Skip to main content
Infrastructure As Service in Cloud Migration

Infrastructure As Service in Cloud Migration

$249.00
Who trusts this:
Trusted by professionals in 160+ countries
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
When you get access:
Course access is prepared after purchase and delivered via email
Your guarantee:
30-day money-back guarantee — no questions asked
How you learn:
Self-paced • Lifetime updates
Adding to cart… The item has been added

This curriculum spans the technical, operational, and governance decisions required in a multi-phase cloud migration, comparable to the scope of a multi-workshop infrastructure transformation program conducted across enterprise IT, security, and finance teams.

Module 1: Assessing On-Premises Infrastructure Readiness

  • Decide which legacy systems require full re-architecture versus lift-and-shift based on dependency mapping and technical debt analysis.
  • Inventory and classify existing workloads by business criticality, performance requirements, and data sensitivity to prioritize migration order.
  • Conduct capacity utilization reviews over a 90-day period to right-size cloud instances and avoid over-provisioning.
  • Negotiate access to system logs and configuration management databases (CMDBs) when IT silos restrict visibility across networking, storage, and server teams.
  • Identify applications bound to specific hardware or drivers that cannot be migrated without vendor coordination or replacement.
  • Establish baseline performance metrics for network latency, I/O throughput, and CPU utilization to compare post-migration performance.

Module 2: Cloud Provider Selection and Contract Negotiation

  • Evaluate regional data residency requirements and align them with provider availability zones to meet compliance mandates.
  • Compare reserved instance pricing models across AWS, Azure, and GCP against projected workload stability to determine cost-optimal commitments.
  • Negotiate service-level agreements (SLAs) for uptime, support response times, and data egress penalties in enterprise contracts.
  • Assess provider-specific managed services (e.g., Azure NetApp Files, AWS FSx) to determine lock-in risks versus operational efficiency gains.
  • Validate provider certifications (e.g., FedRAMP, ISO 27001) against internal audit and regulatory requirements.
  • Define data egress strategies and cost thresholds to prevent unexpected bandwidth charges during large-scale migrations.

Module 3: Designing Secure and Scalable Network Architecture

  • Architect hybrid connectivity using AWS Direct Connect or Azure ExpressRoute with redundant paths and BGP failover configurations.
  • Implement segmentation using virtual private clouds (VPCs) and virtual networks (VNets) aligned with business unit boundaries and data classification.
  • Configure DNS routing policies to support phased cutover, blue-green deployment, and hybrid name resolution.
  • Enforce encryption in transit for all inter-VPC and on-premises traffic using IPsec or TLS, including inspection at security gateways.
  • Size NAT gateways and load balancers based on peak traffic patterns to avoid throughput bottlenecks.
  • Integrate cloud firewall services (e.g., AWS Network Firewall, Azure Firewall) with existing SIEM and threat intelligence platforms.

Module 4: Storage Migration and Data Management Strategy

  • Select between object, block, and file storage based on application access patterns and consistency requirements.
  • Plan data migration batches using AWS DataSync or Azure Migrate while managing throttling to avoid on-premises performance degradation.
  • Implement versioning, lifecycle policies, and cross-region replication for critical data without exceeding budget thresholds.
  • Address data sovereignty by configuring storage location policies and auditing geo-replication settings.
  • Validate data integrity post-migration using checksum validation and reconciliation scripts.
  • Design backup and snapshot retention schedules that align with RPO and RTO requirements while minimizing storage sprawl.

Module 5: Compute Instance Optimization and Deployment Automation

  • Choose between VMs, containers, and serverless based on workload portability, scaling needs, and operational overhead.
  • Develop golden images using Packer or Azure Image Builder to enforce consistent OS patch levels and configuration baselines.
  • Automate instance provisioning through Infrastructure as Code (IaC) using Terraform or Azure Resource Manager templates with peer review gates.
  • Implement auto-scaling policies using CPU, memory, or custom metrics while avoiding cold-start delays for critical services.
  • Enforce tagging standards at deployment time to enable cost allocation and resource accountability.
  • Configure instance termination protection and change control workflows to prevent accidental deletion of production systems.

Module 6: Identity, Access, and Privilege Governance

  • Integrate cloud identity providers with on-premises Active Directory using AD Connect or AWS Directory Service with failover planning.
  • Apply least-privilege principles to IAM roles and service accounts, regularly auditing permissions using AWS Access Analyzer or Azure Advisor.
  • Enforce multi-factor authentication (MFA) for all privileged accounts, including break-glass emergency access paths.
  • Implement just-in-time (JIT) access using Azure PIM or AWS IAM Identity Center to limit standing privileges.
  • Monitor and alert on anomalous sign-in activity using native cloud logging and correlation with on-premises identity logs.
  • Define cross-account access boundaries and service control policies (SCPs) in multi-tenant environments to prevent privilege escalation.

Module 7: Monitoring, Logging, and Operational Continuity

  • Aggregate logs from cloud and on-premises systems into a centralized platform like Splunk or Azure Monitor with retention tiering.
  • Configure custom metrics and alarms for application-specific KPIs beyond default CPU and memory thresholds.
  • Establish runbooks for common failure scenarios, including DNS resolution failures and VPC peering disruptions.
  • Conduct failover drills for critical systems to validate DR runbooks and RTO compliance without impacting production.
  • Standardize dashboard templates across teams to ensure consistent visibility into service health and performance.
  • Implement synthetic transactions to proactively test end-user experience across regions and network paths.

Module 8: Cost Management and Financial Governance

  • Deploy showback/chargeback models using cost allocation tags and cloud billing exports integrated with financial systems.
  • Identify and decommission orphaned resources such as unattached disks, idle load balancers, and unused IP addresses.
  • Use reserved instance exchange strategies to adapt to changing workload patterns without financial penalty.
  • Set budget alerts with escalating thresholds and assign accountability to business unit owners.
  • Compare spot instance usage against workload fault tolerance to balance cost savings and availability risk.
  • Conduct monthly cost reviews with stakeholders to reconcile forecasts, actual spend, and optimization opportunities.
!