Professional Documents
Culture Documents
Emerging Technologies - Understanding Cloud Economy - September 2020 - ISBR
Emerging Technologies - Understanding Cloud Economy - September 2020 - ISBR
01 Introduction
Boot camp objective, What is DigitAge, Introduction of faculty
04 Cloud Infrastructure
Understanding how Industries adopting cloud
2
Industry revolution, Technology evolution
Quantum Innovation –
Consumer at the center of Incremental, radical Customer
business needs
Intertwined to deliver
customers with agility, CX.
1. Business (domain) – Knowledge of
business process
2. Data “the genesis of business”
3. Infra(Cloud) – The force multiplier
4. digital technologies – The foundation
• Business transformation
• Reimagining business , leverage
technologies process
• New ways of working “Digital ways of
working”
• UX, agility and quick results
• Outcome results in two-three clocks to
retain customers
• Retail, Financial services, life science and
health are industries are undertaking
digital transformation
Data is “the Genesis” of business
9
Cloud is key pillar of SMAC driven digital economy
Cloud has been the bed rock enabler to core digital
Industry Domain – Financial services, Healthcare, Consumer & Retail, Manufacturing, Telecom
So, What is Cloud computing?
• Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing.
• Instead of buying, owning, and maintaining physical data centers and servers, you can access technology
services, such as computing power, storage, and databases, on an as-needed basis from a cloud provider
like Amazon Web Services (AWS).
• Organizations of every type, size, and industry are using the cloud for a wide variety of use cases, such
as data backup, disaster recovery, email, virtual desktops, software development and testing, big data
analytics, and customer-facing web applications.
• Financial services companies are using the cloud to power real-time fraud detection and prevention.
• Video game makers are using the cloud to deliver online games to millions of players around the world.
• Benefits :
• The cloud gives you easy access to a broad range of technologies so that you can innovate faster and
build nearly anything that you can imagine.
So, What is Cloud computing?
• You can quickly spin up resources as you need them–from infrastructure services, such as
compute, storage, and databases, to IOT, machine learning, data lakes
and analytics, and much more.
• Benefits : ( cont..)
• With cloud computing, you don’t have to over-provision resources up front to handle peak levels
of business activity in the future.
• Instead, you provision the amount of resources that you actually need.
• The cloud allows you to trade capital expenses (such as data centers and physical servers) for
variable expenses, and only pay for IT as you consume it.
• With the cloud, you can expand to new geographic regions and deploy globally in minutes.
So, What is Cloud?
The cloud infrastructure is The cloud infrastructure is made The cloud infrastructure is a
operated solely for an available to the general public or a composition of two or more
organization large industry group and is owned
by an organization selling cloud
clouds (private, community,
Not fully leveraged on public or public)
cloud mighty. Involves cost services.
Multi-Cloud
Business Personas
CSO/CMO – Strategy,
Marketing
Infrastructure as a Service (IaaS) - The capability • IaaS contains the basic building
provided to the consumer is to provision processing, blocks for cloud IT.
storage, networks, and other fundamental • It typically provides access to
computing resources where the consumer is able to
networking features, computers
deploy and run arbitrary software, which can
include operating systems and applications. The (virtual or on dedicated
consumer does not manage or control the hardware), and data storage
underlying cloud infrastructure but has control over space.
operating systems, storage, deployed applications,
• IaaS gives you the highest level
and possibly limited control of select networking
components (e.g., host firewalls). of flexibility and management
control over your IT resources.
• It is most similar to the existing
IT resources with which many IT
departments and developers are
familiar.
Platform as a service
31
AWS Global Infrastructure
AWS offers the largest global footprint in the market. No other cloud provider offers as many regions with
multiple Availability Zones, with 69 Availability Zones (AZs) within 22 geographic regions around the world,
and announced plans for 9 more AZs and three more Regions in Cape Town, Jakarta, and Milan
Typical Cloud computing services
Understanding regions, availability zones, Edge locations
The following are the components that make up the AWS infrastructure:
• Availability Zones
• Region
• Edge locations
• Regional Edge Caches
What is Amazon S3?
Amazon Simple Storage Service is storage for the Internet. It is designed to make web-
scale computing easier for developers.
Amazon S3 has a simple web services interface that you can use to store and retrieve any
amount of data, at any time, from anywhere on the web.
It gives any developer access to the same highly scalable, reliable, fast, inexpensive data
storage infrastructure that Amazon uses to run its own global network of web sites.
The service aims to maximize benefits of scale and to pass those benefits on to
developers.
SIMPLE STORAGE SERVICE (S3)
Amazon S3 Features
Storage Classes
Amazon S3 offers a range of storage classes designed for different use cases.
These include Amazon S3 STANDARD for general-purpose storage of frequently accessed data,
Amazon S3 STANDARD_IA for long-lived, but less frequently accessed data, and GLACIER for long-
term archive.
Bucket Policies
Bucket policies provide centralized access control to buckets and objects based on a variety of
conditions, including Amazon S3 operations, requesters, resources, and aspects of the request
The policies are expressed in the access policy language and enable centralized management of
permissions.
The permissions attached to a bucket apply to all of objects in that bucket.
Instance Store Volumes
Object storage
Amazon EC2 (Elastic Compute Cloud)
Amazon EC2 is a web service interface that provides resizable compute capacity
in the AWS cloud.
It is designed for developers to have complete control over web-scaling and
computing resources.
EC2 instances can be resized and the number of instances scaled up or down as
per our requirement.
These instances can be launched in one or more geographical locations or
regions, and Availability Zones (AZs).
Each region comprises of several AZs at distinct locations, connected
by low latency networks in the same region.
ELASTICITY
The ability to acquire resources as you need them and release resources when you no longer need them ,In the
cloud, you want to do this automatically.
Some services do this as part of their service: Amazon S3, Amazon SQS, Amazon SNS, Amazon SES, Amazon Aurora,
Some require vertical scaling, like Amazon RDS.
Others integrate with AWS Auto Scaling, like Amazon EC2, Amazon ECS, AWS Fargate, Amazon EKS, and Amazon
DynamoDB.
Amazon Aurora Serverless and Amazon Athena also qualify as elastic.
Elasticity allows you to match the supply of resources—which cost money—to demand. Because cloud resources are
paid for based on usage, matching needs to utilization is critical for cost optimization.
Demand includes both external usage, such as the number of customers who visit a website over a given period, and
internal usage, such as an application team using development and test environments.
There are two basic types of elasticity: time-based and volume-based.
Time-based elasticity means turning off resources when they are not being used, such as a development
environment that is needed only during business hours.
Volume-based elasticity means matching scale to the intensity of demand , whether that’s compute cores,
storage sizes, or throughput.
Amazon RDS
Amazon Relational Database Service (Amazon RDS) is a web service that makes
it easier to set up, operate, and scale a relational database in the cloud.
It provides cost-efficient, resizable capacity for an industry-standard relational
database and manages common database administration tasks.
The Amazon Relational Database Service (RDS) enables developers to create
and manage relational databases in the cloud.
As part of AWS, this service can integrate with Amazon’s NoSQL database tool,
SimpleDB, supporting applications that have relational and non-relational
database needs.
It also works with MySQL, Oracle, and Microsoft SQL for applications that
already leverage these database tools.
Amazon RDS
Relational Databases are the databases that what most of us are all used to.
It has been around since the 70's.
Relational Database is like a spreadsheet such as Excel, etc.
A Database consists of tables.
For example, Excel is a spreadsheet that consists of a workbook, and inside the workbook, you have different sheets,
and these sheets are made up of rows and columns.
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database
in the cloud
It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as
hardware provisioning, database setup, patching and backups.
It frees you to focus on your applications so you can give them the fast performance, high availability, security and
compatibility they need.
Amazon RDS is available on several database instance types - optimized for memory, performance or I/O - and
provides you with six familiar database engines to choose from, including Amazon Aurora, PostgreSQL, MySQL,
MariaDB, Oracle Database, and SQL Server.
List of AWS applications (SaaS + PaaS)
It is a web service which makes it easy to set up, operate, and send a notification
SNS – Simple Notification
from the cloud
Services
API Gateway is a gateway that consists of a bunch of functions that create a
API Gateway server less functions
Public cloud
VPC A
VPC B
VPC Peering
HW Virtual Private
NW
Corporate DC
What is VPC Peering ?
You can use a network address translation (NAT) gateway to enable instances in a
private subnet to connect to the internet or other AWS services, but prevent the
internet from initiating a connection with those instances.
You are charged for creating and using a NAT gateway in your account. NAT
gateway hourly usage and data processing rates apply. Amazon EC2 charges for
data transfer also apply.
NAT gateways are not supported for IPv6 traffic—use an egress-only internet
gateway instead.
Each NAT gateway is created in a specific Availability Zone and implemented
with redundancy in that zone..
Cloud Security
52
Cloud provides security at various levels
Identity Access
Management Data security Network security
Platform Level
Physical security Host Security
security
Proactive vulnerability
Resilience Audit trails Management
Data
replication *
back up
Availability Risk assessment
Governance, Compliance
Amazon S3 Security
Cloud security at AWS is the highest priority. As an AWS customer, you benefit from a data center and network
architecture that are built to meet the requirements of the most security-sensitive organizations.
Security is a shared responsibility between AWS and you. The shared responsibility model describes this as security
of the cloud and security in the cloud:
Security of the cloud
AWS is responsible for protecting the infrastructure that runs AWS services in the AWS Cloud.
AWS also provides you with services that you can use securely.
The effectiveness of our security is regularly tested and verified by third-party auditors
as part of the AWS compliance programs.
Amazon S3 Default Encryption for S3 Buckets
Amazon S3 default encryption provides a way to set the default encryption behavior for an S3 bucket.
You can set default encryption on a bucket so that all new objects are encrypted when they are stored in the bucket.
The objects are encrypted using server-side encryption with either Amazon S3-managed keys (SSE-S3) or customer
master keys (CMKs) stored in AWS Key Management Service (AWS KMS).
When you use server-side encryption, Amazon S3 encrypts an object before saving it to disk and decrypts it when
you download the objects.
Case study – Cloud Transformation
For purpose of learning, this case study has been prepared with least information
and data, just to reinforce understanding of how real cloud projects working in
large organizations
59
Industry perspective
• Broadly organizations implement digital transformation in three ways. Big Bang (all business, people, process and
platforms), Incremental business (be sure on the success to implement for a few business process or functions),
cloud first approach (modernize infrastructure for all business and realize cost benefit)
• A large UK bank wanted to be the #1 digital bank. Undertaking transformation big-bang
• A mortgage bank in US wanted to be a “Technology bank” and undertaking full scale transformation
• Modernize the core and differentiate at the front
• A large Australian telecom provider has strategy to change core and front end only for a identified business
process. See the success and broad base to all process
• Modernize the core process with platform replacement, Cloud infra
• Few retail and pharmacy companies are taking this approach
• Modernize the front end with digital technologies, so that incremental core modernization can happen later. Mainly
due to security and data concerns. An Ireland based insurance company decided not to buy third party cloud but
invest to develop their Infra with cloud attributes
• Mid sized financial services, health care and retail customers taking this approach
• Data privacy and security still a concern. Some large organizations, especially the financial services organizations
have dilemma of “benefits versus data”
• A large south African bank has taken minimalistic approach to cloud transformation
• Automation ( AI / ML / RPA ) and Agile / DevOps is fundamental requirement of organizations now
Brief about customer business, broad digital objectives
Customer is a leading large retail and commercial bank providing Banking and
Insurance services to customers. Bank wanted to move into a Digital bank with
imperatives to increase revenue through increased customer satisfaction through digital
products and service offering
Digital Bank Increased business
Customer Satisfaction
Current Futuristic revenue
• To help customer make faster • Faster , better services • Digital business and advisory
buying decisions through digital channel services
• Known as distance friendly, • Customer retention and • Faster, cross functional
Digital banking increased portfolio with services collaboration
• Agility in customer services the bank through single window
• Faster products and services • Branchless banking services using digital
• Intuitive technology and • Anytime, anywhere and technologies
Robust technology any device services • Better customer reach
architecture to support future through data analysis & data
business visualization
Customer transformation strategy
Customer laid out 4 broad strategy as part of their business transformation leveraging technologies
Technology Imperatives for transformation
• Bank has laid out strategy with business and technology imperatives align to banks decision
makers, strategic team of personas.
• The personas included CEO, CFO, CDO, CFO, CHRO, CSO, COO
From From
From From From
Long implementation Legacy architecture and
Fragmented interactions Information silos Static
cycles design
Digital Speed to market Innovation led Experience driven
First
To To To To
To
Rich, seamless, omni- Integrated, intelligent & Modern & extensible, Personalized, dynamic,
Agile and lean, cloud,
channel, digital informative single pane open APIs & digital, configurable contextual &
iterative delivery
experiences visibility composable relevant
Bank’s Digital focus area
• Reimagining the business (People, process, tools, Tech) • Modernizing platform
• Optimized business process, customer at the center • Mobile as channel for faster
(Faster delivery and services, Re-engineer business) business(Mobile first initiative)
• Extensibility of future and current business (Open • Modernized CRM platform (Better
architecture) customer reach strategy)
• Data as “single source of truth” (Data consistency, • Data platform (data at all levels,
Seamlessly Integrated business process) integrated, Real time analytics, Data
• Regulatory alignment (Data, business process) visualization)
• Modernized legacy core with differentiated front end • Open banking, API architecture
• Retire applications, platforms that no longer • Mobile first
requirements • Mainframe modernization
Using Testing
platform hosted on
On Cloud Infra On Cloud Infra Cloud
Hybrid
AWS VMC Cloud
Ora
cle
Hosted & On
Azure Premise
Azure Data-Center
Stack GC
Digital Engineering Desk P
Billing/Mete
ring/Show
back
Traditional Infra Intelligent Ops
DC, IaaS PAAS DevOps IOTs as a Code Holmes BOTs
Process
69