Cloud computing

LO1-4
Osama Anwar

HND-I.T
Contents
Introduction.................................................................................................................................................1
P1: Examining the Development and Core Ideas of Cloud Computing.......................................................1
P2: An Architectural Cloud Computing Framework....................................................................................3
M1. Moving to the Cloud: Benefits and Things to Think About..................................................................4
P3 : Establishing a Fitting Deployment Model............................................................................................5
P4 : Choosing an Appropriate Model by Comparing Service Models.........................................................7
M2 : Illustrating deployment models with instances from the actual world.................................................9
D1: Rationale for Selecting Tools to Implement a Microsoft Azure Cloud Computing Solution...............10
P5: Setting Up Microsoft Azure for a Cloud Computing Platform............................................................12
P6 Implementing a Virtual Machine on Azure...........................................................................................14
M3: Talking About Problems and Limitations When Building a Virtual Machine on Microsoft Azure.....21
D2: Overcoming Issues and Constraints during the Development Process................................................22
P7: Analyzing Common Problems in a Cloud Computing Platform and Discussing Solutions.................22
P8: In order to get the overall picture about the Security Issues in Cloud environments we will first need
to do an assessment...................................................................................................................................24
M4: To Top in Building a High-level Security Cloud Platform is also the matter of Solving Security
Issues.........................................................................................................................................................26
D3: Taking Precautions when moving Data to the Cloud..........................................................................28

Introduction

Cloud computing has become an essential part of modern technology due to its exceptional
flexibility, scalability, and affordability. This study explores various cloud deployment
techniques and the diverse applications of cloud computing. It also delves into the potential risks
associated with server systems and cloud software projects, emphasizing the importance of
proactive risk management. The article also discusses the benefits of utilizing cutting-edge
techniques in cloud system development and deployment to enhance reliability and effectiveness.

P1: Examining the Development and Core Ideas of Cloud Computing

Since its introduction, cloud computing has undergone a significant evolution that has
revolutionized the way individuals and businesses can access and control computer resources.
This examination explores the significant milestones in the evolution of cloud computing and
delves into the fundamental concepts that underpin this revolutionary technology.
1. Cloud computing's evolution

Prototypes of Cloud Computing:

The trends to cloud computing were initiated by a wholehearted commitment of several pioneers
to its advancement and after a while it was adopted by a huge number of people. Concepts
getting cloud computing to shape such as virtualization, grid computing, and utility computing
made it possible for the cloud computing to emerge.

The Cloud Computing Revolution:

In the mid-2000s, the world had witnessed the actual realization of the concept known as cloud
computing due to virtualization, networking and internet technologies. Many companies operate
cloud services and provide them to people and organizations. For example, Microsoft Azure,
Google Cloud Platform (GCP), and Amazon Web Services(AWS) are among these
organizations.
Acceptance and Growth:

The cloud compute offering various benefits reasons such as faster response, easy scaling, and
cost efficiency fostered companies’ quick migration to the newer technology. Besides providing
basic networks, to which additionally various platforms, software and other solutions developed
for businesses in specific markets have been added.

Diversification and Maturation:

Initially, cloud computing has developed into a full-fleshed ecosystem that incorporates many
options, such as service offerings, cloud models, and philosophies of cloud computing
architecture. The usage of explicative has given my sentence more clarity in reading and
understanding. Multi-cloud and hybrid approaches are now gaining popularity. To optimize
performance and resilience, the businesses focus on combining private and public cloud services.
2. Essential Cloud Computing Concepts:

Self-Service on Demand:
With cloud computing, users can utilize computer services anytime they need them, as if they had
limiting hardware, such as virtual computers, storage, and networking components, which are naturally
managed without human intervention.

Wide Range Networking:

Whether it will be any network connected device or users from any location, cloud services will be
accessed over the internet. Any user may quickly access the cloud resources, without mattering if they are
actually present at the right place or not, due to the said easy accessibility.
Combining Resources:
The cloud providers have multiple compute resources that are then put together into a pool, from which
various customers can then be given access to a part of this pool according to their demand. The resources
involve computing power, archiving capacity, and transmission speeds. Scaleability and the optimal use
of resources are the characteristics of this joint scheme.

Quick Adjustment:
Fast growing of businesses is one of the key benefits for cloud computing as it lets users to change
running capacity without changing code or release new version of app, respectively. With its adaptability
feature, businesses prepare for different situations and alter its daily operations to meet the varying
demands while maintaining maximum productivity and minimum costs.

Measurable Services:
Mostly, the cloud service costs are figured on the basis of usage metrics, the compute hours being the
most significant. With pay-as-you-go model, clients can pay for the utilities only what they use and are
able to have clear visibility and costs management.

Models of Services:

 Cloud computing includes the following three main service models: IaaS, or infrastructure as a
service: Provides pay-per-use virtualized computing services, including servers, storage, and
networking.
 Platform as a Service (PaaS): Offers tools and a development environment so that users may create,
launch, and maintain applications without having to deal with the hassles of infrastructure
administration.
 Software as a Service (SaaS): This type of software delivery eliminates the need for local installation
and maintenance by delivering applications via the internet on a subscription basis.

Models of Deployment:

Numerous deployment models are supported by cloud computing, including:

 Public Cloud: Shared on pay-per-use principle, people access the services through Internet utilizing
multiple users at time.

 Private Cloud: Equipment is arranged only for a specific organization, which can be placed within the
company or a different service quarter.

 Hybrid cloud: Integrate public and private clouds to make the apps and data interoperable. Deliver
apps and data across the environments without disruption depending on varying work demand
capacities.

P2: An Architectural Cloud Computing Framework

The cloud computing architecture of IT organizations should give priority to flexibility, scalability,
security, and cost in order to support data storage, creation of software, email hosting, and web hosting.
The framework must be capable of facilitating agile development, ensuring data security and compliance,
and handling huge levels of traffic. Within the Infrastructure Layer, it is advisable to select a reliable
cloud service provider such as AWS, Azure, or GCP. Implement virtualization techniques, establish a
secure network using Virtual Private Clouds (VPCs), and utilize storage solutions that can easily scale.
The Platform Layer encompasses serverless computing technologies such as AWS Lambda and Azure
Functions, as well as Docker and Kubernetes. Additionally, it includes managed databases like Amazon
RDS and Azure SQL Database. The Application Layer should encompass cloud-based email hosting
services such as Microsoft Exchange Online and Google Workspace, web application hosting platforms
like AWS Elastic Beanstalk and Google App Engine, as well as the development and deployment of
custom apps. The Security and Comply Layer employs encryption techniques to secure data, ensures
adherence to IAM regulations, and complies with industry standards. The Management Layer services
encompass cost management, automated processes, and monitoring. The Backup Layer incorporates
AWS Backup, Azure Backup, and recovery after a disaster. The Scalability and High Availability Layer
enhances performance and reduces downtime by implementing auto-scaling strategies and ensuring
system high availability. (Kurkina, 2023)

M1. Moving to the Cloud: Benefits and Things to Think About .

A lot of benefits when it comes to cloud computing can be the main cause of the growth in productivity,
functional systems, and financial health. In this conversation we will analyze the advantages cloud
services have for a corporation to switch to.

1. Adjustability and Adaptability:

Scalability is a critical reason why businesses are moving to the cloud among other factors. Companies
with cloud platforms as their ICT backbone can scale up computing power to meet many compute
demands as well as downsize their infrastructure if usage goes down. From organizations which
experience peaks during certain seasons to those that are fast growing, this flexibility is invaluable as it
allows them to make immediate adjustments by scaling up their IT infrastructure as per the changing
circumstances without the need to make large initial hardware investments.

2. Economy of Cost:

Cloud computing allows the companies to pay only for the resources they use in multimode. Given the
growing redundancy of huge capital expenditure in software and hardware infrastructure, it has become
less and less needed. Additionally it is important to note that cloud providers often provide pricing models
along with discounts that can be used for long term agreements, so that the businesses would be able to
make their operations against their IT budgets much more orderly and effective.

3. Mobility and Accessibility:

A cloud computing platform is a natural solution when it comes to remote work or cooperation because it
enables data and apps to be retrieved from any point in the world with the internet. Workers are motivated
through their flexibility to use devices and work from anywhere while their working progress is boosted
by this arrangement. As well, the program can be used through mobile applications or by web browsers,
giving way to end-users' accessibility and portability.

4. Business Continuity and Disaster Recovery:

First off, the cloud computing is a known technology with automatic recovery features and backup data
hence it can avoid obstacles such as damages, failure in hardware, natural disasters, network disruption
and many more. In the cloud computing systems, the providers often have automated backup solutions to
address data loss and geographically diverse data centers to minimize downtime when the system outages
occur.

5. Strengthened Security:

Contrary to popular belief, cloud computing can provide strong security features that frequently
outperform those found in on-premises setups. To protect client data, cloud providers heavily invest in
compliance certifications, security solutions, and best practices. Organizations are also able to apply
uniform security standards throughout their infrastructure thanks to centralized security controls and
monitoring technologies.

6. Creativity and Quickness:

Because cloud computing gives users access to cutting-edge products and services, it encourages
innovation. Businesses may obtain insights, streamline operations, and gain a competitive edge by
utilizing cloud-based platforms for big data analytics, artificial intelligence, and machine learning.
Furthermore, cloud environments speed up experimentation and prototyping, enabling companies to test
new concepts more quickly and launch products more swiftly.

Things to Think About Before Moving:

Even though cloud computing has many advantages, before making the switch, businesses
should carefully examine the following:

 Data Privacy and Compliance: To safeguard sensitive data, make sure cloud providers follow industry-
specific laws and compliance guidelines.

 Integration Complexity: To prevent interruptions, assess how well-integrated current systems and apps
are with cloud platforms and make plans for a smooth transition.

 Vendor Lock-In: Evaluate the dangers of being locked into a single cloud provider and think about
ways to lessen your reliance on them.

 Performance and Reliability: To make sure cloud services satisfy the needs of the company, test their
performance and evaluate their dependability.

P3 : Establishing a Fitting Deployment Model

1. Definition of Deployment Model:

The hybrid cloud deployment model is best suited for this situation. By combining aspects of public and
private clouds, the hybrid cloud enables businesses to take use of both environments' advantages while
meeting certain business and regulatory requirements.

2. Justification for Selecting Hybrid Cloud:

(i). Scalability:

Scalability is provided by the hybrid cloud paradigm, which allows enterprises to dynamically scale
resources between public and private cloud environments in response to demand. This scalability is
necessary to handle varying workloads and guarantee top performance throughout the company's
international activities.

(ii). Economy of Cost:

By using private cloud infrastructure for sensitive data and mission-critical apps and public cloud
resources for non-sensitive workloads, hybrid cloud deployment enables businesses to reduce costs. This
economical method minimizes infrastructure costs while guaranteeing good resource utilization.

(iii). Compliance and Security:

Multinational companies place a high premium on security, especially when it comes to data protection
and regulatory compliance. By utilizing the scalability and agility of public cloud services for less
sensitive operations, enterprises may preserve sensitive data and important workloads in a private cloud
environment with greater security controls thanks to the hybrid cloud architecture.

(iv). Coordinated and Centralized Management:

Organizations can centrally manage and coordinate resources across several branches and regions with a
hybrid cloud implementation. Employees can collaborate and communicate effectively no matter where
they are in the world thanks to centralized management tools and platforms that make data sharing,
collaboration, and seamless service integration possible.

(v). Location and Residency of Data:

Certain jurisdictions have laws pertaining to data residency that compel the storage of certain data in
particular geographical areas. By hosting sensitive data in private cloud environments situated in the
necessary jurisdictions, the hybrid cloud model enables enterprises to remain compliant with regulations
while utilizing the worldwide accessibility and reach of public cloud services.

(vi). Business Continuity and Disaster Recovery:

By replicating data and workloads between public and private cloud environments, hybrid cloud
deployment offers built-in redundancy and disaster recovery options. This reduces the possibility of data
loss or downtime in the event of hardware malfunctions, natural catastrophes, or other disturbances and
guarantees business continuity.

3. Considering Implementation:

(i). Network connectivity

For seamless integration and data transfer across public and private cloud systems, dependable and fast
network connectivity must be established.

(ii). Access controls and data encryption:

Enforce compliance with security and privacy standards by putting strong encryption techniques and
access restrictions in place to safeguard data while it's in transit and at rest.

(iii). Cooperation and Integration:

To enable smooth data interchange and application integration across environments, make sure public and
private cloud services are compatible and interoperable with one another.

(iv). Administration and Surveillance:

Use management and monitoring tools to keep an eye on the hybrid cloud infrastructure, track resource
usage, monitor performance, and impose security regulations consistently.

4. Final Thought:

In summary, the hybrid cloud deployment architecture provides scalability, cost effectiveness, security,
centralized management, and regulatory compliance, making it the perfect choice for the needs of the
global company. Through smart utilization of both public and private cloud environments, the
organization may accomplish its business goals while preserving adaptability, durability, and agility in a
constantly changing global context.

P4 : Choosing an Appropriate Model by Comparing Service Models

In cloud computing, the abstraction level at which services are offered to customers is referred to as the
service model. Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service
(SaaS) are the three main service models. We'll evaluate each service model's features, advantages, and
applicability for a small software development startup aiming to create and launch a new online
application in this comparison.

1. IaaS, or infrastructure as a service:

Features:

Delivers virtualized computer resources via the internet, including servers, storage, and networking
infrastructure.
Users have complete control over the middleware, applications, and operating system that are installed on
the infrastructure.
provides flexibility, scalability, and on-demand resource supply.

Advantages:

(i). Flexibility: Gives developers the ability to alter and set up the underlying architecture to satisfy
certain needs.

(ii). Scalability: Provides for simple resource scaling up or down in response to demand, guaranteeing
best practices and financial savings.

(iii). Control: Gives users complete command over the environment, enabling personalization and system
integration.

Adequacy for the given scenario:

- IaaS is a good fit for startups since it offers the autonomy and flexibility needed to create and launch a
new online service.

- Without being restricted by platform constraints, developers can select the programming languages,
frameworks, and tools that are most appropriate for their application.

2. PaaS (Platform as a Service):

Features:

(i). Offers an internet-based platform for development and deployment that includes middleware, tools,
and runtime environments.

(ii). Lets developers concentrate on developing applications rather than worrying about maintaining
servers or other infrastructure parts by abstracting away the underlying infrastructure.

(iii). Provides administration tools, security, and scalability built right in.

Advantages:

(i). Rapid Development: By offering pre-configured development environments, integrated tools, and
services, this method speeds up the creation of applications.

(ii). Simplified Deployment: By automating provisioning, setup, and management operations, the
deployment process is made more efficient.

(iii). Scalability: Provides tools for programs to scale automatically in response to increases in workload
and traffic.

Adequacy for the given scenario:

- Because PaaS offers a streamlined development and deployment process, developers can concentrate on
creating and perfecting their web application, making it a perfect fit for startups.

- Using PaaS, the startup can shorten time-to-market and speed development by utilizing pre-built
services and components.

3. SaaS (software as a service):

Features:

(i). Removes the requirement for local installation and maintenance by delivering software applications
over the internet on a subscription basis.

(ii). Applications are accessed by users using web browsers or APIs; the service provider hosts and
maintains the program.

(iii). Provides automatic updates, accessibility, and scalability.

Advantages:
(i). Accessibility: Enhances flexibility and mobility by enabling users to access programs from any device
with an internet connection.

(ii). Maintenance-Free: Reduces administrative load and IT overhead by doing away with the requirement
for software upgrades, maintenance, and installation.

(iii). Pay-Per-Use: Encourages cost effectiveness by providing a pay-as-you-go pricing model where
consumers only pay for the features and services they utilize.

Adequacy for the given scenario:

- Because SaaS usually requires using off-the-shelf software tools rather than developing custom
solutions, it might not be the ideal option for the startup.

- However, in order to cut down on administrative costs and concentrate on essential business operations,
the firm can think about utilizing SaaS solutions for non-core tasks like email, collaboration, or customer
relationship management.

M2 : Illustrating deployment models with instances from the actual world.

Let's concentrate on two popular deployment models: monolithic architecture and microservices
architecture, to illustrate specific deployment patterns with real-world applications. We'll go over their
traits, benefits, and practical applications.

1. Monolithic Architecture:

Features:

The classic method of monolithic architecture involves tightly coupling and deploying all of an
application's components as a single entity.
Usually, the application is made up of a single codebase with closely linked modules and functionalities.
Replicating the complete application stack in order to scale can result in inefficient use of resources.

Benefits:

- Simplicity: Small to medium-sized applications can benefit from monolithic designs since they are easy
to develop, implement, and maintain.

- Tight Integration: Development and debugging procedures are made easier by the direct communication
between components within the program.

- Simplicity of Deployment: When a monolithic application is deployed, only one artifact is deployed,
streamlining deployment workflows and pipelines.

Real-World Illustration:

E-commerce Platforms: Initially, a monolithic architecture was used by several e-commerce platforms,
including Magento 1.x. The user management system, checkout procedure, and product catalog were all
seamlessly merged into a single codebase and released as a single application.

2. Microservices Architecture:

Features:

With a microservices design, an application is divided into smaller, loosely connected services, each
handling a distinct business task.
Greater agility and scalability are made possible by the separate development, deployment, and scaling of
each service.
APIs are commonly used for communication between services, allowing for component decoupling and
flexibility.

Benefits:

- Scalability: Granular scaling, which allows individual services to be scaled separately based on demand,
is made possible by the microservices architecture.

- Flexibility: Services enable quick invention and iteration since they may be created, implemented, and
updated separately.

- Fault Isolation: This improves fault tolerance and resilience by ensuring that failures in one service do
not always affect other services.

Real-World Illustration:

Netflix: When it comes to developing and growing its streaming platform, Netflix is a shining example of
a business that has adopted microservices architecture. Because each service like user authentication,
recommendation engines, and video streaming is created and implemented separately, Netflix is able to
innovate quickly and manage large volumes of data.

D1: Rationale for Selecting Tools to Implement a Microsoft Azure Cloud Computing Solution.

The right tools must be used when putting a cloud computing solution on Microsoft Azure to guarantee
effective resource management, deployment, and optimization. The following lists the instruments
selected for implementing a cloud computing solution on Microsoft Azure, along with explanations for
each choice:

Resource Manager (ARM) on Azure:

Reasoning

 The Azure infrastructure management service, known as Azure Resource Manager, helps customers
to effectively create, manage, and arrange Azure resources.
 ARM ensures consistency and repeatability by offering a consistent administration interface and
enabling the implementation of sophisticated cloud applications using declarative templates.
 By automating deployment and administration procedures and defining the ideal state of their Azure
infrastructure, customers may streamline operations and minimize manual labor with ARM.

2. Virtual Machines (VMs) on Azure:

Reasoning

 Azure Virtual Machines give users the flexibility and scalability to execute a variety of workloads by
enabling them to deploy and manage virtualized computing instances in the cloud.
 Users can develop new apps in familiar environments or move old ones to the cloud thanks to virtual
machines' support for a broad variety of operating systems and application frameworks.
 To satisfy performance, capacity, and cost needs, customers can select from a range of instance types
and sizes with Azure VMs, guaranteeing the most effective and efficient use of available resources.

3. Kubernetes Service on Azure (AKS):

Reasoning

 The deployment, scaling, and maintenance of containerized applications are made easier with Azure
Kubernetes Service, a managed Kubernetes container orchestration service.
 By offering integrated monitoring, automated cluster provisioning, and smooth connection with
Azure services, AKS frees developers to concentrate on developing applications rather than
managing infrastructure.
 Users may take advantage of Kubernetes' potent orchestration, scalability, and service discovery
features to deploy and manage containerized apps at scale with AKS.

4. Storage with Azure Blobs:

Reasoning

 Azure A scalable, safe, and affordable storage option for unstructured data, including pictures,
videos, documents, and backups, is blob storage.
 Based on access frequency and retention needs, users can move data between hot, cool, and archive
levels in Blob Storage's tiered storage choices to optimize costs.
 Blob Storage is appropriate for a variety of cloud storage use cases due to its high availability,
robustness, and worldwide accessibility.

5. DevOps on Azure:

Reasoning

 Azure DevOps is a full suite of cloud-based development tools and services that facilitate cloud-
based cooperation, automation, and continuous delivery.
 End-to-end application lifecycle management is made easier with Azure DevOps' build automation,
agile planning, release management, and source code management features.
 Teams can automate CI/CD pipelines, embrace DevOps methodologies, and expedite software
delivery while maintaining quality, dependability, and compliance with Azure DevOps.
6. Azure Watch:

Reasoning

 Azure Monitor is a single, integrated monitoring solution that offers thorough insight into the
functionality, availability, and health of Azure apps and resources.
 Azure Monitor allows for real-time monitoring, analysis, and troubleshooting by gathering telemetry
data from several sources, such as Azure resources, apps, and external services.
 By using Azure Monitor, customers can optimize cloud operations and increase reliability by setting
up alerts, creating custom dashboards, and gaining insights into resource use, application
performance, and user experience.

To summarize, the tools selected for implementing a cloud computing solution on Microsoft Azure
provide a dependable and expandable infrastructure, efficient development and deployment procedures,
all-encompassing monitoring and administration features, and reasonably priced storage options. Through
the utilization of Azure Monitor, Virtual Machines, Blob Storage, Kubernetes Service, Azure Resource
Manager, and DevOps, enterprises can effectively develop, implement, and oversee cloud-native
applications while guaranteeing dependability, scalability, and economical effectiveness on the Azure
platform.

P5: Setting Up Microsoft Azure for a Cloud Computing Platform.

In order to fulfill the needs of the organization, the infrastructure, services, and resources required for
cloud computing platforms on Microsoft Azure must be set up. An outline of how to configure an Azure
cloud computing platform can be seen below:

1. Open an account on Azure:

If you do not already have an Azure account, create one.

Go to https://portal.azure.com/, the Azure portal, and enter your login information to access it.

2. Form a Group of Resources:

Azure resources can be logically grouped into resource groups.

Go to the Azure portal, then click the "Resource groups" option on the menu on the left.
In order to start a new resource group, click "Create".
Give the resource group a name, pick the subscription, and indicate the region.
To create the resource group, select "Create" after selecting "Review + create."

3. Set up virtual machines, or VMs:

The cloud hosting of applications and services depends on virtual machines.

To create a new virtual machine (VM), go to "Virtual machines" in the Azure interface and click "Add".
Select the virtual machine's (VM) suitable operating system, size, and configuration settings.
Set up the public IP address, subnet, and virtual network in the networking configuration.
To finish creating the virtual machine, adhere to the instructions.
4. Establish a network:

In order to connect resources both inside the Azure environment and with external networks, networking
configurations are necessary.
As required, configure virtual networks, subnetworks, virtual private networks (VPNs), and network
security groups (NSGs).
Use Azure VPN Gateway or Azure ExpressRoute to establish secure access between on-premises
networks and Azure.

5. Implement Storage Fixtures:

Blob, file, and disk storage are just a few of the storage choices that Azure provides for organizing and
storing data.
To store files, virtual machine drives, and application data, create storage accounts.
Set up encryption, replication parameters, and access controls to ensure data security and compliance.

6. Put Identity and Access Management (IAM) into practice:

To maintain security and compliance, IAM manages access to Azure resources and services.
Configure Azure AD (Azure Active Directory) for user authentication and identity management.
To provide permissions according to roles and responsibilities, define role-based access control (RBAC)
policies.
For improved security, turn on conditional access controls and multi-factor authentication (MFA).

7. Set up logging and monitoring:

An understanding of the security, health, and performance of Azure resources can be gained through
monitoring and logging.
Give Azure Monitor permission to gather and examine telemetry data from virtual machines, services,
and apps.
To enable centralized logging, querying, and log data analysis, set up Azure Log Analytics.
To proactively monitor the performance and health of your resources, create alerts and notifications based
on predetermined criteria and thresholds.

8. Streamline Management and Deployment:

Automation increases efficiency, lowers human error, and streamlines deployment and management
activities.
To automate resource provisioning and configuration, use Azure Resource Manager (ARM) templates or
the Azure CLI for infrastructure as code (IaC).
Use Azure DevOps pipelines to automate release management and application deployment procedures
using continuous integration and continuous deployment (CI/CD).

9. Assure Security and Compliance:

In order to preserve data and comply with regulations, compliance and security are essential factors to
take into account.
For continuous security monitoring, threat detection, and compliance management, use Azure Security
Center.
Use Azure Key Vault and Azure Disk Encryption to enable encryption for sensitive data both in transit
and at rest.
To make sure that industry standards and laws are being followed, conduct routine security assessments,
audits, and compliance checks.

10. Maximize Expenses and Resource Use:

Monitoring resource use, spotting potential for cost savings, and allocating resources optimally are all
parts of cost optimization.
To forecast expenditure, manage and evaluate resource utilization, and optimize costs, use Azure Cost
Management + Billing.
Use reserved instances, spot instances, and scaling controls to maximize resource use and save expenses
without sacrificing performance.

P6 Implementing a Virtual Machine on Azure

Here are some simple screenshots that show you how to build a virtual machine on a cloud computing
platform such as Microsoft Azure.

To begin with, we must use our email address and password to get into our Microsoft account.

The Azure Home Page will appear after you log in. It features a Virtual Machines button in the same row
as the Create a Resource option, both on the very left side of the screen. Navigate to and click the "Virtual
Machines" button.
The next page provides options for the virtual machine you want to work on. I chose the first choice. i.e.,
an Azure virtual machine.
The create a virtual machine page contains several tabs, including Basic, Management, Networking, and
Tags. Click on Basics, under Project Details, create a new Resource Group, such as RootsIVY and change
your Virtual Machine name to your preferred liking e.g (MyVirtualMachine).

Creating a Virtual Machine you will need to select your Security Type and Image, we selected Windows
11 Pro as it is the latest one. Chooseing x64 architecture because almost all programs supports and runs
on it perfectly.
Creating a Virtual Machine you will be needing a Username and Password for it. Under Administrator
Account you can fill in the boxes for example shown above.

Onto the next Tab (Disks) under OS disk size choose your storage option depending on your usage. OS
disk type should be an SSD (Solid State Drive) as it provides the fastest data transferring speeds.

Networking Tab : Changing the Virtual Network name to our desired name by clicking on (Create New
Button) and others like subnets and network security groups (NSGs), on the Networking Tab, if needed.
When done fulfilling the the other tabs we will jump to (Review + Create) Tab which is final Tab to
creating your own Virtual Machine.

After initializing and submitting, you can now access your virtual machine when the deployment is
complete. By clicking on (Deployment Details) drop down button you can more details of your
Deployment.
After your deployment is complete, combine and press (Win+R) to open up the RUN option, type
“mstsc” and click the (Okay) button.

Moving on windows will ask you for your username and password.
After clicking on the (Yes) button your Virtual Machine will load onto your current desktop in Full
Screen Mode.
 M3: Talking About Problems and Limitations When Building a Virtual Machine on Microsoft Azure.

A key component of implementing apps and services in the cloud is building virtual machines (VMs) on
Microsoft Azure. Nonetheless, a number of problems and limitations could surface throughout the
development phase. Let's examine a few typical problems and issues:

1. Restrictions on Resources:

Azure has resource restrictions that may limit the quantity or size of virtual machines (VMs) you can
install. These restrictions include quotas and subscription limits. Resource constraints might make an
application less scalable and perform worse.

2. Configuration and Sizing of VMs:

Achieving optimal performance and cost-effectiveness requires selecting the appropriate virtual machine
(VM) size and configuration depending on workload needs. Improper sizing of virtual machines might
result in either excessive or underuse of resources.

3. Security and Network Connectivity:

Careful planning and consideration of security requirements are necessary while configuring virtual
networks, subnets, security groups, and network connectivity for virtual machines (VMs). Incorrect
network configuration can result in poor connectivity, security flaws, or the disclosure of private
information.

4. Storage and Management of Data:

For data integrity and disaster recovery, managing virtual machine (VM) data storage, including disk
configuration, backup, and replication, is crucial. Data loss or downtime may be caused by improperly
configured data management rules or inadequate storage provisioning.

5. Software and Operating System Updates:

Maintaining security and compliance requires keeping virtual machines (VMs) up to date with the most
recent software releases, security updates, and operating system patches. Updates that are overlooked or
delayed might leave virtual machines vulnerable to security flaws and jeopardize the integrity of the
infrastructure.

6. High Fault Tolerance and Availability:

To provide high availability and fault tolerance for virtual machines (VMs), load balancing, redundancy,
and failover methods must be put in place. When hardware fails or maintenance occurs, improper
redundancy or failover arrangements can cause downtime and service interruptions.

7. Orchestration and Automation:

Operations can be streamlined and efficiency increased by automating VM deployment, configuration,

and management procedures with Azure Resource Manager (ARM) templates or Azure Automation. But
putting automation and orchestration workflows into place effectively calls for knowledge and
development budget.

8. Optimization and Cost Management:

In cloud systems, controlling virtual machine expenses and maximizing resource usage are constant
issues. Utilizing Azure Cost Management tools, applying cost allocation tags, and keeping an eye on
virtual machine utilization can all help reduce expenses and find areas for optimization.

9. Governance and Compliance:

When establishing virtual machines (VMs), it is crucial to ensure compliance with organizational rules
and regulatory requirements, such as data sovereignty laws and industry standards. Liabilities both
financially and legally may arise from disregarding compliance and governance requirements.

10. Knowledge and Skill Gaps:

It can be difficult for development teams to acquire and retain knowledge on developing technologies,
best practices, and troubleshooting methods when it comes to Azure virtual machines. Initiatives for
ongoing education and training are required to close knowledge and skill gaps and stay up to date with
cloud technology developments.

D2: Overcoming Issues and Constraints during the Development Process

Use these crucial tactics to resolve problems and limitations that arise when developing virtual machines
on Microsoft Azure:

 Complete Planning: Make a detailed plan in order to foresee obstacles and efficiently direct the
development process.
 Automation and Templates: To expedite the deployment and configuration of virtual machines
(VMs), employ automation technologies such as Azure Resource Manager (ARM) templates.
 Monitoring and Optimization: Keep an eye on virtual machine (VM) performance and resource
usage, and adjust configurations as needed to cut costs and increase efficiency.
 Training and Skill Development: Investing in training and skill development can help teams become
more knowledgeable about cloud-native architectures and Azure technologies.
 Security and Compliance: Throughout the development lifecycle, give top priority to security
controls and follow regulations pertaining to compliance.
 Continuous Improvement: Iterate on solutions, learn from mistakes, and cultivate a culture of
continual development to stimulate creativity and resiliency.

Organizations can overcome obstacles and limitations and optimize the advantages of utilizing virtual
machines on Microsoft Azure by putting these techniques into practice.

P7: Analyzing Common Problems in a Cloud Computing Platform and Discussing Solutions.
On a cloud computing platform, several common problems can be triggered, which in turn compromise
the delivery of thse attributes. Let's examine these issues and explore appropriate solutions:Let's examine
these issues and explore appropriate solutions:
1. Performance Bottlenecks:
Problem: Sluggish performance of the application at the time of the shortage of resources (CPU, memory,
network latency), or an ineffective code execution.
Solution: Install the performance monitoring tool that will help to visualize the bottlenecks; resources
adjustment and use auto-scaling will help to tune resources; finally, optimize application code for optimal
efficiency.
2. Security Vulnerabilities:
Problem: Sharing servers or cloud with third parties may lead the confidential information, software
applications, or hardware resources to security threats, including unauthorized access to other systems and
data breaches, or malware attacks.
Solution: Develop impenetrable security features like encryption, presence of identity and access
management, establish network security groups, firewalls, intrusion detection systems and schedule
periodic security audits and vulnerability assessments.
3. Downtime and Outages:
Problem: Service disruptions caused by either service interruptions or downtime in cloud-related
infrastructure potentially resulting in unavailability or inconsistent quality of cloud services.
Solution: Build failover-ready structures utilizing the redundancy, fault tolerance and high availability
features. Create disaster recovery (DR) and business continuity (BC) strategies, deploy applications in
multiple availability zones or regions, and ensure failover tests are made regularly.
4. Data Loss or Corruption:4. Data Loss or Corruption:
Problem: Faced with data deletion or damage due to such factors as accident inadvertence, hardware
malfunction, software anomalies and cyberattacks.
Solution: Data backup and recovery processes should be implemented. Replication and synchronization
shall be used to ensure data redundancy. Geo-redundant storage can be leaned on among other things and
data encryption is needed to avoid unauthorized access and data manipulation.
5. Compliance Challenges:
Problem: Not abiding by the standard of industry regulations, data protection law, and agreement contract
is a limitations factor in cloud environments.
Solution: Install compliance framework and controls, regularly do compliance assessment and audit,
apply the encryption and access controls and hence, comply with industry specific compliance
certifications and standards.
6. Cost Overruns:
Problem: Going over budget limit by inappropriately utilizing the resources or finding situations that are
unexpected or due to the inefficient resource allocation, underutilization, or cloud spending, which are not
optimized.
Solution: Monitor and optimize cloud costs with service cost management tools, utilize cost allocation
tags to have visibility of resource tracking, use reserved instances and spot instances to magnify cost
savings, and embrace cost optimization best practice such as rightsizing and scaling.
7. Vendor Lock-In:
Problem: Building up the reliance to only one cloud provider, extremely restricting the flexibility and
transferring data from one environment to another could be a major issue.
Solution: Vendor lock-in can be avoided through multi-cloud and hybrid cloud strategies, application
portability can be enabled with containers, and cloud-agnostic technologies and standards as well as open-
source tools and platforms are a must.
8. Skills Gap and Training Needs:
Problem: Lack of experienced specialists capable to apply cloud technologies, DevOps practices, secure,
and the compliant environments for business.
Solution: Investing in employee training and certification programs; enhancing a culture of continuous
learning and skill development; collaboration with external parties and consultants; and utilizing MSPs
(managed service providers) for particular expertise are some important tools to be used to create
technical support internally.
In order to address these common issues, organizations should measure the risk, assess the condition of
operations and implement solutions that would guarantee maximum platform efficiency, reliability,
security, and compliance.

P8: In order to get the overall picture about the Security Issues in Cloud environments we will first need
to do an assessment.

The cloud infrastructure may be handy, but it also draws unusual security problems. Let's assess some of
the most common security issues in cloud environments:Let's assess some of the most common security
issues in cloud environments:

1. Data Breaches:
Assessment: Data breaches is one of the most important security threats in the Cloud environment, where
the most confidential information is stored and been frequently processed.
Risk: Offenders of unauthorized access, system misconfiguration, insider threat, or vulnerabilities in a
cloud infrastructure can lead to a data breach and result in data theft, financial loss, and the reputation of
the enterprise in question.
Mitigation: Implement a comprehensive set of controls based on access, encryption, DLP, and monitoring
that will safeguard data integrity and availability as well as data confidentiality. Frequent regular security
audit and penetration testing should be done to detect and instrument the vulnerabilities.
2. Identity and Access Management (IAM) Risks:
Assessment: Lack of strong identity and access controls policy create a major issue in Cloud
environment, which have multiple users and several applications which need access to resources.
Risk: Under permissioned, privileged escalation and authorization can lead to breach of privacy, data
exposure, and security of key systems.
Mitigation: Set up strong authentication methods like multi-factor authentication (MFA) and least
privileged access controls plus role-based access control (RBAC) which will enable to effectively manage
identities and enforce policies.
3. Insider Threats:
Assessment: The insider threat is the most dangerous one and those who abuse the system or are careless
employees are the ones posing the greatest danger.
Risk: It is possible that personnel with a legitimate access will do this in either of the ways or they will
become intentional data misuse factor or compromise security measures that would then lead to data
breaches or network disruptions.
Mitigation: Through user activity monitoring, audits, and behavioral analytics, attempt to detect cases of
anomalous behaviours, implement separation of duties, and give security trainings to your employees in
order to reinforce users' security and policy knowledge.

4. Insecure APIs and Interfaces:4. Insecure APIs and Interfaces:

Assessment: Lack of a secure API (application programming interface) and interface allows attackers to
access cloud services and data through enabled security risks.
Risk: As the attackers can utilize API and interface defects or vulnerabilities to cause unauthorized access,
code execution, or data manipulation, it is critical to ensure that such APIs are free from vulnerabilities or
misconfigurations.
Mitigation: Implement a robust API security model that confirms input data is valid, implements
authentication and authorization controls, encrypts the sensitive data during transit and at rest, and
restricts rate and access logging for the APIs.
5. Data Loss and Leakage:
Assessment: Data loss and leakage occur when data is mistakenly disclosed or happens when it is
wrongfully accessed by unauthorized users or third parties.
Risk: Data inadequately encrypted, secured storage configurations, and unenforced DLP controls can lead
to the exposure of data that is loss or leakage, consequently violating privacy regulations, and causing
financial and reputational damage.
Mitigation: Encrypt data via locks and keys in the rest and transmission, formulate access controls
together with auditing, apply data masking and tokenization techniques, and deploy DLP solutions to
monitor and prevent data access and exfiltration.
6. Cloud Misconfigurations:
Assessment: Misconfigurations in cloud platforms, cloud infrastructure, and cloud security are such key
factors as they are very common leaks.
Risk: The resources which are not appropriately configured like storage buckets, database, or network
settings, might fuss in the exposure of sensitive data to unauthorized people or compromise.
Mitigation: Instantiation of automated configuration management, adherence to the security best practices
and industry standards, use of the security configuration assessment tools, and security audits and
compliance checks should be the part of continuous process.
7. Shared Responsibility Model Challenges:7. Shared Responsibility Model Challenges:
Assessment: the same shared responsibility model in cloud computing may cause the users to blur or pose
the responsibility for security between cloud providers and consumers.
Risk: Inaccuracies in the cloud security supervision can lead to not doing something which is right and
proper at all and also in inadequate protection of cloud assets or failure to address the security
requirements effectively.
Mitigation: Provide for the detailed specification and documentation of security roles, responsibilities and
controls in contracts and service-level agreements (SLAs), as well as the provision of clear
communication lines between cloud providers and customers. It is important in such cases to identify and
involve additional security measures in order to solve specific risks and requirements.
Through analyzing these security pitfalls and using the appropriate prevention solutions, companies can
achieve a better security posture in their cloud environment, thus reducing the risk of a leak of data,
security breach and violation of compliance standards.

M4: To Top in Building a High-level Security Cloud Platform is also the matter of Solving Security
Issues.

To accomplish cloud platform security, one needs to apply a complete method that solves all the security
mistakes to the point. Let's discuss strategies to overcome security challenges in cloud environments:Let's
discuss strategies to overcome security challenges in cloud environments:
1. Implement Robust Identity and Access Management (IAM):
 Apply the strong credentialing methods, e. g. the multi-factor authentication (MFA), to check the
user's identity.
 Sustain least privilege access corruption and identity based access control (RBAC), the user rights
must be based on the roles and responsibilities.
 Validate authentication and authorization methods and support account provisioning and
deprovisioning procedures in order to manage access well.
2. Encrypt Data at Rest and in Transit:
 In-cloud storage or on-air transmission, all sensitive data should be encrypted.
 Adopt key management solutions for encryption keys that contain algorithms for key generation,
storage and rotation.
 Recommend the use of TLS protocol for encryption of communications between the cloud and cloud
services or applications.
3. Secure APIs and Interfaces:
 Concrete security testing of APIs and interfaces will be performed in order to find and remove
vulnerabilities.
 Implement Auth and Auth for the API, such as OAuth and API Keys.
 Use encryption to encrypt the data that APIs process and validate the input, which is designed to
restrain the attacks based on injection and dataset manipulation.
4. Implement Network Security Controls:
 Apply network security groups (NSGs) and firewall rule configurations to ward off every kind of
menacing traffic that might try to enter. Also, control communication between the resources.
 With Virtual private networks (VPNs) or dedicated connections as your medium of choice between
on-premises networks and clouds, expect security in your connection.
 Employ intrusion detection and prevention solutions (IDS\IPS) in order to intercept and thwart the
malicious traffic over the network connection.

5. Regularly Update and Patch Systems:

 Stick to the latest security patch for system software and applications, and cloud products' firmware.
 Provide for the automatic deployment of security fixes via these tools, thus, taking away the time
spent on manual patch management.
 Perform vulnerability scannings and penetration tests to ensure security vulnerabilities detection,
then remediation in a proactive manner.
6. Implement Security Monitoring and Incident Response
 Thereby implement security monitoring technologies, i. e. intrusion detection system (IDS), security
information and event management (SIEM) software and log management tools.
 Implement incident response procedures and incident response process to ensure security incidents
are detected, reacted, and recovered quickly and effectively.
 Conduct regular security audits, threat computer, or rag bags as a mock scenario to assess and
improve emergency situation management.
7. Educate and Train Personnel:
 Caterize employees, contractors, and partners with comprehensive security awareness sessions to
educate them on how to safeguard data, use the policies and procedures.
 Building up a secure culture within the company and developing a code of responsibility and
compliance is a good thing, meaning that people should feel free in reporting suspicious activities
and obeying the security policies.
8. Follow Compliance Standards and Regulations:
 Be aware of and comply with industry-specific regulatory mandates, including GDPR, HIPAA, PCI
DSS, and ISO 270127.
 Use internal rules, regulations and mechanism in demonstrating conformity and have compliance
audits and assessments on a regular basis.
9. Utilize Cloud Security Solutions and Services:
 Use cloud-native services and solutions delivered by cloud providers to enable the deployment of
security postures. One can include Azure Security Center, AWS Security Hub, and Google Cloud
Security Command Center.
 Deploy trusted third party security solutions like cloud access security brokers (CASBs) which is for
threat intelligence platforms and cloud workload protection platforms (CWPPs) to upgrade cloud
safety abilities.
10. Continuously Monitor, Evaluate, and Improve Security Posture:
 Develop a perpetual security monitoring system as a way of spotting and preventing escalation of
emerging risks and security threats.
 Implement routine security evaluations around risk management and security posture to identify
issues and then plan appropriate security measures implementation.
These strategies combined with enforced best practices would help organizations develop a secure cloud
infrastructure which will limit security risks, secure valuable information and abide with standard
requirements.

D3: Taking Precautions when moving Data to the Cloud.

One of the biggest issues when moving to cloud computing is the security of data, this must be kept safe
by any means that ensures the data is not compromised. Here's a critical discussion on how organizations
should approach data protection during cloud migration:
Data Classification and Inventory:
Critical Analysis: Organizations need to do an integral analysis to identify data into its classes based on
these parameters: sensitivity, regulatory requirements, and responsibilities of the business.
Considerations: Distinguish every data asset from all types of structured and unstructured data in the
organization's IT system.
Encryption:
Critical Analysis: Encryption is about the most basic method to ensure both data confidentiality at rest
and during data transfer.
Considerations: Utilize robust encryption algorithms alongside keys management methods to keep info
safe from the trespass of unauthorized access.
Access Controls and Identity Management:
Critical Analysis: Restricting resource with regard to a user's role ensures that even unauthorized users do
not have the data breached.
Considerations: Develop strong identity and access management (IAM) programs that involve multi-
factor authentication (MFA) and the least access principal in other applications.
Data Residency and Compliance:
Critical Analysis: Abiding with the data ownership rules and regulations is imperative in order to avoid
being slapped with legal and regulatory fines.
Considerations: Make sure data sovereignty as well as privacy regulations maintained e. g. GDPR,
HIPAA and PCI DSS are taken into consideration when migrating in the cloud.
Backup and Disaster Recovery:
Critical Analysis: Disaster recovery data backups and strategies are of high importance to carry out the
recoverability of data and resilience in the cases of disaster recovery scenarios and data loss.
Considerations: Regular data backups alongside data replication and disaster recovery programs need to
be channeled along the way to eliminate much time and data loss risks.
Data Loss Prevention (DLP):
Critical Analysis: DLP technology is employed to block the accidental or wrongful dissemination data
classification.
Considerations: Cure DLP policies through the implementation monitoring tools, which alert system
administrators about inappropriate access and sharing of data.
Risk Assessment and Mitigation:
Critical Analysis: The risk assesments, on the one hand, it helps in finding out the threats and
vulnerabilities that can affect the data security.
Considerations: Employ security controls, such as vulnerability detection, penetration tests, and security
reviews to help to address the risks that have been detected.
Contractual and Legal Protections:
Critical Analysis: These contracts should have provisions that clearly details the issues of data protection,
ownership and liability between the organization and the cloud service supplier.
Considerations: Make agreements provide for data security, data none-disclosure, data breachnotification,
and also intellectual property (IP) right of the data.
Continuous Monitoring and Auditing:
Critical Analysis: Upgrading allows to fix and customize the difficiest situations on time, because it
allows to respond to security incidents and anomaly activities in real time.
Considerations: Employ security monitoring tools and practices that will bolster data access, usage, as
well as integrity checks, while also running regular audits and compliance inspections.
Employee Training and Awareness:
Critical Analysis: Employees are the most important factor in data protection and they must be adequately
trained on security policies, procedures, and practices that will help in keeping data confidential, private
and away from unauthorized access.
Considerations: Security awareness training should be promoted both regarding the comprehensiveness
and the security culture accountability.
In conclusion, data security must eclectic and includes encryption, access management, compliance,
backup, risk assessment, monitoring and continuous awareness. It is imperative for organizations to
evaluate every important thing and to apply the tactics that will guarantee the data reliability and safety
during data migration and in the future.

Bibliography

Aceto, G., Botta, A., de Donato, W., & Pescapé, A. (2013). Cloud monitoring: A survey. Computer
Networks, 57(9), 2093-2115.
Bernstein, D. (2014). Containers and cloud: From LXC to Docker to Kubernetes. IEEE Cloud
Computing, 1(3), 81-84.
Buyya, R., Yeo, C. S., & Venugopal, S. (2019). Market-oriented cloud computing: Vision, hype, and
reality for delivering IT services as computing utilities. 10th IEEE International Conference on High
Performance Computing and Communications.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The rise of “big
data” on cloud computing: Review and open research issues. Information Systems, 47, 98-115.
Jadeja, Y., & Modi, K. (2012). Cloud computing - concepts, architecture and challenges. International
Conference on Computing, Electronics and Electrical Technologies.
Mansfield, K. (2020). Cost Management for Azure Resources. O'Reilly Media.
Microsoft Azure. (2023). Azure Virtual Machines Overview. [Online] Available at:
https://azure.microsoft.com/en-us/services/virtual-machines/