Enterprises are increasingly adopting a multi-cloud strategy, using a mix of Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS), hosted on platforms such as AWS, Azure, and other technology stacks. This leaves the architects and lead engineers with the challenge of how to integrate architectures and manage the enterprise cloud. Architects and engineers will learn how to design, implement, and integrate cloud solutions and set up controls for governance.

The first edition of this book was released in 2020, but developments in the cloud are rapidly evolving. This edition is extended with two cloud platforms that have grown significantly over the past years, Oracle Cloud Infrastructure and Alibaba Cloud. New methodologies have also been adopted by companies to improve cloud management. This includes the financial controls of FinOps and embedded security in DevSecOps.

After the introduction of the concept of multi-cloud, this book covers all of the topics that architects should consider when designing systems for multi-cloud platforms. That starts with designing connectivity to and between the various platforms and creating landing zones in Azure, AWS, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), and Alibaba Cloud. These clouds will be discussed in this book.

The book is divided into four main sections, covering the following:

1. Introduction to cloud and multi-cloud architecture and governance
2. Operations, including setting up and managing the landing zones that provide the infrastructure for cloud environments
3. Financial operations using the principles of FinOps
4. Continuous delivery and deployment using DevSecOps, covering identity and access management, securing data, security information, and new concepts such as AIOps and Site Reliability Engineering (SRE)

The book contains best practices for the major providers, discusses common pitfalls and how to avoid them, and gives recommendations for methodologies and tools. Of course, a book about multi-cloud could never be complete, but this book will provide you with good guidelines to get started with architecting for multi-cloud.

This book targets architects and lead engineers who are involved in architecting multi-cloud environments using Azure, AWS, GCP, OCI, and Alibaba Cloud. A basic understanding of cloud platforms and overall Cloud Adoption Frameworks is required.

Chapter 1, Introduction to Multi-Cloud, provides the definition of multi-cloud and why companies have a multi-cloud strategy.

Chapter 2, Collecting Business Requirements, discusses how enterprises could collect requirements using various enterprise architecture methodologies and how they can accelerate business results by implementing a multi-cloud strategy.

Chapter 3, Starting the Multi-Cloud Journey, explains how businesses can start developing and implementing cloud platforms, describing the steps in transition and transformation.

Chapter 4, Service Designs for Multi-Cloud, discusses governance in multi-cloud using the Cloud Adoption Frameworks of cloud providers.

Chapter 5, Managing the Enterprise Cloud Architecture, covers the architecture principles of various domains, such as security, data, and applications. You will learn how to create an enterprise architecture for multi-cloud.

Chapter 6, Controlling the Foundation Using Well-Architected Frameworks, explains how to define policies to manage the landing zone and get a deeper understanding of handling accounts in landing zones. The Well-Architectured Frameworks of cloud providers are used as guidance in setting up landing zones in various clouds.

Chapter 7, Designing Applications for Multi-Cloud, covers how to gather and validate business requirements for the resilience and performance of applications in the cloud.

Chapter 8, Creating a Foundation for Data Platforms, discusses the basic architecture of data lakes and considers the various solutions that cloud providers offer. You will also learn about the challenges that come with collecting and analyzing vast amounts of data.

Chapter 9, Creating a Foundation for IoT, explores the architecture principles of an IoT ecosystem and discusses how the cloud can help in managing IoT devices. We will explore some of these cloud solutions and also look at crucial elements in IoT, such as connectivity and security.

Chapter 10, Managing Costs with FinOps, focuses on the basics of financial operations in the cloud – for instance, the provisioning of resources and the costs that come with the deployment of resources.

Chapter 11, Maturing FinOps, talks about the transformation to managed FinOps in an organization by setting up a FinOps team, which has a major task in the adoption of the FinOps principles that we discussed in chapter 10.

Chapter 12, Cost Modeling in the Cloud, teaches how to develop and implement a cost model that allows organizations to identify cloud costs (showback) and allocate (chargeback) costs to the budgets of teams or units.

Chapter 13, Implementing DevSecOps, discusses setting up DevOps practices to develop and deploy applications to the cloud, but always with security as a priority, making sure that code, pipelines, applications, and infrastructure remain secure at every stage of the release cycle.

Chapter 14, Defining Security Policies, introduces the security frameworks of cloud providers and overall frameworks such as the Center for Internet Security (CIS) controls. You will learn how to define policies using these frameworks.

Chapter 15, Implementing Identity and Access Management, covers authenticating and authorizing identities. It also provides a good understanding of how to deal with least privileged accounts and the use of eligible accounts.

Chapter 16, Defining Security Policies for Data, starts with explaining data models and data classification. Next, you will learn how to protect data using cloud technologies such as encryption.

Chapter 17, Implementing and Integrating Security Monitoring, discusses the function and the need for integrated security monitoring, using SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response).

Chapter 18, Developing for Cloud with DevOps and DevSecOps, studies the principles of DevOps, how CI/CD pipelines work with push and pull mechanisms, and how pipelines are designed so that they fit multi-cloud environments. Next, you will learn how to secure DevOps processes using the principles of the DevSecOps maturity model and the most common security frameworks.

Chapter 19, Introducing AIOps and GreenOps, introduces the concept of Artificial Intelligence Operations (AIOps) and how enterprises can optimize their cloud environments using AIOps. You will also learn about achieving sustainability in the cloud using GreenOps.

Chapter 20, Conclusion: The Future of Multi-Cloud, provides a peek into the future of emerging clouds and how enterprises can manage the growth of cloud technology within their organizations. The chapter contains sections about SRE as a method to ensure the stability of systems, while development is done at high speed.

• It’s recommended to have a basic understanding of IT architecture and more specific cloud architecture. Architects are advised to study the foundation of enterprise architecture, for instance, TOGAF (The Open Group Architecture Framework).
• Since this book also covers aspects of service management as part of governance, it’s also recommended to have knowledge about IT service management (ITSM). Common basic knowledge about cloud patterns in public and private clouds is assumed.
• All chapters contain a Further reading section that provides information on more in-depth literature about topics discussed in the chapters.

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://packt.link/pDhXa.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. For example: “Mount the downloaded WebStorm-10*.dmg disk image file as another disk in your system.”

Bold: Indicates a new term, an important word, or words that you see on the screen. For instance, words in menus or dialog boxes appear in the text like this. For example: “Select System info from the Administration panel.”

Feedback from our readers is always welcome.

General feedback: Email feedback@packtpub.com and mention the book’s title in the subject of your message. If you have questions about any aspect of this book, please email us at questions@packtpub.com.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you reported this to us. Please visit http://www.packtpub.com/submit-errata, click Submit Errata, and fill in the form.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at copyright@packtpub.com with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit http://authors.packtpub.com.