APJ - ISV - Database

Vendors offer numerous options to match your usage to your needs and significantly reduce your spending. For instance, by purchasing reserved instances in AWS, you might be able to dramatically reduce costs. In general, careful planning can let you predict your needs at any particular time and eliminate the overprovisioning that on- premises datacenters need to do. Effects on architecture and application design The architecture of cloud-based databases is inherently quite differ‐ ent from that of a traditional, on-premises database in a datacenter. You must take into account multiple geographic regions and AZs, different types of network designs, and other cloud-specific features when planning your database deployments. The DBA must keep in close contact with application developers to understand their needs and provide the best fit in the cloud at the lowest possible cost. Tracking license compliance Proprietary databases are offered in the cloud through two basic licensing models: license included or bring your own license (BYOL). The latter model is valuable if you already have a license and the model allows BYOL. You might need to consult a licensing specialist or the vendor to find out whether your existing license applies to the cloud. Security for Data and Applications in the Cloud Introductions to cloud computing typically arrange the functions of an administrator on a stack, with the installation of physical servers and cabling at the bottom of the stack and application management at the top. Managed databases assign responsibility for the bulk of these tasks to the cloud provider, leaving only application-level tasks in the hands of you the client. Self-managed databases keep most tasks in the hands of the client, leaving the vendor mostly to provide physical servers and basic networking. Security tasks also fit this stack concept, leading to what is com‐ monly called a shared security model. The vendor takes on more security tasks in managed databases than in self-managed databases. Briefly put, the cloud provider oversees infrastructure security, but you continue to be responsible for the security of your data and user Security for Data and Applications in the Cloud | 19

• Cover
• Table of Contents
• Chapter 1. Database Options in the Cloud
• High-Level Effects of Moving to the Cloud
• Self-Managed Versus Managed Databases
• Cloud Native Databases
• Types of Managed Databases
• When a Managed Database Might Not Be a Good Fit
• Role of the DBA in a Managed Database
• Chapter 2. The Changing Role of the DBA in the Cloud
• How DBA Tasks Change in the Cloud
• DBA Tasks That Are Taken Over by the Vendor
• DBA Tasks That Remain but with Changes
• New Tasks for the DBA in the Cloud
• Security for Data and Applications in the Cloud
• Access Control and Identity and Access Management
• Network Isolation
• Data Encryption
• Infrastructure as Code: Making the Most of the Cloud
• Chapter 3. Moving Your Databases to the Cloud
• Planning
• Factors in a Migration
• Major Migration Tasks
• Readiness Assessment
• Checking for Incompatibilities
• Data Movement
• Migrating the Database
• Migrating Applications
• Post-Migration Checks
• Optimization
• Availability
• Performance Optimization
• Adapting to Differences in the Cloud
• Conclusion
• Chapter 4. Conclusion
• About the Authors