UNIT-I: Introduction to Cloud Computing

●​ What is Cloud Computing? It's accessing computing resources

like storage, servers, and software over the internet on demand,
paying only for what you use. Think of it like using electricity –
you use what you need without owning the power plant.
●​ How it works? It uses virtualization to make one physical server
act like many. It relies on large data centers managed by
providers and users access resources via web browsers or APIs.
●​ Types of Cloud (Deployment Models):
○​ Public: Resources shared among many users, owned by a
third-party provider (e.g., Gmail, AWS, Azure). Provider has
most control.
○​ Private: Resources used exclusively by a single
organization, can be on-premises or hosted (e.g.,
Company's internal data center). Organization has more
control.
○​ Hybrid: A combination of public and private clouds working
together (e.g., storing sensitive data privately, using public
cloud for busy times). Control is shared.
○​ Community: Resources shared by several organizations
with common concerns (e.g., government agencies sharing
data). Control is shared among community members.
●​ Goals & Challenges:
○​ Goals: Cost savings, scalability, flexibility, reliability, quick
deployment.
○​ Challenges: Security concerns, vendor lock-in, managing
costs, ensuring uptime, legal compliance.
●​ Leveraging Cloud Computing: How businesses can benefit.
●​ Cloud Economics and Total Cost of Ownership (TCO): Cloud
 Economics focuses on "pay-as-you-go". TCO includes all costs;
cloud often aims to lower it compared to traditional IT.
●​ Cloud Service Models:
○​ Software as a Service (SaaS): Renting a fully furnished
apartment; software accessed over the internet (e.g., Gmail,
Salesforce). Provider manages everything except maybe
user accounts.
○​ Platform as a Service (PaaS): Renting an unfurnished
apartment with utilities; platform for developing and running
applications without managing infrastructure (e.g., Google
App Engine). You manage applications and data.
○​ Infrastructure as a Service (IaaS): Renting an empty plot
of land; provides basic computing building blocks like
servers, storage, networking (e.g., Amazon EC2). You
manage applications, data, runtime, middleware, and OS.
●​ SaaS Integration Services: Services to help different SaaS
applications communicate.
●​ Integration of Private and Public Cloud: Hybrid Cloud.

UNIT-II: Virtualization and Abstraction

●​ What is Virtualization? Creating a virtual version of something
like an OS, server, or storage device. One physical machine can
run multiple "virtual machines" (VMs).
●​ How Abstraction is Provided in Cloud? Abstraction hides
complex hardware details. Users interact with easy interfaces
without needing to know about the physical infrastructure.
Virtualization enables this.
●​ Advantages of Virtualization: Resource efficiency, cost
 savings, flexibility, isolation, disaster recovery.
●​ Disadvantages of Virtualization: Performance overhead,
complexity, single point of failure (mitigated by clustering),
software licensing complexity.
●​ Types of Hypervisor: Software that creates and runs VMs.
○​ Type 1 (Bare Metal): Runs directly on hardware (e.g.,
VMware ESXi). More efficient and secure.
○​ Type 2 (Hosted): Runs on top of an OS (e.g., VirtualBox).
Easier setup, good for desktop virtualization.
●​ Load Balancing: Distributing traffic/workloads across multiple
servers to prevent bottlenecks, improve responsiveness, and
ensure no server is overworked.

API – Application Programming Interface​

A set of rules that lets different software talk to each other.
SaaS – Software as a Service​
Software you use online without installing, paid as a subscription.
PaaS – Platform as a Service​
Online tools to build and run apps without managing servers.
IaaS – Infrastructure as a Service​
Online access to servers, storage, and networks on demand.
VM – Virtual Machine​
A software-based computer running inside another computer.
TCO – Total Cost of Ownership​
All costs (direct and hidden) involved in owning a system.
AWS – Amazon Web Services​
Amazon’s cloud platform offering many online services.
EC2 – Elastic Compute Cloud​
AWS service that gives virtual servers to run applications.
S3 – Simple Storage Service​
AWS service to store and retrieve files and data easily.
VPC – Virtual Private Cloud​
Your own private network space in AWS.
IAM – Identity and Access Management​
AWS tool to control who can access what in your cloud.
RDS – Relational Database Service​
AWS service to manage databases easily in the cloud.
DNS – Domain Name System​
Translates website names (like google.com) to IP addresses.
AZ – Availability Zone​
A location in AWS with its own data center for reliability.
HA – High Availability​
System designed to stay online with minimal downtime.
KMS – Key Management Service​
AWS service to create and manage encryption keys.
WAF – Web Application Firewall​
Protects websites from hackers and common cyber attacks.
CLI – Command Line Interface​
Text-based way to control systems or cloud services.
GDPR – General Data Protection Regulation​
EU law that protects people's personal data and privacy.
SLA – Service Level Agreement​
A contract that defines service quality and uptime promises.
UNIT-III: Amazon Web Services (AWS) Introduction
●​ Getting Started with AWS: Creating an account, using the
Management Console, understanding Regions and Availability
Zones.
●​ AWS Compute: Services for processing power. Amazon EC2
provides virtual servers.
●​ AWS Storage: Services for storing data. Amazon S3 for object
storage, Amazon EBS for block storage for EC2, Amazon Glacier
for archiving.
●​ AWS Networking: Services for networking cloud resources.
Amazon VPC for isolated private networks, Route 53 for DNS,
Elastic Load Balancing (ELB) for distributing traffic.
●​ AWS Security:
○​ Shared Responsibility Model: AWS secures the cloud
hardware, you secure your data and access in the cloud.
○​ Identity and Access Management (IAM): Manages user
access to AWS services using permissions based on the
"least privilege" principle.
●​ AWS Database Options: Amazon RDS for relational databases,
Amazon DynamoDB for NoSQL, Amazon Redshift for data
warehousing.
●​ AWS Elasticity: Automatically scaling resources based on
demand. Auto Scaling service helps achieve this.
●​ Management Tools: AWS CloudWatch for monitoring, AWS
CloudFormation for Infrastructure as Code, AWS CLI for
command-line management.
●​ 4.AWS. Introduction to System Design: Planning how
application components work together on AWS.
●​ AWS Essentials Review: Recap of core services.
●​ System Design for High Availability (HA): Designing systems
that stay operational if components fail using multiple
Availability Zones, ELB, and Auto Scaling.
●​ Automation: Automating tasks like deployment and
configuration using tools like CloudFormation and CodeDeploy.
●​ Serverless Architectures: Running applications without
managing servers. AWS Lambda runs code based on events,
and you pay only for compute time.
●​ Well-Architected Best Practices (The 5 Pillars): A framework
for building secure, efficient, and cost-effective architectures.
○​ Security: Protecting data and systems using services like
IAM and VPC Security Groups.
○​ Reliability: Recovering from disruptions and scaling to
meet demand using Multi-AZ and Auto Scaling.
○​ Performance Efficiency: Using resources efficiently and
maintaining efficiency as demand changes using
appropriate EC2 instance types and Auto Scaling.
○​ Cost Optimization: Avoiding unneeded costs using
Reserved Instances and Cost Explorer.
○​ Operational Excellence: Running n monitoring systems n
improving processes using CloudFormation n CloudWatch.
●​ Cost Optimization and Deployment: Strategies to reduce
costs and plan application deployments.
●​ Design Patterns and Sample Architectures: Common
solutions for specific problems using various AWS services.
UNIT-V: Cloud Security Tools and Technologies
●​ Cloud Security Tools and Technologies: Tools to secure data
in private and public clouds.
○​ Encryption: Protecting data using services like AWS KMS.
○​ Identity and Access Management (IAM): Controlling who
can access what.
○​ VPNs & Direct Connect: Securely connecting on-premises
networks to AWS.
○​ Firewalls: Network security groups and AWS WAF to filter
traffic.
○​ Intrusion Detection/Prevention Systems (IDS/IPS):
Monitoring for malicious activities (e.g., AWS GuardDuty).
○​ Data Loss Prevention (DLP): Preventing sensitive data
from leaving the cloud (e.g., Amazon Macie).
○​ Security Monitoring & Logging: Tools like AWS CloudTrail
and CloudWatch.
●​ Security Concerns: Data breaches, misconfigured cloud
settings, insecure APIs, account hijacking, insider threats.
●​ Compliance & Auditing: Meeting regulations like HIPAA and
GDPR. AWS provides certifications.
●​ Legal Issues and Aspects: Data sovereignty, data privacy
regulations, SLAs.
●​ Multi-tenancy Issues: Security risks in environments where
multiple customers share infrastructure if isolation is not
properly implemented.
●​ Cloud Simulation: Modeling and testing cloud environments
before deployment to understand performance, cost, and
vulnerabilities.