safeguard sensi ve informa on. Encryp ng data in transit
and data at rest ensures that even if unauthorized access occurs, the intercepted data remains
unreadable and secure.

Fig. 5.2.5 Stages of data

Encryp on Methods:

· Data in Transit:
o Secure Sockets Layer (SSL) or Transport Layer Security (TLS): Implement SSL/TLS protocols
for encryp ng data transmi ed over networks. These protocols secure communica on
channels, ensuring confiden ality during data transfer.

o Virtual Private Networks (VPNs): U lize VPNs to create encrypted tunnels, safeguarding

164
Par cipant Handbook

data as it traverses through poten ally insecure networks. VPNs provide an addi onal layer
of protec on for data in transit.

· Data at Rest:
o Full Disk Encryp on (FDE): Apply FDE to encrypt en re storage devices, such as hard drives
or solid-state drives. This ensures that all data stored on the device remains encrypted,
protec ng against physical the or unauthorized access.
o File-level Encryp on: Encrypt individual files or specific data sets, allowing for granular
control over encryp on. File-level encryp on is beneficial when only certain por ons of
data require heightened protec on.

Example:

Consider a healthcare applica on storing pa ent records. To secure data in transit, the applica on
employs SSL/TLS protocols for communica on between clients and servers, preven ng unauthorized
intercep on during transmission. For data at rest, the applica on implements full disk encryp on on its
servers, ensuring that all pa ent records stored on the database remain encrypted. This dual-layered
encryp on strategy guarantees the confiden ality and integrity of pa ent informa on, aligning with
healthcare privacy regula ons.

In summary, encryp ng data in transit using SSL/TLS and VPNs, and encryp ng data at rest through FDE
and file-level encryp on, cons tutes a robust approach to safeguarding sensi ve informa on throughout
its lifecycle.

5.2.9 Popular Encryp on Methods for Data Security

In the realm of cybersecurity, employing robust encryp on methods is crucial to safeguard sensi ve data
from unauthorized access. Various encryp on techniques are u lized to secure data at rest, in transit, and
during processing.

Encryp on Methods:

· Symmetric Encryp on:

o Descrip on: Symmetric encryp on employs a single key for both encryp on and
decryp on. The same key is used by both par es involved in the communica on.

o Example: Advanced Encryp on Standard (AES) is a widely adopted symmetric encryp on

algorithm, known for its efficiency and security. It is used in various applica ons, including
securing sensi ve files and communica ons.

· Asymmetric Encryp on:

o Descrip on: Asymmetric encryp on involves a pair of public and private keys. The public
key is shared openly, while the private key remains confiden al. Data encrypted with the

165
 Cloud Application Developer

public key can only be decrypted using the corresponding private key.

o Example: RSA (Rivest-Shamir-Adleman) is a commonly used asymmetric encryp on

algorithm. It is employed in digital signatures, secure communica ons, and key exchange
protocols.

· Hash Func ons:

o Descrip on: Hash func ons generate fixed-size output (hash) based on input data. While
not reversible, they are valuable for ensuring data integrity and verifying authen city.

o Example: SHA-256 (Secure Hash Algorithm 256-bit) is a widely used hash func on. It is
employed in blockchain technology, digital cer ficates, and password hashing.

· Public Key Infrastructure (PKI):

o Descrip on: PKI is a framework that manages digital keys and cer ficates. It combines
asymmetric encryp on, digital signatures, and cer ficate authori es to establish secure
communica on.

o Example: Cer ficates issued by Cer ficate Authori es (CAs) in HTTPS connec ons use PKI
to ensure the authen city and security of websites.

Fig. 5.2.6 Encryp on methods for data security

The combina on of symmetric and asymmetric encryp on, along with hash func ons and PKI, forms a
comprehensive strategy to protect data in various scenarios. Each encryp on method serves specific
purposes, contribu ng to the overall security posture in the digital landscape.

5.2.10 Iden ty and Access Management (IAM) Concepts

Iden ty and Access Management (IAM) is a crucial component of cybersecurity that focuses on ensuring
the right individuals have the appropriate access to resources within an organiza on's digital ecosystem.
IAM encompasses processes, policies, and technologies that manage user iden es and control their

166
Par cipant Handbook

access to various systems and data.

Key Concepts:
· Iden ty Lifecycle Management: IAM begins with the crea on, maintenance, and re rement of
user iden es throughout their lifecycle within an organiza on. This involves user provisioning,
de-provisioning, and regular updates to reflect changes in roles or permissions.
o Example: When a new employee joins a company, IAM processes handle the provisioning
of user accounts, ensuring they have the necessary access to start their responsibili es.
· Authen ca on and Authoriza on: Authen ca on: Verifying the iden ty of users through
creden als (passwords, biometrics, mul -factor authen ca on).
o Authoriza on: Gran ng appropriate permissions and access rights based on the
authen cated user's role or a ributes.
o Example: A er entering a correct username and password (authen ca on), an employee is
authorized to access specific files and applica ons based on their role in the organiza on.
· Single Sign-On (SSO): SSO allows users to access mul ple applica ons with a single set of login
creden als. It enhances user experience and simplifies iden ty management.
o Example: Logging into an organiza on's portal and seamlessly accessing various services
(email, document storage, and collabora on tools) without re-entering creden als.
· Role-Based Access Control (RBAC): RBAC assigns permissions to users based on their roles in the
organiza on. It ensures that individuals have access only to resources necessary for their job
responsibili es.
o Example: An HR manager may have access to employee records and payroll systems (role-
based access), while a so ware developer may have access to source code repositories.

Fig. 5.2.7 Future trends in iden ty & access management

167
 Cloud Application Developer

IAM plays a pivotal role in maintaining a secure and organized digital environment by managing iden es,
ensuring secure authen ca on, authorizing appropriate access, and simplifying user interac ons
through mechanisms like SSO and RBAC.

5.2.11 Importance of Stakeholders in Cloud Applica on

Development
In cloud applica on development, stakeholders are individuals or en es with a vested interest in the
applica on's success. Engaging and understanding the needs of various stakeholders is crucial for building
applica ons that align with organiza onal goals and user expecta ons.

Key Importance:

· Requirement Gathering and Clarity: Stakeholders, including business leaders, end-users, and IT
teams, provide insights into applica on requirements and expecta ons. This helps in defining
clear project goals and func onali es.
o Example: A financial ins tu on developing a cloud-based banking applica on engages
stakeholders such as customers, compliance officers, and IT administrators to ensure
regulatory compliance, user-friendly interfaces, and robust security features.

· Alignment with Business Objec ves: Stakeholders contribute to defining the strategic objec ves
the applica on should achieve. This alignment ensures that the development efforts are in sync
with broader business goals.

o Example: An e-commerce company involving marke ng, sales, and customer support
teams in the development process ensures the applica on supports promo ons, facilitates
sales, and enhances customer experience.

· User Experience Enhancement: Involving end-users as stakeholders is crucial for crea ng

applica ons with a posi ve user experience. Their feedback and preferences guide the design and
func onality decisions.

o Example: A social media pla orm regularly incorporates user feedback during
development to enhance features, improve naviga on, and ensure a seamless user
experience.

· Security and Compliance: Security experts and compliance officers, as stakeholders, play a vital
role in defining security protocols and ensuring the applica on complies with industry
regula ons.
o Example: Healthcare organiza ons developing cloud-based pa ent management systems
involve stakeholders knowledgeable about healthcare regula ons to guarantee data
privacy and compliance with healthcare laws.

168
Par cipant Handbook

· Adaptability and Scalability: Stakeholders, especially IT and opera ons teams, contribute to
decisions on the scalability and adaptability of the applica on to accommodate future growth and
changing requirements.

o Example: A cloud-based streaming service involving IT infrastructure experts ensures that

the applica on architecture can scale seamlessly to handle increased user demands during
peak mes.

The ac ve involvement of diverse stakeholders throughout the cloud applica on development lifecycle is
fundamental for crea ng solu ons that meet business needs, enhance user sa sfac on, and adhere to
security and compliance standards.

5.2.12 Best Prac ces in Cloud Applica on Development

Cloud applica on development involves leveraging cloud compu ng resources to build scalable, flexible,
and efficient so ware solu ons. Adhering to best prac ces ensures the successful deployment and
opera on of cloud applica ons.

Key Best Prac ces:

· Microservices Architecture:

Adop ng a microservices-based architecture enhances scalability, maintainability, and

resilience. Break down the applica on into smaller, independent services that can be developed,
deployed, and scaled individually.

o Example: A travel booking pla orm implemen ng microservices for user authen ca on,
payment processing, and i nerary management, enabling agility and scalability for each
service.

· DevOps Integra on:

o Descrip on: Embrace DevOps prac ces to streamline collabora on between development
and opera ons teams. Implement con nuous integra on and con nuous delivery (CI/CD)
pipelines for faster and more reliable deployments.

o Example: An e-commerce applica on using DevOps prac ces to automate tes ng,
deployment, and monitoring, ensuring rapid feature delivery and reduced me-to-market.

· Security by Design:

o Descrip on: Integrate security measures from the ini al design phase. Employ encryp on,
secure APIs, and iden ty management to protect sensi ve data and ensure compliance
with industry regula ons.

o Example: A healthcare applica on incorpora ng encryp on for pa ent data, implemen ng

secure APIs for informa on exchange, and enforcing stringent access controls to meet
healthcare compliance standards.

169
 Cloud Application Developer

· Scalability Planning:
o Descrip on: An cipate future growth by designing applica ons with scalability in mind.
U lize auto-scaling features and load balancing to handle varying workloads efficiently.

o Example: An online streaming service planning for scalability by u lizing cloud-based auto-
scaling mechanisms to accommodate spikes in user traffic during major events.

· Cost Op miza on:

o Descrip on: Op mize resource usage to manage costs effec vely. U lize cloud services
efficiently, implement resource auto-scaling, and regularly assess and adjust infrastructure
to align with applica on needs.

o Example: A SaaS provider using cloud cost management tools to analyze resource usage,
iden fying and elimina ng underu lized instances to op mize opera onal costs.

· Monitoring and Logging:

o Descrip on: Implement comprehensive monitoring and logging prac ces to gain insights
into applica on performance, iden fy issues promptly, and facilitate troubleshoo ng.
o Example: An analy cs pla orm integra ng monitoring tools to track user interac ons,
iden fy bo lenecks, and op mize resource alloca on for enhanced performance.

By incorpora ng these best prac ces, cloud applica on development can achieve improved agility,
security, and efficiency, ul mately contribu ng to the success of the deployed applica ons.

5.2.13 Building Resilient Cloud Applica ons

Building resilient cloud applica ons is crucial to ensure con nuous availability and performance.
Resilience involves the ability of an applica on to recover gracefully from failures and disrup ons,
maintaining an op mal user experience. Employing suitable tools and techniques is key to achieving this
goal.

Fig. 5.2.8 Intersec on of cloud and cybersecurity

170
Par cipant Handbook

Steps:

· Implement Redundancy:

o Use load balancing to distribute traffic across mul ple servers.

o Deploy applica ons across mul ple availability zones to handle failures in specific regions.

· Use Auto-scaling:

o Set up auto-scaling to dynamically adjust resources based on demand.

o Automa cally add or remove instances to handle varying workloads.

· Implement Disaster Recovery:

o Create backup systems and data in a different geographic loca on.
o Regularly test and update disaster recovery plans to ensure effec veness.

· Monitoring and Alerts:

o Implement robust monitoring tools to detect anomalies and performance issues.

o Set up alerts to no fy administrators about poten al problems.

· Fault Tolerance:
o Design applica ons to tolerate and handle individual component failures.

o Use resilient architecture pa erns like Circuit Breaker to isolate and handle faults.

Example:

Consider an e-commerce applica on using redundant servers and load balancing. In case of a server
failure, the load balancer redirects traffic to healthy servers, ensuring uninterrupted service. Auto-scaling
adjusts the number of servers based on traffic, op mizing resource u liza on. Regularly tes ng disaster
recovery measures guarantees the applica on's ability to recover data and services in case of unexpected
events. Monitoring tools iden fy performance issues, and fault-tolerant design ensures the applica on
con nues func oning even when individual components fail.

Building resilience requires a holis c approach, combining redundancy, auto-scaling, disaster recovery,
monitoring, and fault tolerance to create robust cloud applica ons.

5.2.13 Querying Data from DBMS in Cloud Applica ons

Effec vely querying data from a Database Management System (DBMS) is crucial for cloud applica ons to
retrieve and manipulate informa on based on diverse requirements.

171
 Cloud Application Developer

Steps:

· Connect to DBMS: Establish a connec on to the DBMS using appropriate creden als and
connec on strings.

· Write SQL Queries: Formulate SQL queries tailored to the specific requirements, considering
filtering, sor ng, and aggrega ng.

· Execute Queries: Execute the queries within the cloud applica on to interact with the database.

· Retrieve and Process Results: Retrieve the results from the executed queries and process them
within the applica on logic.

Example:

In a sample e-commerce cloud applica on, to display a user's order history, a SQL query might be wri en
to select orders from the database where the user ID matches the logged-in user. The applica on executes
this query, retrieves the relevant order data, and displays it in the user interface. Similarly, for analy cs, a
query could aggregate sales data over a specific period, providing valuable insights for decision-making.

Effec vely querying data ensures that cloud applica ons can dynamically fetch, analyze, and present
informa on, mee ng various user and business requirements.

5.2.14 Building Secure APIs and Services for Cloud

Applica ons
Secure APIs (Applica on Programming Interfaces) and services are crucial components of cloud
applica ons, ensuring data integrity and protec ng against poten al security threats. Building them
requires careful considera on of security measures to safeguard sensi ve informa on.

Steps:

· Authen ca on and Authoriza on: Implement robust authen ca on mechanisms such as OAuth
or API keys to ensure that only authorized users or systems can access the APIs and services.

· Data Encryp on: Use encryp on protocols (HTTPS/SSL) to secure data transmi ed between
clients and APIs. This prevents eavesdropping and ensures the confiden ality of sensi ve
informa on.

· Input Valida on: Validate and sani ze input data to prevent common vulnerabili es like SQL
injec on or cross-site scrip ng (XSS). Input valida on ensures that only valid data is processed,
reducing the risk of malicious a acks.

· Rate Limi ng: Implement rate-limi ng mechanisms to prevent abuse or overuse of APIs. This
helps protect against denial-of-service (DoS) a acks and ensures fair usage.

172
Par cipant Handbook

· Logging and Monitoring: Implement comprehensive logging and monitoring to track API usage,
iden fy anomalies, and respond promptly to poten al security incidents.

Example:

Consider an e-commerce cloud applica on with a payment processing API. Implemen ng secure APIs
involves using OAuth for user authen ca on, encryp ng payment data during transmission, valida ng
user input to prevent fraudulent transac ons, se ng rate limits to control API requests, and maintaining
detailed logs for monitoring.

Building secure APIs and services is essen al to maintaining the integrity of cloud applica ons, protec ng
user data, and ensuring a trustworthy compu ng environment.

5.2.15 Crea ng Microservices for Cloud Applica ons

Microservices architecture is a key design approach for building scalable and flexible cloud applica ons.
Microservices break down complex applica ons into small, independently deployable services that
communicate through APIs, promo ng agility and ease of maintenance.

Steps:

· Iden fy Func onal Components: Analyze the applica on's func onality and iden fy dis nct
components that can func on independently as microservices.

· Define APIs: Clearly define APIs for each microservice, specifying how they communicate with
each other. RESTful APIs are commonly used for their simplicity and scalability.

· Choose Deployment Strategy: Decide how each microservice will be deployed. Containeriza on
with tools like Docker or orchestra on using Kubernetes simplifies deployment and scaling.

· Implement Business Logic: Develop the business logic for each microservice independently,
ensuring that they encapsulate specific func onali es without dependencies on other services.

· Handle Data Management: Consider how data will be managed across microservices. Op ons
include shared databases, asynchronous communica on, or event-driven architectures.

Example:

In an e-commerce cloud applica on, microservices could include user management, inventory control,
and payment processing. Each microservice has its API for communica on, allowing teams to
independently develop, deploy, and scale their services. For instance, the payment processing
microservice handles payment transac ons independently, communica ng with other microservices as
needed.

Crea ng microservices enhances the scalability and maintainability of cloud applica ons, providing a
modular and efficient architecture for modern so ware development.

173
 Cloud Application Developer

5.2.16 Implemen ng Security Configura ons for Regulatory

Compliance
Ensuring regulatory compliance is cri cal for cloud applica ons, safeguarding sensi ve data and mee ng
legal requirements. Implemen ng robust security configura ons is essen al to adhere to regulatory
standards.

Steps:

· Iden fy Regulatory Requirements: Understand the specific regula ons applicable to your
industry, such as GDPR, HIPAA, or PCI DSS. Iden fy the security controls mandated by these
regula ons.

· Data Encryp on: Implement encryp on mechanisms for data in transit and at rest. Use SSL/TLS
for communica on and encryp on tools like AWS KMS for securing stored data.

· Access Controls: Define and enforce access controls to restrict unauthorized access. Employ
Iden ty and Access Management (IAM) solu ons to manage user permissions effec vely.

· Audit Trails: Establish comprehensive audit trails to track user ac vi es and system events. U lize
logging tools and services to monitor and record relevant ac vi es.

· Regular Audits and Assessments: Conduct regular security audits and assessments to evaluate
compliance. Use tools like AWS Config for con nuous monitoring and repor ng.

Example:

In a healthcare cloud applica on subject to HIPAA compliance, encryp on of pa ent data during
transmission (in transit) and storage (at rest) is mandatory. Implemen ng AWS Key Management Service
(KMS) for encryp on and AWS CloudTrail for audit logging ensures compliance with HIPAA security
requirements.

By following these steps and customizing security measures according to specific regulatory standards,
cloud applica ons can maintain a secure and compliant environment.

5.2.17 Authen ca on and Access Control in Cloud

Applica ons
Ensuring robust authen ca on and access control mechanisms is crucial for protec ng cloud applica ons
from unauthorized access. This involves verifying user iden es and managing their permissions
effec vely.

Steps:

· User Authen ca on: Implement secure authen ca on methods, such as mul -factor
authen ca on (MFA) or biometric authen ca on, to enhance user iden ty verifica on.

174
Par cipant Handbook

· Iden ty and Access Management (IAM): U lize IAM solu ons to define and manage user
permissions. Assign roles and policies to control access based on the principle of least privilege.

· Single Sign-On (SSO): Implement SSO solu ons to streamline user access across different services.
This enhances user experience while maintaining stringent access controls.

· Token-Based Access: Use token-based authen ca on for API access, ensuring that only
authorized en es with valid tokens can interact with the applica on's services.

Example:

In an e-commerce cloud applica on, implement mul -factor authen ca on for customer accounts.
U lize AWS IAM to create roles dis nguishing between regular users and administrators, ensuring that
administra ve func ons are accessible only to authorized personnel.

Fig. 5.2.9 Access control in cloud applica ons

By incorpora ng these steps, cloud applica ons can establish a robust authen ca on and access control
framework, enhancing overall security.

175
 Cloud Application Developer

Exercise
Answer the following ques ons:
Short Ques ons:
1. What are some examples of applica on dependencies?
2. Why is mapping applica on dependencies important?
3. How do you map applica on dependencies?
4. What is the role of a Database Management System (DBMS) in crea ng and managing databases?
5. How can you integrate DBMS with systems deployed on the cloud?

Fill-in-the-Blanks:

1. Caching solu ons are _______ for enhancing cloud applica on performance. (a. irrelevant, b.
valuable)

2. Message queues are used to facilitate ____________ between different components of an

applica on. (a. communica on, b. isola on)

3. HTTP APIs, REST APIs, and web services are used to enable ____________. (a. security, b.
communica on)

4. Horizontal scaling involves adding more resources to handle increased ________. (a. capacity, b.
latency)

5. Loosely coupled micro-services enhance applica on __________. (a. complexity, b. flexibility)

True/False Ques ons:

1. Encryp on is only necessary for data in transit.

2. IAM stands for Internet Applica on Management.

3. Best prac ces in cloud applica on development remain constant across different pla orms.

4. Resilient cloud applica ons are not affected by system failures.

5. Authen ca on ensures user iden ty, while access control manages user permissions.

176
Par cipant Handbook

Notes

177
 Cloud Application Developer

178
6. Application Migration

Unit 6.1 - Understanding Cloud Applica on Migra on

Unit 6.2 - Cloud-Na ve Applica ons and Migra on Techniques

SSC/N8321
 Cloud Application Developer

Key Learning Outcomes

At the end of this module, you will be able to:

1. Discuss how to interpret and understand business requirements.

2. Explain what cloud migra on is and the benefits of migra ng applica ons to the cloud.

3. Describe various cost components that impact the migra on of cloud applica ons.

4. Discuss ways to op mize various cost components of cloud migra on.

5. Discuss the dependencies to be considered while migra ng applica ons to cloud.

6. Discuss the concepts of cloud-na ve and cloud-first applica ons.

7. List the popular cloud-na ve and cloud-first frameworks available to create cloud applica ons.

8. Explain how to iden fy components of applica ons and OS/middleware that need modifica ons
before migra ng to cloud.

9. Examine how to re-engineer non-compa ble components for the applica on for migra on.

10. Examine how to re-factor source code for hos ng on cloud pla orms.

11. List popular tools for migra ng data and applica on to cloud.

12. List popular tests frameworks available to check if the migrated applica on performs as per
expecta ons.

13. Describe the tests to check successful integra on of applica on systems and sub-systems.

14. Discuss the best prac ces and the importance of various stakeholders associated with migra on of
systems/ applica ons to the cloud.

15. Develop Standard Opera ng Procedures (SOPs) to analyse source code of an applica on to ensure
compa bility with cloud pla orm and for migra ng applica ons to cloud.

16. Demonstrate how to execute methods to map applica on data between sample applica ons and
cloud pla orms.

17. Perform migra on of sample applica ons to cloud pla orms.

1.) Create an integra on pla orm between cloud pla orms and other sample applica ons/systems and
sub-systems.

19. Perform tes ng on sample applica ons/features using tools and techniques.

20. Demonstrate authen ca on and access control mechanisms in sample cloud applica ons.

180
Par cipant Handbook

UNIT 6.1: Understanding Cloud Applica on Migra on

Unit Objectives
At the end of this unit, you will be able to:
1. Discuss how to interpret and understand business requirements.

2. Explain what cloud migra on is and the benefits of migra ng applica ons to the cloud.

3. Describe various cost components that impact the migra on of cloud applica ons.

4. Discuss ways to op mize various cost components of cloud migra on.

5. Discuss the dependencies to be considered while migra ng applica ons to the cloud.

6.1.1 Interpre ng and Understanding Business Requirements

Interpre ng business requirements is a crucial step in the applica on migra on process, ensuring that
technical solu ons align with the organiza on's needs.

Fig. 6.1.1 Cloud applica on migra on

Steps:

· Gather Informa on: Begin by collec ng detailed informa on about the business goals,
objec ves, and func onali es required.

· Engage Stakeholders: Collaborate with key stakeholders to gain insights into their expecta ons
and preferences for the migrated applica on.

181
 Cloud Application Developer

· Define Scope: Clearly outline the scope of the project, specifying what features and func onali es
are essen al for the business.

· Priori ze Requirements: Priori ze business requirements based on their cri cality and impact on
achieving organiza onal objec ves.

· Document Clearly: Document the interpreted business requirements in a clear and concise
manner, ensuring all stakeholders have a shared understanding.

Example:

In migra ng a customer rela onship management (CRM) applica on to the cloud, understanding
business requirements involves collabora ng with sales teams to gather insights on essen al features
such as lead management, customer communica on, and data analy cs. By priori zing these
requirements, the migra on plan can be tailored to enhance sales processes and overall customer
sa sfac on.

6.1.2 Cloud Migra on and Its Benefits

Cloud migra on involves the process of moving applica ons, data, and IT processes from on-premises
infrastructure to cloud environments.

Details/Steps:

· Assessment: Evaluate exis ng applica ons to determine their suitability for migra on,
considering factors like complexity and dependencies.

· Planning: Develop a comprehensive migra on plan outlining the sequence, meline, and
resources required for a smooth transi on.

· Data Migra on: Transfer data securely to the cloud, ensuring compa bility and integrity during
the migra on process.

· Applica on Migra on: Move applica ons, considering re-pla orming or re-architec ng for
op mal performance in the cloud.

· Tes ng: Conduct thorough tes ng to validate that migrated applica ons meet performance and
func onality expecta ons.

182
Par cipant Handbook

Fig. 6.1.2 Cloud migra on benefits

Benefits:

· Scalability: Cloud environments offer scalability, allowing applica ons to adjust resources based
on demand.

· Cost Efficiency: Cloud migra on o en reduces infrastructure costs, providing a pay-as-you-go

model for resource consump on.

· Flexibility: Cloud pla orms offer flexibility, enabling businesses to adapt quickly to changing
requirements.

Example:

Migra ng an e-commerce applica on to the cloud allows the business to scale during peak shopping
seasons, op mizing costs by only u lizing resources as needed. The flexibility of cloud infrastructure
ensures the applica on's performance aligns with varying customer demands.

183
 Cloud Application Developer

6.1.3 Cost Components in Cloud Applica on Migra on

Understanding the various cost components is crucial for effec ve planning and execu on of cloud
applica on migra on, ensuring budget adherence and maximizing ROI.

Fig. 6.1.3 Cloud migra on

Details/Steps:

· Infrastructure Costs: Assess the expenses associated with cloud resources, including compu ng
power, storage, and networking.

· Data Transfer Costs: Consider expenses related to data migra on and transfer between on-
premises infrastructure and the cloud.

· Licensing Costs: Evaluate licensing fees for cloud services, ensuring compliance with usage terms.

· Personnel Training: Factor in costs for training personnel on cloud technologies and tools.

· Down me Costs: Es mate poten al losses due to applica on down me during migra on.

Example:

In migra ng an enterprise resource planning (ERP) system to the cloud, infrastructure costs involve
provisioning servers and storage. Data transfer costs may include moving large datasets, and licensing
costs encompass fees associated with cloud service subscrip ons. Personnel training costs arise as the IT
team learns to manage the cloud-based ERP, and down me costs are considered to minimize business
disrup ons during migra on. Comprehensive cost analysis ensures a smooth and financially viable
migra on process.

6.1.4 Op mizing Cost Components in Cloud Migra on

Op mizing cost components in cloud migra on is essen al for maximizing efficiency and ensuring a cost-
effec ve transi on to the cloud.

184
Par cipant Handbook

Details/Steps:

· Resource Right-Sizing: Align cloud resources, such as virtual machines and storage, with actual
applica on needs to avoid over-provisioning.

· Reserved Instances: U lize reserved instances for predictable workloads to benefit from
discounted rates compared to on-demand pricing.

· Data Compression and Deduplica on: Minimize data transfer costs by employing compression
and deduplica on techniques before migra ng large datasets.

· Containeriza on: Implement containeriza on to enhance resource u liza on and streamline

applica on deployment, reducing infrastructure costs.

· Automated Scaling: Leverage auto-scaling features to dynamically adjust resources based on

applica on demand, op mizing costs during peak and off-peak periods.

Example:

In migra ng a web applica on, right-sizing resources involves accurately assessing the applica on's
compu ng and storage needs. U lizing reserved instances for consistent workloads and employing data
compression techniques significantly reduces data transfer costs. Implemen ng containeriza on ensures
efficient resource u liza on, and automated scaling allows the applica on to adapt seamlessly to varying
user traffic, op mizing costs across the en re migra on process.

6.1.5 Considera ons for Applica on Migra on Dependencies

Migra ng applica ons to the cloud requires a comprehensive understanding of dependencies to ensure a
smooth and successful transi on.

Details/Steps:

· Data Dependencies: Iden fy and analyze dependencies on data storage, ensuring seamless data
transfer and access a er migra on.

· Infrastructure Dependencies: Evaluate dependencies on specific infrastructure components, such

as network configura ons and hardware, to replicate them accurately in the cloud environment.

· Integra on Dependencies: Consider dependencies on other applica ons or systems, ensuring

integra on points are maintained or updated for compa bility.

· Security Dependencies: Assess security measures and dependencies, ensuring that security
protocols and access controls are consistent across the cloud environment.

· Compliance Dependencies: Consider regulatory and compliance dependencies, ensuring that the
cloud environment adheres to necessary standards.

185
 Cloud Application Developer

Fig. 6.1.4 Cloud migra on challenges

Example:

In migra ng a customer rela onship management (CRM) applica on, data dependencies involve
ensuring that customer data is seamlessly transferred to the cloud storage. Infrastructure dependencies
may include replica ng the on-premises network configura on in the cloud. Integra on dependencies
involve upda ng API connec ons with other business applica ons. Security dependencies include
maintaining consistent encryp on protocols, and compliance dependencies ensure adherence to data
protec on regula ons throughout the migra on process.

186
Par cipant Handbook

Notes

187
 Cloud Application Developer

UNIT 6.2: Cloud-Na ve Applica ons and Migra on Techniques

Unit Objectives
At the end of this unit, you will be able to:
1. Discuss the concepts of cloud-na ve and cloud-first applica ons.

2. List the popular cloud-na ve and cloud-first frameworks available to create cloud applica ons.

3. Explain how to iden fy components of applica ons and OS/middleware that need modifica ons
before migra ng to the cloud.

4. Examine how to re-engineer non-compa ble components for the applica on for migra on.

5. Examine how to re-factor source code for hos ng on cloud pla orms.

6. List popular tools for migra ng data and applica on to the cloud.

7. List popular test frameworks available to check if the migrated applica on performs as per
expecta ons.

8. Describe the tests to check the successful integra on of applica on systems and sub-systems.

9. Discuss the best prac ces and the importance of various stakeholders associated with the migra on
of systems/applica ons to the cloud.

10. Develop Standard Opera ng Procedures (SOPs) to analyze the source code of an applica on to
ensure compa bility with the cloud pla orm and for migra ng applica ons to the cloud.

11. Demonstrate how to execute methods to map applica on data between sample applica ons and
cloud pla orms.

12. Perform migra on of sample applica ons to cloud pla orms.

13. Create an integra on pla orm between cloud pla orms and other sample applica ons/systems and
sub-systems.

14. Perform tes ng on sample applica ons/features using tools and techniques.

6.2.1 Cloud-Na ve and Cloud-First Applica ons

Understanding the concepts of cloud-na ve and cloud-first applica ons is crucial for op mizing so ware
development and deployment in cloud environments.

Details/Steps:

· Cloud-Na ve Applica ons:

o Designed specifically for cloud environments.

188
Par cipant Handbook

o Leverage cloud services like microservices, containers, and serverless compu ng.

o Embrace principles of scalability, resilience, and flexibility inherent to cloud infrastructure.

· Cloud-First Applica ons:

o Developed with the primary intent of u lizing cloud resources.

o May incorporate tradi onal development prac ces but priori ze cloud advantages.
o Enable organiza ons to harness cloud benefits while accommoda ng legacy components.

Fig. 6.2.1 Introduc on to cloud-na ve applica ons

Example:

Consider a cloud-na ve e-commerce pla orm designed to u lize cloud services seamlessly. It employs
microservices architecture for scalability, containeriza on for efficient deployment, and serverless
compu ng for cost-effec ve execu on. In contrast, a cloud-first CRM applica on might be an exis ng on-
premises system adapted to leverage cloud resources, such as migra ng the database to a cloud-
managed service while retaining some tradi onal elements. Both approaches align with maximizing the
benefits of cloud environments based on specific development strategies.

6.2.2 Popular Cloud-Na ve and Cloud-First Frameworks

Choosing the right framework is pivotal for effec ve cloud applica on development. Popular op ons for
cloud-na ve and cloud-first applica ons offer different advantages.

Details/Steps:

· Cloud-Na ve Frameworks:
o Spring Boot: Facilitates building cloud-na ve microservices using Java.

o Node.js: Ideal for scalable and lightweight applica ons, suppor ng cloud-na ve principles.

189
 Cloud Application Developer

· Cloud-First Frameworks:
o AWS Amplify: Streamlines cloud-first development on the AWS pla orm.

o Microso Azure Spring Cloud: Enables cloud-first applica ons with seamless integra on
with Azure services.

Example:

U lizing Spring Boot for developing microservices adheres to cloud-na ve principles, ensuring scalability
and flexibility. On the other hand, AWS Amplify simplifies cloud-first development by providing a
comprehensive set of tools for building scalable and secure applica ons on the AWS cloud.

6.2.3 Iden fy Components Requiring Modifica ons

Iden fying components needing adjustments is a crucial step in preparing applica ons for seamless
migra on to the cloud.

Details/Steps:

· Conduct Applica on Assessment:

o Evaluate databases, middleware, and OS dependencies.

o Iden fy components ghtly coupled to exis ng infrastructure.

· Dependency Analysis:

o Determine dependencies requiring modifica on or updates.

o Assess compa bility with cloud environments.

Example:

In a legacy applica on, if the database relies on specific on-premises configura ons, it might need
modifica on to adapt to cloud-managed database services. Similarly, OS-level dependencies ed to on-
premises infrastructure may require adjustments for compa bility with cloud pla orms.

6.2.4 Re-Engineering Non-Compa ble Components

Re-engineering non-compa ble components is essen al for making applica ons suitable for cloud
migra on.

Details/Steps:

· Iden fy Non-Compa ble Components:

o Pinpoint components lacking compa bility with cloud infrastructure.

190
Par cipant Handbook

o Determine if re-engineering is more viable than replacement.

· Adopt Cloud-Na ve Technologies:

o Integrate cloud-na ve technologies compa ble with the iden fied components.
o Leverage containeriza on or serverless solu ons when applicable.

Example:

Consider a monolithic applica on with components relying on on-premises file systems. Re-engineering
involves adop ng cloud-compa ble storage services, ensuring seamless integra on and performance
op miza on during migra on.

6.2.5 Refactor Source Code for Cloud Hos ng

Refactoring source code is crucial to align applica ons with cloud-hos ng best prac ces and
op miza ons.

Details/Steps:

· Decompose Monolithic Architectures:

o Iden fy monolithic structures hindering cloud scalability.

o Refactor into microservices for enhanced flexibility.

· Adopt Cloud Design Pa erns:

o Implement cloud design pa erns like serverless or event-driven architectures.

o Refactor code for horizontal scaling and efficient cloud resource u liza on.

Fig. 6.2.2 Cloud hos ng

191
 Cloud Application Developer

Example:

Refactoring a monolithic e-commerce applica on involves breaking it into microservices. Adop ng

serverless func ons for specific func onali es op mizes resource u liza on, contribu ng to improved
cloud performance.

6.2.6 Popular Migra on Tools

Effec ve cloud migra on relies on suitable tools to streamline the transfer of data and applica ons.
Details/Steps:
· AWS Server Migra on Service (SMS):
o Facilitates incremental applica on migra on to AWS.
o Ensures minimal down me during the migra on process.
· Azure Database Migra on Service:
o Supports seamless migra on of databases to Azure.
o Provides compa bility checks and performance op miza on.
Example:
Using AWS SMS, an organiza on can migrate on-premises virtual machines to AWS while ensuring
con nuous replica on for minimal disrup on. Similarly, Azure Database Migra on Service simplifies the
migra on of on-premises databases to Azure, managing complexi es and ensuring a smooth transi on.

6.2.7 Popular Test Frameworks for Cloud Migra on

Robust tes ng frameworks are essen al to validate the performance and func onality of migrated
applica ons.

Fig. 6.2.3 Automa on tes ng services

192
Par cipant Handbook

Details/Steps:

· Chaos Monkey:
o Introduces controlled chaos to iden fy system weaknesses.

o Ensures system resilience and fault tolerance.

· AWS CloudEndure:
o Facilitates automated tes ng of applica ons during migra on.

o Ensures consistency and accuracy post-migra on.

Example:

Chaos Monkey simulates random failures in a cloud environment, allowing organiza ons to iden fy and
address vulnerabili es. AWS CloudEndure, with its automated tes ng capabili es, verifies the
func onality and performance of applica ons during and a er migra on, ensuring a reliable transi on.

6.2.8 Tests for Integra on of Systems and Sub-Systems

Tes ng the integra on of systems and sub-systems ensures seamless func onality post-migra on.

Details/Steps:

· End-to-End Tes ng:

o Verify data flow and func onality across interconnected systems.
o Ensure consistent performance and reliability.

· User Acceptance Tes ng (UAT):

o Involve end-users to validate the integrated system's usability.

o Confirm that interconnected components meet user expecta ons.

Fig. 6.2.4 User acceptance tes ng (UAT) for cloud migra on

193
 Cloud Application Developer

Example:

Conduc ng end-to-end tes ng ensures that data is correctly transmi ed between interconnected
systems, valida ng the integra on's reliability. User Acceptance Tes ng involves end-users evalua ng the
interconnected systems to ensure they meet their expecta ons and business requirements.

6.2.9 Best Prac ces and Stakeholder Importance

Best prac ces and stakeholder involvement are cri cal aspects of ensuring a successful migra on to the
cloud.

Details/Steps:

· Collabora ve Planning:
o Involve stakeholders in the planning phase for diverse perspec ves.
o Align migra on goals with business objec ves.

· Con nuous Communica on:

o Establish clear communica on channels among stakeholders.
o Update stakeholders on progress, challenges, and mi ga on plans.

Example:

During a migra on project, involving stakeholders from various departments ensures that the migra on
strategy aligns with diverse business needs. Con nuous communica on ensures that stakeholders are
aware of any issues or changes in the migra on plan, fostering collabora on and addressing concerns
promptly.

6.2.10 Standard Opera ng Procedures (SOPs) for Code

Analysis
Developing SOPs for code analysis ensures systema c scru ny of an applica on's compa bility with the
cloud pla orm.

Fig. 6.2.5 SOP for code analysis

194
Par cipant Handbook

Details/Steps:

· Code Review Guidelines:

o Define guidelines for reviewing source code compa bility.
o Iden fy cloud-specific considera ons and poten al issues.

· Automated Code Analysis:

o Implement tools for automated code analysis.

o Ensure adherence to coding standards and cloud best prac ces.

Example:

Establishing SOPs for code analysis involves crea ng guidelines for reviewing source code, incorpora ng
considera ons specific to the cloud pla orm. Automated tools, like sta c code analyzers, can be
employed to enforce these guidelines, ensuring consistent code quality and compa bility with the cloud
environment.

6.2.11 Execu ng Methods to Map Applica on Data for

Cloud Migra on
Mapping applica on data between exis ng systems and cloud pla orms is a cri cal step in ensuring a
seamless migra on process.
Details/Steps:
· Data Profiling and Discovery:
o Iden fy and profile all data sources in the exis ng applica on.
o Understand data types, structures, and dependencies.
· Schema Mapping:
o Map the exis ng data schema to the target cloud pla orm.
o Adjust data structures to align with cloud-na ve databases.
· Data Transforma on:
o Implement transforma ons to address differences in data formats.
o Ensure compa bility with the data storage mechanisms of the chosen cloud pla orm.
· Data Valida on:
o Execute comprehensive data valida on tests.
o Confirm that data integrity is maintained during the mapping process.
Example:
In a migra on from an on-premises SQL Server database to Amazon Aurora in AWS, data profiling would
involve understanding the exis ng SQL Server schema. Schema mapping ensures a smooth transi on to
Aurora-compa ble structures, and data transforma on handles any format dispari es. Finally, data
valida on confirms that the migrated data in Aurora aligns with the original SQL Server, maintaining data
integrity throughout the migra on process.

195
 Cloud Application Developer

6.2.12 Performing Migra on of Sample Applica ons to

Cloud Pla orms
Execu ng the migra on process is a pivotal step in transi oning sample applica ons from on-premises
environments to cloud pla orms.

Details/Steps:

· Assessment and Planning:

o Evaluate the sample applica on for compa bility with the target cloud pla orm.
o Plan the migra on, considering dependencies and resource requirements.

· Data Migra on:

o Migrate applica on data to the cloud using suitable tools and methods.

o Ensure data integrity and consistency during the transfer.

· Applica on Code Migra on:

o Adapt the applica on code to align with cloud-na ve requirements.

o Modify configura ons and se ngs for compa bility.

· Tes ng:

o Conduct thorough tes ng to validate the func onality of the migrated applica on.

o Include performance, security, and integra on tes ng.

· Deployment:

o Deploy the migrated applica on on the chosen cloud pla orm.

o Monitor for any issues during the deployment process.

Example:

In migra ng a sample e-commerce applica on to Microso Azure, the assessment phase involves
evalua ng its compa bility with Azure services. The data migra on process ensures that the applica on's
database seamlessly transi ons to Azure SQL Database. Applica on code is adjusted to leverage Azure
services, and extensive tes ng covers aspects like load balancing and scalability. Finally, the deployment
on Azure App Service ensures the sample applica on operates efficiently in the cloud environment.

6.2.13 Crea ng an Integra on Pla orm between Cloud

Pla orms and Sample Applica ons
Establishing an integra on pla orm is crucial for seamless communica on and collabora on between
cloud pla orms and other applica ons/systems.

196
Par cipant Handbook

Fig. 6.2.6 Pla orm between cloud pla orms and sample applica ons

Details/Steps:

· Assessment of Integra on Needs:

o Iden fy integra on requirements between cloud pla orms and exis ng applica ons.

o Determine data flow, communica on protocols, and security considera ons.

· Selec on of Integra on Tools:

o Choose suitable integra on tools or middleware that align with the technology stack.

o Consider compa bility with both cloud pla orms and on-premises systems.

· Designing Integra on Architecture:

o Develop a comprehensive integra on architecture outlining data exchange pa erns.

o Define API specifica ons and communica on protocols for interoperability.

· Implementa on:

o Implement integra on components, ensuring adherence to established standards.

o Configure connectors or APIs for seamless interac on between pla orms and applica ons.

· Tes ng:
o Conduct rigorous tes ng to validate data exchange, event handling, and system

197
 Cloud Application Developer

interac ons.

o Address any issues related to latency, data consistency, or security vulnerabili es.

Example:

In integra ng a cloud-based Customer Rela onship Management (CRM) pla orm with an on-premises
ERP system, a middleware solu on like Apache Ka a is employed. The integra on architecture specifies
data synchroniza on frequencies and API endpoints for real- me data updates. The implementa on
involves configuring Ka a connectors for both systems. Thorough tes ng ensures that customer data
updates in the CRM trigger corresponding updates in the ERP system, establishing a seamless integra on
pla orm.

6.2.14 Performing Tes ng on Sample Applica ons/Features

Tes ng is a crucial phase in the migra on process, ensuring that sample applica ons/features operate as
expected in the cloud environment.

Details/Steps:

· Test Planning:
o Define tes ng objec ves, scope, and criteria for success.

o Iden fy tes ng types, such as func onal, performance, security, and compa bility tes ng.

· Selec on of Tes ng Tools:

o Choose appropriate tes ng tools based on the nature of the applica on.

o Tools may include JUnit for unit tes ng, Selenium for automated UI tes ng, and Apache
JMeter for performance tes ng.

· Test Execu on:

o Execute test cases systema cally, covering various func onali es and scenarios.
o Monitor applica on behavior under different condi ons, ensuring stability and reliability.

· Performance Tes ng:

o Assess the applica on's performance under different workloads.
o Iden fy and resolve bo lenecks to op mize performance in the cloud environment.

· Security Tes ng:

o Conduct security assessments to iden fy vulnerabili es.

o Implement encryp on, authen ca on, and access controls to enhance applica on
security.

198
Par cipant Handbook

Example:

For a web-based e-commerce applica on migra ng to the cloud, Selenium is u lized for automated UI
tes ng. Test cases include order processing, payment transac ons, and user authen ca on. Performance
tes ng is conducted using Apache JMeter to simulate concurrent user interac ons, ensuring the
applica on can handle peak loads. Addi onally, security tes ng tools like OWASP ZAP are employed to
iden fy and rec fy poten al security vulnerabili es before deployment. The comprehensive tes ng
process guarantees a robust and reliable applica on in the cloud.

199
 Cloud Application Developer

Exercise
Answer the following ques ons:
Short Ques ons:

1. What is the primary purpose of interpre ng and understanding business requirements in the
context of applica on migra on?

2. Briefly explain the key benefits of migra ng applica ons to the cloud.

3. Name one cost component that significantly impacts the migra on of cloud applica ons.

4. Why is it essen al to consider dependencies when migra ng applica ons to the cloud?

5. What is the significance of iden fying components that need modifica ons before migra ng to
the cloud?

Fill-in-the-Blanks:
1. Cloud-na ve and cloud-first applica ons are based on ________________ principles.
a. On-premise
b. Cloud-centric
2. One popular framework for crea ng cloud applica ons is ________________.
a. Java EE
b. Spring Boot
3. Before migra ng to the cloud, it is crucial to re-factor the source code for hos ng on
________________ pla orms.
a. Tradi onal
b. Cloud
4. ________________ is a tool commonly used for migra ng data to the cloud.
a. MongoDB
b. AWS Data Migra on Service
5. Standard Opera ng Procedures (SOPs) are developed to ensure compa bility with the
________________ pla orm during applica on migra on.
a. On-premise
b. Cloud

True/False Ques ons:

1. Op mizing cost components in cloud migra on involves reducing expenses without

compromising performance.

2. Iden fying and re-engineering non-compa ble components is a cri cal step in preparing
applica ons for migra on.

3. Cloud-na ve frameworks are designed exclusively for on-premise applica on development.

4. SOPs are created to analyze source code compa bility only a er the migra on process.

5. Tes ng for successful integra on of applica on systems and sub-systems is an op onal step in

200
Par cipant Handbook

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/watch
?v=1O4f2jOmbPg
6 R's | Cloud Migra on Strategies

201
 Cloud Application Developer

202
7. Software Packaging
and Deployment

Unit 7.1 - So ware Packaging for Cloud Deployment

Unit 7.2 - Containerized Deployment and Automa on

SSC/N8322
 Cloud Application Developer

Key Learning Outcomes

At the end of this module, you will be able to:

1. Explain how to package applica on source code into deployment units.

2. List popular tools and formats for crea ng deployment units from applica on source code.

3. Describe the ideal service configura ons for deploying source code on cloud.

4. List the popular tools for managing service configura ons for cloud deployment.

5. Examine the security configura ons essen al for secure deployment to the cloud.

6. Explain what containers are and their uses in cloud compu ng.

7) Explain how to create containers using container orchestra on pla orms to provision, deploy and
manage containers.

8. Discuss common technical issues with the deployment process.

9. Describe the security protocols to be incorporated for applica on code/source code deployment.

10. Discuss the methods to resolve issues related to deployment.

11. Discuss the best prac ces and the importance of various stakeholders associated with applica on
deployment on the cloud.

12. Demonstrate how to leverage container technologies to deploy applica on code.

13. Apply deployment strategies for cloud applica ons for project success.

14. Create an opera onal checklist for cloud deployments.

15. Demonstrate how to automate deployment processes using scrip ng languages.

16. Develop an SOP to address and manage deployment issues.

204
Par cipant Handbook

UNIT 7.1: So ware Packaging for Cloud Deployment

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how to package applica on source code into deployment units.

2. List popular tools and formats for crea ng deployment units from applica on source code.

3. Describe the ideal service configura ons for deploying source code on the cloud.

4. List the popular tools for managing service configura ons for cloud deployment.

5. Examine the security configura ons essen al for secure deployment to the cloud.

7.1.1 Packaging Applica on Source Code into Deployment

Units
Packaging applica on source code into deployment units is a crucial step in preparing so ware for
deployment. It involves consolida ng code, dependencies, and resources into a format suitable for
deployment on various pla orms.

Fig. 6.2.6 Pla orm between cloud pla orms and sample applica ons

Steps:

Dependency Management: Iden fy and gather all dependencies required for the applica on, ensuring
they are compa ble with the target environment.

Compila on: Compile the source code into executable files or binaries, transla ng human-readable code
into machine-readable instruc ons.

Resource Bundling: Include necessary assets and resources, such as configura on files, images, or
libraries, ensuring they are properly organized.

Versioning: Assign version numbers to the deployment units to facilitate tracking changes and updates.

Documenta on: Include relevant documenta on, such as README files, providing informa on on
installa on, usage, and configura on.

205
 Cloud Application Developer

Example:

For a web applica on wri en in Python using Flask, packaging involves using tools like 'pip' to install
dependencies, a build tool like 'setuptools' for compila on, and bundling HTML, CSS, and other assets.
The resul ng deployment unit could be a Docker container containing the compiled Python code,
dependencies, and necessary configura on files.

Packaging ensures a streamlined deployment process, reducing poten al errors and ensuring consistency
across different environments.

7.1.2 Popular Tools and Formats for Crea ng Deployment

Units
Crea ng deployment units involves using tools and formats that streamline the packaging and
deployment process, ensuring consistency and efficiency.

Tools and Formats:

· Docker: Docker is a containeriza on pla orm that packages applica ons and their dependencies
into isolated containers.

Steps:

o Write a Docker file specifying the applica on's environment and dependencies.
o Use the docker build command to create a Docker image.
o Deploy the applica on using the created Docker image.

Example: Dockerfile for a Node.js applica on:

FROM node:14

WORKDIR /usr/src/app

COPY package*.json ./

RUN npm install

COPY . .

EXPOSE 3000

CMD ["node", "app.js"]

· JAR (Java Archive): JAR is a common format for packaging Java applica ons. It contains compiled
Java classes and resources.

206
Par cipant Handbook

Steps:

o Compile Java source code using tools like Maven or Gradle.

o Package the compiled classes and resources into a JAR file.
o Deploy the JAR file to a Java run me environment.

Example: Crea ng a JAR file using Maven:

mvn clean install

· Ansible: Ansible automates applica on deployment by defining deployment configura ons as

code.
Steps:
o Write Ansible playbooks specifying deployment tasks.

o Run Ansible commands to deploy the applica on.

Example: Ansible playbook for deploying a web applica on:

- name: Deploy Web App

hosts: web_servers

tasks:

- name: Copy applica on files

copy:

src: /path/to/app

dest: /var/www/app

These tools and formats enhance reproducibility and ease the deployment of applica ons in various
environments.

7.1.3 Ideal Service Configura ons for Deploying Source

Code on the Cloud
Efficient deployment of source code on the cloud requires well-defined service configura ons that align
with the cloud environment's capabili es and requirements.

Service Configura ons:

· Infrastructure as Code (IaC): Use IaC tools like Terraform or AWS CloudForma on to define and
provision cloud infrastructure.

207
 Cloud Application Developer

Steps:

o Write IaC templates specifying cloud resources such as virtual machines, networks, and
storage.
o Use IaC commands to deploy and manage infrastructure consistently.

Example: Terraform script to create an AWS EC2 instance:

provider "aws" {

region = "us-east-1"

resource "aws_instance" "example" {

ami = "ami-0c55b159cbfafe1f0"

instance_type = "t2.micro"

· Container Orchestra on: Leverage container orchestra on pla orms like Kubernetes to manage
containerized applica ons.

Steps:
o Define Kubernetes manifests specifying applica on deployment, services, and scaling.

o Use kubectl commands to deploy and manage containers in a cluster.

Example: Kubernetes Deployment manifest for a web applica on:

apiVersion: apps/v1

kind: Deployment

metadata:

name: web-app

spec:

replicas: 3

selector:

matchLabels:

app: web-app

template:

metadata:

208
Par cipant Handbook

labels:

app: web-app

spec:

containers:

- name: web-app

image: nginx:latest

ports:

- containerPort: 80

· Serverless Configura ons: U lize serverless pla orms like AWS Lambda to deploy func ons
without managing infrastructure.

Steps:
o Write serverless func on code and define func on configura ons.
o Use serverless framework commands to deploy func ons.

Example: Serverless configura on for an AWS Lambda func on:

service: my-service

provider:

name: aws

run me: nodejs14.x

func ons:

hello:

handler: handler.hello

These ideal service configura ons enhance deployment reliability, scalability, and maintainability in
cloud environments.

7.1.4 Popular Tools for Managing Service Configura ons

in Cloud Deployment
Efficient management of service configura ons is crucial for successful cloud deployment. Several tools
simplify this process, providing automa on, consistency, and scalability.

Tools and Steps:

· AWS CloudForma on: AWS-na ve service for IaC to define and provision AWS infrastructure.

209
 Cloud Application Developer

Steps:
o Write Cloud Forma on templates specifying AWS resources and configura ons.

o Use AWS Management Console or AWS CLI to deploy templates.

Example: CloudForma on template for an S3 bucket.

Resources:

MyS3Bucket:

Type: 'AWS::S3::Bucket'

Proper es:

BucketName: my-unique-bucket-name

· Terraform: An open-source IaC tool suppor ng mul ple cloud providers.

Steps:

o Write Terraform scripts specifying infrastructure configura ons.

o Run terraform init, terraform plan, and terraform apply commands to deploy
infrastructure.

Example: Terraform script to create an Azure Virtual Machine.

provider "azurerm" {

features = {}

resource "azurerm_resource_group" "example" {

name = "example-resources"

loca on = "East US"

· Kubernetes (kubectl): Command-line tool for Kubernetes cluster management.

Steps:
o Write Kubernetes manifests specifying applica ons, services, and configura ons.

o Use kubectl apply command to deploy manifests to a Kubernetes cluster.

Example: Deploying a Kubernetes Deployment.

kubectl apply -f deployment.yaml

· Serverless Framework: A framework for deploying serverless applica ons.

210
Par cipant Handbook

Steps:
o Write serverless func on code and configura ons in serverless.yml.

o Run serverless deploy command to deploy func ons.

Example: Deploying a serverless func on.

service: my-service

provider:

name: aws

run me: nodejs14.x

func ons:

hello:

handler: handler.hello

These tools streamline the management of service configura ons, making cloud deployment more
efficient and scalable.

7.1.5 Security Configura ons for Secure Cloud Deployment

Ensuring secure deployment to the cloud requires careful considera on of security configura ons. By
implemen ng robust security measures, the risk of vulnerabili es and unauthorized access can be
significantly reduced.

Key Security Configura ons and Steps:

· Access Controls:

¨ Details:

o Implement IAM (Iden ty and Access Management) policies to control user access.
o Apply the principle of least privilege, gran ng only the necessary permissions.

¨ Example:

o Restrict access to sensi ve resources by defining IAM policies that specify which
ac ons users are allowed or denied.

· Network Security:
¨ Details:
o Use Virtual Private Clouds (VPCs) to isolate resources and control network traffic.

o Configure security groups and network ACLs to filter incoming and outgoing traffic.

211
 Cloud Application Developer

¨ Example:
o Define security group rules to allow specific IP ranges and ports for communica on,
enhancing network security.

· Encryp on:
¨ Details:

o Enable encryp on for data at rest using services like AWS Key Management Service
(KMS).
o Implement TLS/SSL for data in transit to secure communica on channels.
¨ Example:

o Configure an S3 bucket to enforce server-side encryp on, ensuring stored data

remains encrypted.

· Audit Logging:

¨ Details:
o Enable cloud pla orm-specific logging features to capture detailed logs.
o Regularly review and analyze logs to detect and respond to security incidents.

¨ Example:
o Ac vate AWS CloudTrail to record API calls, providing an audit trail for ac ons taken
within an AWS account.

· Patch Management:
¨ Details:
o Regularly update and patch opera ng systems, middleware, and applica on
components.
o Use automated tools to streamline the patching process and minimize
vulnerabili es.

¨ Example:

o Set up a schedule for automated patching of virtual machines to ensure systems are
up-to-date.

By me culously addressing these security configura ons, organiza ons can for fy their cloud
deployment, fostering a secure and resilient compu ng environment.

212
Par cipant Handbook

Notes

213
 Cloud Application Developer

UNIT 7.2: Containerized Deployment and Automa on

Unit Objectives
At the end of this unit, you will be able to:
1. Explain what containers are and their uses in cloud compu ng.

2. Explain how to create containers using container orchestra on pla orms to provision, deploy and
manage containers.

3. Discuss common technical issues with the deployment process.

4. Describe the security protocols to be incorporated for applica on code/source code deployment.

5. Discuss the methods to resolve issues related to deployment.

6. Discuss the best prac ces and the importance of various stakeholders associated with applica on
deployment on the cloud.

7. Demonstrate how to leverage container technologies to deploy applica on code.

8. Apply deployment strategies for cloud applica ons for project success.

9. Create an opera onal checklist for cloud deployments.

10. Demonstrate how to automate deployment processes using scrip ng languages.

11. Develop an SOP to address and manage deployment issues.

7.2.1 Containers in Cloud Compu ng

Containers are lightweight, portable, and self-sufficient units that encapsulate so ware, dependencies,
and run me components. In cloud compu ng, containers provide a consistent and efficient way to
package, deploy, and run applica ons across diverse environments.

Key Concepts and Uses:

· Isola on and Portability:

¨ Details:
o Containers encapsulate applica ons and their dependencies, ensuring isola on
from the underlying infrastructure.
o They offer portability, enabling consistent deployment across various cloud
pla orms and on-premises environments.

¨ Example:

o A developer builds a containerized applica on on their local machine, and the same

214
Par cipant Handbook

container runs seamlessly in a cloud environment without modifica on.

· Resource Efficiency:

¨ Details:

o Containers share the host OS kernel, making them lightweight and efficient in
resource u liza on.

o They start quickly and consume fewer resources compared to tradi onal virtual
machines.
¨ Example:
o Mul ple containers, each running a microservice, can coexist on a single host,
op mizing resource u liza on.

· Orchestra on and Scalability:

¨ Details:

o Container orchestra on pla orms like Kubernetes automate deployment, scaling,

and management of containerized applica ons.
o Containers facilitate easy scaling, allowing applica ons to seamlessly handle varying
workloads.
¨ Example:
o Kubernetes dynamically scales the number of container instances based on demand,
ensuring op mal performance during traffic spikes.

· Consistency Across Environments:

¨ Details:

o Containers encapsulate everything needed to run an applica on, ensuring

consistency from development to tes ng and produc on.
o DevOps teams can create reproducible builds, minimizing the "it works on my
machine" problem.

¨ Example:
o An applica on behaves consistently across development, tes ng, and produc on
environments, reducing deployment issues.

Containers have become integral to cloud-na ve development, fostering agility, scalability, and
consistency in deploying applica ons across cloud ecosystems.

215
 Cloud Application Developer

7.2.2 Crea ng Containers with Container Orchestra on

Container orchestra on pla orms, like Kubernetes, simplify the process of provisioning, deploying, and
managing containers at scale. They automate container-related tasks, ensuring efficiency and reliability in
cloud-na ve environments.

Fig. 7.2.1 Containers with container orchestra on

Steps to Create Containers with Kubernetes:

· Define Containerized Applica on:

¨ Details:
o Package your applica on into a container, specifying dependencies and
configura ons in a Dockerfile.

¨ Example:
o Dockerfile for a Node.js applica on includes instruc ons to install dependencies and
set up the run me environment.

· Container Image Build:

¨ Details:
o Build a container image using tools like Docker. This image contains the applica on
code, dependencies, and run me environment.

216
Par cipant Handbook

¨ Example:
o Run the command docker build -t my-app . to build a Docker image named "my-app"
from the current directory.

· Container Orchestra on Deployment:

¨ Details:

o Define Kubernetes deployment YAML files specifying the desired state, including the
container image, replicas, and networking.
¨ Example:

o A Kubernetes deployment YAML file specifies the image, replicas, and other
configura ons for the applica on deployment.

· Deployment Execu on:

¨ Details:
o Use the kubectl apply command to deploy the applica on based on the defined
deployment YAML files.

¨ Example:

o Execute kubectl apply -f deployment.yaml to deploy the applica on on the

Kubernetes cluster.

· Scaling and Management:

¨ Details:
o U lize Kubernetes commands or tools to scale the applica on, manage updates, and
monitor performance.

¨ Example:
o Scale the deployment with kubectl scale deployment my-app --replicas=3 to run
three instances of the applica on.

Example Scenario:

Suppose you have a web applica on packaged in a Docker container. Using Kubernetes, you define a
deployment YAML file, specifying the container image, desired replicas, and service configura ons. The
orchestrated deployment ensures efficient scaling, load balancing, and resilience, simplifying the
management of containerized applica ons in a cloud environment.

217
 Cloud Application Developer

7.2.3 Common Technical Issues in Deployment Process

Deployment processes can encounter various technical challenges that may impede the successful
release of applica ons. Iden fying and addressing these issues is crucial for ensuring smooth
deployments in cloud environments.

Common Technical Issues and Solu ons:

· Dependency Mismatches:

¨ Details:
o Incompa bility between applica on dependencies and the target environment may
lead to run me errors.

¨ Example:

o The produc on environment uses a different version of a library than the one
specified in the applica on, causing unexpected behavior. Solu on involves version
alignment or dependency management.

· Configura on Errors:
¨ Details:

o Misconfigura ons in deployment scripts, environment variables, or service

configura ons can result in applica on failures.
¨ Example:
o Incorrect database connec on details specified during deployment lead to
connec on failures. Solu on involves thorough configura on valida on.

· Networking Issues:

¨ Details:

o Inadequate network configura ons, firewall restric ons, or port conflicts can hinder
communica on between services.
¨ Example:

o Service A cannot communicate with Service B due to firewall rules. Solu on involves
configuring network policies and resolving port conflicts.

· Insufficient Resource Alloca on:

¨ Details:
o Alloca ng inadequate resources such as CPU, memory, or storage may degrade
applica on performance or cause crashes.

¨ Example:
o An applica on experiencing frequent out-of-memory errors due to insufficient

218
Par cipant Handbook

memory alloca on. Solu on involves adjus ng resource limits.

· Rollback Failures:
¨ Details:
o Inability to roll back to a previous version in case of deployment issues can prolong
down me and impact users.

¨ Example:
o During a faulty deployment, the rollback process fails, leaving the applica on in an
inconsistent state. Solu on involves a robust rollback mechanism.

Example Scenario:

Imagine a deployment where a new version of an applica on is released, but it fails due to a
misconfigura on in the load balancer se ngs. Iden fying and rec fying this issue promptly ensures
minimal down me and a seamless user experience.

7.2.4 Security Protocols for Applica on Code Deployment

Ensuring the security of applica on code deployment is paramount to safeguard against vulnerabili es
and unauthorized access. Implemen ng robust security protocols helps maintain the integrity and
confiden ality of the deployed code.

Fig. 7.2.2 Protocols for applica on code deployment

Security Protocols and Steps:

· Code Signing:
o Details: Digitally sign the applica on code using cryptographic signatures to verify its
authen city and integrity.

o Steps: Use code signing tools to sign the code with a private key and distribute the
corresponding public key.

219
 Cloud Application Developer

o Example: A so ware vendor signs their applica on code with a digital signature, allowing
users to verify its legi macy before installa on.

· Secure Transmission (SSL/TLS):

o Details: Encrypt communica on channels during code deployment to prevent

eavesdropping and man-in-the-middle a acks.
o Steps: Implement SSL/TLS protocols for secure data transmission between deployment
servers and target environments.

o Example: Deploying code updates via HTTPS to ensure encrypted communica on and
prevent unauthorized access during transit.

· Access Controls and Permissions:

o Details: Restrict access to deployment repositories and servers based on role-based access
control (RBAC) and least privilege principles.
o Steps: Define user roles, grant minimal necessary permissions, and regularly audit access
controls.
o Example: Developers have read-only access to the produc on deployment repository,
while only designated individuals have write permissions.

· Mul -Factor Authen ca on (MFA):

o Details: Strengthen authen ca on by implemen ng mul -factor authen ca on for
accessing deployment tools and pla orms.

o Steps: Configure deployment pla orms to require mul ple authen ca on factors, such as
passwords and one- me codes.
o Example: A developer logging into the deployment console must provide a password and a
temporary code from a mobile app.

· Regular Security Audits:

o Details: Conduct periodic security audits to iden fy and address vulnerabili es in the
deployment pipeline.

o Steps: U lize security scanning tools, conduct penetra on tes ng, and review access logs
regularly.

o Example: Running automated vulnerability scans on the deployment environment to

detect and remediate security weaknesses.

Example Scenario:

In a cloud-na ve environment, incorpora ng code signing, encryp ng communica on, enforcing access
controls, implemen ng MFA, and conduc ng regular security audits collec vely establish a secure
deployment pipeline. This safeguards against poten al threats and ensures the trustworthiness of
deployed applica ons.

220
Par cipant Handbook

7.2.5 Resolving Deployment Issues

Addressing deployment issues promptly is crucial for maintaining the reliability and func onality of cloud
applica ons. Effec ve resolu on methods streamline the deployment process and minimize down me.

Methods and Steps:

· Monitoring and Alerts:

o Details: Implement robust monitoring tools to detect deployment issues in real- me,
coupled with proac ve alerts.

o Steps: Set up monitoring for key performance indicators, log anomalies, and configure
alerts to no fy the opera ons team.
o Example: An alert triggers when the deployment dura on exceeds the predefined
threshold, allowing the team to inves gate poten al issues promptly.

· Rollback Strategies:
o Details: Design rollback mechanisms to revert to a stable state if issues arise during
deployment.

o Steps: Create versioned releases, automate rollback scripts, and conduct thorough tes ng
of rollback procedures.
o Example: If a new deployment causes cri cal errors, a rollback script is executed to revert
the applica on to the previous version, minimizing down me.

· Collabora ve Debugging:

o Details: Foster collabora on among development, opera ons, and quality assurance
teams for efficient issue resolu on.
o Steps: U lize communica on channels, collabora ve tools, and shared dashboards to
facilitate joint debugging efforts.

o Example: During a deployment-related issue, cross-func onal teams engage in a shared

virtual workspace to collabora vely analyze logs and iden fy root causes.

· Automated Tes ng:

o Details: Priori ze automated tes ng at every stage of the deployment pipeline to catch
issues before they reach produc on.
o Steps: Integrate automated unit tests, integra on tests, and end-to-end tests into the
deployment process.

o Example: A comprehensive suite of automated tests ensures that new code changes do not
introduce regressions or compa bility issues, preven ng deployment-related anomalies.

· Post-Deployment Valida on:

o Details: Implement valida on checks post-deployment to confirm the correct func oning

221
 Cloud Application Developer

of the applica on.

o Steps: Define post-deployment valida on scripts and checks to verify the applica on's
health and performance.
o Example: A er a deployment, automated scripts validate database connec ons, API
responses, and user interac ons to confirm successful deployment.

Example Scenario:

A deployment issue arises where a new feature causes unexpected errors. Monitoring tools alert the
team, triggering collabora ve debugging sessions. A er iden fying the root cause, the team ini ates a
rollback, resolving the issue swi ly. Automated tes ng and post-deployment valida on are subsequently
strengthened to prevent similar occurrences in the future.

7.2.6 Best Prac ces and Stakeholder Importance in Cloud

Applica on Deployment
Effec ve applica on deployment on the cloud requires adherence to best prac ces and collabora on
among various stakeholders. These prac ces ensure a smooth and reliable deployment process,
minimizing risks and enhancing overall project success.

Best Prac ces and Steps:

· Collabora ve Planning:

o Details: Engage stakeholders, including developers, opera ons, and business

representa ves, in collabora ve planning sessions.
o Steps: Conduct regular mee ngs to align deployment goals with business objec ves,
ensuring a shared understanding of project requirements.

o Example: Developers collaborate with opera ons teams to plan for efficient resource
alloca on and infrastructure scaling during deployment to meet varying workloads.

· Automa on and Con nuous Integra on/Deployment (CI/CD):

o Details: Leverage automa on tools for con nuous integra on, tes ng, and deployment to
enhance efficiency and reduce manual errors.
o Steps: Implement CI/CD pipelines for automated building, tes ng, and deployment of code
changes.

o Example: Jenkins or GitLab CI/CD pipelines automate the en re deployment process,

allowing for faster and more reliable releases.

222
Par cipant Handbook

Fig. 7.2.3 Con nuous Integra on and Con nuous Delivery (CI/CD)

· iRole-Based Access Control (RBAC):

o Details: Implement RBAC to manage access rights and permissions during deployment.

o Steps: Define roles with specific permissions for stakeholders involved in the deployment
process.
o Example: Opera ons teams have elevated privileges for infrastructure provisioning, while
developers have access to applica on-specific deployment processes.

· Deployment Monitoring and Logging:

o Details: Establish comprehensive monitoring and logging prac ces to track deployment
progress and detect issues promptly.
o Steps: Integrate monitoring tools to track applica on performance, and configure logs to
capture relevant deployment data.

o Example: Elas c Stack (ELK) is used for real- me log analysis, providing insights into
applica on behavior and iden fying poten al deployment bo lenecks.

· Post-Deployment Verifica on:

o Details: Implement post-deployment verifica on steps to ensure the successful and

expected func oning of the deployed applica on.
o Steps: Define automated checks and valida ons post-deployment to confirm applica on
health.

o Example: A post-deployment script checks key func onali es, such as API responsiveness
and database connec ons, to verify the deployment's success.

223
 Cloud Application Developer

Importance of Stakeholders:

Stakeholders, including developers, opera ons teams, and business representa ves, play crucial roles in
ensuring the success of cloud applica on deployment. Developers provide code updates, opera ons
teams manage infrastructure, and business representa ves align deployment with overarching business
goals. Effec ve communica on and collabora on among these stakeholders are paramount for achieving
seamless and reliable deployments on the cloud.

7.2.7 Leveraging Container Technologies for Applica on

Deployment
Containeriza on is a key technology for deploying applica ons efficiently and consistently across various
environments. Containers encapsulate an applica on and its dependencies, ensuring a seamless
deployment process. This demonstra on outlines the steps to leverage container technologies for
deploying applica on code.

Steps:

· Containeriza on of Applica on:

¨ Details: Use containeriza on tools like Docker to package the applica on and its
dependencies into a container image.

¨ Steps:
o Write a Docker file specifying the applica on's environment and dependencies.
o Build the Docker image using the Docker CLI or container orchestra on pla orms.
¨ Example Docker file snippet:

FROM node:14

WORKDIR /app

COPY package*.json ./

RUN npm install

COPY . .

CMD ["npm", "start"]

· Container Orchestra on:

¨ Details: Employ container orchestra on pla orms like Kubernetes to automate

deployment, scaling, and management of containerized applica ons.

¨ Steps:

224
Par cipant Handbook

o Set up a Kubernetes cluster.

o Define Kubernetes Deployment YAML files to specify applica on deployment

configura ons.
o Apply configura ons using the kubectl apply command.

¨ Example Kubernetes Deployment YAML:

yaml

Copy code

apiVersion: apps/v1

kind: Deployment

metadata:

name: sample-app

spec:

replicas: 3

selector:

matchLabels:

app: sample-app

template:

metadata:

labels:

app: sample-app

spec:

containers:

name: sample-app

image: registry.example.com/sample-app:latest

ports:

containerPort: 3000

· Image Registry Usage:

¨ Details: Store container images in a registry for versioning and distribu on.

¨ Steps:

o Push the built Docker image to a container registry (e.g., Docker Hub, Google

224
 Cloud Application Developer

Container Registry).

o Update the Kubernetes Deployment YAML to reference the specific image version.

¨ Example image push and update:

docker push registry.example.com/sample-app:latest

· Deployment Verifica on:

¨ Details: Implement health checks and readiness probes to ensure the applica on's
availability.

¨ Steps:

o Define health check endpoints in the applica on.

o Configure Kubernetes liveness and readiness probes.

o Monitor the deployment using Kubernetes Dashboard or CLI.

¨ Example Kubernetes Deployment with Probes:

yaml

Copy code

readinessProbe:

h pGet:

path: /health

port: 3000

livenessProbe:

h pGet:

path: /health

port: 3000

Example Scenario:

Consider deploying a Node.js applica on using Docker containers and Kubernetes. The Dockerfile
specifies the Node.js environment, and the Kubernetes Deployment YAML defines the deployment
configura on, including replicas, container image, and health checks. The Docker image is pushed to a
registry, and Kubernetes automates the deployment and scaling of the applica on across the cluster. The
deployment can be verified by monitoring the applica on's health through defined probes.

225
Par cipant Handbook

7.2.8 Applying Deployment Strategies for Project Success

Successful deployment of cloud applica ons requires strategic planning to ensure minimal disrup ons
and op mal performance. Employing effec ve deployment strategies enhances project success by
managing risks and ensuring a smooth transi on from development to produc on.

Steps:

· Rolling Deployment:
¨ Details: Gradually replaces instances of the previous version with the new one, minimizing
down me.

¨ Steps:

o Deploy the new version alongside the exis ng one.

o Gradually redirect traffic to the new version.
o Monitor for issues during the transi on.

¨ Example using Kubernetes rolling update:

kubectl apply -f new-version-deployment.yaml

· Blue-Green Deployment:
¨ Details: Maintains two iden cal environments, allowing switching between them
seamlessly.
¨ Steps:

o Have two environments, "Blue" (current) and "Green" (new).

o Route traffic to the inac ve environment.
o Validate the new version in the "Green" environment.

o Switch traffic to the "Green" environment.

¨ Example using infrastructure-as-code tools:

# Blue Environment

resources:

name: blue-environment

· Canary Deployment:
¨ Details: Gradually introduces the new version to a subset of users for tes ng.

¨ Steps:
o Deploy the new version to a small percentage of users.
o Monitor for issues and gather feedback.

226
 Cloud Application Developer

o Expand deployment to a larger audience if successful.

¨ Example using Is o for canary deployment in Kubernetes:

apiVersion: networking.is o.io/v1alpha3

kind: VirtualService

metadata:

name: my-app

spec:

hosts:

my-app

h p:

route:

des na on:

host: my-app

subset: v2

weight: 25

Example Scenario:

Consider a scenario where a web applica on is undergoing a version update. Using a rolling deployment,
the new version is deployed incrementally, with each step being monitored for any issues. In parallel, a
blue-green deployment approach is u lized by maintaining two environments, ensuring a seamless
switch between the current "Blue" version and the new "Green" version. Addi onally, a canary
deployment strategy is employed to gradually expose the new version to a subset of users, allowing for
feedback and valida on before a broader rollout. These deployment strategies collec vely contribute to
project success by minimizing risks and ensuring a controlled release process.

7.2.8 Opera onal Checklist for Cloud Deployments

A comprehensive opera onal checklist is crucial for successful cloud deployments. It ensures that all
necessary steps are taken into account, reducing the likelihood of errors and enhancing the reliability of
the deployed applica on.

Steps:

· Environment Valida on:

o Verify the target cloud environment's readiness for deployment.

227
Par cipant Handbook

o Ensure proper network configura ons, security groups, and access controls.
· Ar fact Prepara on:
o Confirm that applica on ar facts are correctly built and versioned.
o Package the applica on code, dependencies, and configura ons.
· Infrastructure-as-Code (IaC) Review:
o Validate the correctness of IaC scripts for infrastructure provisioning.
o Use tools like Terraform or AWS CloudForma on for consistency.
· Security Measures:
o Implement encryp on for data in transit and at rest.
o Configure Iden ty and Access Management (IAM) appropriately.
· Monitoring Setup:
o Establish monitoring and logging configura ons.
o Integrate with tools like AWS CloudWatch or Prometheus for real- me insights.
· Deployment Strategy Confirma on:
o Validate the chosen deployment strategy (e.g., rolling, blue-green, or canary).
o Ensure rollback procedures are in place.
· Database Migra ons:
o If applicable, coordinate and execute database schema changes.
o Implement backup and restore plans.
· Scaling Policies:
o Set up auto-scaling policies based on an cipated load.
o Test scalability by simula ng load spikes.
· Integra on Tes ng:
o Execute thorough integra on tests in a staging environment.
o Confirm third-party integra ons and dependencies.
· Rollback Plan:
o Prepare a rollback plan in case of unforeseen issues.
o Test the rollback process in a controlled environment.

Example Scenario:

In a cloud deployment scenario, the opera onal checklist ensures that the AWS environment is ready,
applica on ar facts are properly packaged, and Terraform scripts for infrastructure provisioning are
error-free. Security measures include encryp on and IAM configura ons, while monitoring is set up using
AWS CloudWatch. The chosen deployment strategy is confirmed, and database migra ons are executed
with a backup plan. Auto-scaling policies are configured for scalability, and integra on tes ng is
conducted in a staging environment. Finally, a rollback plan is prepared and tested, contribu ng to a
robust and reliable deployment process.

228
 Cloud Application Developer

7.2.9 Automa ng Deployment Processes with Scrip ng

Languages
Automa ng deployment processes using scrip ng languages streamlines the deployment lifecycle,
reduces manual errors, and enhances efficiency. Scrip ng languages like Bash, PowerShell, or Python are
commonly employed for this purpose.

Steps:

· Script Defini on:

o Choose a scrip ng language suitable for your infrastructure and deployment needs.
o Create a deployment script with sec ons for different deployment stages.

· Version Control Integra on:

o Link the deployment script with version control systems like Git for versioning.
o Ensure the script is always aligned with the latest applica on code.

· Environment Configura on:

o Use the script to configure environment-specific se ngs, such as database connec ons or
API endpoints.

o Allow for parameteriza on to accommodate various deployment environments.

· Dependency Installa on:

o Incorporate commands in the script to install applica on dependencies.

o Automate the retrieval and setup of required libraries or packages.

· Ar fact Deployment:

o Implement steps to deploy applica on ar facts to the target environment.

o Ensure that the script handles rollback mechanisms in case of deployment failures.

· Database Migra ons:

o Integrate database migra on steps into the script.

o Automate schema changes and data migra ons using tools like Flyway or Django
migra ons.

· Tes ng and Valida on:

o Embed automated tests within the script to validate the deployed applica on.

o Execute unit tests, integra on tests, and any environment-specific checks.

· Rollback Mechanism:
o Include a rollback mechanism within the script.

o Define condi ons that trigger a rollback and ensure data consistency.

229
Par cipant Handbook

Example:

#!/bin/bash

# Deployment script example using Bash

# Step 1: Environment Configura on

ENVIRONMENT="produc on"

DB_CONNECTION_STRING="..."

# Step 2: Dependency Installa on

echo "Installing dependencies..."

npm install

# Step 3: Ar fact Deployment

echo "Deploying applica on ar facts..."

rsync -az --exclude='node_modules' ./ $REMOTE_SERVER:/var/www/myapp

# Step 4: Database Migra ons

echo "Applying database migra ons..."

npm run migrate

# Step 5: Tes ng and Valida on

echo "Running automated tests..."

npm test

# Step 6: Rollback Mechanism

if [ $? -ne 0 ]; then

echo "Deployment failed. Rolling back..."

# Execute rollback steps here

else

echo "Deployment successful!"

This Bash script automates the deployment process, including environment configura on, dependency
installa on, ar fact deployment, database migra ons, tes ng, and rollback mechanisms. It provides a
structured and repeatable approach to applica on deployment.

230
 Cloud Application Developer

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is the primary purpose of packaging applica on source code into deployment units?
2. Why are security configura ons crucial for deploying applica ons to the cloud?
3. Define containers and their role in cloud compu ng.
4. Why is it essen al to have an opera onal checklist for cloud deployments?
5. What is the significance of applying deployment strategies for cloud applica ons?

Fill-in-the-Blanks:
1. To create containers, one can use container orchestra on pla orms like ______ and ______.
2. ______ and ______ are popular tools for managing service configura ons in cloud
deployment.
3. The security protocols for applica on deployment should be __________ and __________.
4. Common technical issues during the deployment process may include ______ and ______.
5. An SOP is developed to address and manage ______ issues in the deployment lifecycle.

True/False Ques ons:

1. Packaging source code into deployment units is only necessary for on-premise
deployments.
2. Containers are primarily used for deploying applica ons on a single server.
3. An opera onal checklist is op onal and doesn't contribute to successful cloud deployments.
4. Security configura ons for applica on deployment are not a significant concern in the cloud.
5. Automated deployment processes using scrip ng languages eliminate the need for human

231
Par cipant Handbook

Notes

232
 Cloud Application Developer

233
Par cipant Handbook

8. Application
Performance
Monitoring

Unit 8.1 - Tes ng Fundamentals and Methodologies

Unit 8.2-– Advanced Tes ng Techniques and Tools

SSC/N8323
91
 Cloud Application Developer

Key Learning Outcomes

At the end of this module, you will be able to:

1. Explain how applica on performance is related to business outcomes.

2. Discuss the different types of cloud deployment models. Explain cloud resource u liza on
pa erns.

3. Explain how to define KPIs (Key Performance Indicators) to measure the performance of systems
deployed on cloud.

4. Describe the parameters for monitoring performance of cloud systems.

5. Examine applica on log reports to find clues to problems related to applica on performance.

6. Explain how to automate the performance monitoring process using scrip ng language.

7. List popular Applica on Performance Monitoring (APM) tools.

8. Study sample reports and evaluate the performance of applica ons and deployed systems.

9. Discuss ways to provide ac onable insights for re-engineering the applica on.

10. Demonstrate how to monitor KPIs to review performances of applica on and deployed systems.

11. Demonstrate the methods to op mize cost and resource u liza on.

12. Demonstrate the use of log data in reducing performance issues and stabilizing the deployed
systems.

13. Demonstrate how to automate performance monitoring using scrip ng languages.

14. Create and document applica on performance reports from applica on monitoring tools.

235
Par cipant Handbook

UNIT 8.1: Understanding Applica on Performance

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how applica on performance is related to business outcomes.

2. Discuss the different types of cloud deployment models.

3. Explain cloud resource u liza on pa erns.

8.1.1 Rela onship Between Applica on Performance and

Business Outcomes
Applica on performance plays a pivotal role in determining the success of a business. It directly impacts
user sa sfac on, opera onal efficiency, and overall business outcomes. Ensuring op mal performance
aligns with posi ve user experiences and, consequently, business success.

Fig. 8.1.1 Benefits of cloud based applica on

Details/Steps:

· User Sa sfac on: Applica ons that are swi and responsive contribute to enhanced user
experience, resul ng in higher customer reten on and loyalty.

· Business Efficiency: Efficiently performing applica ons play a crucial role in streamlining business

236
 Cloud Application Developer

opera ons, minimizing down me, and enhancing overall produc vity.

· Market Advantage: Businesses that excel in applica on performance gain a compe ve edge,
a rac ng a larger user base and standing out in the market.

· Enhanced Revenue: High-performing applica ons enable seamless transac ons, leading to
increased revenue and building trust among customers.

Example:

Consider an e-commerce pla orm. If the applica on is slow or prone to crashes during transac ons, users
may abandon their carts, leading to lost sales. On the contrary, a fast and reliable applica on ensures
seamless transac ons, posi vely impac ng revenue and overall business success.

237
Par cipant Handbook

8.1.2 Different Types of Cloud Deployment Models

Cloud deployment models define how cloud services are provisioned and made available to users. There
are several deployment models, each catering to specific business needs.

Details/Steps:

· Public Cloud: Internet-based services accessible to all, known for cost-effec veness and
scalability. Example: Amazon Web Services (AWS).

· Private Cloud: Infrastructure exclusively used by a single organiza on, offering heightened
security and control. Example: VMware Cloud Founda on.

· Hybrid Cloud: Integra on of both public and private clouds, enabling the sharing of data and
applica ons. Example: Microso Azure Hybrid Cloud.

· Community Cloud: Shared by mul ple organiza ons with common concerns like regulatory
compliance, fostering collabora on. Example: Google Cloud for Nonprofits.

Example:

A financial ins tu on might choose a hybrid cloud model. While sensi ve customer data is stored in a
private cloud for security, the public cloud is u lized for non-sensi ve opera ons, ensuring scalability and
cost-efficiency.

8.1.3 Cloud Resource U liza on Pa erns

Cloud resource u liza on pa erns refer to the ways in which compu ng resources are allocated,
consumed, and managed in a cloud environment. Efficient u liza on is crucial for op mizing costs and
ensuring op mal performance.

Fig. 8.1.2 Resource pooling architecture in cloud compu ng

238
 Cloud Application Developer

Details/Steps:

· Dynamic Scaling: Adjus ng resources in response to demand fluctua ons, ensuring availability
during peak mes and scaling down during lower demand periods.

· Load Balancing: Evenly distribu ng incoming network traffic among mul ple servers to prevent
overload on any single server. This pa ern improves performance and prevents resource
bo lenecks.

· Elas city: Rapidly scaling resources up or down to adapt to changing workloads, op mizing
resource usage. This pa ern ensures flexibility in handling varying demands.

· Provisioning: Alloca ng resources based on an cipated demand, pre-alloca ng resources to

efficiently handle expected workloads.

Example:

Consider an e-commerce website during a major sale. Dynamic scaling ensures that addi onal server
instances are provisioned automa cally to handle increased traffic. Load balancing distributes this traffic
evenly, op mizing resource u liza on and maintaining performance.

8.1.4 Identifying Performance Impacting Factors

Optimizing cloud application performance requires understanding key factors that influence efficiency
and user experience. By addressing these factors, developers can ensure optimal performance and
deliver a seamless user experience for cloud applications.
· Resource Allocation: Efficiently allocate CPU, memory, storage, and network resources to
avoid bottlenecks.
· Network Latency and Bandwidth: Minimize latency and ensure sufficient bandwidth for fast
data transmission.
· Geographical Location: Consider proximity between users and cloud data centers to reduce
latency.
· Data Storage and Retrieval: Optimize data access methods and queries to improve
performance.
· Application Architecture: Design scalable, fault-tolerant architectures for responsive
performance.
· Concurrency and Load Balancing: Manage concurrent requests and balance workloads to
prevent server overload.
· Third-party Services: Monitor and optimize interactions with external services to avoid
bottlenecks.
· Code Efficiency: Write optimized code to reduce resource consumption and improve
responsiveness.

239
Par cipant Handbook

· Monitoring and Analysis: Continuously monitor performance metrics to detect and resolve
issues proactively.
· Scalability and Elasticity: Utilize auto-scaling and elasticity features to handle varying
workloads efficiently.

8.1.5 Analyzing Optimization Strategies

Optimizing cloud applications for cost efficiency and resource utilization is paramount for Cloud
Application Developers. Here's a succinct guide on how to achieve this:
· Right-sizing Resources: Optimize CPU, memory, and storage to match actual application
needs, avoiding unnecessary expenses.
· Utilizing Reserved Instances: Commit to specific resource levels for predictable workloads to
benefit from discounted pricing.
· Implementing Auto-scaling: Dynamically adjust resources based on demand to avoid over-
provisioning and reduce costs during idle periods.
· Leveraging Spot Instances: Utilize spare cloud capacity at lower prices for non-critical
workloads or tasks with flexible timing.
· Monitoring and Optimization: Continuously monitor resource usage and optimize application
components to minimize waste.
· Containerization and Serverless Computing: Containerize applications and adopt serverless
models to improve resource efficiency and scalability.
· Data Storage Optimization: Choose cost-effective storage options and implement tiered
storage solutions based on access patterns.
· Cost Allocation and Tagging: Implement strategies to track resource usage accurately and
allocate costs effectively.
· Resource Sharing and Consolidation: Share resources between applications and consolidate
workloads to maximize utilization.

240
 Cloud Application Developer

UNIT 8.2: Performance Monitoring and Op miza on

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how to define KPIs (Key Performance Indicators) to measure the performance of systems
deployed on cloud.

2. Describe the parameters for monitoring the performance of cloud systems.

3. Examine applica on log reports to find clues to problems related to applica on performance.

4. Explain how to automate the performance monitoring process using a scrip ng language.

5. List popular Applica on Performance Monitoring (APM) tools.

6. Study sample reports and evaluate the performance of applica ons and deployed systems.

7. Discuss ways to provide ac onable insights for re-engineering the applica on.

8. Demonstrate how to monitor KPIs to review performances of applica ons and deployed systems.

9. Demonstrate the methods to op mize cost and resource u liza on.

10. Demonstrate the use of log data in reducing performance issues and stabilizing the deployed
systems.

11. Demonstrate how to automate performance monitoring using scrip ng languages.

12. Create and document applica on performance reports from applica on monitoring tools.

8.2.1 KPIs for Cloud System Performance Measurement

Key Performance Indicators (KPIs) are crucial metrics that gauge the effec veness and efficiency of
systems deployed on the cloud. Defining relevant KPIs is essen al for assessing and op mizing system
performance.

Details/Steps:

· Iden fy Business Objec ves: Understand the overarching business goals the system aims to
achieve. This provides context for selec ng meaningful KPIs.

· Define Measurable Goals: Break down business objec ves into specific, measurable goals. For
instance, if the goal is improved user experience, a KPI could be "Page Load Time."

· Select Appropriate Metrics: Choose metrics aligning with defined goals. For user experience,
metrics may include response me, error rates, or transac on success rates.

241
Par cipant Handbook

· Consider Scalability: Ensure selected KPIs can scale with the system. Scalable KPIs accommodate
changes in user base, data volume, or transac on frequency.

· Establish Benchmarks: Set baseline values for KPIs to measure performance against. Benchmarks
provide a reference for determining success or iden fying areas for improvement.

Fig. 8.2.1 KPIs for cloud system

Example:

For an e-commerce pla orm, a relevant KPI could be "Transac on Processing Time." This metric directly
aligns with the business goal of providing a seamless shopping experience. By monitoring and op mizing
this KPI, the pla orm can enhance overall performance and user sa sfac on.

8.2.2 Parameters for Monitoring Cloud System Performance

Effec ve monitoring of cloud systems requires tracking specific parameters that reflect the health,
efficiency, and reliability of the deployed applica ons. Understanding these parameters is essen al for
proac ve performance management.

Details/Steps:

· Resource U liza on: Monitor CPU, memory, disk, and network usage to ensure op mal resource
alloca on. Devia ons may indicate bo lenecks affec ng performance.

· Response Time: Track response mes for user interac ons, API calls, or database queries.
Prolonged response mes can impact user experience.

242
 Cloud Application Developer

· Error Rates: Measure the frequency of errors during applica on execu on. A sudden increase in
error rates may signal performance issues or bugs.

· Throughput: Evaluate the volume of data processed over me. Throughput metrics help assess
system capacity and efficiency.

· Availability: Monitor system up me and down me to ensure high availability. Unplanned outages
can lead to performance degrada on.

· Scalability Metrics: Assess how well the system scales with increased demand. Evaluate scalability
through metrics like transac on rates and response mes under varying loads.

Example:
In an e-commerce applica on, monitoring parameters would include tracking CPU usage to prevent
resource satura on during high traffic, monitoring response mes for quick user interac ons, and
evalua ng error rates to address issues affec ng transac onal processes. Each parameter contributes to
maintaining op mal system performance.

8.2.3 Analyzing Applica on Log Reports for Performance

Issues
Applica on log reports serve as valuable resources for diagnosing performance issues. By examining logs,
developers can iden fy anomalies, errors, or pa erns that may impact applica on performance.

Details/Steps:

· Log Collec on: Aggregate logs from different components of the applica on, including servers,
databases, and external services.

· Error Iden fica on: Look for error messages or excep ons in the logs. These indicate poten al
performance bo lenecks or issues affec ng user experience.

· Performance Metrics: Extract relevant performance metrics logged by the applica on, such as
response mes, transac on rates, and resource u liza on.

· Pa ern Recogni on: Iden fy recurring pa erns or trends in the logs. Consistent pa erns may
highlight specific areas requiring op miza on.

· Correla on Analysis: Correlate log entries with specific events or user interac ons. Pinpoint
issues related to par cular func onali es or user workflows.

243
Par cipant Handbook

Fig. 8.2.2 Applica on performance monitoring

8.2.4 Automa ng Performance Monitoring with Scrip ng

Language
Automa on streamlines the performance monitoring process, enabling con nuous assessment and
rapid response to emerging issues. Scrip ng languages play a pivotal role in this automa on, allowing
developers to create customized monitoring solu ons.

Details/Steps:

· Select a Scrip ng Language: Choose a scrip ng language suitable for the monitoring task, such as
Python, Bash, or PowerShell.

· Define Monitoring Metrics: Iden fy the key performance indicators (KPIs) to be monitored, such
as response me, CPU u liza on, or memory usage.

· U lize Monitoring APIs: Leverage APIs provided by cloud pla orms or applica on frameworks to

244
 Cloud Application Developer

access real- me performance data.

· Script Development: Write scripts to collect, process, and visualize the monitored metrics. Use
libraries or modules that facilitate interac on with monitoring APIs.

· Automa on Schedule: Implement a scheduling mechanism (e.g., cron jobs) to execute the
monitoring scripts at regular intervals.

· Aler ng Mechanism: Integrate alerts within the scripts to no fy relevant stakeholders if

performance metrics breach predefined thresholds.

Example:

Using Python, a script could leverage cloud provider APIs to fetch metrics like response me and database
latency. This script, scheduled to run every 5 minutes, analyzes the metrics and triggers an alert if
response me exceeds a specified threshold. This proac ve approach ensures rapid iden fica on and
resolu on of performance issues.

8.2.5 Popular APM Tools for Effec ve Performance

Monitoring
Applica on Performance Monitoring (APM) tools are essen al for real- me insights into the health and
performance of deployed systems, helping organiza ons maintain op mal user experiences.

Details/Steps:

· Dynatrace:
o Features: Provides end-to-end visibility, AI-driven analy cs, and automa c problem
detec on.

o Integra on: Easily integrates with various cloud pla orms and supports mul ple
programming languages.
o Example: Dynatrace iden fies bo lenecks in a web applica on by analyzing transac on
traces and pinpoin ng problema c code snippets.

· New Relic:

o Features: Offers real- me analy cs, applica on mapping, and in-depth performance
metrics.
o Integra on: Integrates seamlessly with cloud providers, databases, and other third-party
services.

o Example: New Relic detects a spike in error rates and traces the issue back to a
misconfigured server, enabling swi resolu on.

245
Par cipant Handbook

· AppDynamics:

o Features: Delivers performance insights, business transac on monitoring, and dynamic

baseline comparisons.
o Integra on: Supports integra on with various development and opera ons tools.
o Example: AppDynamics iden fies a memory leak in a microservices-based applica on,
allowing developers to op mize resource usage.

· SolarWinds AppOp cs:

o Features: Provides distributed tracing, infrastructure monitoring, and customizable

dashboards.
o Integra on: Integrates with cloud pla orms, containers, and popular programming
languages.

o Example: SolarWinds AppOp cs iden fies a slowdown in API response mes and
correlates it with increased network latency, aiding in quick resolu on.

· Datadog:

o Features: Offers full-stack observability, anomaly detec on, and collabora on features.
o Integra on: Integrates with over 500 technologies, including cloud services, databases,
and frameworks.

o Example: Datadog iden fies performance anomalies during a high-traffic period, allowing
proac ve scaling to handle increased demand.

Fig. 8.2.3 Effec ve performance monitoring

These APM tools empower organiza ons to monitor, analyze, and op mize applica on performance
for enhanced user sa sfac on and business success.

246
 Cloud Application Developer

8.2.6 Evalua ng Performance Through Sample Reports

Analyzing sample reports is a cri cal step in understanding and improving the performance of
applica ons and deployed systems. These reports offer insights into various metrics, aiding in informed
decision-making for op miza on.

Details/Steps:

· Collect Relevant Reports:

o Gather performance reports from APM tools or monitoring systems.

o Ensure the reports cover key metrics like response mes, error rates, and resource
u liza on.

· Iden fy Performance Pa erns:

o Examine pa erns over me, such as daily, weekly, or monthly varia ons.
o Iden fy any recurring issues or performance bo lenecks.

· Analyze Resource U liza on:

o Evaluate resource consump on, including CPU, memory, and network usage.
o Iden fy if resources are adequately provisioned or if adjustments are needed.

· Inves gate Anomalies:

o Look for anomalies or devia ons from expected behavior.
o Inves gate sudden spikes in error rates or unusual drops in performance.

· Check Response Times:

o Assess applica on response mes for different transac ons or API calls.

o Pinpoint areas with slow response mes and poten al op miza ons.

Example:

In a sample report, an e-commerce applica on shows a significant increase in response mes during peak
hours. By studying the report, it is revealed that the database server struggles to handle the surge in
concurrent transac ons. This prompts op miza on efforts, such as database indexing and scaling, to
improve response mes and ensure a seamless user experience during high-traffic periods. Regularly
studying such reports enables proac ve measures for maintaining op mal performance.

8.2.7 Providing Ac onable Insights for Applica on

Re-Engineering
Delivering ac onable insights is crucial for re-engineering applica ons to enhance performance. These
insights guide the decision-making process, facilita ng targeted improvements aligned with business

247
Par cipant Handbook

goals.
Details/Steps:
· Iden fy Performance Gaps:
o Analyze performance metrics and pinpoint areas where the applica on falls short.
o Focus on aspects like response mes, error rates, and resource bo lenecks.
· Priori ze Improvement Areas:
o Priori ze iden fied issues based on their impact on user experience and business
objec ves.
o Consider addressing cri cal performance gaps before less impac ul ones.
· Correlate with User Experience:
o Relate performance data to user experience metrics, such as bounce rates or conversion
rates.
o Understand how performance issues directly impact user sa sfac on and business
outcomes.
· Benchmark Against Industry Standards:
o Compare applica on performance against industry benchmarks and best prac ces.
o Use external standards to set performance targets for re-engineering efforts.
· Involve Stakeholders:
o Collaborate with stakeholders, including developers, opera ons, and business leaders.
o Gather diverse perspec ves to ensure a comprehensive understanding of improvement
opportuni es.

Fig. 8.2.4 Applica on re-engineering

Example:

In an e-learning applica on, analysis reveals a notable delay in loading video content, leading to a high
abandonment rate during video lectures. Ac onable insights suggest op mizing video streaming
protocols and implemen ng a content delivery network (CDN) to enhance load mes. This re-engineering
effort aligns with the goal of providing a seamless learning experience, reducing dropout rates, and
improving overall applica on performance.

248
 Cloud Application Developer

8.2.8 Monitoring KPIs for Applica on and System

Performance
Effec vely monitoring Key Performance Indicators (KPIs) is essen al for evalua ng the performance of
applica ons and deployed systems in the cloud. KPIs provide quan fiable metrics that align with business
objec ves and user expecta ons.

Details/Steps:

· Define Relevant KPIs:

o Iden fy KPIs that directly impact business outcomes, such as response me, error rates,
and resource u liza on.

o Tailor KPIs to reflect the specific goals and priori es of the applica on and deployment.

· Implement Monitoring Tools:

o U lize Applica on Performance Monitoring (APM) tools to collect real- me data on chosen
KPIs.
o Ensure the selected tools offer comprehensive insights into both applica on and system-
level metrics.

· Set Thresholds and Alerts:

o Establish performance thresholds for each KPI to define acceptable ranges.

o Configure alerts to no fy stakeholders when KPIs deviate from predefined thresholds,

enabling proac ve interven on.

· Con nuous Monitoring:

o Implement con nuous monitoring to capture fluctua ons in performance over me.
o Regularly review KPI data to iden fy trends, pa erns, or sudden anomalies that may impact
user experience.

· Correlate KPIs with User Experience:

o Relate KPIs to user-centric metrics, such as page load mes or transac on success rates.

o Understand the correla on between KPIs and the overall user experience to priori ze
improvements effec vely.

Example:

For an e-commerce applica on, key KPIs include page load me, conversion rates, and checkout success
rates. By monitoring these KPIs, the opera ons team can iden fy a spike in page load mes during peak
hours. Addressing this issue promptly ensures a seamless user experience, reducing bounce rates, and
posi vely impac ng the conversion rate – all crucial factors for business success.

249
Par cipant Handbook

8.2.9 Op mizing Cost and Resource U liza on in

Cloud Environments
Efficiently managing costs and resource u liza on is integral to maximizing the benefits of cloud
environments. Op miza on ensures that resources are u lized effec vely, aligning with performance
requirements and budget constraints.
Details/Steps:
· Right-Sizing Resources:
o Regularly assess the resource requirements of applica ons and adjust the capacity to
match actual demand.
o U lize cloud provider tools to iden fy underu lized or overprovisioned instances and right-
size them accordingly.
· Implement Auto-Scaling:
o Leverage auto-scaling configura ons to automa cally adjust resources based on varying
workloads.
o Set policies that dynamically scale resources up during peak demand and down during
periods of lower ac vity.
· U lize Spot Instances and Reserved Capacity:
o Take advantage of spot instances for non-cri cal workloads, offering significant cost savings
compared to on-demand instances.
o U lize reserved capacity for predictable workloads, securing lower costs by commi ng to
specific resource alloca ons.
· Monitor and Analyze Cost Reports:
o Regularly review cost reports provided by cloud providers to iden fy spending pa erns and
areas for op miza on.
o Use cost analysis tools to gain insights into resource consump on and associated expenses.
· Implement Serverless Architectures:
o Consider serverless compu ng for event-driven workloads to eliminate the need for
con nuously provisioned servers.
o Pay only for the actual compute resources consumed during the execu on of func ons.
Example:
In an e-commerce applica on, auto-scaling is employed to handle increased traffic during promo onal
events. When traffic surges, addi onal instances automa cally spin up to meet demand, ensuring op mal
performance. During periods of normal ac vity, the auto-scaling group adjusts the capacity downward,
reducing costs by not overprovisioning resources. This dynamic approach to resource management
op mizes both performance and expenditure.

250
 Cloud Application Developer

8.2.10 U lizing Log Data for Performance Op miza on

Logs are invaluable in iden fying and resolving performance issues in deployed systems. Analyzing log
data provides insights into applica on behavior, enabling proac ve measures to enhance stability and
performance.

Details/Steps:

· Collect Comprehensive Logs:

o Ensure thorough logging across applica on layers, capturing events, errors, and
performance metrics.
o Use structured logging to organize log data for easier analysis.

· Implement Log Aggrega on:

o Aggregate logs from various components and services into a centralized logging system.
o Leverage tools like ELK Stack (Elas csearch, Logstash, Kibana) or centralized logging
services provided by cloud pla orms.

· Set Alerts Based on Log Data:

o Establish alerts triggered by specific log events indica ve of performance issues.

o Define thresholds for response mes, error rates, or other relevant metrics.

· Perform Regular Log Analysis:

o Regularly analyze logs to iden fy pa erns, anomalies, or recurring issues affec ng

performance.
o Use log analysis tools to efficiently search and correlate log entries.

· v.Implement Remedia on Based on Insights:

o Translate insights from log analysis into proac ve measures to address poten al issues.
o Fix iden fied issues, op mize code, or scale resources based on the analysis.

Example:

In an e-commerce applica on, a sudden increase in checkout errors is detected through log analysis. By
examining detailed error logs, the development team iden fies a database connec on bo leneck. With
this insight, they op mize the database queries, implement connec on pooling, and deploy the changes.
As a result, the checkout process becomes more responsive, reducing errors and enhancing overall
system stability.

251
Par cipant Handbook

8.2.11 Automa ng Performance Monitoring with Scrip ng

Automa ng performance monitoring using scrip ng languages streamlines the process, allowing for
con nuous, efficient analysis. This approach enhances the ability to detect and respond to performance
issues promptly.

Details/Steps

· Choose a Scrip ng Language:

o Select a scrip ng language suitable for your environment (e.g., Python, Bash, PowerShell).

o Ensure the chosen language supports interac ons with monitoring tools and APIs.

· Integrate with Monitoring Too

o U lize scrip ng to interact with Applica on Performance Monitoring (APM) tools or cloud
monitoring services.
o Fetch relevant metrics, such as response mes, resource u liza on, and error rates.

· Automate Data Collec on:

o Develop scripts to automate the collec on of performance-related data at regular
intervals.

o Schedule scripts to run periodically, ensuring con nuous monitoring.

· Implement Threshold Alerts:

o Integrate alert mechanisms within scripts to trigger no fica ons when performance
metrics surpass defined thresholds.
o Alerts can be sent via email, messaging pla orms, or integrated with incident management
systems.

· Generate Custom Reports:

o Use scrip ng to generate customized reports summarizing performance metrics.

o Include visualiza ons or graphs for a quick overview of system performance trends.

Example:

A Python script is created to interact with an APM tool's API. The script automates the retrieval of
response mes and error rates from a web applica on. Thresholds are set for response mes, and the
script triggers an alert if the response me exceeds the defined limit. Addi onally, the script generates a
daily report summarizing performance metrics, providing ac onable insights for op miza on.

252
 Cloud Application Developer

8.2.12 Crea ng and Documen ng Applica on

Performance Reports
Effec ve applica on performance reports are essen al for understanding system behavior and making
informed decisions. This process involves u lizing applica on monitoring tools to generate
comprehensive reports.

Fig. 8.2.5 System design

Details/Steps:

· Select Monitoring Tools:

o Choose suitable Applica on Performance Monitoring (APM) tools that align with your
applica on's technology stack.
o Ensure the selected tools provide detailed insights into key performance metrics.

· Define Key Metrics:

o Iden fy cri cal performance metrics such as response mes, error rates, and resource
u liza on.

o Customize reports to focus on specific metrics relevant to business objec ves.

· Configure Report Frequency:

o Set the frequency for genera ng performance reports (e.g., daily, weekly, or monthly).

o Align the repor ng schedule with the needs of stakeholders and decision-makers.

253
Par cipant Handbook

· Automate Report Genera on:

o U lize the automa on capabili es of monitoring tools to schedule regular report
genera on.

o Configure tools to compile data automa cally and generate reports without manual
interven on.

· Include Visualiza ons:

o Enhance reports with visualiza ons like charts and graphs for be er data interpreta on.
o Visual representa ons help stakeholders quickly grasp performance trends and anomalies.

Example:

Using a popular APM tool, a weekly performance report is configured to include response me trends,
error rates, and database query performance. The report, generated automa cally every Monday
morning, features line charts depic ng performance over the past week. If response mes exceed
predefined thresholds, the report triggers alerts for immediate a en on. The documented report
provides a comprehensive overview for stakeholders, aiding in performance analysis and decision-
making.

254
 Cloud Application Developer

Exercise
Answer the following ques ons:
Short Ques ons:
1. How is applica on performance linked to business outcomes?
2. What are the different types of cloud deployment models?
3. Why is defining KPIs crucial for measuring cloud system performance?
4. What parameters are considered in monitoring the performance of cloud systems?
5. How can applica on log reports aid in iden fying performance issues?
Fill-in-the-Blanks:
1. Cloud resource u liza on pa erns are essen al for op mizing ____________.
a) Performance
b) Cost
2. Automa ng the performance monitoring process using scrip ng languages enhances
____________.
a) Accuracy
b) Speed
3. ____________ are tools used for Applica on Performance Monitoring (APM).
a) Databases
b) APM tools
4. Providing ac onable insights for re-engineering the applica on improves overall
____________.
a) Efficiency
b) Security
5. Monitoring KPIs is essen al to regularly review the ____________ of applica ons.
a) Performance
b) Aesthe cs
True/False Ques ons:
i. Defining KPIs is not necessary for measuring the performance of systems deployed on the cloud.
ii. Applica on log reports are irrelevant for iden fying problems related to applica on
performance.
iii. Automa on in performance monitoring using scrip ng languages can lead to inaccuracies.
iv. Op mizing cost and resource u liza on is unrelated to the performance of cloud systems.
v. Crea ng and documen ng applica on performance reports is a one- me ac vity.

255
Par cipant Handbook

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/watch
?v=AOCzoTR_pbc
Introduc on to APM | AppDynamics

256
 Cloud Application Developer

257
Par cipant Handbook

9. Inclusive and
Environmentally
Sustainable
Workplaces

Unit 9.1 - Sustainable Prac ces in the Workplace

Unit 9.2 - Diversity and Equity Promo on Strategies in the
Workplace

SSC/N9014
91
 Cloud Application Developer

Key Learning Outcomes

At the end of this module, par cipants will be able to:
1. Describe different approaches for efficient energy resource u lisa on and waste management.

2. Describe the importance of following the diversity policies.

3. Iden fy stereotypes and prejudices associated with people with disabili es and the nega ve
consequences of prejudice and stereotypes.

4. Discuss the importance of promo ng, sharing, and implemen ng gender equality and PwD
sensi vity guidelines at organiza on level.

5. Prac ce the segrega on of recyclable, non-recyclable and hazardous waste generated.

6. Demonstrate different methods of energy resource use op miza on and conserva on.

7. Demonstrate essen al communica on methods in line with gender inclusiveness and PwD
sensi vity.

259
Par cipant Handbook

UNIT 9.1: Sustainable Prac ces in the Workplace

Unit Objectives
At the end of this unit, participants will be able to:
1. Describe different approaches for efficient energy resource u lisa on and waste management.
2. Prac ce the segrega on of recyclable, non-recyclable and hazardous waste generated.
3. Demonstrate different methods of energy resource use op miza on and conserva on.

9.1.1 Sustainability
Sustainability is the equilibrium among the environment, equity, and economy. In 1987, the Brundtland
Commission of the United Na ons characterized sustainability as "addressing the requirements of the
current genera on without jeopardizing the capacity of succeeding genera ons to fulfill their own
necessi es."

Sustainability is a concept comprised of three interconnected pillars, each playing a vital role in achieving
a harmonious and balanced system. These three pillars collec vely form the founda on for sustainable
development, ensuring that ac ons and decisions consider the broader impact on our planet and future
genera ons.

Fig.9.1.1 Three Pillars of Sustainability

The pillars of sustainability are:

Ÿ Economy: This pillar emphasizes the importance of economic ac vi es that promote long-term
prosperity without compromising the well-being of current and future genera ons.
Ÿ Society: The social pillar focuses on fostering equity, inclusivity, and social well-being. Sustainable
prac ces in this realm priori ze fair and just socie es, where all individuals have equal access to
resources, opportuni es, and basic needs.
Ÿ Environment: The environmental pillar underscores the necessity of preserving and protec ng the
natural world. Sustainable environmental prac ces aim to minimize nega ve impacts on
ecosystems, biodiversity, and natural resources.

260
 Cloud Application Developer

9.1.2 Sustainable Prac ces

Sustainable prac ces at the workplace refer to the adop on of environmentally and socially responsible
strategies and behaviours by organiza ons to ensure long-term viability, minimize nega ve impacts, and
contribute posi vely to the well-being of the environment, society, and the economy.
Components of Sustainable Prac ces at Workplace

• Adop on of energy-efficient technologies.

Energy
• Implementa on of prac ces to reduce energy consump on.
Efficiency:
• Integra on of renewable energy sources.

• Establishment of waste reduc on ini a ves.

Waste Reduc on
• Implementa on of recycling programs for various materials.
and Recycling:
• Proper disposal of hazardous waste.

• Selec on of suppliers based on sustainable prac ces.

Sustainable
• Considera on of the environmental and social impact of products and materials.
Procurement:
• Integration of ethical sourcing in procurement processes.

• Conserva on of water resources through responsible usage.

Environmental
• Preserva on of natural habitats and biodiversity.
Conserva on:
• Implementa on of landscaping prac ces that promote ecological health.

• Fair and ethical treatment of employees.

Social • Promo on of diversity and inclusion in the workplace.
Responsibility: • Community engagement and support for local ini a ves.
• Ensuring health and safety standards for employees.

Green Building • Design and construc on of environmentally friendly buildings.

and • Integration of energy-efficient systems in infrastructure.
Infrastructure: • Implementa on of sustainable landscaping and outdoor spaces.

• Promo on of eco-friendly commu ng op ons for employees.

Sustainable
• Adop on of green transporta on prac ces.
Transporta on:
• Provision of facili es for bicycle commu ng or electric vehicle charging.

Sustainable • Assessment and selec on of suppliers based on sustainability criteria.

Supply Chain • Implementa on of traceability and transparency in the supply chain.
Management: • Efforts to minimize the carbon footprint in logis cs and transporta on.

Employee • Training programs on sustainable prac ces and corporate sustainability goals.
Engagement and
• Encouragement of employee par cipa on in sustainability ini a ves.
Educa on:

• Adherence to environmental and social regula ons.

Regulatory
• Monitoring and repor ng on sustainability performance.
Compliance:
• Con nuous adjustment of prac ces to meet evolving regulatory standards.

Fig. 91.2 Sustainable Prac ces at Workplace

261
Par cipant Handbook

9.1.3 Efficient Energy Resource U lisa on

Energy resource u liza on and conserva on refers to the prac ce of efficiently u lizing and preserving
energy sources to minimize waste, reduce environmental impact, and promote sustainability. This
involves adop ng measures and strategies to op mize energy use across various sectors.

Fig.9.1.3 Efficient Energy Resource U lisa on

The different approaches for efficient energy resource u liza on and conserva on are:

1. Advanced Metering Infrastructure (AMI): Advanced Metering Infrastructure (AMI) is a sophis cated
system of smart meters, communica on networks, and data management systems designed to
modernize and enhance the func onality of tradi onal u lity metering. AMI enables the collec on,
analysis, and communica on of detailed energy consump on data in real- me, offering numerous
advantages over conven onal metering systems.

2. Energy Management Systems (EMS): Energy Management Systems (EMS) are comprehensive
so ware and hardware solu ons designed to monitor, control, and op mize energy consump on
within various environments. EMS plays a crucial role in enhancing energy efficiency, reducing costs,
and suppor ng sustainability ini a ves.

3. Energy Audits: Energy audits are systema c assessments of energy usage and efficiency within a
facility, building, or industrial process. The primary goal is to iden fy opportuni es for energy
conserva on, cost savings, and overall improvement in energy performance.

4. Energy-Efficient Ligh ng: Energy-efficient ligh ng refers to the use of ligh ng technologies and
strategies that minimize energy consump on while maintaining or improving the quality of
illumina on. This approach is crucial for reducing electricity costs, enhancing sustainability, and
mi ga ng environmental impacts.

262
 Cloud Application Developer

5. Green Building Cer fica ons: Green Building Cer fica ons offer a comprehensive framework to
advocate for environmentally responsible and sustainable prac ces in both the construc on and
opera on of buildings. One prominent cer fica on is LEED (Leadership in Energy and Environmental
Design), se ng the standard for environmentally friendly building design.

6. Combined Heat and Power (CHP) Systems: Combined Heat and Power (CHP) systems, also denoted to
as cogenera on, represent integrated energy systems that produce electricity and valuable thermal
energy from a single fuel source. This approach significantly enhances overall energy efficiency
equated to the separate produc on of electricity and thermal energy.

7. Energy-Efficient HVAC Systems: Energy-efficient Hea ng, Ven la on, and Air Condi oning (HVAC)
systems play a essen al role in eleva ng building sustainability and promo ng energy conserva on.
These systems incorporate advanced technologies and features priori zing energy efficiency,
resul ng in decreased energy consump on and opera onal costs.

9.1.4 Waste Management

Waste management denotes to the collec on, transporta on, treatment, and disposal of waste materials
in a way that protects human health and the environment. In the workplace context, it encompasses
everything from recycling paper to compos ng food scraps to responsibly disposing of electronic
equipment.

Fig. 9.1.4 Waste Disposal

Importance of Waste Management

1. Environmental Conserva on:
Ÿ Reducing waste genera on and promo ng recycling contribute to the conserva on of precious
resources.
Ÿ Minimizing landfill usage helps mi gate environmental degrada on and combat climate change.

263
Par cipant Handbook

2. Employee Health and Well-being:

Ÿ A clean and organized work environment, facilitated by effec ve waste management, fosters a
sense of well-being among employees.
Ÿ Proper waste disposal reduces health hazards associated with unmanaged waste, contribu ng to
a healthier workplace.
3. Cost Savings:
Ÿ Implementa on of efficient waste management systems results in significant reduc ons in waste
disposal costs.
Ÿ Recycling programs can poten ally unlock revenue streams, offering financial benefits to
organiza ons.
4. Brand Reputa on:
Ÿ Demonstra ng a commitment to sustainability, including effec ve waste management, enhances
a company's image.
Ÿ A posi ve corporate image a racts eco-conscious clients and employees, bolstering the brand's
reputa on in the market.

9.1.5 Steps to Manage Waste

Waste management denotes to the collec on, transporta on, treatment, and disposal of waste materials
in a way that protects human health and the environment. In the workplace context, it encompasses
everything from recycling paper to compos ng food scraps to responsibly disposing of electronic
equipment.

Fig. 9.1.5 Waste Disposal Process

1. Iden fy Wastes:
The ini al step in effec ve waste management involves a comprehensive iden fica on of the various
types of wastes generated within a given system or organiza on. This process necessitates a thorough
understanding of the waste stream, encompassing both solid and poten ally hazardous materials. By
categorizing and cataloging the different types of wastes produced, organiza ons can establish a
founda onal understanding of the scope and nature of their waste genera on.

Iden fica on also involves iden fying sources, pa erns, and poten al environmental impacts. This
step is cri cal in laying the groundwork for subsequent waste management ac ons, enabling
organiza ons to tailor strategies that address the specific composi on and characteris cs of their
generated wastes.

264
 Cloud Application Developer

2. Evaluate Waste:

Once wastes are iden fied, the next step involves a detailed evalua on of their proper es, risks, and
poten al for resource recovery. This evalua on encompasses assessing the composi on of the waste
stream, dis nguishing between recyclable, non-recyclable, and hazardous materials.

Evalua on also involves considering the environmental impact of various waste management
methods. For instance, determining whether incinera on, recycling, or landfill disposal is the most
environmentally sustainable op on involves a comprehensive evalua on of factors such as energy
consump on, emissions, and long-term ecological effects.

Risk assessments associated with hazardous wastes are crucial during this step. Understanding the
poten al harm posed by certain materials guides the implementa on of safe handling and disposal
prac ces.

3. Manage Wastes:

Armed with a thorough understanding of iden fied wastes and their evalua ons, organiza ons can
then implement tailored waste management strategies. This involves the development and
implementa on of systems for waste reduc on, recycling, proper disposal, and, where applicable,
resource recovery.

Waste management strategies may include the establishment of recycling programs, the adop on of
sustainable packaging prac ces, and the implementa on of efficient disposal methods that minimize
environmental impact. Regulatory compliance, adherence to best prac ces, and ongoing monitoring
are integral components of effec ve waste management.

9.1.6 Waste Segrega on

The prac ce of segrega on in waste management is a fundamental and proac ve approach to handling
the diverse array of materials generated in various se ngs. Segrega on involves the systema c
separa on of waste into dis nct categories, primarily focusing on recyclable, non-recyclable, and
hazardous materials.

Fig.91.6 Waste Segrega on

265
Par cipant Handbook

1. Recyclable Waste:

Ÿ Recyclable materials, like paper, cardboard, plas cs, glass, and certain metals, are iden fied and
separated at the source of genera on. This requires awareness and educa on among individuals
or within organiza ons to recognize materials that can be recycled.

Ÿ Segrega ng recyclable waste at the point of origin enhances the efficiency of recycling processes.
It streamlines the collec on and processing of materials, facilita ng the recovery of valuable
resources and reducing the environmental effect associated with manufacturing new products.

2. Non-Recyclable Waste:

Ÿ Materials that do not fall into the recyclable category, such as certain types of plas cs,
contaminated items, or non-reusable goods, are iden fied during the segrega on process. These
materials are then appropriately disposed of, o en through landfill or incinera on methods.

Ÿ Segrega ng non-recyclable waste helps prevent contamina on of recyclable streams.

Contamina on can compromise the quality of recyclables and hinder the effec veness of
recycling processes.

3. Hazardous Waste:

Ÿ Recogni on and Special Handling: Hazardous waste, encompassing materials with poten al risks
to human health or the environment, requires special a en on. Segrega on involves recognizing
items such as ba eries, electronic waste, chemicals, and medical waste that fall into this category.

Ÿ Safe Disposal Protocols: Proper segrega on ensures that hazardous waste is handled and
disposed of according to regulatory guidelines. This mi gates the poten al for environmental
pollu on and minimizes health risks associated with improper disposal of hazardous materials.

9.1.7 Types of Recyclable Waste

1. Dry Waste

Ÿ Dry waste includes items that are not wet or soiled, making them suitable for recycling. Examples
of Dry Waste are: Paper, cardboard, plas cs, glass, and metals.

Ÿ Dry waste is collected, sorted, and sent to recycling facili es where materials like paper, plas cs,
glass, and metals undergo processing for reuse in manufacturing.

2. Wet Waste

Ÿ Wet waste consists of organic materials that can decompose, such as food scraps and soiled
items. Examples of Wet Waste are Food waste, soiled paper, and yard waste fall.

Ÿ Wet waste is typically processed through compos ng, conver ng organic ma er into nutrient-
rich compost for agricultural use.

266
 Cloud Application Developer

Fig.9.1.7 Types of Recyclable Waste

3. Sanitary Waste:

Ÿ Sanitary waste includes items origina ng solely from humans and human ac vi es, poten ally
including medical waste. Examples of sanitary waste are Diapers, sanitary napkins, and certain
medical waste items.

Ÿ Due to poten al health risks, sanitary waste may require specialized disposal methods, especially
when medical waste is involved.

4. E-Waste (Electronic Waste):

Ÿ E-Waste comprises discarded electronic devices and equipment. Examples: Computers, laptops,
mobile phones, and other electronic gadgets are considered e-waste.

Ÿ E-waste recycling includes the recapture of valuable materials (metals, plas cs) and proper
disposal of hazardous components. Specialized facili es are equipped to handle e-waste recycling.

267
Par cipant Handbook

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/watch
?v=-0zQV8F03Og
Sustainable Prac ces

268
 Cloud Application Developer

UNIT 9.2: Diversity and Equity Promo on Strategies in the Workplace

Unit Objectives
By the end of this unit, participants will be able to:
1. Describe the importance of following the diversity policies.
2. Iden fy stereotypes and prejudices associated with people with disabili es and the nega ve
consequences of prejudice and stereotypes.
3. Discuss the importance of promo ng, sharing and implemen ng gender equality and PwD sensi vity
guidelines at organiza on level.
4. Demonstrate essen al communica on methods in line with gender inclusiveness and PwD sensi vity.

9.2.1 Diversity
"Diversity" denotes to the presence of an extensive range of human characteris cs, a ributes, and
perspec ves within a group, organiza on, or community.
Diversity is considered a strength in various se ngs, as it can lead to increased crea vity, be er problem-
solving, and a more dynamic and adaptable organiza on or community. Organiza ons that priori ze
diversity o en aim to generate a culture where individuals feel empowered to contribute their unique
perspec ves and talents.
Key concepts related to diversity include:
Ÿ Inclusion: Nurturing an environment where everybody feels valued, respected, and included.
Ÿ Equity: Ensuring fairness and impar ality, addressing systemic barriers, and providing resources
based on individual needs.
Ÿ Representa on: Ensuring that diverse voices are heard and represented at all levels of an
organiza on.
Characteris cs of Diversity:

Demographic Diversity: Cogni ve Diversity: Experience and Background

• Age • Different ways of thinking Diversity:
• Gender • Varied problem-solving • Educa onal background
• Race and ethnicity approaches • Professional experience
• Sexual orienta on • Diverse perspec ves on • Socioeconomic background
• Na onality issues
• Disability status

Cultural Diversity: Diversity of Abili es: Diversity of Thoughts and

• Cultural prac ces • Physical abili es Ideas:
• Language • Cogni ve abili es • Varied opinions
• Religious beliefs • Emo onal intelligence • Crea ve thinking
• Innova on

Fig. 9.2.1 Characteris cs of Diversity

269
Par cipant Handbook

Diversity Policies
Following diversity policies is crucial for fostering an inclusive and equitable work environment. Key
reasons why adhering to diversity policies is important:
1. Inclusivity: Diversity policies create an inclusive workplace, fostering a sense of belonging among
employees.

2. Crea vity and Innova on: Diverse teams bring different perspec ves, enhancing crea vity and
innova on.

3. Talent A rac on and Reten on: Diversity a racts a broad range of talent, making organiza ons
more appealing and improving reten on rates.
4. Global Market Awareness: Diverse teams can be er understand and cater to the needs of diverse
markets, enhancing business performance.
5. Legal and Ethical Compliance: Following diversity policies ensures legal compliance and demonstrates
commitment to ethical business prac ces.

6. Elimina on of Discrimina on: Diversity policies work to eliminate discrimina on and bias, fostering
a fair and just workplace.

7. Improved Decision-Making: Diverse teams contribute varied viewpoints, leading to more well-
rounded and informed decision-making.

8. Enhanced Reputa on: Companies that priori ze diversity enjoy a posi ve reputa on, building trust
and loyalty among customers and clients.
9. Employee Engagement: Valuing diversity encourages employee engagement, posi vely impac ng
produc vity and job sa sfac on.
9. Long-Term Sustainability: Embracing diversity is a strategic business impera ve for long-term
organiza onal sustainability.

9.2.2 Gender Equality

In Indian legisla on, gender is delineated as the individual a ributes and traits linked to being masculine,
feminine, or transgender. The Indian authori es acknowledge three gender categories—male, female,
and transgender—according to the Transgender Persons (Protec on of Rights) Act, 2019, enacted by the
Parliament of India in November 2019.
Gender parity denotes the principle that every individual, irrespec ve of their gender, should enjoy
equivalent opportuni es and en tlements across all facets of life, encompassing educa on,
employment, poli cal engagement, and accessibility to healthcare and other public ameni es. It signifies
that no individual should face discrimina on or disadvantages based on their gender.

270
 Cloud Application Developer

Fig. 9.2.2 Gender Equality at Workplace

9.2.3 Gender-Inclusive Work Environment

In an all gender-inclusive culture, all employees, regardless of their gender iden ty (male, female, or,
transgender)), feel appreciated and supported. Apart from crea ng a sense of belonging, gender-
inclusive workplace culture can elevate previously unheard perspec ves and recognise various
experiences, fostering an environment of genuine respect and trust. This type of atmosphere not only
draws a broader range of applicants but also provides all of the necessary structural support for them to
succeed.

Fig.9.2.3 Gender Inclusivity

271
Par cipant Handbook

The importance of a gender-inclusive workplace can be ascertained from the following benefits:

Ÿ By ensuring that the team has a healthy mix of female, male, transgender, and non-binary employees,
the organisa on can benefit from their diverse views and improve the team's crea vity and
innova on.

Ÿ By emphasising the importance of having an inclusive culture, businesses can raise employee morale
and increase opportuni es, which will lead to higher employee reten on rates and save me and
money in the long term.

Ÿ Organiza ons will be able to connect effec vely with customers and increase their understanding of
what they need if their workforce base represents their customers, bringing together a range of
genders, backgrounds, and races.
Ÿ An inclusive culture can be a major a rac on when it comes to recrui ng new employees. When a
company develops a reputa on for having a diverse workforce, it has a tremendous recrui ng tool at
its disposal.

9.2.4 Gender Sensi vity Rules and Regula ons

Ÿ Preven on of Sexual Harassment: Employers are required to establish and implement policies and
procedures to inhibit and address sexual harassment in the workplace. These policies should be
communicated to all employees and include measures for repor ng and inves ga ng complaints.

Ÿ Equal Opportuni es: Employers should ensure that all employees, regardless of gender, have equal
opportuni es for hiring, promo on, training, and development.

Ÿ Gender-Neutral Language: Employers should use gender-neutral language in all communica ons,
including job descrip ons, forms, and company policies, to avoid gender-based discrimina on.

Ÿ Inclusive Workplace: Employers should create an inclusive work environment that accommodates
individuals of all genders, including those who iden fy as non-binary or do not conform to tradi onal
gender norms.

Ÿ Maternity and Paternity Leave: Employers should provide maternity and paternity leave to support
employees who are star ng or expanding their families.

Ÿ Sensi za on and Training: Employers should provide regular sensi za on and training to employees
on gender sensi vity, diversity, and inclusion in the workplace.

Ÿ Non-Discrimina on: Employers ought not to engage in discrimina on against employees on the
grounds of their gender iden ty or expression. They should proac vely address and counteract any
instances of discrimina on or harassment rooted in gender that may arise within the workplace.

272
 Cloud Application Developer

9.2.5 Inclusion of Person with Disability in the Workplace

In India, the Persons with Disabili es Act (PwD) mandates that organisa ons provide differently-abled
individuals with equal opportuni es and a non-discriminatory atmosphere, as well as facili es that will
enable them to func on at their best under the condi ons.

The following are the 6 ini a ves that should be taken by the organiza on to become more inclusive:

Fig. 9.2.4 PwD Inclusivity at Workplace

1. Create safe spaces: Create employee support groups (ESGs) to encourage and empower all
employees in the company. They contribute to the development of the community by providing
safe areas for individuals to share and get to know one another. ESGs aim to improve employee
experience while also boos ng mental wellness.
2. Examine the resources: Take some me to review the company's wri ng, website, and marke ng
materials with a fresh perspec ve. Even if the message is clear, be alert for wording that may
exclude people. Avoid using terms like "physically challenged," "differently-abled," or "special
needs" to describe people with impairments. When describing persons without disabili es,
never use the adjec ve "normal."
3. Hire a professional: Organisa on should hire people for their skills, irrespec ve of their physical
challenges. They should hire a person with a disability if they are fulfilling the demands of the job
role.
4. Speak with the employees: Persons with disabili es should be included in the decision-making
process of the organisa on, whether or not it directly affects them. It may also cause irrita on
when the organiza on adopts well-inten oned improvements that no one requires. It is cri cal to
include people with impairments in decision-making processes.
5. Promote diversity on all levels: Hiring people with disability should be done across all levels of
the organisa on. Companies must look below the surface to create a varied environment. There
are various kinds of diversity. Physical and mental ability, educa onal and economic background,
neurodiversity, and immigra on status are only a few examples. Recognize that these people
aren't merely " cking boxes."
6. Be transparent: Companies and their leaders must demonstrate that crea ng a more inclusive
atmosphere is a priority, not a project. One should allow their managers and staff to be open and
honest about their problems, errors, victories, and even limita ons. The idea is to create a

273
Par cipant Handbook

The advantages of having an inclusive workplace:

Ÿ Access to talent: Organisa ons can access an undiscovered source of talent by focusing on abili es
rather than assump ons.

Ÿ Increased innova on: Employees with varying levels of experience approach issue resolu on in
different ways.

Ÿ Increased reten on and engagement: Employees who feel valued and included are more loyal and
enthusias c.

Ÿ Be er reputa on: Customers value businesses that demonstrate a genuine commitment to diversity
and inclusion.

Ÿ Benefits for everyone: An inclusive workplace helps everyone, not just people with disabili es.

9.2.6 Types of Disabili es

There are various types of disabili es, including:

1. Physical disabili es: These are disabili es that affect a person's physical ability to perform tasks.
Physical disabili es can be caused by congenital condi ons, injuries, or illnesses. Examples of physical
disabili es include mobility impairments, amputa ons, paralysis, and chronic pain. Physical
disabili es can limit a person's ability to perform ac vi es of daily living, such as bathing, dressing, or
cooking. Assis ve devices and technologies, such as wheelchairs, prosthe c limbs, and mobility aids,
can help people with physical disabili es to perform these tasks and live independently.

Fig. 9.2.5 Types of Disabili es

274
 Cloud Application Developer

2. Mental disabili es: These are disabili es that affect a person's mental func oning. Mental disabili es
can include mental illnesses, such as depression, anxiety, bipolar disorder, or schizophrenia. Mental
disabili es can also include cogni ve impairments, such as memory loss, a en on deficits, or learning
disabili es. Mental disabili es can limit a person's ability to concentrate, communicate, or engage in
social interac ons. Treatment and support services, such as counselling, medica on, and therapy, can
help people with mental disabili es to cope their symptoms and improve their quality of life.

3. Intellectual disabili es: These are disabili es that affect a person's cogni ve abili es. Intellectual
disabili es can be caused by gene c condi ons, brain damage, or other factors. Intellectual disabili es
can result in difficul es with reasoning, problem-solving, and understanding complex concepts.
Intellectual disabili es can also affect a person's ability to communicate efficiently and involve in social
interac ons. Special educa on and support services, such as individualized instruc on and behavioral
therapies, can help people with intellectual disabili es to develop their cogni ve and social skills and
achieve their full poten al.

4. Sensory impairments: These are disabili es that affect a person's senses. Sensory impairments can
include hearing loss, vision impairment, or tac le sensi vity. Sensory impairments can limit a person's
ability to communicate, navigate their environment, or access informa on. Assis ve technologies,
such as hearing aids, Braille displays, and screen readers, can help people with sensory impairments to
overcome these limita ons and par cipate fully in society.

9.2.7 Rights of Persons with Disabili es

The Rights of Persons with Disabili es Act came into force on 19 April 2017. Further, the Rules were
no fied on June 15, 2017. The new Act replaces the Persons with Disabili es Act, 1995. The new Act
implements India’s obliga ons under the United Na ons Conven on on the Rights of Persons with
Disabili es, which was ra fied in 2007. It has taken the Indian Parliament more than a decade to pass this
legisla on.

Fig. 9.2.5 Rights of Persons with Disabili es Act, 2016

275
Par cipant Handbook

Key compliances under the Disabili es Act:

Although the majority of the Act's requirements apply only to government facili es, private businesses
are also subject to the Act's provisions and must comply with the following:

Ÿ Create and post an Equal Opportunity Policy on the establishment's website or in a prominent
loca on within the premises. The policy must provide informa on about the perks and
accommoda ons available to disabled employees. The State Commissioner must also be given a copy
of the Policy.

Ÿ Employers with more than 20 employees must appoint a Liaison Officer to manage the recruitment of
disabled people and the par cular accommoda ons that must be provided for them.

Ÿ Establishments are required to iden fy job openings that are suitable for disabled people. In the case
of businesses that receive government subsidies, a minimum of 5% of job openings must be
designated for people with disabili es.

Ÿ In the workplace, the employer must ensure that illegi mate discrimina on against disabled people
is prohibited.
Ÿ To improve impaired employees' accessibility, the employer must provide addi onal facili es or
special advantages, such as special leave and training programmes.
Ÿ The government has published accessibility standards for disabled people, which must be followed
by all businesses. The accessibility standards apply to workplace infrastructure and communica on
technologies, both of which must be accessible to people with disabili es.
Ÿ Every organisa on must keep track of its disabled personnel.

9.2.8 Stereotypes and Prejudices Associated with People with

Disabili es
Ÿ Assump on of Dependency: Many people wrongly assume that individuals with disabili es are
en rely dependent on others for daily ac vi es and decision-making.

Ÿ Pity and Sympathy: Individuals with disabili es are some mes subjected to pity or sympathy,
perpetua ng the stereotype that their lives are inherently less fulfilling.
Ÿ Limited Capabili es: Stereotypes o en portray people with disabili es as having limited abili es,
overlooking their diverse talents, skills, and poten al.
Ÿ Invisibility of Abili es: Some stereotypes focus solely on the disability, overshadowing the individual's
other capabili es and talents.

Ÿ Assump ons about Intelligence: There can be misconcep ons about the intelligence of individuals
with certain disabili es, leading to underes ma on of their cogni ve abili es.

Ÿ Overgeneraliza on: People with disabili es are some mes unfairly generalized, assuming that all
individuals with a par cular disability share the same characteris cs.

276
 Cloud Application Developer

Ÿ S gma za on: Certain disabili es may carry social s gmas, leading to nega ve percep ons and
biased a tudes towards individuals with those disabili es.

Nega ve Consequences of Prejudice and Stereotypes:

Ÿ Social Exclusion: Prejudice and stereotypes contribute to social exclusion, limi ng opportuni es for
individuals with disabili es to fully par cipate in various aspects of life.
Ÿ Limited Opportuni es: Discriminatory a tudes can result in limited educa onal and employment
opportuni es, hindering personal and professional development.
Ÿ Psychological Impact: Individuals with disabili es may internalize nega ve stereotypes, leading to
lower self-esteem and mental health issues.

Ÿ Barriers to Inclusion: Prejudice can create barriers to inclusive environments, hindering the
development of diverse and collabora ve communi es.

Ÿ Underes ma on of Abili es: Stereotypes may lead to underes ma on of the skills and poten al of
individuals with disabili es, affec ng their ability to contribute effec vely.

Ÿ Unequal Treatment: Prejudice can result in unequal treatment, with individuals facing
discrimina on in various aspects of life, including healthcare, housing, and social interac ons.
Ÿ Lack of Accessibility: Nega ve a tudes may contribute to a lack of accessibility in public spaces,
making it difficult for individuals with disabili es to navigate their surroundings independently.
Ÿ Impact on Mental Health: The constant experience of prejudice and stereotyping can contribute to
stress, anxiety, and other mental health challenges for individuals with disabili es.

9.2.9 Gender Equality and PwD Sensi vity Guidelines

Promo ng, sharing, and implemen ng gender equality and Persons with Disabili es (PwD) sensi vity
guidelines at the organiza onal level is crucial for fostering an inclusive and respec ul workplace. Here
are key reasons why this is important:
Ÿ Inclusive Work Environment: Guidelines for gender equality and PwD sensi vity contribute to
crea ng an inclusive workplace where all employees sense valued, respected, and treated equitably.
Ÿ Diverse Perspec ves and Innova on: Embracing diversity, including gender and disability, brings a
variety of perspec ves to the table. This diversity fosters crea vity and innova on as employees with
different backgrounds and experiences contribute unique insights.
Ÿ Talent A rac on and Reten on: Organiza ons that priori ze and demonstrate commitment to
gender equality and PwD sensi vity are more a rac ve to a diverse talent pool. Such organiza ons
also tend to retain employees be er as individuals feel appreciated and supported.

Ÿ Legal Compliance: Following guidelines for gender equality and PwD sensi vity ensures compliance
with relevant laws and regula ons. This reduces the risk of legal issues and demonstrates the
organiza on's commitment to ethical prac ces.

277
Par cipant Handbook

Ÿ Enhanced Reputa on: Organiza ons that ac vely promote equality and sensi vity build a posi ve
reputa on. This can enhance the organiza on's brand image and a ract customers, clients, and
partners who value social responsibility.
Ÿ Improved Employee Morale: Guidelines promo ng equality contribute to a posi ve organiza onal
culture, leading to higher employee morale. When employees feel that their workplace is fair and
inclusive, job sa sfac on and overall well-being are likely to improve.
Ÿ Produc vity and Performance: Inclusive environments tend to foster greater collabora on and
teamwork, posi vely impac ng produc vity and overall organiza onal performance. Employees are
more likely to work cohesively when they feel respected and included.

Ÿ Reduced Stereotyping and Bias: Guidelines can help challenge and overcome gender stereotypes
and biases, as well as those related to individuals with disabili es. This fosters a culture of fairness
and equal opportuni es.

9.2.9 Communica on
Ensuring gender inclusiveness and sensi vity toward Persons with Disabili es (PwD) in communica on is
essen al for fostering a respec ul and inclusive environment. Here are some communica on methods
aligned with these principles:

1. Inclusive Language:
Ÿ Avoid Gendered Language: Use gender-neutral language whenever possible to be inclusive of all
genders. Instead of using "he" or "she," opt for gender-neutral pronouns like "they" or rephrase
sentences to eliminate gender-specific terms.
Ÿ Accessible Language: Ensure that communica on is accessible to everyone, including individuals
with disabili es, by using plain language and avoiding jargon.
2. Diverse Representa on:

Ÿ Visuals and Imagery: Incorporate diverse images and visuals in communica on materials,
reflec ng a range of genders, ethnici es, and abili es.

Ÿ Speaker Representa on: Ensure diverse representa on in speaking roles during mee ngs,
presenta ons, and events to promote a variety of perspec ves.
3. Accessibility Considera ons:
Ÿ Accessible Formats: Provide informa on in mul ple formats (e.g., text, audio, and video) to
accommodate diverse learning preferences and accessibility needs.

Ÿ Cap oning and Transcripts: Include cap ons for videos and provide transcripts for audio
content to ensure that individuals with hearing impairments can access the informa on.

278
 Cloud Application Developer

4. Inclusive Policies and Prac ces:

Ÿ Clearly Communicate Inclusive Policies: Clearly communicate organiza onal policies related to
gender inclusiveness and disability sensi vity. Ensure that employees are aware of the support
available to them.
Ÿ Flexible Communica on Channels: Recognize that individuals may have different communica on
preferences. Offer flexibility in communica on channels, such as wri en, verbal, or virtual
pla orms.
5. Empathy and Sensi vity:

Ÿ Use Inclusive Language: Be mindful of the language used when discussing gender-related topics
and disability. Avoid s gma zing or derogatory terms, and use person-first language for disabili es
(e.g., "person with a disability" instead of "disabled person").

Ÿ Ac ve Listening: Prac ce ac ve listening to understand the perspec ves and needs of others,
especially when discussing issues related to gender and disabili es.

279
Par cipant Handbook

Exercise
A. Short Answer Ques ons
1. What are some different approaches for efficient u liza on of energy resources?

2. Explain the importance of prac cing the segrega on of recyclable, non-recyclable, and
hazardous waste.

3. List the examples of recyclable, non-recyclable, and hazardous waste.

4. What are the poten al nega ve outcomes of neglec ng gender inclusiveness and PwD
sensi vity at the organiza onal level?
5. In what ways can organiza ons ac vely combat stereotypes associated with people with
disabili es and foster a more inclusive environment?
B. Fill in the Blanks

Hints: Diversity, Economy, 19 April 2017, Energy resource u liza on, Energy)
1. The three pillars of sustainability are:___________ , Society and Environment.
2. EMS stands for _________ Management Systems.

3. ____________________________________ and conserva on refers to the prac ce of

efficiently u lizing and preserving energy sources.

4. __________ refers to the presence of a wide range of human characteris cs, a ributes, and
perspec ves within a group, organiza on, or community.
5. The Rights of Persons with Disabili es Act came into force on ______________.
C. State whether True or False.

1. Transgender Persons (Protec on of Rights) Act was passed by the Parliament of India in
November 2009.

2. Green Building Cer fica ons provide a cer ficates for pain ng the building green.
3. Mental disability is a type of disability.

4. Prejudice and stereotypes contribute to social exclusion

5. LEED stands for Leadership in Energy and Environmental Design.

280
 Cloud Application Developer

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/watch
?v=HR4wz1b54hw
Diversity, Equity & Inclusion. Learning how to get it right

281
Par cipant Handbook

282
10. Employability Skills
(60 Hours)
It is recommended that all training include the appropriate.
Employability Skills Module. Content for the same can be
accessed
h ps://www.skillindiadigital.gov.in/content/list

DGT/VSQ/N0102
Par cipant Handbook

284
Par cipant Handbook

11. Annexure
Annexure I - QR Codes –Video Links

2
Par cipant Handbook

Annexure I
Annexure I - QR Codes –Video Links

Chapter Name Unit Name Topic Name URL Page QR Code

No

1. Basics of Unit 1.1: Basics What is Cloud h ps://youtu.be/c 25

Cloud of Cloud Compu ng? OtKswmP2NY
Compu ng Compu ng
and
Regulatory
Standards
(Bridge
Module)

3. Unit 3.1: Func onal VS h ps://www.yout 91

Applica on Applica on Non- ube.com/watch?v
Requirement Requirements Func onal =E_v5hhetIrQ
s (SSC/8318) Fundamentals Requirements

Unit 3.2: Iden ty and h ps://www.yout 115

Advanced Access ube.com/watch?v
Applica on Management =o-CJ8ozJ3Jk
Requirements
and Cloud
Integra on

4. UNIT 4.1: What is Cloud 126

h ps://www.yout
Applica on Impact Analysis Na ve?
ube.com/watch?v
Architecture and Applica on
=NoFu_rpM7EQ
(SSC/N8319) Basic

UNIT 4.3: What is a 145

Disaster Disaster h ps://www.yout
Recovery and Recovery ube.com/watch?v
Best Prac ces Plan? =6aReDnaNtEA

286
 Cloud Application Developer

5. Unit 5.1: Cloud What is h ps://www.yout 155

Applica on Applica on Database | ube.com/watch?v
Development Development Types of =j09EQ-xlh88
(SSC/N8320) Fundamentals Database |
DBMS

6. Unit 6.2: 6 R's | Cloud h ps://www.yout 201

Applica on Cloud-Na ve Migra on ube.com/watch?v
Migra on Applica ons Strategies
(SSC/N8321)
=1O4f2jOmbPg
and Migra on
Techniques

8. Applica on Unit 8.2: Introduc on 256

h ps://www.yout
Performance Advanced to APM |
ube.com/watch?v
Monitoring Tes ng AppDynamics
=AOCzoTR_pbc
(SSC/N8323) Techniques
and Tools

9. Inclusive Unit 9.1: Sustainable 268

h ps://www.yout
and Sustainable Prac ces
ube.com/watch?v
Environment Prac ces in the
=-0zQV8F03Og
ally Workplace
Sustainable
Workplaces
(SSC/N9014)

Unit 9.2 Diversity, h ps://www.yout 281

Diversity and Equity & ube.com/watch?v
Equity Inclusion. =HR4wz1b54hw
Promo on Learning how
Strategies in to get it right
the Workplace

287
 Cloud Application Developer

Notes

288
Par cipant Handbook

289
IT – ITeS Sector Skill Council NASSCOM
Sector Skill Council Contact Details:
Address: Plot No. – 7, 8, 9 & 10 Sector – 126, Noida, Uttar Pradesh – 201303
New Delhi – 110049
Website: www.sscnasscom.com
Phone: 0120 4990111 – 0120 4990172