GCP AWS Azure Architect, Houston, TX
Looking for a Google Cloud Architect in Houston? Or an Azure or AWS Certified Cloud Architect?
Addressing technical as well as financial concerns, Anuj guides CFOs, CIOs and CEOs through the evolving public cloud landscape. He has helped organizations save millions of dollars simply by adopting the right cloud platform for the right problem.

Start the conversation sooner, rather than later

Setup a time to chat with Anuj Varma, Google Cloud Architect, Azure Architect, AWS Architect, Houston, TX today. Architecture cannot be an afterthought (™)

Anuj Varma is a certified Google Cloud Architect (GCP Professional Architect) based in Austin, TX and Houston, TX.  Some aspects of GCP Cloud Architecture that Anuj has helped customers with include:

  • IaaS Design and Implementation – Networking Infrastructure, VPC, Subnets, Routes, Firewall Rules, DNS, Cloud Interconnect, VPN, CDN, Cloud Endpoints.
  • Securing GCP assets using firewalls, shared VPCs, Peered VPCs.  Setting up a DMZ in GCP – using firewall rules, subnets and custom routes
  • Compute Services in Google Cloud – App Engine, App Engine Flex, GKE, Cloud Functions, Redis cache
  • Storage on GCP – Cloud Storage, FileStore, Relational and Non relational data storage on Google Cloud.
  • Data Pipelines on Google Cloud – BigQuery, PubSub, BigTable, DataFLow and Task Queues, ingestion of data from Pub/Sub to Processing in DataFlow to storage in Cloud Storage. Data Studio Visualizations.
  • DevOps on Google Cloud – Deployment Manager Stackdriver Monitoring
  • Migration Readiness Assessments (Cloudamize, CloudPhysics, Movere) and actual migrations (CloudEndure, Velostrata)
  • PaaS – including Load Balancers, App Engine, App Engine Flex, GCP Storage Options and Lifecycle, Syncing on premises storage to GCP storage buckets
  • Docker and Containerization of Windows Server Hosted Apps , GKE – Container Optimized Images, Kubectl, gcloud management of Cluster, Restart Options, Networking.
  • IAM in GCP – External Identities, Primitive roles, custom roles, Service Accounts

Some aspects of Azure Architecture that Anuj has helped customers with include:

  • RBAC, Custom Policies, AAD Tenants, B2B and B2C Tenants, SSO
  • Azure Identity Specialist -SSO, SAML, JWT, Token vs. Cookie based sessions. multiple apps vs. Single App Scopes, Single Sign Out Implemenation
  • IaaS – Resource Groups, ARM vs. Classic, VM Scale Sets, Availability Sets, Update/Fault Domains, Site to Site VPNs, ExpressRoute, Subnets, NSGs, Default Routes and UDRs.
  • Networking Infrastructure – VNET layout – DMZ Subnet, Gateway Subnet (containing VNG) Web / Business / Data and AD Subnets. Shared VPN Tunnel using hub spoke architecture and VNET peering. Firewall Subnet containing Azure firewall (or checkpoint or appliance of choice).
  • PROD and NON-PROD environments – Dev Test Labs for staging and development users – with built in policies around limits and quotas per user.
  • Migration – Migrated over 40 apps from on prem to Azure IaaS as well as PaaS. Azure DMS. Migration Assessment using tools such as Cloudamize and Movere – application move groups, target right-sized VMs. Tools such as CloudEndure.
  • Azure Powershell – PowerShell cmdlets for day to day tasks (managing Resource groups., moving VMs between subnets, instance management, changing SKUs on resources, blob copy, sql data copy to azure blob storage, bulk copy from multiple sql server tables to Azure SQL DW, Custom Powershell tasks in Azure Pipelines)
  • Domain Controllers in Azure – ADDS, DNS, Redundant Topologies, Domain Joining
  • Identity in Azure – AAD, B2C, B2B Tenants, Identity Federation, Pass Through and Password (Hash) Sync. Advanced Threat Detection, Roles, Federated Identities, RBAC, Azure AD, AD Connect, B2B, B2C Tenants. Configured Pass Through Authentication using AD agent and AD Connect
  • Monitoring and Logging – Azure Monitor, Azure Advisor, Log Analytics, App Insights, Operations Management Suite, Azure Security Center, Network Watcher
  • Azure PaaS – PaaS Solutions including Azure Web Apps, Traffic Manager, Application Gateway, AAD, Scalable and Performant Apps using Azure Service Fabric (including stateless API Gateway)
  • Cloud Security (Network and App Layer) – Custom DMZs in the cloud, custom firewall appliances (Barracuda, Checkpoint), Azure Security Center, Azure WAF, Azure Firewall
  • Data Security – Azure key vault, Storage service and disk encryption keys, TDE (SQL Server DBs)
  • Backup and Recovery – Azure Site Recovery, Hyper-V and VMWare based workloads replicated to Azure.
  • Azure Governance – Management Groups, Policies – including tagging enforcement, auditing of unaudited SQL Azure and more. Tools such as CloudHealth, CloudCheckr, CloudTamer. Budgeting and Migration Readiness (Cloudamize, Movere, Cloudphysics), Monitoring (Azure Monitor, New Relic (Certified New Relic Engineer))
  • Azure Devops – Boards, repos, pipelines, GitHub based pipelines, teams, azure artifacts (NuGet and ARM templates), pull requests, entire docker pipeline – including multi stage docker build and push and pull of images to/from ACR

Some aspects of AWS Architecture and Devops that Anuj has helped customers with include:

  • Terraform and gitlab based pipelines – for managing entire resource lifecycle. EC2, S3, KMS based resource policies and resource creation.
  • AWS Jumpstarts – Over a dozen jumpstarts – including Core Networking: VPCs, Subnets and Addressing, Routes, SGs, NACLs, EC2, EBS. EFS, CloudFormation based resource creation
  • Organizations, Billing, SCPs, Orgs, Multi Account Structures, Org Level Policies
  • AWS Quickstarts and Landing Zones –  Control Tower
  • Backup and Restore and Replication Solutions – using Server Migration Service as well as Cohesity Data protection and Cohesity Data Platform. Native SQL Server Solutions including log shipping and Always On replication clusters.
  • Monitoring and Logging – CloudTrail Logs, CloudWatch Alarms, AWS Trusted Advisor, AWS Lambda,
  • RIs, Spot Instances, Cost Optimization Techniques, CloudHealth, CloudCheckr
  • PaaS including – ELBs, AutoScaling Groups, Policies, Beanstalk, EKS, Route 53, SSL Configuration
  • IAM users, groups, roles (Lambda function specific, S3 specific), Policies (Resource Based, Identity Based, Permissions Boundaries), AWS Access Keys
  • AWS Config, AWS Trusted Advisor
  • Centralized Logging strategy on AWS