...
In case of a disaster or a human error with the archived data on an Azure Files Share, Azure backup can be used to restore the archived files. It is recommended to use a geo redundant backup for archived data.
Monitoring and Alerting
Event Logs
Delft-FEWS logs all events from forecast workflows in the central database.
Operator Client
The Operator Client provides some access to information on the status of the system components, file imports and workflows.
Admin Interface
The Browser Based FEWS Admin Interface provides a dashboard for the FEWS Administrators to view the status of the Delft-FEWS components and workflows. Errors and events are logged within the central database and log extracts can be downloaded via the browser to provide to Deltares in the event of issues which can't be resolved internally.
The Admin Interface also provides a series of APIs to enable access to the events and status information and the audit logs.
Audit Logs of user actions are also stored in the central database and the Admin Interface API can be used to access these events.
Log Analytics
Using the Log Analytics service (part of Azure Monitoring) of Azure allows collecting log events from the different Delft-FEWS components.
The Master Controller, Forecasting Shell Server and Admin Interface support sending error log events to the Windows Event Logger or Linux syslog. Log Analytics can be connected to the Windows Event Logger and syslog. This requires installing the MicrosoftMonitoringAgent extension using on the ARM templatesvirtual machine.
To connect other Delft-FEWS component to Log Analytics a custom connector has to can be defined. All Delft-FEWS components log files to the local file system.
Malware protection
To protect the VMs from malware, it is required possible to install the IaaSAntimalware extension using on the ARM templatesVirtual Macghine. Enabling malware protection may have a negative impact on the performance of the Delft-FEWS components. It may be required to add some of the Delft-FEWS directories to the exclusion list.
Azure Infrastructure Monitoring
Infrastructure monitoring of the Delft-FEWS Virtual Machines is done with Azure Monitoring Services. This requires installing the IaaSDiagnostics extension using the ARM templateson the virtual machine.
Security
For Delft-FEWS in the cloud the same principles apply for security as on premise: Security - Shared responsibility model for Delft-FEWS system installations. Securing your cloud assets requires continuous investment in keeping your containers safe. An infamous example of malconfigured Kubernetes has been Tesla's unsecured admin console for a Kubernetes cluster. This led to malicious actors getting hold of credentials for Tesla's wider AWS environment who used it for cryptomining. Tesla highlighted that it was a test instance "only", but this incident shows why it's really important to secure both production and pre-production resources as far as possible.
...