(Affiliated to Saurashtra University & Gujarat Technological University)

M.Sc I.T. SEM-2 - Cloud Computing

Shree H.N.Shukla College Campus, Shree H.N.Shukla College Campus,

Street No. 2, Vaishali Nagar, Street No. 2, Vaishali Nagar,
Nr. Amrapali Railway Under Nr. Amrapali Railway Under Bridge,
Bridge, Raiya Road, Rajkot.
Raiya Road, Rajkot.
Ph. (0281)2471645
Ph. (0281)2440478, 2472590

Website:https://hnsgroupofcolleges.org/
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

Chapter 1: Part 1:- Introduction of Cloud & Amazon Web Service

What is cloud?

The cloud is a distributed collection of servers that host software and infrastructure, and it
is accessed over the Internet.

It is a global network of servers, each with a unique function. The cloud is not a physical
entity, but instead is a vast network of remote servers around the globe which are hooked together
and meant to operate as a single ecosystem.

What is computing?

Computing is the utilization of computers to complete a task. It involves both hardware

& software functions performing some sort of task with a computer. This activity includes both
developing the software and hardware as well.

Examples of computing being used in everyday life: sending an email, swiping credit/debit cards
etc.

The utilization of computer technology to complete the task is known as computing.

What is Cloud Computing?

Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-
you-go pricing. Instead of buying, owning, and maintaining physical data centers and servers, you
can access technology services, such as computing power, storage, and databases, on an as-
needed basis from a cloud provider like Amazon Web Services (AWS).

Cloud computing is the delivery of different services through the Internet.

These resources include tools and applications like data storage, servers, databases, networking, and
software. Rather than keeping files on a proprietary hard drive or local storage device, cloud- based
storage makes it possible to save them to a remote database. As long as an electronic device has
access to the web, it has access to the data and the software programs to run it.

Cloud computing is a popular option for people and businesses for a number of reasons
including cost savings, increased productivity, speed and efficiency, performance, and security.

Types of Cloud
.
 Public cloud

1
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

 Private cloud
 Hybrid cloud
 Community cloud
 Multi cloud

Public Cloud:-

Public cloud services provide their services over the Internet for a fee. Public clouds are managed by
third parties which provide cloud services over the internet to the public, these services are available
as pay-as-you-go billing models.
They offer solutions for minimizing IT infrastructure costs and become a good option for handling
peak loads on the local infrastructure. Public clouds are the go-to option for small enterprises, which
can start their businesses without large upfront investments by completely relying on public
infrastructure for their IT needs.

Private cloud:-

Private cloud services, on the other hand, only provide services to a certain number of people.
Private clouds are distributed systems that work on private infrastructure and provide the users with
dynamic provisioning of computing resources.
Instead of a pay-as-you-go model in private clouds, there could be other schemes that manage the
usage of the cloud and proportionally billing of the different departments or sections of an enterprise.
Private cloud providers are HP Data Centers, Ubuntu, Elastic-Private cloud, Microsoft, etc.

Hybrid Cloud:-

A hybrid cloud is a heterogeneous distributed system formed by combining facilities of the public
cloud and private cloud. For this reason, they are also called heterogeneous clouds.
A major drawback of private deployments is the inability to scale on-demand and efficiently address
peak loads. Here public clouds are needed. Hence, a hybrid cloud takes advantage of both public and
private clouds.

Community Cloud:-

Community clouds are distributed systems created by integrating the services of different clouds to
address the specific needs of an industry, a community, or a business sector. But sharing
responsibilities among the organizations is difficult.
In the community cloud, the infrastructure is shared between organizations that have shared concerns
or tasks. An organization or a third party may manage the cloud.

Multi Cloud:-

2
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

Multi cloud is the use of multiple cloud computing services from different providers, which allows
organizations to use the best-suited services for their specific needs and avoid vendor lock-in.
This allows organizations to take advantage of the different features and capabilities offered by
different cloud providers.

What is Virtualization:-

Virtualization is a technique how to separate a service from the underlying physical delivery of that
service. It is the process of creating a virtual version of something like computer hardware. It was
initially developed during the mainframe era. It involves using specialized software to create a virtual
or software-created version of a computing resource rather than the actual version of the same
resource. With the help of Virtualization, multiple operating systems and applications can run on the
same machine and its same hardware at the same time, increasing the utilization and flexibility of
hardware.

Moreover, virtualization technologies provide a virtual environment for not only executing
applications but also for storage, memory, and networking.
Host Machine: The machine on which the virtual machine is going to be built is known as Host
Machine.
Guest Machine: The virtual machine is referred to as a Guest Machine.

3
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

Advantages of Cloud Computing:

1. Scalability:
One of the best advantages of cloud computing is scalability. Maintaining a business,
organization, or another element is trying in ideal circumstances. Especially amid the stresses of
downturn, expansion, pandemic, war, work putting together, and store network disturbances.

2. Security:
Data security is one of the biggest advantages of cloud computing. Cloud offers many advanced
features related to security and ensures that data is securely stored and handled. According to
certain reports, small private companies are multiple times more likely to suffer a cyber attack
than large organizations.

3. Accessible to modern technology:

Cloud computing is far more than an internet-based storage service for data. Organizations
worldwide currently use cutting-edge technologies they need to get done with their
responsibilities and run their business over the web utilizing the cloud. Some technology
available on a cloud platform includes Artificial Intelligence and Machine Learning, Data
Analytics, Data Visualization, Containerization, etc.

4
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

4. Cheaper:
The cloud computing model is based on the ‘pay-as-you-go’ principle and offers a possibly less
expensive way for organizations to remain coordinated and online. Cloud computing proves to
be the best regarding cost expenses. It’s still more affordable much of the time to pay a
continuous membership expense for cloud computing access than to buy and afterward keep an
in-house data-processing or warehousing contraption. Organizations don’t have to look at,
search for, and buy actual physical infrastructure when they have a dependable cloud computing
partner.

5. Mobility:
One of the main advantages of cloud computing is mobility. Employees have the option to
compute heavy tasks from anywhere. Work-life balance and working from home on everyone’s
brains nowadays, information and workflow through the cloud introduces itself as a sensible
investment.

6. Back-up and restore data:

Once the data is stored in the cloud, it is easier to get back-up and restore that data using the
cloud.

7. Improved collaboration
Cloud applications improve collaboration by allowing groups of people to quickly and easily
share information in the cloud via shared storage.

8. Unlimited storage capacity

Cloud offers us a huge amount of storing capacity for storing our important data such as
documents, images, audio, video, etc. in one place.

What is AWS?

Amazon Web Services (AWS) is a cloud service provider that offers on-demand services like
compute, storage, networking, security, and databases. AWS is an online platform that provides
scalable cloud computing solutions.

AWS manages and maintains hardware and infrastructure, saving organizations and individuals
the cost and complexity of purchasing and running resources on site.

Amazon Web Services, Inc. (AWS) is a subsidiary of Amazon that provides on-demand cloud
computing platforms and APIs to individuals, companies, and governments, on a metered, pay-
as-you-go basis. Clients will often use this in combination with autoscaling (a process that
allows a client to use more computing in times of high application usage, and then scale down
to reduce costs when there is less traffic). These cloud computing web services provide various
services related to networking, compute, storage, middleware, IoT and other processing
capacity, as well as software tools via AWS server farms.

5
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

History:-

The genesis of AWS came in the early 2000s. After building Merchant.com, Amazon's e-
commerce-as-a-service platform that offers third-party retailers a way to build their own web-
stores, Amazon pursued service-oriented architecture as a means to scale its engineering
operations, led by then CTO Allan Vermeulen.

In July 2002 Amazon.com Web Services, managed by Colin Bryar, launched its first web
services, opening up the Amazon.com platform to all developers. Over one hundred
applications were built on top of it by 2004.
In late 2003, the concept for compute, which would later launch as EC2, was reformulated when
Chris Pinkham and Benjamin Black presented a paper internally describing a vision for
Amazon's retail computing infrastructure that was completely standardized, completely
automated, and would rely extensively on web services for services such as storage and would
draw on internal work already underway. Near the end of their paper, they mentioned the
possibility of selling access to virtual servers as a service, proposing the company could
generate revenue from the new infrastructure investment.

In November 2004, AWS launched its first infrastructure service for public usage: Simple
Queue Service (SQS).
On March 14, 2006, AWS launched Amazon S3 cloud storage followed by EC2 in August
2006. Andy Jassy, AWS founder and vice president in 2006, said at the time that Amazon S3
"helps free developers from worrying about where they are going to store data, whether it will
be safe and secure, if it will be available when they need it, the costs associated with server
maintenance, or whether they have enough storage available.

To support industry-wide training and skills standardization, AWS began offering a certification
program for computer engineers, on April 30, 2013, to highlight expertise in cloud
computing. Later that year, in October, AWS launched Activate, a program for start-ups
worldwide to leverage AWS credits, third-party integrations, and free access to AWS experts to
help build their business.
In 2014, AWS launched its partner network, AWS Partner Network (APN), which is focused on
helping AWS-based companies grow and scale the success of their business with close
collaboration and best practices.
In January 2015, Amazon Web Services acquired Annapurna Labs, an Israel-based
microelectronics company for a reported US$350–370M.
In April 2015, Amazon.com reported AWS was profitable, with sales of $1.57 billion in the first
quarter of the year and $265 million of operating income.
In January 2018, Amazon launched an auto scaling service on AWS.
In November 2018, AWS announced customized ARM cores for use in its servers. Also in
November 2018, AWS is developing ground stations to communicate with customers' satellites.
In 2019, AWS reported 37% yearly growth and accounted for 12% of Amazon's revenue (up
from 11% in 2018).

6
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

In April 2021, AWS reported 32% yearly growth and accounted for 32% of $41.8 billion cloud
market in Q1 2021.
In January 2022, AWS joined the MACH Alliance, a non-profit enterprise technology advocacy
group.
In June 2022, AWS announced they had launched the AWS Snowcone, a small computing
device, to the International Space Station on the Axiom Mission 1.
In September 2023, AWS announced it would become AI startup Anthropic's primary cloud
provider. Amazon has committed to investing up to $4 billion in Anthropic and will have a
minority ownership position in the company.

Dashboard:-

An AWS dashboard provides different perspectives and views into how AWS services are
operating. It can help visualize system performance and interpret metrics for AWS services and
workloads.

To create a dashboard from the console.

Open the CloudWatch console at https://console.aws.amazon.com/cloudwatch/. In the
navigation pane, choose Dashboards, and then choose Create dashboard. In the Create new
dashboard dialog box, enter a name for the dashboard, and then choose Create dashboard.

Here are some types of AWS dashboards:

 Amazon CloudWatch dashboards: These are customizable home pages in the CloudWatch
console that can be used to monitor resources in a single view. They can be used to create
customized views of the metrics and alarms for AWS resources.
 Service Health Dashboard: This dashboard displays the overall state of Amazon Web
Services.
 Personal Health Dashboard: This dashboard provides a more customized picture of the
performance and availability of the Amazon Web Services that underpin the AWS
resources.

AWS Architecture:-

AWS architecture is a process of planning, designing, and implementing AWS resources in a

cloud infrastructure. Various AWS resources connect in a structured way that allows data to
flow seamlessly.

The AWS Well-Architected Framework provides guidance to help developers build and deploy
applications faster, lower risk, and make informed decisions following AWS best practices.

The framework is guided by two key cloud architecture principles: elasticity and scalability.

7
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

The AWS Architecture Center can help you find the accurate and up-to-date information,
helping you make the right decisions from the very beginning of your projects.

What is AWS Architecture?

AWS architecture refers to the system design of Amazon Web Services (AWS), a cloud
computing platform. It encompasses the physical infrastructure, the virtual infrastructure, the
security architecture, and the application architecture.

1. The Physical Infrastructure of AWS consists of the data centers that house the servers and
storage systems that make up the cloud platform. These data centers are located worldwide so that
users can access the services they need no matter where they are.
2. The Virtual Infrastructure of AWS is made up of virtual machines that run on the data
center servers. This infrastructure allows users to access the cloud platform from anywhere in the
world.
3. The Security Architecture of AWS is designed to keep user data safe and secure. It includes
the methods and procedures used to protect the data centers and the servers that make up the
platform.
4. The Application Architecture of AWS is the design of the applications that run on the
platform. These applications are designed to provide users with the tools they need to work with
the cloud platform.

What are the Pillars of AWS Architecture?

There are four pillars of AWS Architecture: compute, storage, network, and database. Each of
these pillars provides a different set of services that can be used to build applications.
1. Compute services include Amazon Elastic Compute Cloud (EC2),
which provides resizable compute capacity in the cloud.
2. Storage services include Amazon Simple Storage Service (S3), which provides storage
for data and applications.
3. Network services include Amazon Virtual Private Cloud (VPC), which provides a private
network in the cloud.
4. Database services include Amazon Relational Database Service (RDS), which provides a
managed relational database service.

These four pillars work together to provide a comprehensive set of services for building
applications in the cloud. Using these services lets you focus on your application code and
business logic without worrying about managing infrastructure.

8
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

What are the Components of AWS Architecture?

AWS architecture is composed of several services that work together to provide a complete
solution for cloud computing. These services include Amazon Elastic Compute Cloud (EC2),
Amazon Simple Storage Service (S3), Amazon CloudFront, and Amazon Route 53.

Each of these services is designed to provide a different piece of the puzzle regarding cloud
computing, and they can be used together to create a comprehensive solution.

EC2 is the core computing service in AWS, providing scalable, on-demand computing resources.
S3 is a storage service that provides a simple way to store and retrieve data in the cloud.
CloudFront is a service that speeds up static content delivery, such as images and videos.
Route 53 is a DNS service that routes traffic to the correct location.

These services can be used together to create a complete solution for cloud computing. By using
EC2 for computing, S3 for storage, CloudFront for content delivery, and Route 53 for DNS, you
can create a powerful, scalable, and reliable architecture that can meet the needs of any
application.

What are the Advantages of AWS Architecture?

AWS architecture has many advantages that make it an attractive option for businesses of all
sizes.
 One key advantage is its scalability. AWS architecture allows businesses to easily scale
up or down as needed without reconfiguring their entire infrastructure. This makes it ideal for
businesses that experience fluctuating demands or are growing rapidly.
 Another advantage of AWS architecture is its reliability. AWS architecture is built on a
foundation of multiple redundant components so that if one component fails, there is no impact
on the others. This ensures that your applications and services remain up and running, even
during an unexpected outage.
 AWS architecture also offers a high degree of security thanks to its extensive security
features and controls. These features help to protect your data and applications
from unauthorized access and malicious attacks.

AWS architecture provides a flexible, reliable, and secure foundation for building your
applications and services. It can help you to save time and money while ensuring that your
applications are always available to your users.

Chapter 1: Part 2:- Cloud Service Models

Software as a Service (SaaS): Introduction, Challenges in SaaS models: Model,

SaaS Integration Services, Advantages and Disadvantages,

9
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

Infrastructure As a Services (IaaS): Introduction, Virtual Machines, VM Migration Services,

Advantages and Disadvantages.
Platform As a service (PaaS): Introduction, Integration of Private, and Public
Cloud, Advantages and Disadvantages.
Introduction, Integration of Private, and Public Cloud, Advantages and Disadvantages.

SaaS Introduction:-

SaaS (Software as a Service) means accessing software through the internet without downloads.
Users subscribe to applications hosted on remote servers, accessing them via web browsers. No
maintenance or updates are required, making it a convenient and cost-effective way to use the
software.

Software as a service (SaaS) is a software distribution model in which a cloud provider hosts
applications and makes them available to end users over the internet. In this model, an
independent software vendor (ISV) may contract a third-party cloud provider to host the
application.

SaaS works through the cloud delivery model. A software provider will either host the application
and related data using its own servers, databases, networking and computing resources, or it may
be an ISV that contracts a cloud provider to host the application in the provider's data center.

The application will be accessible to any device with a network connection. SaaS applications are
typically accessed via web browsers.

As a result, companies using SaaS applications are not tasked with the setup and maintenance of
the software. Users simply pay a subscription fee to gain access to the software, which is a ready-
made solution.

SaaS is closely related to the application service provider (ASP) and on-demand
computing software delivery models where the provider hosts the customer's software and
delivers it to approved end users over the internet.

In the software-on-demand SaaS model, the provider gives customers network-based access to a
single copy of an application that the provider created specifically for SaaS distribution. The
application's source code is the same for all customers, and when new features or functionalities
are released, they are rolled out to all customers as per commercial deals.

10
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

What are the advantages of SaaS?

SaaS removes the need for organizations to install and run applications on their own computers or
in their own data centers. This eliminates the expense of hardware acquisition, provisioning and
maintenance, as well as software licensing, installation and support.

Other benefits of the SaaS model include:

 Flexible payments. Rather than purchasing software to install, or additional hardware to

support it, customers subscribe to a SaaS offering. Transitioning costs to a recurring operating
expense allows many businesses to exercise better and more predictable budgeting. Users can
also terminate SaaS offerings at any time to stop those recurring costs.

 Scalable usage. Cloud services like SaaS offer high Vertical scalability, which gives
customers the option to access more or fewer services or features on demand.

 Automatic updates. Rather than purchasing new software, customers can rely on a SaaS
provider to automatically perform updates and patch management. This further reduces the
burden on in-house IT staff.

 Accessibility and persistence. Since SaaS vendors deliver applications over the internet,
users can access them from any internet-enabled device and location.

 Customization. SaaS applications are often customizable and can be integrated with other
business applications, especially across applications from a common software provider.

11
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

What are the challenges and risks of SaaS?

SaaS also poses some potential risks and challenges, as businesses must rely on outside vendors
to provide the software, keep that software up and running, track and report accurate billing and
facilitate a secure environment for the business's data.

 Issues beyond customer control. Issues can arise when providers experience service
disruptions, impose unwanted changes to service offerings or experience a security breach --
all of which can have a profound effect on the customers' ability to use the SaaS offering. To
proactively mitigate these issues, customers should understand their SaaS provider's SLA and
make sure it is enforced.

 Customers lose control over versioning. If the provider adopts a new version of an
application, it will roll out to all of its customers, regardless of whether or not the customer
wants the newer version. This may require the organization to provide extra time and
resources for training.

 Difficulty switching vendors. As with using any cloud service provider, switching
vendors can be difficult. To switch vendors, customers must migrate very large amounts of
data. Furthermore, some vendors use proprietary technologies and data types, which can
further complicate customer data transfer between different cloud providers. Vendor lock-in is
when a customer cannot easily transition between service providers due to these conditions.

 Security. Cloud security is often cited as a significant challenge for SaaS applications.
Security and privacy concern many points like
 encryption and key management;
 identity and access management (IAM);
 security monitoring;
 incident response;
 poor integration into broader, company-specific security environments;
 fulfillment of data residency requirements;
 data privacy;
 cost of investing in third-party tools to offset the SaaS security risk; and
 lack of communication with technical and security experts during the sales process.

Infrastructure As a Services (IaaS)

Infrastructure as a service (IaaS) is the on-demand availability of highly scalable computing

resources as services over the internet.
Popular IaaS providers include Microsoft Azure, Amazon Web Services, Rackspace and Google
Compute Engine. Microsoft Azure is a cloud computing service created by Microsoft for

12
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

building, testing, deploying and managing applications and services through Microsoft-managed
data centers.
IaaS is a cloud computing model in which customers pay only for the resources they use. Such a
setup encourages more efficient IT resource management and promotes innovation by making
cloud services affordable to small businesses.

IaaS Architecture
IaaS is broken into three main components: compute, storage and network.

With these offerings, users have the building blocks they need to create their customized systems,
as complicated or powerful as they need, and the ability to scale up and down based on current
needs.

Compute
IaaS computing resources begin with servers. Servers are powerful computers that tend to have
hundreds of Central Processing Units (CPUs), hundreds or thousands of gigabytes (GBs) of
Random-access memory (RAM), and thousands of GBs of storage. Servers are expensive to buy
and costly and difficult to maintain.
IaaS providers maintain datacenters that house the physical, bare-metal servers. These physical
servers can be partitioned using a hypervisor into smaller “virtual machines”. These virtual
machines can run their OS and applications independently while sourcing power from the bare-
metal server.
There are different ways to set up a virtual machine (VM), and the architecture you choose will
depend on your needs and the level of abstraction you prefer. For example, developers can Use
Kubernetes to containerize their code so that namespaces, which are like smaller, lighter VMs,
serve only one purpose, like running an application.
When users purchase a virtual machine through an IaaS provider, they choose the operating
system, often referred to as an image, and applications run on that machine. Developers can easily
scale vertically by adding more CPU if their VMs don’t have enough processing power or scaling
horizontally to increase instances and handle more load. Virtual machines can often be quick and
easy to set up.

Storage
Storage options are threefold: file storage, object storage, and block storage.

File storage is similar to what we have on our computers at home and stores data as a single
entity into a file. The files can exist within each other as other data, so it’s hierarchical. For
example, a path for file storage could be “/home/photos/selfie.jpg”.

Object storage instead takes saved data as a single entity and appends metadata and an identifier.
Object storage deals with whole objects stored over the network. These objects could be things
like an image file, logs, or HTML files. Object storage is the most popular option because of its
simplicity and cost savings.

13
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

Block storage is likely underneath the file or object storage. Block storage services are relatively
familiar. They provide access to a traditional block storage device over the network and attach it
to your virtual machine. It takes data and saves it as blocks of actual bytes or bits. It has
advantages over the other two by being faster to transfer data but not user friendly unless
abstracted by a file system like in your computer that uses it.

Network

The network function talks to the storage function, other VMs, containers, other servers, the
internet, the intranet, and other components. It’s how information is transferred through the
architecture regardless of endpoints. Users will need different networking bandwidths depending
on the amount of data transmitted between computing resources.

Benefits of IaaS

Iaas is a popular option for all kinds of businesses, especially new businesses, because it allows
them to scale up and down as needed and avoid the hassle and cost of maintaining servers
themselves.

There are several advantages to IaaS:

Cost: Users can avoid the upfront costs and significant overhead of buying and maintaining their
physical datacenters. They can pay only for what they need every month, meaning costs will go
up and down with usage.

Scale: IaaS allows users to scale easily and quickly as demand increases, either automatically or
with minimal management and resources.

Availability: Having multiple datacenters to choose from allows users to host their applications
closer to their end customer, decreasing latency and providing a better customer experience.
Increased stability and reliability: With IaaS, users don’t have to worry about technical
maintenance, software updates, or troubleshooting equipment issues. IaaS providers also give
users an uptime guarantee, so they know their services will always be available.

Disaster recovery: The ability to recover or access applications should there be a disaster or an
outage without the high costs of extra tech and staffing.

Speed and flexibility: Users can have an IaaS application up and running in a matter of minutes
and quickly can scale up and down based on demand and business growth. Flexibility allows
developers to quickly test new ideas and pivot when necessary.

Who uses IaaS?

14
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

IaaS has multiple applications that span industries, company sizes, and business needs. Startups
and small companies may prefer IaaS to avoid the high costs of purchasing and maintaining
hardware and software, and companies experiencing rapid growth like the scalability of IaaS.

Virtual Machine
 A virtual machine, known as a guest, is created within a computing
environment, called ahost.
 Multiple virtual machines can exist in one host at one time.
 Virtual machines are software computers that provide the same functionality
as physicalcomputers.
 Like physical computers, they run applications and an operating system.
 However, virtual machines are computer files that run on a physical computer
and behavelike a physical computer.
 In other words, virtual machines behave as separate computer systems.
 Virtual machines can also be used for other purposes such as server virtualization.
 Specialized software, called a hypervisor, emulates the PC client or server's
CPU, memory, hard disk, network and other hardware resources completely,
enabling virtual machines to share the resources.
Advantages of Virtual Machines:
 Provides disaster recovery and application provisioning options
 Virtual machines are simply managed, maintained, and are widely available
 Multiple operating system environments can be run on a single physical computer
Disadvantages of Virtual Machines:
 Running multiple virtual machines on one physical machine can cause
unstable performance
 Virtual machines are less efficient and run slower than a physical computer.

Types of Virtual Machines:

1. Process virtual machines: Execute computer programs in a platform-
independent environment. It masks the information of the underlying
hardware or operating system. This allows the program to be executed in the
same fashion on any platform.
2. System virtual machines: Support the sharing of a host computer’s physical
resources between multiple virtual machines.

15
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

Virtual Machine Migration

The movement of VMs from one resource to another, such as from one physical host to another
physical host, or data store to data store, is known as VM migration.

There are two types of VM migration: cold and live.

Cold migration occurs when the VM is shut down.

Live migration occurs while the VM is actually running.

This amazing new capability is particularly useful if maintenance is required on the part of the
physical infrastructure and the application running on that infrastructure is mission-critical.

Before the availability of live migration applications, managers were stuck with the choice of
either causing a planned outage, which in some global corporations is not always feasible, or
waiting or not taking the system down, which risks an unplanned outage in the future.

With live migration, a running system is copied to another system and when the last bits of the
running system’s state are copied, the switch is made and the new system becomes the active
server.
This process can take several minutes to complete, but is a great advantage over the two previous
options.
Earlier versions of live migration were limited to moving VMs within the same data centers. That
restriction was removed and it is now possible to perform live migrations between different data
centers.
This capability provides an entirely new set of options and availability, including the ability to
move workloads from a data center that may be in the eye of a storm to another data center
outside of the target area.
There are several products on the market today that provide some form of live migration. These
products and platforms may have some guidelines and requirements to provide the capability.

If an organization is considering live migration as an option, it is recommended to check with

the virtualization software vendor to understand those requirements, particularly for the data
center.

Platform as a Service (PaaS):-

Platform as a Service (PaaS) is a cloud computing model that provides a complete cloud platform
for developing, running, and managing applications. PaaS is also known as application platform
as a Service (aPaaS).

In PaaS, a third party provides the necessary software and hardware resources to customers over
the internet. The third party hosts the hardware and software on its own infrastructure.

16
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

PaaS offers a faster, more cost-effective model for application development and delivery. PaaS
providers handle all licensing for operating systems, development tools, and everything else
included in their platform.

PaaS providers typically price their services using a pay-per-use model. But usage can be
calculated in different ways, depending on the vendor. One vendor might charge a fixed rate per
user based on a limited number of custom integration objects. Another vendor might charge based
on the number and speed of servers and the overall bandwidth used.
The usage of computing instances, the volume of data storage required on the platform and the
amount of outbound traffic are all typical factors when determining the price of a PaaS
subscription.

PaaS Features
 No need to maintain Data Bases.
 No need of software updation.
 Maintenance will not be required.
 Hosting.
 Support.
 Network access.
 Tools for application design and development.
 It also provides server side scripting.

Advantages of Platform as a Service(PaaS)

 It provides high security to our data.
 It also provides backup to our data base.
 PaaS provides customer choice features.
 Using this PaaS Service every person can able to develop application without any
development skills.
 Maintenance cost is reduced.
 Platform as a Service will have many advantages like Operating System features can changed,
Upgraded frequently by the IaaS Cloud Service Provider.

Some disadvantages of PaaS include:

 Vendor lock-in: Applications must be written according to the platform provided by the PaaS
vendor.
 Data privacy
 Integration with the rest of the systems applications

17
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

An example of PaaS is Facebook. Developers can create specific applications for the Facebook
platform using proprietary APIs and make that application available to any Facebook user.

Summary:-
"IaaS," "PaaS," and "SaaS" are three categories of cloud computing services that offer different
levels of abstraction and management for users. Here's a brief explanation of each:

IaaS (Infrastructure as a Service):

 Definition: IaaS provides virtualized computing resources over the internet. It offers
fundamental computing infrastructure like virtual machines, storage, and networks as a
service.
 User Control: Users have more control over the infrastructure, as they are responsible for
managing and maintaining the operating systems, applications, and data hosted on the
virtualized environment.
 Examples: Amazon Web Services (AWS) EC2, Microsoft Azure Virtual Machines, and
Google Compute Engine.

PaaS (Platform as a Service):

 Definition: PaaS provides a platform allowing customers to develop, run, and manage
applications without dealing with the complexity of building and maintaining the
underlying infrastructure.
 Abstraction: It abstracts away the details of the underlying infrastructure, and users focus
more on developing and deploying applications.
 Examples: Heroku, Google App Engine, and Microsoft Azure App Service.

SaaS (Software as a Service):

 Definition: SaaS delivers software applications over the internet, eliminating the need for
users to install, manage, and maintain the applications on their devices.
 Ready-to-Use: Users can access and use software applications directly without worrying
about infrastructure, maintenance, or updates.
 Examples: Salesforce, Google Workspace (formerly G Suite), and Microsoft 365.

In summary, IaaS provides virtualized infrastructure, PaaS offers a platform for application
development and deployment, and SaaS delivers fully functional software applications over the
internet. The key difference lies in the level of abstraction and management responsibilities
allocated to the users.

18
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

Chapter 1: Part 3:- Identity & Access Management

IAM Overview and Policies, IAM Users, Groups, Access Key & Secret Access Key, MFA,
Report

IAM Overview:

IAM, which stands for Identity and Access Management, is a framework that helps organizations
manage digital identities and control access to their systems and data. It involves defining and
managing user identities, ensuring authentication and authorization, and monitoring user
activities. IAM plays a critical role in maintaining security, compliance, and efficient access
management within an organization.

IAM Policies:

IAM policies are a set of rules and permissions that define what actions users, groups, and roles
are allowed or denied within an organization's IT environment. Policies are used to enforce
security and access controls, specifying who can do what and under what conditions. IAM
policies are typically associated with resources such as computing instances, storage, databases,
and other services.

Key concepts related to IAM policies:

 Principals: Users, groups, or roles to which policies are attached.

 Actions: Specific operations or tasks that can be performed on resources, such as read,
write, or delete.
 Resources: The specific IT resources or services to which policies apply, such as a
particular bucket in a cloud storage service.
 Conditions: Optional criteria that can be added to policies to further restrict or allow
actions based on specific circumstances.

IAM policies are often written in a specific language or format (e.g., JSON or YAML) and are
associated with specific services or systems within an organization's IT infrastructure.

Roles and Policies:

 Roles: IAM roles define a set of permissions that can be assumed by IAM users or other
entities. Roles help in managing permissions in a scalable and consistent way.
 Policies: IAM policies are attached to users or roles and specify what actions they are
allowed or denied on specific resources.

19
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

IAM Users:

IAM (Identity and Access Management) users are entities within a system that can be
authenticated and authorized to interact with resources and services. In IAM terminology, users
are often associated with human individuals or system entities (e.g., applications, services) that
require access to a computing environment. Here are key aspects related to IAM users:

Types of IAM Users:

 Human Users: Individuals within an organization who need access to IT resources, such as
employees, contractors, and partners.
 System Users: Non-human entities or services, such as applications, scripts, or servers that
require access to resources.

IAM (Identity and Access Management) Access Key and Secret Access Key are credentials used
to authenticate and authorize programmatic access to AWS (Amazon Web Services) resources.
These credentials are associated with an IAM user and are used by applications, scripts, or other
tools to make API requests to AWS services.

 Access Key ID: This is the user-specific identifier for the access key. It is used to identify
the IAM user when making API requests.
 Secret Access Key: This is the secret part of the access key. It is used to sign requests,
providing an additional layer of security. The secret key must be kept confidential, similar
to a password.

To create IAM Access Key and Secret Access Key:

Login to AWS Console:

 Go to the AWS Management Console: https://aws.amazon.com/.

 Log in with your AWS account credentials.

Navigate to IAM:

 In the AWS Management Console, go to the "Services" and select "IAM" under the
"Security, Identity, & Compliance" section.

Create a New Access Key:

 In the IAM dashboard, click on "Users" in the left-hand navigation pane.

 Select the IAM user for which you want to create an access key.
 In the "User details" tab, go to the "Security credentials" tab.

20
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

 Under the "Access keys" section, click on "Create access key."

 Note the Access Key ID and Secret Access Key that are generated.

Access Key and Secret Access Key are terms commonly associated with secure access to various
services, particularly in the context of cloud computing platforms like Amazon Web Services
(AWS). Here's a brief explanation of each:

Access Key:

 An access key is a unique identifier that is used to authenticate and authorize API
requests.
 It is usually a combination of an access key ID and a secret access key.
 The access key ID is a publicly exposed string that AWS uses to identify the entity
making the request.
 Access keys are often used in conjunction with the AWS Command Line Interface (CLI),
SDKs, and other tools to interact with AWS services.

Secret Access Key:

 The secret access key is a confidential piece of information used to sign requests made to
AWS services.
 It is paired with the access key ID and is used to generate a signature that authenticates the
request.
 The secret access key must be kept secure and should not be shared or exposed publicly.
 If the secret access key is compromised, it could lead to unauthorized access and potential
security risks.

In summary, the access key is a combination of the access key ID and the secret access key. The
access key ID is used publicly to identify the requester, while the secret access key is kept
confidential and used to sign requests for authentication and authorization purposes. When
working with cloud services or APIs, it's crucial to safeguard both the access key ID and the
secret access key to maintain the security of your account.

MFA:

MFA stands for Multi-Factor Authentication. It is a security process that requires users to provide
two or more authentication factors to verify their identity. The goal of MFA is to add an extra
layer of security beyond just a username and password. Even if someone manages to obtain a
user's password, they would still need the additional authentication factors to gain access.

21
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

The three common factors used in MFA are:

 Something You Know:

 This is typically a password or PIN.
 It's the traditional form of authentication and is usually the first factor.
 Something You Have:
 This involves a physical device or token that the user possesses, such as a smartphone,
security token, or smart card.
 Common implementations include receiving a time-based code through a mobile app or a
hardware token.
 Something You Are:
 This involves biometric data, such as fingerprints, retina scans, or voice recognition.
 Biometric authentication adds a unique physical aspect to the authentication process.

When MFA is implemented, a user must provide at least two of these factors to access a system or
service. For example, a user might enter their password (something they know) and use a mobile
app to generate a time-sensitive code (something they have).

MFA is widely used in various online services, including email accounts, banking systems, and
cloud platforms like AWS (Amazon Web Services) or Microsoft Azure. It significantly enhances
security by reducing the risk of unauthorized access, even if passwords are compromised.

IAM Report:-

In the context of cloud computing, IAM often stands for Identity and Access Management, which
is a crucial component for managing user access and permissions within cloud platforms like
AWS (Amazon Web Services) or Azure (Microsoft Azure). If you're referring to an IAM report, it
could mean different things depending on the specific context. Here are a few possibilities:

(1) IAM Usage Report:

This report may detail the usage of IAM (Identity and Access Management) within a
cloud platform. It could include information on user activities, changes to access policies, login
attempts, and other relevant metrics.

(2) Security and Compliance Report:

IAM is often closely tied to security and compliance in cloud environments. An IAM
report might provide insights into compliance status, adherence to security policies, and any
anomalies or suspicious activities related to user access.

(3) Access Control and Permissions Report:

22
 (Affiliated to Saurashtra University & Gujarat Technological University)
2 - Vaishali Nagar, 3 - Vaishali Nagar,
Nr. Amrapali Under Bridge, Nr. Amrapali Under Bridge,
Raiya Road, Rajkot Raiya Road, Rajkot
Ph. (0281) 2440478, 2472590 Ph. (0281) 2471645

IAM is responsible for controlling access to resources. A report in this context might
detail who has access to what resources, which roles and permissions are assigned, and any
changes made to access control settings.

(4) Audit Trail Report:

IAM systems typically maintain an audit trail of actions taken by users and administrators.
An IAM report may provide an audit log or summary, showing changes to user accounts,
permissions, and any security-related events.

(5) IAM Health and Usage Metrics:

This type of report could include metrics related to the health and usage of IAM services.
It might cover factors such as the number of active users, the success rate of access requests, and
the overall performance of the IAM system.

To obtain IAM reports in cloud platforms like AWS or Azure, you would typically navigate to the
IAM console or portal and look for reporting or auditing sections. These platforms often provide
built-in tools for generating and viewing various IAM-related reports to help administrators
monitor and manage access effectively.

23