EpochZero Learn
EpochZero LearnMulti-Domain Tech Learning Hub
Courses
LeaderboardAbout
Dashboard
EpochZero
EpochZero Learn
Multi-Domain Tech Learning Hub

Structured learning for Reverse Engineering, Cloud Security, Cryptography, and Web Development. Articles, videos, tests, and peer discussion.

Learn

  • Learning Path
  • All Articles
  • Video Lessons
  • Podcast
  • eBooks & PDFs
  • Question Banks
  • Cheatsheets
  • MCQ Banks

Tests & Forum

  • All Tests
  • REMA Tests
  • Cloud Tests
  • Forum
  • REMA Forum
  • Cloud Forum
  • Crypto Forum
  • Web Dev Forum

Campus

  • REMA Club
  • Full Stack Dev Club
  • Extension Activity
  • Events
  • CTF Competitions
  • Workshops
  • Industrial Visits

Platform

  • Dashboard
  • Leaderboard
  • About
  • Verify Certificate

© 2026 EpochZero Learn. Educational content for learning purposes.

Course Instructor: Ashish Revar

All articles
cloud-securityAWSAzureGCP

Cloud Service Providers & the Indian Context

Comparing AWS, Azure, and GCP across compute, storage, and identity primitives — and understanding NIC MeghRaj and Indian data sovereignty requirements that shape every cloud deployment in India.

Ashish Revar3 July 202610 min read1 views

Sign in to mark this article as read and track your progress.

Related to this topic

Continue learning

Listen

Tech Talk EP 07 — The Hypervisor Is Your True Security Perimeter

Audio deep-dive covering NIST SP 800-145, the SPI stack, shared responsibility, deployment models, Type-1/2 hypervisors, and Spectre/Meltdown side-channel attacks. ~30 min.

Reference material

eBook
Cloud Security — eBook
v2026
Open resource
Cheatsheet
Cloud Security — Cheatsheet
v2026
Open resource
MCQ Bank
Cloud Security — MCQ Bank
v2026
Open resource
Question Bank
Cloud Security — Question Bank
v2026
Open resource

External references

NIC MeghRaj Government Cloud Portal

Official portal for the National Informatics Centre government cloud platform.

blog
NIC MeghRaj Government Cloud Portal

Official portal for the National Informatics Centre government cloud platform.

blog
MeitY Empanelled Cloud Service Providers List

Ministry of Electronics and IT list of empanelled cloud service providers for government use.

paper
MeitY Empanelled Cloud Service Providers List

Ministry of Electronics and IT list of empanelled cloud service providers for government use.

paper
Digital Personal Data Protection Act 2023

Full text of the DPDP Act 2023 — India primary personal data protection legislation.

paper
Digital Personal Data Protection Act 2023

Full text of the DPDP Act 2023 — India primary personal data protection legislation.

paper
CERT-In Directions on Cybersecurity 2022

Binding CERT-In directions on 6-hour incident reporting and 5-year log retention.

paper
CERT-In Directions on Cybersecurity 2022

Binding CERT-In directions on 6-hour incident reporting and 5-year log retention.

paper
More articlesTest your knowledge

The Big Three Hyperscalers

AWS, Microsoft Azure, and Google Cloud Platform (GCP) together hold over 65% of global cloud market share. For security practitioners, the key skill is not brand loyalty — it is the ability to map equivalent primitives across platforms.

FunctionAWSAzureGCP
Virtual computeEC2Virtual MachinesCompute Engine
Object storageS3Blob StorageCloud Storage
Managed KubernetesEKSAKSGKE
Identity & AccessIAM + STSEntra ID (AAD)Cloud IAM
Key managementKMS + CloudHSMKey VaultCloud KMS + HSM
Threat detectionGuardDutyDefender for CloudSecurity Command Center
Audit loggingCloudTrailActivity LogCloud Audit Logs
WAFAWS WAFAzure WAFCloud Armor
Secrets managementSecrets ManagerKey Vault (secrets)Secret Manager

Knowing these equivalents lets you apply the same security methodology regardless of the provider in scope for a given engagement.

NIC MeghRaj: India Government Cloud

The National Informatics Centre (NIC) operates MeghRaj — the Government of India community cloud. It provides:

  • IaaS, PaaS, and SaaS to central and state government departments
  • Infrastructure hosted within Indian data centres under government control
  • Compliance with Government of India IT Act and associated rules by default

Key security considerations for MeghRaj:

  1. Data never leaves Indian soil — relevant for sensitive government workloads
  2. Access is restricted to government entities; procurement follows GFR rules
  3. Service availability SLAs differ from commercial hyperscalers

Indian Data Sovereignty Requirements

India has enacted several frameworks that directly affect cloud architecture decisions:

FrameworkKey RequirementCloud Impact
IT Act 2000 + RulesReasonable security practices for sensitive personal dataEncryption and access controls are mandatory
DPDP Act 2023Personal data of Indian citizens processed lawfully with consentData residency, deletion rights, breach notification
RBI IT FrameworkFinancial data must be stored in IndiaIndian region deployments mandatory for banking workloads
CERT-In Directions 20226-hour breach reporting; 5-year log retentionCloudTrail and centralised logging are not optional
SEBI CSCRF 2024Cybersecurity resilience framework for capital marketsRTO/RPO requirements, third-party risk management

Choosing the Right Provider for Indian Deployments

When selecting a cloud provider for Indian workloads:

  1. Data residency: Does the provider have an Indian region? AWS (Mumbai ap-south-1), Azure (Central India, South India), and GCP (Mumbai asia-south1) all do.
  2. Compliance certifications: Look for ISO 27001, SOC 2 Type II, and MeitY empanelment (for government workloads).
  3. Support for Indian compliance: Does the provider offer DPDP-aligned data processing agreements?
  4. Localisation: Is support available in Indian time zones with understanding of local regulatory nuance?

Key Takeaway

The cloud provider you choose inherits its own security posture into your stack. Verify provider certifications, understand region-level data residency guarantees, and map your workload requirements against Indian regulatory frameworks before the first resource is provisioned.