1

Cloud Computing

Name

Course Number and Name

Institution

Professor’s Name

Date
 2

Cloud Computing

Introduction

Cloud computing provides on-demand access to shared IT resources, including

servers, storage, applications, and services, over the internet. Cloud computing services

enable organizations to scale up or down quickly and affordably, pay only for what they use,

and access the latest technologies without maintaining their own hardware and software

infrastructure. This report will critically evaluate Amazon Web Services (AWS) as a cloud

computing alternative platform and compare its capabilities to Google Cloud's, explicitly

focusing on Identity and Access Management (IAM) and IAP. Additionally, it will discuss

VPC networking as a cloud service concerning both Google Cloud and Amazon Web

Services (AWS).

Chosen Cloud Technology 1

Identity and Access Management (IAM) and Identity Aware-Proxy (IAP)

Identity and Access Management (IAM) is a group of policies, technologies, and processes

organizations use to manage digital identities and regulate access to resources. IAM is

essential for ensuring an organization's sensitive data's confidentiality, integrity, and

availability.

The critical components of IAM include:

a) Identity provisioning and de-provisioning: IAM helps create new users, manage

available users, and delete unwanted users across various systems and applications.

b) Authorization: Involves allowing and disapproving user access to various resources

available in a system. The IAM uses different access levels to approve or stop users

from accessing specific resources.

c) Authentication: Verifying user identity through the use of passwords, one-time-pin,

multi-factor authentications, and biometrics

 3

IAM does a critical job of ensuring that only authenticated users can access resources.

Identity Aware-Proxy (IAP) is a security feature offered by cloud providers, and it serves as a

barrier between the internet and the applications running on the cloud server. It prevents

unauthorized access by verifying the user's Identity before allowing access to the application.

Authentication is achieved by using passwords and usernames and sometimes multi-factor

authentication mechanisms. Overall, IAP provides an additional layer of security, preventing

unauthorized access to resources.

Google Cloud

The IAM and IAP services Google cloud provides are highly customizable and fine-

tuned. The IAM allows control over access to resources, including controlling access at the

project, folder, and resource levels. It also allows granting access based on roles or specific

permission. Other authentication mechanisms, such as Google accounts, G-suites, and other

third-party Identity providers, can be easily integrated with the IAM and IAP. Additionally,

Google cloud IAP provides enhanced features for web apps by allowing user access based on

their Identity and context. The IAP also easily integrates with external identity providers;

therefore, further customizations can be made.

Amazon Web Services

Amazon Web Services also provides IAM and IAP services that are equally robust.

IAM in AWS allows the administrator to dictate access to various AWS resources by

individual users, group users, or roles. The IAM integrates with multiple authentication

mechanisms provided by AWS, such as Amazon Cognito User pools, AWS Identity and

Access Management (IAM), and other external authentication providers.

IAP in AWS is known as AWS PrivateLink, and it allows controlled and private access to

various resources without exposing them to the internet.

Comparing IAM and IAP in Google Cloud and AWS

 4

Google Cloud and AWS provide comprehensive IAM and IAP with advanced

security features. However, Google Cloud IAM and IAP are more customizable and fine-

tuned, providing more control over user access and policy management for applications and

systems. The IAP feature provided by google cloud is integrated efficiently with more

external authentication providers than AWS’s PrivateLink. However, the AWS PrivateLink

delivers a secure connection over private networks that could be very advantageous in some

situations.

The AWS IAM and IAP have a very straightforward user interface compared to

Google clouds and integrate easily with other AWS features.

In summary, AWS and Google cloud provide good-quality IAM and IAP with similar

features and functionalities. However, Google Cloud IAP provides an additional layer of

security and can easily integrate with Google cloud IAM, a part that AWS does not provide

directly. All said and done, at the end of the day, the choice between the two platforms will

depend on an organization's needs and the specific features they require.

Chosen Cloud Technology 1

VPC Networking

This section will compare VPC Networking between the two Cloud providers, Google

Cloud and AWS.

Virtual Private Cloud networking is a type of network architecture used in Cloud

environments, and it allows the platform users to create a private, isolated network within

their cloud environment. With VPS, the users can create, launch and manage their virtual

networks in the cloud, and the same principles used in traditional on-ground networks are

applied. The users can provide their gateways and firewalls and configure access to the

network.

Comparison between AWS and Google Cloud’s VPC Networking

 5

a) Network Topology

Google cloud provides a VPC whereby all the resources in a project are part of the

same global network with a single IP address, which is not the case with AWS each

VPC is isolated from the others, and each with its IP address is different from the

other

b) Security

Both platforms provide security features for their VPC networks. However, Google

cloud’s firewall blocks all access to incoming traffic unless explicitly allowed,

preventing any denial-of-service attacks on the network. In AWS, all traffic is allowed

by default and must be restricted explicitly.

c) Load balancing: Both platforms provide capabilities for their VPCs to handle high

traffic, but Google Cloud offers a fully managed Load balancing system with more

advanced features, including SSL termination and content-based routing. Load

balancing options by AWS are either fully managed or self-managed.

d) Network peering

Regarding network peering, Google cloud allows for global peering where the VPC

can communicate with each other over private connections. AWS allows its VPCs to

only communicate with other VPCs in the same region.

In summary, Google Cloud and Amazon Web Services both provide excellent VPC

network services that are very similar in functionality and implementation. However, some

tiny differences may be suitable for different scenarios and performances. The use cases

depend on user preferences and the system specifications they want to implement.

In conclusion, both AWS and Google Cloud are excellent cloud computing providers

with excellent services, and the choice will significantly depend on user-specific needs and
 6

requirements. AWS has been in the market longer and has a more extensive range of services,

while Google Cloud has a reputation for faster networking and an intuitive user interface.
 7

References

Beach, B., Armentrout, S., Bozo, R., Tsouris, E., Beach, B., Armentrout, S., ... & Tsouris, E.

(2019). Virtual private cloud. Pro Powershell for Amazon Web Services, 85-115.

Chung, J. M. (2022). Cloud Computing and Edge Cloud Technologies. In Emerging

Metaverse XR and Video Multimedia Technologies: Modern Streaming and

Multimedia Systems and Applications (pp. 279-304). Berkeley, CA: Apress.

Jonas, E., Schleier-Smith, J., Sreekanti, V., Tsai, C. C., Khandelwal, A., Pu, Q., ... &

Patterson, D. A. (2019). Cloud programming simplified: A Berkeley view on

serverless computing—arXiv preprint arXiv:1902.03383.

Kaur, L., & Rani, E. (2022, October). Cloud computing’s emergence and associated security

challenges. In AIP Conference Proceedings (Vol. 2555, No. 1, p. 030004). AIP

Publishing LLC.

Mohammed, I. A. (2019). Cloud identity and access management–a model proposal.

International Journal of Innovations in Engineering Research and Technology, 6(10),

1-8.

Singh, K., & Zhadanovsky, L. (2013). Setting up multiuser environments in the aws cloud

(for classroom training and research). Tech. Rep., 2013. [Online]. Available:

http://aws. Amazon. Com/whitepapers.