Cloud resource cloning system and method

A self-service interface and workflow engine automate cloud resource cloning, addressing inefficiencies and security risks by integrating cloud integration modules to streamline the process, reduce manual effort, and ensure compliance, enhancing efficiency and security.

WO2026135677A1PCT designated stage Publication Date: 2026-06-25WESCO DISTRIBUTION INC

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
WESCO DISTRIBUTION INC
Filing Date
2024-12-19
Publication Date
2026-06-25

Smart Images

  • Figure US2024060975_25062026_PF_FP_ABST
    Figure US2024060975_25062026_PF_FP_ABST
Patent Text Reader

Abstract

This disclosure describes a computer-implemented method and system for cloning cloud resources. The process begins with receiving a cloning request and extracting operational data to select and deploy appropriate cloning operations. Post-cloning tasks are executed to ensure the cloned resource is ready for use. The system comprises a self-service interface, a cloning engine, and a post-cloning engine, leveraging artificial intelligence for enhanced decision-making. It incorporates policy compliance measures and features cloud-agnostic components to ensure compatibility with multiple cloud service providers. This method streamlines the cloning process, significantly reducing manual intervention and maintaining data integrity. The system enhances efficiency and security in cloud resource management, providing a robust solution for managing both production and non-production environments. This approach ensures that resources are cloned accurately and securely, supporting business needs while minimizing operational risks.
Need to check novelty before this filing date? Find Prior Art

Description

PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1TITLECLOUD RESOURCE CLONING SYSTEM AND METHODTECHNICAL FIELD

[0001] The present disclosure relates to cloning cloud system resources. In particular, the present disclosure relates to cloud resource cloning between a source and a target. More particularly the present disclosure relates to cloud resource cloning between production and non-production environments.BACKGROUND

[0002] This disclosure relates to the field of cloud computing, specifically addressing the challenges associated with cloning cloud resources, such as compute resources or storage resources, between source and target environments such as production and non-production environments. The efficient transfer of data between these environments is crucial for various software development and operational tasks, including testing, new feature development, troubleshooting, and bug fixing. Traditionally, this process has been complex, time-consuming, and prone to errors due to the involvement of multiple teams, including application, cloud, backup, and operating system (OS) teams. These teams often have varying privileges and specialized knowledge, requiring extensive coordination and manual intervention. Existing methods often involve sequential steps, such as requesting data duplication, recovering backup data, moving data to the appropriate environment and availability zone, cleaning up sensitive data, and adjusting configurations. This manual process leads to inefficiencies, increased labor costs, and potential security risks due to segregation of duties violations and high privilege access. Furthermore, current techniques make it difficult to ensure data integrity and compliance with industry standards.

[0003] The traditional process of cloning virtual machines involves a series of sequential steps, each requiring specialized knowledge and access privileges. The application team initiates the process by requesting data duplication from the source production environment to a target resource in a non-production environment. The cloud and backup teams then collaborate to recover and move the necessary backup data to the appropriate environment and availability zone, depending on the cloud service provider. Following this, the OS or application team manually cleans the data to remove unnecessary or sensitive information and adjusts configurations to prevent issues in the production environment. This manual process necessitates sequential collaboration among four teams to achieve cloud resource cloning, creating dependencies and potential bottlenecks. Current techniques are timeconsuming, resource-intensive, and prone to errors due to the manual handoffs and potential1321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 for miscommunication between teams. Current techniques are also prone to security risks, as sensitive data is handled by multiple individuals across different teams.SUMMARY

[0004] The present disclosure provides a system and method for cloning cloud resources between source and target environments such as production and non-production environments. The system and method streamline the cloning process by integrating a self- service interface, a workflow engine, a cloud integration module, and a post-cloning configuration module. The self-service interface allows users to initiate cloning requests, specifying source and target resources, restore points, and other relevant parameters. The workflow engine coordinates the execution of data restoration, transfer, and attachment tasks, minimizing manual intervention. The cloud integration module ensures data is restored to the correct availability zone and manages interactions with cloud service providers. The post-cloning configuration module performs data cleanup, configuration adjustments, and other post-cloning activities using post-cloning instructions.

[0005] The system and method offer several advantages over traditional methods, including reduced cloning time, minimized manual effort, improved data integrity, enhanced security, and increased compliance with industry standards. The cloning process according to this disclosure eliminates the need for extensive coordination among multiple teams, reducing labor costs and the risk of human error. The system's ability to ensure correct data placement and prevent data flow from non-production to production environments enhances security and compliance. The system and method are adaptable to various applications and cloud environments, providing a scalable and efficient solution for modern data management challenges.

[0006] The system's architecture is designed to be scalable and adaptable to different cloud environments. It can be deployed in a multi-cloud environment, supporting various cloud service providers. The system's components, such as the workflow engine and the cloud integration module, can be designed to be cloud-agnostic, facilitating compatibility with different cloud platforms. This flexibility allows organizations to leverage the benefits of different cloud providers and avoid vendor lock-in. The system can also be integrated with existing IT management tools and processes, streamlining the adoption and integration of the cloning solution into the organization's information technology (IT) infrastructure.

[0007] Manual cloud resource cloning between source and target environments, such as production and non-production environments, is time-consuming, involves multiple teams, and is prone to errors. This manual process traditionally requires coordination among2321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 application, cloud, backup, and OS teams, leading to inefficiencies and increased labor costs. A user interface (III) simplifies the cloning process for the application team, eliminating the need for multiple team involvement, reducing effort and time, and saving several man hours per cloning.

[0008] The application team provides both the source and target cloud resources for the cloning process. The cloud or backup team identifies the appropriate backup and restores the storage to a target subscription. If necessary, the cloud team moves the storage to the correct availability zone. The OS or application team then runs a cleanup script to remove or replace any sensitive data. Finally, the application team reviews and adjusts configurations on the target cloud resource. As used herein, in a computer environment, storage may refer to the process and systems used to retain and manage data, files, or information in a way that allows it to be retrieved, modified, or transferred when needed. It encompasses both hardware (physical devices like hard drives, solid-state drives, optical discs, and cloud storage systems) and software (file systems, databases, and storage management tools) that ensure the persistent availability of data. Storage can be categorized into different types based on speed, capacity, and purpose, such as primary storage (e.g., RAM), secondary storage (e.g., HDDs or SSDs), and tertiary or archival storage (e.g., tape drives or cloud services). The goal of storage in computing is to enable efficient, reliable, and secure access to data for processing, analysis, and long-term preservation.

[0009] In one embodiment, the present disclosure describes a computer implemented method for cloning cloud resources. The method includes receiving, at a computer interface, a cloning request for cloning a requested cloud resource; extracting a set of operational data based on the cloning request and the requested cloud resource; selecting, based on the extracted set of operational cloning data, a set of cloning operations; deploying the selected set of cloning operations to generate a cloned cloud resource of the requested cloud resource; deploying a set of post-cloning operations performed on the cloned cloud resource that are selected based on the operational cloning data and associated with a resource type of the requested cloud resource; transmitting a notification to the computer interface indicating a status of the cloning request; and providing, in response to a successful completion of the set of post-cloning operations, access to the cloned cloud resource.

[0010] In one embodiment, the present disclosure describes a system for cloning cloud resources. The system includes a self-service interface configured to receive a cloning request for cloning a requested cloud resource. A cloning engine is configured to select a set of cloning operations based on the cloning request received by the self-service interface and issue the set of cloning operations to a cloud service provider to generate a cloned cloud3321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 resource of the requested cloud resource. A post-cloning workflow engine is configured to select a set of post-cloning operations based on the cloning request received by the self- service interface and deploy the set of post cloning operations to modify a configuration of the cloned cloud resource and selectively remove data from the cloned cloud resource. A checkpoint system is configured to monitor a status of the cloning request and issue a notification indicating the status of the cloning request at the self-service interface.

[0011] In one embodiment, the present disclosure describes a computer-readable medium including instructs executable by a processor to receive a cloning request for cloning a requested cloud resource; extract a set of operational data based on the cloning request and the requested cloud resource; select, based on the extracted set of operational cloning data, a set of cloning operations; deploy the selected set of cloning operations to generate a cloned cloud resource of the requested cloud resource; deploy a set of postcloning operations performed on the cloned cloud resource that are selected based on the set of operational cloning data and associated with a resource type of the requested cloud resource; transmit a notification indicating a status of the cloning request; and provide, in response to a successful completion of the set of post-cloning operations, access to the cloned cloud resource.BRIEF DESCRIPTION OF THE DRAWINGS

[0012] FIG. 1 illustrates a cloud resource cloning system for cloning cloud resources.

[0013] FIG. 2 illustrates an embodiment of a method for cloning cloud resources.

[0014] FIG. 3 illustrates an embodiment of a method using artificial intelligence (Al) to identify and recommend cloud resource cloning based on real-time incidents and issues.

[0015] FIG. 4 illustrates an embodiment of a method that enables users to create new post-cloning instructions and associate them with existing workloads, reducing reliance on the cloud CoE team

[0016] FIG. 5 illustrates an embodiment of a method for cloning cloud resources.

[0017] FIG. 6 illustrates an embodiment of a computing hardware environment for cloud resource cloning.DESCRIPTION

[0018] In various embodiments, the present disclosure provides a computer- implemented system and method for cloning cloud resources. More particularly, the present4321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 disclosure provides a computer-implemented system and method for cloning cloud resources between a source and a target and in one aspect between production and nonproduction environments. A III simplifies the cloning process for an application team, eliminates the need for involvement of multiple teams, reduce effort and time, and saves man hours per cloning. The disclosure addresses the limitations of existing manual processes by streamlining the cloning workflow, reducing manual intervention, and enhancing security and compliance. The system includes several components that work together to implement the entire cloning process.

[0019] Cloud resources can be divided into compute and storage categories. Compute resources include virtual machines, such as scalable, on-demand virtualized servers (e.g., AWS EC2, Azure Virtual Machines, Google Compute Engine); containers, which are lightweight virtualized environments for applications (e.g., Docker, Kubernetes); serverless functions, which offer event-driven computing without server management (e.g., AWS Lambda, Azure Functions, Google Cloud Functions); bare metal servers, which are physical servers provisioned through the cloud (e.g., IBM Cloud Bare Metal Servers, Oracle Bare Metal); and auto-scaling groups, which adjust the number of compute instances based on demand (e.g., AWS Auto Scaling, Azure VM Scale Sets).

[0020] Storage resources include block storage, providing persistent storage for VMs (e.g., AWS EBS, Azure Managed Disks, Google Persistent Disks); object storage, used for unstructured data (e.g., AWS S3, Azure Blob Storage, Google Cloud Storage); and file storage, offering shared file systems in the cloud (e.g., Amazon EFS, Azure Files, Google Filestore).

[0021] In various embodiments, the comprehensive computer-implemented system and method automates cloud resource cloning between source and target or production and nonproduction environments. The computer-implemented system and method address the inefficiencies and risks of manual processes by integrating self-service portals, automation scripts, and cloud services to streamline data transfer, ensure correct zone placement, and manage post-cloning tasks using tools like automation engines, cloud integration modules, and post-cloning configuration modules, for example.

[0022] In various embodiments, the self-service interface, typically implemented as a web portal, provides a user-friendly interface for initiating cloning requests. Users can specify the source production cloud resource, target non-production cloud resource, restore point date, and other relevant parameters. The interface can also integrate multiple workflows and provide access to historical data, allowing users to select restore points within5321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 a defined period, such as 30 days.

[0023] In various embodiments, this self-service portal streamlines the request process, empowering application teams with direct control over the cloning procedure. The portal can be designed as a unified user interface (III) that integrates multiple workflows, providing a centralized platform for managing and tracking cloning requests. This unified portal simplifies the user experience and reduces the need for users to navigate multiple systems. Furthermore, the portal can incorporate features such as request tracking, status updates, and notifications, providing users with real-time visibility into the cloning process. The portal can also enforce access controls and policy frameworks, ensuring that only authorized users can initiate cloning requests and that cloning operations comply with organizational security policies. This centralized control enhances security and reduces the risk of unauthorized access to sensitive data.

[0024] In various embodiments, this enhanced self-service portal not only streamlines the request process but also offers robust tracking and management capabilities. Users can monitor the progress of their cloning requests in real-time, receiving status updates and notifications at each stage. This real-time visibility eliminates the need for manual follow-up and ensures transparency throughout the cloning lifecycle. Furthermore, the portal maintains a comprehensive history of cloning requests, providing valuable insights into past cloning activities. This historical data can be used for auditing, reporting, and analysis, enabling organizations to optimize their cloning processes and identify potential areas for improvement. The portal also facilitates communication and collaboration among team members by providing a centralized platform for sharing information and updates related to cloning requests. This enhanced communication streamlines the cloning process and reduces the risk of miscommunication or delays. Finally, the portal can be integrated with existing IT service management (ITSM) tools, allowing organizations to manage cloning requests within their established ITSM workflows.

[0025] In various embodiments, the self-service portal enables application teams to start cloning by selecting source cloud resources, target environments, and restore point dates. A workflow engine uses workflows to streamline data storage restoration, movement, and attachment. A cloud integration module ensures compatibility with providers cloud service providers, managing data restoration and zone alignment. The post-cloning configuration module utilizes post-cloning processes for tasks such as data cleanup, configuration adjustments, and task scheduling. A checkpoint system allows the cloning process to resume from the last successful step, minimizing disruptions and reducing overall time. Security frameworks enforce compliance with the International Organization for6321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1Standardization (ISO) and National Institute of Standards and Technology (NIST) standards to ensure data security and integrity. The system reduces reliance on multiple teams, enhances efficiency, minimizes human error, and ensures secure, compliant operations.

[0026] In various embodiments, the present disclosure provides a process for cloning cloud resources between source and target environment, such as, for example, production and non-production environments. In one embodiment, the process may be implemented using workflow engines, cloud integration modules, and post-cloning configuration modules, for example, to reduce manual intervention and allow the application team to trigger workflows, specify data sources, and backup dates. In one aspect, the process includes a self-service portal for initiating cloning, workflow engine for executing tasks, and integration with cloud services, for example. The system features checkpoints to resume processes after interruptions, safeguards to prevent data flow from source to target environments, such as, for example, non-production to production environments, and compliance with security standards. The process streamlines cloud resource cloning, reduce human error, improve efficiency, and save several man-hours per cloning by eliminating the need for coordination among multiple teams.

[0027] In various embodiments, the workflow engine, powered by a workflow management system such as GitHub Actions Workflow, executes data restoration, transfer, and attachment tasks. The engine receives the cloning request from the self-service interface and triggers the appropriate workflow. The workflow initiates a backup restoration from a designated source, such as an Azure Recovery Services Vault, and transfers the restored data to the target availability zone. The engine then attaches the restored data storage to the target non-production cloud resource.

[0028] In various embodiments, the workflow engine leverages scripting and workflow tools, such as GitHub Actions Workflow, to orchestrate the cloning process. This cloning process significantly reduces the need for manual intervention by the application, backup, and OS teams. The workflow engine can be configured to handle various cloning scenarios, including restoring data from specific restore points, moving data to designated availability zones, and attaching restored data storage to target cloud resources. The engine can also incorporate checkpoints to allow the cloning process to resume from the point of interruption in case of timeouts or other issues, eliminating the need to restart the entire process. This checkpoint system enhances the robustness and reliability of the cloning process. Moreover, the workflow engine can be designed to be cloud-agnostic, facilitating compatibility with multiple cloud service providers and enabling organizations to adopt a multi-cloud strategy.7321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1

[0029] In various embodiments, the workflow engine's cloud-agnostic design is a key advantage, enabling organizations to adopt a multi-cloud strategy without being tied to a specific cloud provider. This flexibility allows for seamless integration with various cloud platforms, including Azure, AWS, GCP, and others. The engine can dynamically adapt to the specific requirements of each cloud environment, ensuring consistent and reliable cloning operations regardless of the underlying infrastructure. Furthermore, the engine can be integrated with configuration management tools and platforms to leverage existing automation infrastructures. This integration simplifies the adoption of the cloning solution and reduces the need for specialized scripting or configuration. The workflow engine also supports various cloning scenarios, including full cloud resource cloning, storage-only cloning, and file-level cloning, providing flexibility to meet diverse data management needs. The engine can also be configured to handle different backup and recovery mechanisms, including snapshots, backups, and replication, ensuring compatibility with various data protection strategies. Finally, the engine incorporates robust error handling and logging capabilities, providing detailed information about cloning operations and facilitating troubleshooting in case of issues.

[0030] In various embodiments, the cloning system is designed to seamlessly integrate with existing IT infrastructure and tools. The system can be integrated with existing configuration management platforms to leverage existing automation infrastructures. The system also integrates with IT service management (ITSM) tools, enabling organizations to manage cloning requests within their established ITSM workflows. Furthermore, the system can be integrated with monitoring and logging tools to provide real-time visibility into cloning operations and facilitate troubleshooting. These integration capabilities simplify the adoption of the cloning solution and minimize disruption to existing IT processes.

[0031] In various embodiments, the system incorporates performance monitoring and optimization capabilities to ensure efficient cloning operations. Real-time monitoring tools track key performance indicators (KPIs), such as cloning time, resource utilization, and error rates. This data is used to identify performance bottlenecks and optimize the cloning process. The system also supports scaling of resources to accommodate fluctuating cloning demands. Furthermore, the system incorporates performance testing and benchmarking to continuously evaluate and improve performance. These features ensure that the cloning system operates efficiently and meets performance expectations.

[0032] In various embodiments, the GitHub Actions Workflow provides a robust and flexible platform for implementing the cloning process. It supports event-driven execution, allowing workflows to be triggered by various events, such as code pushes, pull requests, or8321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 scheduled cron jobs. This event-driven approach enables cloning based on specific triggers, such as the creation of a new development branch or a scheduled backup. Workflows can also be manually triggered by users through the workflow dispatch event. This manual trigger provides flexibility for ad-hoc cloning requests. Furthermore, GitHub Actions Workflows can leverage pre-built actions from the GitHub Marketplace or custom-developed actions, providing a wide range of capabilities.

[0033] In various embodiments, GitHub Actions Workflow's event-driven architecture enables cloning based on a wide range of triggers, including code changes, scheduled events, and manual triggers. This flexibility allows organizations to tailor their cloning processes to their specific needs and workflows. For example, workflows can be triggered when a new development branch is created, ensuring that developers always have access to the latest production data. Scheduled triggers can be used to create regular clones for testing or reporting purposes, while manual triggers provide flexibility for ad-hoc cloning requests. GitHub Actions Workflows also integrates seamlessly with other GitHub features, such as pull requests and code reviews, providing a unified platform for managing the entire software development lifecycle. This integration simplifies collaboration and streamlines the development process. Furthermore, GitHub Actions Workflows supports a wide range of programming languages and tools, allowing developers to use their preferred technologies for streamlining cloning tasks. The platform also provides access to a vast library of pre-built actions and community-contributed workflows, simplifying the development of complex scenarios. Finally, GitHub Actions Workflows offers robust security features, including access controls and secrets management, ensuring the protection of sensitive data during the cloning process.

[0034] In various embodiments, the cloud integration module manages interactions with cloud service providers, such as Azure, and ensures data is restored to the correct availability zone. The module queries the zone location of the target cloud resource and adjusts the restored data location if necessary. This functionality ensures data consistency and minimizes the risk of data corruption.

[0035] In various embodiments, the cloud integration module plays a role in ensuring data consistency and availability. It determines the correct location for data restoration and ensures that the source and target cloud resources are in the same cloud zone to avoid additional activities. This zone management simplifies the cloning process and reduces the risk of data corruption. The module can also handle storage type modifications, allowing users to change the storage type of the restored data storage to a lower-cost option for improved cost efficiency. Furthermore, the module can integrate with cloud-specific services,9321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 such as Azure Recovery Services Vault, to streamline backup restoration and data transfer processes. This integration leverages the capabilities of cloud providers to optimize performance and cost-effectiveness.

[0036] In various embodiments, the system incorporates various cost optimization strategies to minimize cloning expenses. The ability to modify storage types allows users to select lower-cost storage options for non-production environments. The system also optimizes resource utilization by cleaning up temporary resources, such as snapshots and virtual storage, after the cloning process is complete. Furthermore, the system can be configured to shut down or de-allocate cloned resources when they are not in use, further reducing costs. The system also provides cost reporting and analysis capabilities, enabling organizations to track cloning expenses and identify areas for cost savings. These cost optimization features help organizations maximize the value of their cloud investments.

[0037] In various embodiments, the cloud integration module's zone management not only simplifies the cloning process but also optimizes performance and cost-effectiveness. By ensuring that data is restored to the correct availability zone, the module minimizes data transfer latency and reduces the risk of data corruption. This zone management also simplifies disaster recovery planning by ensuring that data can be quickly and easily restored to a different availability zone in case of an outage. The module's ability to handle storage type modifications allows organizations to optimize storage costs by selecting the most cost- effective storage type for their non-production environments. This flexibility allows organizations to balance performance and cost considerations based on their specific needs. Furthermore, the module can be configured to tag and categorize cloned resources, simplifying resource management and cost tracking. The module also integrates with cloudspecific monitoring and logging services, providing real-time visibility into cloning operations and facilitating troubleshooting. The cloud integration module also supports various cloud storage services, including block storage, object storage, and file storage, providing flexibility to meet diverse data management needs. Finally, the module can be integrated with cloudspecific security and compliance tools, ensuring that cloning operations adhere to organizational security policies and industry regulations.

[0038] In various embodiments, the cloning system plays a vital role in disaster recovery and business continuity planning. By enabling rapid cloning of cloud resources to different availability zones or regions, the system facilitates quick recovery in case of outages or disasters. This capability minimizes downtime and ensures business operations can continue uninterrupted. The system also supports backups and replication of cloned resources, providing additional redundancy and resilience. Regular disaster recovery drills10321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 and testing are conducted to validate the system's effectiveness and ensure preparedness for unforeseen events. Furthermore, the system integrates with existing disaster recovery plans and procedures, streamlining the recovery process. These features enhance the organization's ability to withstand disruptions and maintain business continuity.

[0039] In various embodiments, the post-cloning configuration module performs data cleanup, configuration adjustments, and other post-cloning activities. This module utilizes post-cloning instructions to execute predefined tasks on the cloned cloud resource. These tasks can include cleaning sensitive data, adjusting configurations to avoid production-level settings, disabling scheduled tasks, and other application-specific operations. The use of post-clonign instructions ensures consistent and repeatable post-cloning operations.

[0040] In various embodiments, the post-cloning instructions provide a declarative approach to configuration management and automation. They define the desired state of the system rather than specifying step-by-step instructions. This declarative approach simplifies development and maintenance of post-cloning instructions. The configuration management framework ensures that the system conforms to the desired state as described in the postcloning instructions. Post-cloning instructions are structured as plays, where each play maps tasks to a group of managed nodes (hosts). This structure allows for targeted execution of tasks on specific groups of cloud resources. Furthermore, tasks in a post-cloning instructions are idempotent, meaning they can be run multiple times without causing unintended changes if the desired state is already achieved. This idempotence ensures the reliability and consistency of post-cloning operations.

[0041] In various embodiments, the post-cloning configuration module ensures that the cloned cloud resource is properly configured for use in the non-production environment. It utilizes post-cloning instructions, which contain predefined tasks for data cleanup, configuration adjustments, and other post-cloning activities. These post-cloning instructions can be customized to meet the specific requirements of different applications and environments. The module can also incorporate security safeguards to prevent data flow from non-production to production environments, minimizing the risk of human error and potential data loss. This unidirectional data flow protects the integrity of production data. Furthermore, the module can cleanup temporary resources, such as snapshots and virtual storage, after the cloning process is complete, optimizing resource utilization and reducing storage costs.

[0042] In various embodiments, the post-cloning configuration module can be extended to support a wider range of post-cloning activities, such as software installations, security11321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 hardening, and performance tuning. The module can also integrate with configuration management tools to automate the configuration of the cloned resource. Furthermore, the module can be designed to support custom scripts and post-cloning instructions, providing flexibility for application-specific configurations.

[0043] In various embodiments, the system is designed to be highly customizable and extensible to meet the diverse needs of different organizations and applications. The system supports custom scripts and post-cloning instructions, allowing organizations to tailor the cloning process to their specific requirements. The system also provides a plugin architecture that enables developers to extend the system's functionality with custom plugins. Furthermore, the system provides APIs that allow integration with other tools and systems. These customization and extensibility features enhance the system's flexibility and adaptability.

[0044] In various embodiments, the post-cloning configuration module is a critical component of the cloning system, ensuring that cloned cloud resources are properly configured for use in non-production environments. This module leverages post-cloning instructions, to execute a series of predefined tasks on the cloned cloud resource. These tasks can include cleaning sensitive data, such as personally identifiable information (Pll) or credit card numbers, to comply with data privacy regulations. Configuration adjustments can involve modifying network settings, disabling unnecessary services, and updating software versions to match the non-production environment. The module can also be configured to install specific software packages or tools required for testing or development purposes. Furthermore, the module create user accounts and access controls, ensuring that only authorized personnel can access the cloned cloud resource. The post-cloning configuration module can also be integrated with vulnerability scanning tools to identify and remediate security vulnerabilities in the cloned cloud resource. This proactive security approach minimizes the risk of security breaches and ensures that cloned cloud resources are hardened against potential threats. Finally, the module can be configured to generate reports and notifications about post-cloning activities, providing transparency and accountability throughout the cloning process.

[0045] In various embodiments, extending the capabilities of the post-cloning configuration module allows for greater flexibility and customization of the cloning process. Integrating with configuration management tools to manage the configuration of cloned resources in a centralized manner. This integration simplifies the management of complex configurations and ensures consistency across multiple cloned cloud resources. The module can also be designed to support custom scripts and post-cloning instructions, providing12321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 flexibility for application-specific configurations. This allows organizations to tailor the postcloning process to the specific requirements of their applications and environments. Furthermore, the module can be integrated with monitoring and logging tools to track the performance and health of cloned resources. This real-time monitoring enables organizations to identify and address potential issues proactively, ensuring the stability and reliability of their non-production environments. The post-cloning configuration module can also be configured to decommission cloned resources after they are no longer needed. This cleanup process optimizes resource utilization and reduces storage costs. Finally, the module can be integrated with security information and event management (SIEM) systems to monitor cloned resources for security threats and vulnerabilities. This integration enhances security posture and protects sensitive data in non-production environments.

[0046] In various embodiments, the system also addresses the challenges of privilege management and segregation of duties. Traditionally, a single person could not perform all the tasks involved in cloud resource cloning due to varying privileges across different resources. The invention utilizes "service principles" to grant necessary privileges to a single identity, enabling tasks that a single person could not previously perform due to privilege limitations. This centralized privilege management simplifies the cloning process and reduces the risk of security breaches. The system also enforces policy frameworks, such as ISO and NIST, to manage data security and prevent segregation of duties violations. This compliance with industry standards enhances security and reduces the risk of unauthorized access to sensitive data.

[0047] In various embodiments, the system is designed to meet stringent compliance and auditing requirements. The system generates detailed audit logs of all cloning activities, providing a comprehensive record of who accessed what resources and when. This audit trail facilitates compliance with regulatory requirements and internal policies. The system also supports role-based access control (RBAC), enabling organizations to define granular access permissions based on user roles and responsibilities. Furthermore, the system integrates with compliance management tools for compliance checks and reporting functions. These features enhance transparency, accountability, and compliance with industry standards.

[0048] In various embodiments, the system incorporates robust security measures to protect sensitive data throughout the cloning process. Access controls and encryption are implemented to ensure that only authorized personnel can access cloning resources, and that data is protected both in transit and at rest. The system also integrates with existing security information and event management (SIEM) systems to provide real-time monitoring13321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 and alerting for security threats. Regular security audits and vulnerability assessments are conducted to identify and address potential vulnerabilities. Furthermore, the system adheres to industry best practices and security standards, such as ISO 27001 and NIST Cybersecurity Framework, to ensure a high level of security. These comprehensive security measures minimize the risk of data breaches and unauthorized access to sensitive information.

[0049] In various embodiments, the system's centralized privilege management, using service principles, significantly enhances security and simplifies the cloning process. By granting necessary privileges to a single identity, the system eliminates the need for multiple individuals to have access to sensitive resources. This reduces the risk of security breaches and simplifies access control management. The system also enforces policy frameworks, such as ISO and NIST, to manage data security and prevent segregation of duties violations. This compliance with industry standards enhances security posture and reduces the risk of unauthorized access to sensitive data. Furthermore, the system can be integrated with identity and access management (IAM) solutions to provide granular control over access to cloning resources. This allows organizations to define fine-grained access policies based on roles, responsibilities, and other criteria. The system also supports multi-factor authentication (MFA) to further enhance security and protect against unauthorized access. By requiring multiple factors of authentication, such as a password and a one-time code, MFA makes it significantly more difficult for attackers to gain access to sensitive resources. Finally, the system can be configured to generate audit logs of all cloning activities, providing a comprehensive record of who accessed what resources and when. This audit trail enhances accountability and facilitates security investigations in case of incidents.

[0050] In various embodiments, additional enhancements to the system leverage artificial intelligence (Al) to further optimize the cloning process. Al algorithms can be used to analyze historical cloning data and identify patterns and trends. This analysis can be used to predict future cloning needs and proactively provision resources, reducing cloning time and improving efficiency. Al can also be used to optimize resource allocation by identifying the most cost-effective resources for cloning operations. This can involve selecting the appropriate storage type, availability zone, and other resource parameters based on historical usage patterns and cost considerations. Furthermore, Al can be used to enhance security by detecting anomalies and suspicious activities during the cloning process. This can involve analyzing log data, network traffic, and other security-relevant information to identify potential security threats. Al can also be used to select appropriate post-cloning configuration tasks based on the type of application being cloned. This can involve analyzing14321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 application dependencies, configuration requirements, and other factors to determine the optimal post-cloning configuration. Finally, Al can be used to personalize the cloning experience by providing customized recommendations and suggestions to users based on their past cloning activities and preferences. This personalized approach can simplify the cloning process and improve user satisfaction.

[0051] In various embodiments, Al-powered incident analysis and prediction can be integrated. By analyzing real-time incidents and issues, the system can proactively identify potential cloning needs and suggest cloning operations to development teams. This proactive approach can significantly reduce the time and effort required to troubleshoot and resolve issues. The Al model can be trained on historical incident data, system logs, and other relevant information to identify patterns and correlations that indicate potential cloning requirements. The model can then use this information to predict future incidents and suggest appropriate cloning actions. Furthermore, the Al model can be integrated with monitoring and alerting systems to provide real-time notifications of potential cloning needs. This allows development teams to respond quickly to emerging issues and minimize downtime. The Al model can also be configured to prioritize cloning suggestions based on the severity and impact of the incident. This ensures that critical issues are addressed first and that resources are allocated efficiently. Finally, the Al model can be continuously refined and improved through machine learning techniques, ensuring that it remains accurate and effective over time.

[0052] In various embodiments, to further empower users and reduce dependency on the cloud center of excellence (CoE) team, the system will enable users to create and manage their own post-cloning instructions. This feature will provide users with greater control over the cloning process and allow them to customize post-cloning activities to meet their specific needs. Users will be able to define a list of directories and files to clean up, specify replacement files, and provide custom scripts to be run during the post-cloning phase. The system will provide a user-friendly interface for creating and editing post-cloning instructions, allowing users to easily define the desired state of the cloned resource. This interface will include features such as syntax highlighting, validation, and version control to ensure the accuracy and reliability of user-defined post-cloning instructions. Furthermore, the system will provide a library of pre-built post-cloning instructions templates and modules that users can leverage to simplify the creation of custom post-cloning instructions. Users will also be able to share and collaborate on post-cloning instructions with other team members, fostering collaboration and knowledge sharing. Finally, the system will provide detailed documentation and tutorials to guide users through the process of creating and15321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 managing their own post-cloning post-cloning instructions. This self-service approach will empower users and reduce the burden on the cloud CoE team.

[0053] In various embodiments, the system incorporates version control and rollback capabilities to manage changes to cloning configurations and post-cloning instructions. Version control systems, such as Git, are used to track changes to post-cloning instructions and other configuration files. This allows users to revert to previous versions if necessary. The system also supports rollback of cloning operations in case of errors or failures. Furthermore, the system provides a mechanism for testing and validating changes before they are deployed to production. These features enhance the stability and reliability of the cloning system.

[0054] In various embodiments, comprehensive user training and support are provided to ensure users can effectively utilize the cloning system. Training materials, including documentation, tutorials, and videos, are available to guide users through the cloning process. Dedicated support channels, such as email, phone, and online chat, are available to address user questions and issues. Regular training sessions and webinars are conducted to keep users up-to-date on the latest features and best practices. Furthermore, the system incorporates user feedback mechanisms to continuously improve the user experience. These training and support resources empower users and ensure they can successfully leverage the system's capabilities.

[0055] In various embodiments, the cloning system continuously evolves to incorporate new features and enhancements. Future development plans include integrating with additional cloud providers, enhancing Al capabilities, and improving user experience. The system's roadmap is aligned with industry trends and best practices, ensuring that the system remains at the forefront of cloud resource cloning technology. Regular updates and releases are planned to deliver new features and improvements to users. This ongoing development ensures that the system continues to meet the evolving needs of organizations.

[0056] Various embodiments of a cloud resource cloning process will now be described. Turning now to the figures, FIG. 1 shows a cloud resource cloning system 100 for cloning cloud resources. In one embodiment, this cloud resource cloning system 100 uses an workflow engine 102 to streamline the cloning process, removing the need for manual involvement from different teams. The workflow engine 102 connects with a cloud integration module 104, which in turn interfaces with a post-cloning configuration module 106.

[0057] In one embodiment, a self-service portal provides a unified user interface for16321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 initiating the cloud resource cloning. The unified user interface allows application teams 108 to specify the source cloud resource (e.g., source compute resource or storage resource), target cloud resource (e.g., target compute resource or storage resource), and restore point dates (e.g., may be limited to 30 days prior). The unified user interface restricts cloning requests to source-to-target environments such as, for example, production-to-non- production environments.

[0058] In one embodiment, the workflow engine 102 utilizes workflows, such as GitHub actions, to restore, move, and attach data storage. The workflow engine 102 may integrate GitHub Actions Workflow, for example, to trigger and manage tasks. The workflow engine 102 executes sequential steps, including data restoration, storage movement, and postcloning activities.

[0059] In one embodiment, the cloud integration module 104 ensures compatibility with cloud service providers or platforms, such as Azure, and manages data restoration and zone alignment. The cloud integration module 104 includes a source subscription 114, a target subscription 120, and a target availability zone 122. The cloud integration module 104 works with multi-cloud service providers or platforms (e.g., Azure). The cloud integration module 104 ensures that restored data is moved to the correct availability zone of the target cloud resource (e.g., target compute resource or storage resource).

[0060] In one embodiment, the post-cloning configuration module 106 employs postcloning playbooks to handle tasks like data cleanup, configuration adjustments, and scheduled task management. The post-cloning configuration module 106 uses the postcloning instructions for tasks such as identifying sensitive data, cleaning the sensitive data, adjusting configurations, and disabling scheduled jobs to prevent unintended production operations. In the context of this disclosure, the post-cloning instructions are used to implement post-cloning activities, such as data cleanup, configuration adjustments, and disabling scheduled tasks to ensures consistent and repeatable operations on the cloned virtual machines. In one implementation, the post-cloning instructions define and manage configurations, deployment, orchestration, and provisioning tasks.

[0061] Techniques for identifying sensitive data include pattern recognition, contextual analysis, machine learning (ML) and natural language processing (NLP), data classification tools, and / or user input / behavior analysis. Pattern recognition uses algorithms to scan for predefined patterns, such as Social Security numbers (SSNs), credit card numbers, phone numbers, email addresses, and bank account numbers. Regular expressions (regex) are commonly employed for this task, which can be configured to match patterns for various17321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 types of sensitive data. Contextual analysis involves understanding the data within the file to assess whether it contains sensitive information. For example, if a document contains specific terms like “bank account,” “credit card,” or “healthcare,” it could indicate that sensitive data is present. ML models can be trained on labeled datasets to identify sensitive data based on contextual understanding. NLP tools help identify sensitive phrases, and text classifiers can be used to determine whether a document contains personal, financial, or other types of sensitive information. Data classification tools are specialized tools that can automatically classify data based on its sensitivity level. These tools can be configured to recognize and label data as confidential, restricted, or public, based on preset rules or classification systems like the General Data Protection Regulation (GDPR) or Health Insurance Portability and Accountability Act (HI PAA) standards. Sometimes, users may inadvertently include sensitive data. User input / behavior analysis and monitoring tools that track user input can help identify when sensitive information is being stored or shared improperly.

[0062] Data cleaning, in the context of sensitive data, involves the process of identifying, removing, or correcting inaccurate, incomplete, or improperly stored information to ensure that sensitive data is properly handled, anonymized, or removed to reduce risks related to data breaches or privacy violations. Cleaning sensitive data may involve redacting or masking, anonymization or pseudonymization, encryption, removing redundant data, data obfuscation, and / or data deletion. Redacting or masking is a technique for hiding sensitive information from documents, files, or databases, such as credit card numbers, by replacing parts sensitive terms, or values of the data with placeholder symbols or masked characters. This might involve replacing sensitive terms or values with masked characters (e.g., "XXX- XX-1234" for an SSN). Anonymization or pseudonymization involves removing personally identifiable information (PH) to ensure individuals cannot be identified directly from the dataset. Anonymization can be irreversible, while pseudonymization retains the ability to reidentify data if necessary under certain conditions. Anonymizing data may be performed by replacing identifiable fields (e.g., names, addresses) with anonymous placeholders or pseudonyms, making it impossible to trace back to the original individual unless additional information is available under controlled conditions. Encryption of sensitive data is useful such that even if it is exposed, it remains unreadable without the decryption key. Removing redundant data includes deleting duplicate or unnecessary instances of sensitive data from a dataset to limit exposure. Data obfuscation involves changing sensitive information in a way that keeps the data usable for analysis or testing but prevents identification. For example, modifying a person’s email address to "userXXX@domain.com" in order to keep the data usable while protecting privacy. Data deletion may be employed for extremely sensitive data18321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 that is no longer needed. In this circumstance, it may be best to securely delete sensitive data from the system using techniques such as data wiping or shredding, which overwrite data multiple times to prevent recovery. Additionally, compliance tools may be used to ensure compliance with data privacy laws (like GDPR, CCPA, HIPAA) to automatically clean or mask sensitive data in real-time. These tools help to ensure that sensitive data is handled properly according to legal standards. In practice, data cleaning may occur as part of a broader data governance and security strategy to reduce the risk of exposure or misuse of sensitive information.

[0063] In one embodiment, a checkpoint system enables resumption of the cloning process from the last successful step, minimizing disruptions and reducing overall process time. The checkpoint system implements flags to track process completion at each step. The checkpoint system allows resumption from the last completed step if interrupted.

[0064] In one embodiment, security frameworks enforce compliance with ISO and NIST standards to ensure data security and integrity. The security frameworks enforce policies to prevent data flow from target to source (e.g., non-production to production) environments. The security frameworks limit access based on team roles and privileges to mitigate risks of segregation-of-duties violations.

[0065] In one embodiment, the cloud resource cloning system 100 reduces reliance on multiple teams, enhances process efficiency, minimizes the risk of human error, and ensures secure and compliant operations.

[0066] In various embodiments, the cloud resource cloning system 100 supports a workflow for cloning cloud resources. This process includes request initiation, data restoration, zone management, data attachment, post-cloning tasks, and process completion.

[0067] During request initiation, the application team uses a self-service portal to trigger a workflow by the workflow engine 102 (e.g., GitHub Actions Workflow). The application team submits a request via the self-service portal to specify the source production resource, the target non-production resource, and a restore point date (up to 30 days prior).

[0068] In the data restoration phase, the workflow engine 102 retrieves backup data from the source production resource 116 (e.g., source production compute resource or storage resource). The workflow engine 102 initiates 112 a backup restore from the appropriate cloud resource, such as Azure's recovery services vault, for example.19321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1

[0069] For zone management, the restored data storage 124 is moved 118 to the correct target availability zone 122. The cloud integration module 104 ensures that the restored data storage 124 aligns with the target resource 128 zone.

[0070] In the data attachment step, the restored data storage 124 is attached 126 to the target resource 128.

[0071] During post-cloning tasks, an post-cloning engine 130 triggers a post-cloning process such as a post-cloning instructions to clean up sensitive data, adjust configurations, and disable unnecessary scheduled tasks, tailored to the application.

[0072] Finally, in process completion, the cloned target resource 128 is prepared for use by the application team, and the process status is updated in the self-service portal.

[0073] FIG. 2 illustrates an embodiment of a method 200 for cloning cloud resources. In one embodiment, the method 200 may be executed in the cloud resource cloning system 100 environment shown in FIG. 1. With reference now to FIG. 2 in conjunction with FIG. 1, the process begins when a user requests 202 the cloning of a cloud resource, such as a compute resource or storage resource. The method 200 first checks 204 if a restore has already been requested. If not, the method 200 initiates 206 a restore job and waits 208 and monitors 210 for its completion. If a restore job was previously requested, the method 200 checks 212 if the storage (e.g., disk) already exists.

[0074] If the storage does not exist, the method 200 continues to wait 208 and monitor 210 the restore job's completion. Once the storage exists, the method 200 checks 214 if the storage is attached. If not, or once the restore job finishes, the method 200 changes 216 the storage's stock keeping unit (SKU) to a standard locally redundant storage (LRS) and verifies 218 if the storage is in the correct zone. If not, the storage is moved 220 to the appropriate availability zone.

[0075] Next, the current data storage is detached 222 from the target resource, and the restored storage is attached 224. A workflow task is then launched 228. If the storage was already attached, the method 200 checks 226 if the workflow task was previously launched. If so, it waits 230 for the task to finish. If not, the method 200 launches 228 the workflow task and monitors 232 its completion. The method 200 ends once the workflow task is complete.

[0076] FIG. 3 illustrates an embodiment of a method 300 using artificial intelligence (Al) to identify and recommend cloud resource cloning based on real-time incidents and issues. The Al model 306 continuously receives data 302 on consumption, capacity, demand,20321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 incidents, and issues. Business logic 304 provides rules for analyzing this data 320, including thresholds and prioritization criteria. The Al model 306 identifies potential cloning needs, determines the best instance and recovery point, and suggests actions to the development team through a graphical user interface 308 (GUI). The team reviews and adjusts parameters as needed before deciding whether to proceed. If accepted, the information is sent to an application programming interface 310 (API), triggering a workflow and creating a schedule 312. This schedule, often a cron schedule, controls the timing of cloning tasks for regular backups, testing, or other purposes.

[0077] FIG. 4 illustrates an embodiment of a method 400 that enables users to create new post-cloning instructions and associate them with existing workloads, reducing reliance on the cloud CoE team. Initially, a user requests 402 cloud resource cloning. The method checks 404 for a defined post-cloning instructions. If an existing set of post-cloning instructions is selected 416, the process moves directly to a cloning process 414. If a new set of post-cloning instructions is chosen, the user specifies 406 directories and files for cleanup, provides 408 replacement files, and supplies 410 scripts to run. The post-cloning instructions are then created 412, and the cloning process 414 begins. In one aspect, the post-cloning instructions created 412 using an Al model.

[0078] FIG. 5 illustrates an embodiment of a method 500 for cloning cloud resources. The computing system 600 (FOG. 6) of one or more computers can be configured to perform particular operations or actions by virtue of having software, firmware, hardware, or a combination of them installed on the system that in operation causes or cause the system to perform the actions. One or more computer programs can be configured to perform particular operations or actions by virtue of including instructions that, when executed by data processing apparatus, cause the apparatus to perform the actions. One general embodiment includes a computer implemented method for cloning cloud resources. The computer implemented method 500 also includes receiving 502, at a computer interface, a cloning request for cloning a requested cloud resource. The method 500 also includes extracting 504 a set of operational data based on the cloning request and the requested cloud resource. The method 500 also includes selecting 506, based on the extracted set of operational cloning data, a set of cloning operations; deploying 508 the selected set of cloning operations to generate a cloned cloud resource of the requested cloud resource; deploying 510 a set of post-cloning operations performed on the cloned cloud resource that are selected based on the operational cloning data and associated with a resource type of the requested cloud resource; transmitting 512 a notification to the computer interface indicating a status of the cloning request; and providing 514, in response to a successful21321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 completion of the set of post-cloning operations, access to the cloned cloud resource. Other embodiments of this aspect include corresponding computer systems, apparatus, and computer programs recorded on one or more computer storage devices, each configured to perform the actions of the methods.

[0079] Implementations may include one or more of the following features. The computer implemented method 500 where receiving the cloning request may include receiving any one or a combination of cloning parameters including: the resource type of the requested cloud resource; a restore point of the requested cloud resource within a defined period; or a target availability zone for the cloned cloud resource. Selecting the set of cloning operations may include selecting a cloning operation that corresponds to any one or a combination of the following cloning parameters: the resource type; the restore point within the defined period; or the target available zone. The requested cloud resource may include a compute resource and / or a storage resource. The set of cloning operations deployed to generate the cloned cloud resource may include: restoring data from the selected restore point to a restored data storage; moving the restored data storage to the target availability zone linked with a target non-production cloud resource; and attaching the restored data storage to the target non-production cloud resource. The set of cloning operations deployed to generate the cloned cloud resource may include selecting a target storage type of the restored data storage. The deployed set of post-cloning operations performed on the cloned cloud resource may include any one of or a combination of cleaning sensitive data from the cloned cloud resource, adjusting a configuration of the cloned cloud resource, disabling scheduled tasks, disabling application-specific operations, or using post-cloning instructions. A set of post-cloning operations may be selected based on an artificial intelligence (Al) process model. The Al process model is trained based on the output of the post-cloning operations and any other data received during the cloning operation. The computer implemented method may include continuously monitoring and updating the status of the cloning request. Transmitting the notification to the computer interface indicating the status of the cloning request in response to detecting an issue associated with the status of the cloning request may include requesting additional information related to the cloning request at the computer interface. Implementations of the described techniques may include hardware, a method or process, or computer software on a computer-accessible medium.

[0080] The disclosure now turns to FIG. 6 which illustrates an embodiment of a hardware environment of a computing system 600 for cloud source cloning. The hardware environment of the computing system 600 is optimized for implementing the complex operations for cloud source cloning as described above in connection with FIGS. 1-5,22321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 integrating both a robust, modular hardware setup and a detailed processor-based computing system.

[0081] With reference to FIG. 6, the components of the hardware environment of the computing system 600 are in communication with each other using a system bus 605. The computing system 600 can include a processing unit (CPU or processor) 610 and a system bus 605 that may couple various system components including the system memory 615, such as a read only memory 620 (ROM) and random-access memory 625 (RAM), to the processor 610. The computing system 600 can include a cache 612 of high-speed memory connected directly with, in close proximity to, or integrated as part of the processor 610.

[0082] The computing system 600 can copy data from the system memory 615, ROM 620, RAM 625, and / or storage device 630 to the cache 612 for quick access by the processor 610. In this way, the cache 612 can provide a performance boost that avoids processor delays while waiting for data. These and other modules can control the processor 610 to perform various actions. Other system memory 615 may be available for use as well. The system memory 615 can include multiple different types of memory with different performance characteristics. The processor 610 can include any general-purpose processor and a hardware module or software module, such as module 1 632, module 2 634, up to module n 636 (where n is an integer greater than 2) stored in the storage device 630, to control the processor 610 as well as a special-purpose processor where software instructions are incorporated into the actual processor design. The processor 610 may essentially be a completely self-contained computing system, containing multiple cores or processors, a system bus, memory controller, cache, etc. A multi-core processor may be symmetric or asymmetric.

[0083] To enable user interaction with the computing system 600, an input device 645 can represent any number of input mechanisms, such as a microphone for speech, a touch- protected screen for gesture or graphical input, keyboard, mouse, motion input, speech and so forth. An output device 635 can also be one or more of a number of output mechanisms known to those of skill in the art. In some instances, multimodal systems can enable a user to provide multiple types of input to communicate with the computing system 600. The communications interface 640 can govern and manage the user input and system output. There may be no restriction on operating on any particular hardware arrangement and therefore the basic features here may easily be substituted for improved hardware or firmware arrangements as they are developed.

[0084] The storage device 630 can be a non-volatile memory and can be a hard disk or23321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 other types of computer readable media or storage which can store data that are accessible by a computer, such as magnetic cassettes, flash memory cards, solid state memory devices, digital versatile disks, cartridges, random access memory, read only memory, and hybrids thereof.

[0085] As discussed above, the storage device 630 can include the software modules 632, 634, 636 for controlling the processor 610. Other hardware or software modules are contemplated. The storage device 630 can be connected to the system bus 605. In some embodiments, a hardware module that performs a particular function can include a software component stored in a computer-readable medium in connection with the necessary hardware components, such as the processor 610, system bus 605, output device 635, and so forth, to carry out the function. For clarity of explanation, in some instances the present technology may be presented as including individual functional blocks including functional blocks comprising devices, device components, steps or routines in a method embodied in software, or combinations of hardware and software.

[0086] With reference to both FIG. 1 and FIG. 6, the disclosed cloud resource cloning system 100 operates within a sophisticated, processor-based computing environment, exemplified by the computing system 600, designed to orchestrate, optimize, and secure cloud resource cloning operations with real-time precision. Central to the cloud resource cloning system 100 is a high-performance processor 610, which coordinates essential functions across memory, storage, data inputs, and external networks via a system bus 605. Equipped with a dedicated cache 612, the processor 610 ensures rapid access and retrieval of critical data, minimizing latency and providing the computational capacity to process complex instructions related to task orchestration, inventory management, and order fulfillment including continuous Al-driven adjustments in task management, inventory tracking, and order fulfillment.

[0087] The computing system 600 includes a multi-tiered memory architecture where the system memory 615 includes both read-only memory 620 (ROM) and random-access memory 625 (RAM). One aspect of the computing system 600 is its multi-layered storage infrastructure, anchored by the storage device 630. This storage device 630 includes various forms of non-volatile memory, such as solid-state drives (SSDs) and magnetic storage, housing critical data and software modules 632, 634, 636 necessary for controlling the processor 610 and executing various cloning routines or operations described in FIG. 1, for example. The storage device 630 stores complex software algorithms and machine learning models that analyze historical data and real-time conditions, generating optimized task sequences for each cloud resource.24321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1

[0088] This configuration supports high-speed processing for tasks and data updates essential for dynamic operations for cloud resource cloning. While the ROM 620 provides core operational protocols and configurations, the high-speed RAM 625 enables the system to handle real-time updates to inventory levels, task queues, and predictive analytics. Furthermore, a storage device 630, including SSDs and magnetic storage, houses critical data and software modules necessary for executing cloud resource cloning functions. This storage system retains historical records, operational data, and machine learning models, enabling complex task sequencing and optimized inventory management.

[0089] Artificial intelligence (Al) and machine learning (ML) modules 650 embedded within the computing system 600 enable advanced predictive analytics, transforming historical and real-time data into actionable insights. High-performance Tensor Processing Units (TPUs) and Graphical Processing Unites (GPUs), and Central Processing Units (CPUs) support continuous training of Al I ML models that enhance slotting optimization, pick-path efficiency, and demand forecasting. Al-driven algorithms analyze real-time operational data to anticipate potential stockouts, bottlenecks, or equipment failures, allowing the system to adjust task allocations proactively. These Al / ML models 650 are housed on cloud servers 652, enabling parallel processing and providing adaptive, scalable insights across cloud resources or cloud service providers.

[0090] Leveraging TPUs, GPUs, and CPUs, the cloud resource cloning system 100 continuously trains the Al / ML models 650 that improve slotting optimization, pick-path efficiency, and demand forecasting, while factoring in complex variables like seasonality, lead times, and product perishability. Al-driven algorithms analyze real-time operational data to anticipate stockouts, bottlenecks, or equipment failures, to enable the system to proactively adjust task allocations and order priorities. These Al models are housed on cloud servers, where large datasets can be processed in parallel, providing scalable, adaptive insights to each cloud resource.

[0091] A suite of data collection and input / output (I / O) devices may be employed to monitor and interact with the cloud resource cloning system 100. Input devices 645, including barcode scanners, RFID readers, loT sensors, touchscreens, and handheld devices, capture real-time data on inventory status, item locations, and environmental conditions. This data feeds into the processor 610 for seamless integration into the operational database, enabling precise, on-the-fly adjustments. Output devices, such as digital displays, wearable alerts, and screens, provide real-time feedback to personnel on inventory status and task priorities, ensuring that staff remain informed of critical updates and operational changes. The range of input and output devices, including the input device25321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1645 and the output device 635, which enable users to interact directly with the cloud resource cloning system 100. These output devices 635, 645 provide real-time feedback and facilitate task monitoring, allowing users to stay informed of task progress, and any system updates. Input devices 645, such as touchscreens and handheld scanners, capture real-time data from users and transmit it to the processor 610, while output devices 635 display prioritized task sequences, updates on order status, and notifications for operational adjustments.

[0092] In various embodiments, the computing system 600 is extended and supported by a scalable cloud-based infrastructure 654, which provides scalable storage, processing power, and data analytics.

[0093] The scalable cloud-based infrastructure 654 also serves as the primary hub for inter-facility communication, linking regional facilities to a central command system that monitors and directs tasks across the network. When additional processing capacity is required, the system can dynamically allocate cloud resources, ensuring that computational workloads related to predictive analytics, complex task sequencing, and resource optimization are handled efficiently. Additionally, data redundancy protocols within the cloud architecture safeguard operational data, ensuring recovery from hardware failure or data loss scenarios.

[0094] The computing system 600 may be processor-based. The processor-based computing system operates within a cloud-enabled, modular hardware environment designed for scalability and high availability. This broader infrastructure includes additional Al-optimized processing units, such as TPUs and GPUs, which are capable of handling the intensive computational requirements of machine learning algorithms used for demand forecasting, slotting optimization, and real-time task adjustments. The modular cloud architecture ensures that each facility can access centralized data and processing power, dynamically adjusting workflows based on system demands. It also allows the orchestration module to allocate resources optimally, whether from central servers or distributed cloud resource-specific processors, depending on task priorities and operational constraints.

[0095] The scalable cloud-based infrastructure 654 provides flexible storage, processing, and analytics capabilities across distributed facilities. Cloud integration supports storage of historical data, remote processing of compute-intensive machine learning models, and real-time data access for multiple facilities. Managed through containerized applications and virtual machines, the cloud framework enables continuous software updates, enhanced disaster recovery, and dynamic resource allocation to accommodate varying operational26321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 demands. Cloud-based inter-facility communication ensures synchronized, efficient operations, with additional processing capacity allocated as needed.

[0096] Energy efficiency is also prioritized within the design of the cloud resource cloning system 100, with power management protocols integrated across hardware components to reduce the system’s environmental impact. The distributed power architecture, supported by uninterruptible power supplies (UPS) and backup generators, ensures reliable operation and minimizes downtime, allowing the system to maintain continuity and efficiency during power disruptions.

[0097] The cloud resource cloning system 100 security protocols ensure data integrity, privacy, and compliance with regulatory standards. These include end-to-end encryption, multi-factor authentication, role-based access control, and real-time monitoring via firewalls and intrusion detection systems. An Al-based anomaly detection component monitors access patterns and data consistency, flagging unusual activities. Additionally, encrypted logging and audit trails facilitate transparency and compliance with regulations such as GDPR for data privacy, while data sovereignty protocols ensure that sensitive information meets regional compliance standards.

[0098] This computing system 600 represents an end-to-end, cloud resource cloning system 100 that is adaptive and integrates Al-driven analytics, real-time data capture, robust security measures, and scalable cloud resources. The processor 610, memory modules, storage devices, and I / O components collectively enable data-driven decision-making, adjusting tasks in real time to respond to changing demands. Data flows seamlessly from cloud storage and I / O devices to the central processor, dynamically orchestrating resources to provide real-time updates to warehouse staff, maintain efficiency, and optimize performance across facilities. This robust, secure, and compliant system is designed to streamline operations, improve responsiveness, and support scalable growth in diverse logistics environments.

[0099] Altogether, the computing system 600 represents an end-to-end, cloud resource cloning environment that combines Al-driven analytics, real-time data collection, secure data management, and scalable cloud resources to deliver exceptional operational efficiency. The processor 610, memory modules, storage devices, and I / O components work in concert to enable continuous, data-driven decision-making, adjusting cloud resource cloning tasks to meet evolving demands with precision. As data flows from the scalable cloud - based infrastructure 654 and various I / O devices to the processor 610, the computing system 600 dynamically orchestrates resources, providing real-time updates to staff and ensuring27321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 optimal performance across cloud resources or cloud service providers. This high- performance, secure, and compliant environment thus allows for streamlined operations, enhanced responsiveness to market demands, and scalable growth across diverse logistical challenges.

[0100] In summary, this integrated computing environment 600 offers a comprehensive solution for cloud resource cloning operations, combining high-performance processing, advanced memory configurations, scalable cloud-based resources, and robust communication interfaces. It enables efficient and adaptive control over the entire fulfillment process, from inventory monitoring and task allocation to predictive analytics and order prioritization, ultimately facilitating efficient and responsive cloud resource cloning operations that meet complex and changing logistical demands. Together, these elements establish a high-performance environment that supports continuous adaptation, precise task orchestration, and predictive optimization, fully realizing the functionalities described in the appended claims.

[0101] The presently disclosed cloud resource cloning system 100 harnesses advanced artificial intelligence (Al) technologies, integrating sophisticated machine learning models with cutting-edge computational infrastructure to solve complex problems, enhance decisionmaking, and execution of tasks across multiple cloud resources or cloud service providers. Designed with flexibility, scalability, and high-performance in mind, the system offers organizations a comprehensive Al solution tailored to their needs.

[0102] At its core, the cloud resource cloning system 100 utilizes a scalable, cloudbased architecture that ensures high availability, security, and performance even under the most demanding conditions. A distributed data processing pipeline allows the system to efficiently ingest, cleanse, and transform large volumes of structured and unstructured data in real-time, facilitating quick, intelligent insights.

[0103] The cloud resource cloning system 100 leverages state-of-the-art deep learning models such as convolutional neural networks (CNNs) for image analysis, recurrent neural networks (RNNs) for sequential data, and transformer models for natural language processing (NLP). These models are dynamically selected and optimized based on input data, ensuring the best possible outcomes for tasks like predictive analytics, image recognition, and language understanding.

[0104] Through reinforcement learning, the Al system continually learns and adapts in real-time, optimizing its performance over time. This feature enables autonomous decision-28321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 making in dynamic environments like robotics, autonomous vehicles, and operational workflows, where the system adjusts based on changing data or conditions.

[0105] In addition to cloud infrastructure, the cloud resource cloning system 100 includes edge computing capabilities, enabling real-time Al processing on local devices or servers. This reduces latency and allows critical applications — such as loT networks, autonomous systems, and real-time monitoring — to function seamlessly without relying on constant cloud communication.

[0106] Optimized for high-performance computing environments, the cloud resource cloning system 100 utilizes GPUs and TPUs to accelerate machine learning tasks, enabling the rapid processing of large datasets. This feature is especially beneficial for applications requiring intense computational power, such as video analytics, financial modeling, and realtime data processing.

[0107] Built on a microservices framework, the Al system offers scalability and flexibility. Each Al function is deployed as an independent service, allowing organizations to scale and adjust components as necessary without affecting the entire system. This modularity ensures seamless updates and improvements over time.

[0108] The Al system integrates with real-time data streaming platforms like Apache Kafka and Apache Flink to process and analyze live data as it enters the system. This feature empowers businesses to make data-driven decisions in real-time, adapting quickly to new information and evolving market conditions.

[0109] Equipped with advanced NLP capabilities, the cloud resource cloning system 100 comprehends, interprets, and generates human language. This enables applications like Al- driven customer service chatbots, sentiment analysis, and content generation, executing tasks that would otherwise require human input.

[0110] Built with security, the cloud resource cloning system 100 features end-to-end encryption and adheres to the latest privacy regulations. It includes continuous monitoring for anomalous behavior, ensuring that sensitive data is securely processed and stored in compliance with industry standards.

[0111] The cloud resource cloning system 100 can be deployed across a range of environments, including public or private cloud infrastructures (e.g., AWS, Azure, Google Cloud), hybrid cloud setups, or fully on-premise configurations. This flexibility allows organizations to select the best deployment strategy based on their operational, security,29321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 and scalability needs.

[0112] The cloud resource cloning system 100 based on Al represents a leap forward in intelligent technologies, combining adaptive learning, real-time data analytics, and advanced computing power to offer organizations unparalleled efficiency, accuracy, and insight. By seamlessly integrating Al into existing operations and adapting to diverse environments, this system empowers businesses to thrive in a rapidly evolving, data-driven world.

[0113] The computing system 600 of one or more computers can be configured to perform particular operations or actions by virtue of having software, firmware, hardware, or a combination of them installed on the system that in operation causes or cause the system to perform the actions. One or more computer programs can be configured to perform particular operations or actions by virtue of including instructions that, when executed by data processing apparatus, cause the apparatus to perform the actions. One general embodiment includes a computer implemented method for cloning cloud resources. The computer implemented method also includes receiving, at a computer interface, a cloning request for cloning a requested cloud resource. The method also includes extracting a set of operational data based on the cloning request and the requested cloud resource. The method also includes selecting, based on the extracted set of operational cloning data, a set of cloning operations; deploying the selected set of cloning operations to generate a cloned cloud resource of the requested cloud resource; deploying a set of post-cloning operations performed on the cloned cloud resource that are selected based on the operational cloning data and associated with a resource type of the requested cloud resource; transmitting a notification to the computer interface indicating a status of the cloning request; and providing, in response to a successful completion of the set of post-cloning operations, access to the cloned cloud resource. Other embodiments of this aspect include corresponding computer systems, apparatus, and computer programs recorded on one or more computer storage devices, each configured to perform the actions of the methods.

[0114] Implementations may include one or more of the following features. The computer implemented method where receiving the cloning request may include receiving any one or a combination of a set of cloning parameters including: the resource type of the requested cloud resource; a restore point of the requested cloud resource within a defined period; or a target availability zone for the cloned cloud resource. Selecting the set of cloning operations may include selecting a cloning operation that corresponds to any one or a combination of the set of cloning parameters including: the resource type; the restore point within the defined period; or the target available zone. The requested cloud resource may include a compute resource and / or a storage resource. The set of cloning operations30321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 deployed to generate the cloned cloud resource may include: restoring data from the selected restore point to a restored data storage; moving the restored data storage to the target availability zone linked with a target non-production cloud resource; and attaching the restored data storage to the target non-production cloud resource. The set of cloning operations deployed to generate the cloned cloud resource may include selecting a storage type of the restored data storage. The deployed set of post-cloning operations performed on the cloned cloud resource may include any one of or a combination of cleaning sensitive data from the cloned cloud resource, adjusting a configuration of the cloned cloud resource, disabling scheduled tasks, disabling application-specific operations, or using post-cloning instructions. A set of post-cloning operations may be selected an artificial intelligence (Al) process model. The Al process model is trained based on the output of the post-cloning operations and any other data received during the cloning operation. The computer implemented method may include continuously monitoring and updating the status of the cloning request. Transmitting the notification to the computer interface indicating the status of the cloning request in response to detecting an issue associated with the status of the cloning request may include requesting additional information related to the cloning request at the computer interface. Implementations of the described techniques may include hardware, a method or process, or computer software on a computer-accessible medium.

[0115] One general embodiment includes a system for cloning cloud resources. The system also includes a self-service interface configured to receive a cloning request for cloning a requested cloud resource; a cloning engine configured to: select a set of cloning operations based on the cloning request received by the self-service interface, and issue the set of cloning operations to a cloud service provider to generate a cloned cloud resource of the requested cloud resource, a post-cloning engine configured to: select a set of postcloning operations based on the cloning request received by the self-service interface, and deploy the set of post cloning operations to modify a configuration of the cloned cloud resource and selectively remove data from the cloned cloud resource. The system also includes a checkpoint system configured to: monitor a status of the cloning request. The system also includes issue a notification indicating the status of the cloning request at the self-service interface. Other embodiments of this aspect include corresponding computer systems, apparatus, and computer programs recorded on one or more computer storage devices, each configured to perform the actions of the methods.

[0116] Implementations may include one or more of the following features. The system where the requested cloud resource may include a source production cloud resource and the cloned cloud resource is a target non-production cloud resource, and where the set of31321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 cloning instructions issued by the cloning engine are configured to: initiate a backup restoration of data corresponding to the source production cloud resource to a restored data storage; relocate the restored data storage to an availability zone corresponding to the target non-production cloud resource; and attach the restored data storage to the target nonproduction cloud resource. The system may include a policy compliance module to restrict data flow to non-production environments to maintain production data integrity. The policy compliance module is configured to enforce policy frameworks to manage data security and prevent segregation of duties violations. The cloning engine and the post-cloning engine may include cloud-agnostic components to facilitate compatibility with multiple cloud service providers. The checkpoint system is further configured to: detect an issue associated with the status of the cloning request; request additional information related to the cloning request at the self-service interface; and resume the cloning request based on receiving the additional information at the self-service interface. The cloning engine is configured to: extract a set of operational data based on the cloning request and the requested cloud resource; and select the set of cloning operations based on the extracted set of operational data. The cloning request may include any one or a combination of a set of cloning parameters including: a resource type of the requested cloud resource; a restore point of the requested cloud resource within a defined period; or a target availability zone for the cloned cloud resource. The cloning engine is configured to select a cloning operation that corresponds to any one or a combination of cloning parameters including: the resource type; the restore point; or the target available zone. The cloning engine may include an artificial intelligence (Al) process model configured to select the set of post-cloning operations. The Al process model may be trained based on the output of the post-cloning operations and any other data received during the cloning operation. Implementations of the described techniques may include hardware, a method or process, or computer software on a computer-accessible medium.

[0117] One general aspect includes a computer-readable medium may include instructs executable by a processor to: receive a cloning request for cloning a requested cloud resource; extract a set of operational data based on the cloning request and the requested cloud resource; select, based on the extracted set of operational cloning data, a set of cloning operations; deploy the selected set of cloning operations to generate a cloned cloud resource of the requested cloud resource; deploy a set of post-cloning operations performed on the cloned cloud resource that are selected based on the set of operational cloning data and associated with a resource type of the requested cloud resource; transmit a notification indicating a status of the cloning request; and provide, in response to a successful completion of the set of post-cloning operations, access to the cloned cloud resource. Other32321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 embodiments of this aspect include corresponding computer systems, apparatus, and computer programs recorded on one or more computer storage devices, each configured to perform the actions of the methods.

[0118] Within the context of this disclosure, the term "module" is used as a broad and flexible term to describe a component of the cloud resource cloning system 100 that can be implemented using hardware, software, firmware, or a combination of these to perform one or more specific tasks or operations. A module may be implemented using various types of technology, including but not limited to:

[0119] Hardware: A physical device or circuit that executes predefined functions. Hardware modules may include, but are not limited to, processors (e.g., central processing units (CPUs), digital signal processors (DSPs), graphical processing units (GPUs)), memory components (RAM, ROM, flash memory), network interfaces, power management systems, or specialized chips such as application-specific integrated circuits (ASICs) or field- programmable gate arrays (FPGAs). These components may be connected through buses, networks, or communication interfaces, providing the necessary infrastructure for high-speed data transfer and execution of operations.

[0120] Software: A set of instructions stored in memory and executed by processing units. Software modules may include executable code, dynamic link libraries (DLLs), software development kits (SDKs), virtual machine environments, or applications. These modules are responsible for implementing algorithms, data processing, decision-making logic, and user interface functionalities. Software modules can be written in various programming languages (e.g., C++, Python, Java) and can interact with other modules through well-defined APIs, middleware, or cloud-based services.

[0121] Firmware: Low-level code stored in non-volatile memory (e.g., EEPROM, flash memory) that bridges the gap between hardware and higher-level software. Firmware modules provide the control logic necessary to configure, initialize, and manage hardware devices. Firmware can handle essential tasks such as device bootstrapping, protocol handling, and power management. Firmware updates may be delivered remotely, enabling post-deployment enhancements and security patches without requiring hardware modifications.

[0122] Modules are capable of interacting with other modules via inter-module communication within the system through standard communication protocols such as InterProcess Communication (IPC), message passing, remote procedure calls (RPC), or data33321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 buses. This allows for distributed operations across different hardware or software environments, whether local or over a network. The use of APIs, middleware layers, or network protocols (e.g., REST, gRPC) facilitates seamless communication between modules regardless of their underlying implementation.

[0123] Modules are designed with modularity and scalability features via a plug-and-play architecture, enabling the system to dynamically add, remove, or modify modules as needed. This modularity allows the system to scale efficiently, either horizontally (by adding more modules for parallel processing) or vertically (by enhancing the capabilities of individual modules). This feature is particularly useful in distributed computing environments, such as cloud platforms or multi-core processors.

[0124] Modules can be designed to support multi-threading, parallel execution, or distributed computing architectures, where tasks are split across multiple hardware resources (e.g., multi-core processors, distributed nodes). Load balancing and task synchronization mechanisms ensure efficient resource utilization, minimizing execution time for complex operations.

[0125] Modules can integrate Al-driven components such as machine learning models or neural networks to perform tasks like pattern recognition, decision-making, and predictive analytics. These Al modules can be pre-trained models or dynamically updated through continuous learning, depending on the application's requirements. Modules can leverage specialized Al hardware accelerators such as TPUs (Tensor Processing Units) or GPUs for high-performance processing.

[0126] For time-sensitive applications, modules may feature real-time processing capabilities, including low-latency processing, task prioritization, and event-driven architectures. Real-time operating systems (RTOS) or real-time task schedulers can be used within firmware or software modules to ensure that critical tasks are completed within specific time constraints.

[0127] Modules may incorporate security mechanisms such as encryption, authentication, and access control to protect data and ensure the integrity of operations. Secure hardware modules (e.g., Trusted Platform Modules (TPMs) or secure enclaves) may be used to store cryptographic keys and execute secure operations, while software- based modules may implement firewalls, intrusion detection systems (IDS), or secure communication protocols (e.g., TLS / SSL).

[0128] Modules may manage and store data using embedded databases, cloud storage34321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 services, or other data management and persistence mechanisms. Data synchronization across distributed systems may be supported through version control, replication strategies, and consistency models (e.g., eventual consistency, strong consistency).

[0129] Modules are adaptable for deployment in cloud environments (e.g., AWS, Google Cloud, Microsoft Azure) or edge computing frameworks. Cloud-based modules can dynamically scale according to demand, leveraging elastic resources, while edge modules perform low-latency processing closer to the data source, reducing dependency on centralized cloud systems.

[0130] In environments where power consumption is critical (e.g., loT devices or battery- operated systems), modules may include energy-efficient designs, such as power-aware algorithms, dynamic voltage scaling, sleep modes, or energy harvesting technologies. Hardware modules may implement low-power designs using specific semiconductor technologies optimized for minimal energy usage.

[0131] Each module is designed to function as an independent, reusable component within a larger system architecture, while maintaining compatibility with other modules. This modular approach allows for flexibility in system design, enabling easy upgrades, extensions, and maintenance. Whether deployed on dedicated hardware, within virtualized environments, or across distributed networks, modules provide the foundational building blocks for the functionality of the cloud resource cloning system 100 comprehensive functionality.

[0132] In some embodiments the computer-readable storage devices, mediums, and memories can include a cable or wireless signal containing a bit stream and the like. However, when mentioned, non-transitory computer-readable storage media expressly exclude media such as energy, carrier signals, electromagnetic waves, and signals per se.

[0133] Methods according to the above-described examples can be implemented using computer-executable instructions that are stored or otherwise available from computer readable media. Such instructions can comprise, for example, instructions and data which cause or otherwise configure a general-purpose computer, special purpose computer, or special purpose processing device to perform a certain function or group of functions. Portions of computer resources used can be accessible over a network. The computer executable instructions may be, for example, binaries, intermediate format instructions such as assembly language, firmware, or source code. Examples of computer-readable media that may be used to store instructions, information used, and / or information created during35321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 methods according to described examples include magnetic or optical storage, flash memory, USB devices provided with non-volatile memory, networked storage devices, and so on.

[0134] Devices implementing methods according to these disclosures can comprise hardware, firmware and / or software, and can take any of a variety of form factors. Typical examples of such form factors include laptops, smart phones, small form factor personal computers, personal digital assistants, rackmount devices, standalone devices, and so on. Functionality described herein also can be embodied in peripherals or add-in cards. Such functionality can also be implemented on a circuit board among different chips or different processes executing in a single device, by way of further example.

[0135] The instructions, media for conveying such instructions, computing resources for executing them, and other structures for supporting such computing resources are means for providing the functions described in these disclosures.

[0136] Although a variety of examples and other information was used to explain aspects within the scope of the appended claims, no limitation of the claims should be implied based on particular features or arrangements in such examples, as one of ordinary skill would be able to use these examples to derive a wide variety of implementations. Further and although some subject matter may have been described in language specific to examples of structural features and / or method steps, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to these described features or acts. For example, such functionality can be distributed differently or performed in components other than those identified herein. Rather, the described features and steps are disclosed as examples of components of systems and methods within the scope of the appended claims.36321774853.3

Claims

PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1CLAIMSWhat is claimed is:1 . A computer implemented method for cloning cloud resources, the method comprising: receiving, at a computer interface, a cloning request for cloning a requested cloud resource; extracting a set of operational data based on the cloning request and the requested cloud resource; selecting, based on the extracted set of operational cloning data, a set of cloning operations; deploying the selected set of cloning operations to generate a cloned cloud resource of the requested cloud resource; deploying a set of post-cloning operations performed on the cloned cloud resource that are selected based on the operational cloning data and associated with a resource type of the requested cloud resource; transmitting a notification to the computer interface indicating a status of the cloning request; and providing, in response to a successful completion of the set of post-cloning operations, access to the cloned cloud resource.

2. The computer implemented method of Claim 1 , wherein receiving the cloning request comprises receiving any one or a combination of a set of cloning parameters comprising: the resource type of the requested cloud resource; a restore point of the requested cloud resource within a defined period; or a target availability zone for the cloned cloud resource.

3. The computed implemented method of Claim 2, wherein selecting the set of cloning operations comprises selecting a cloning operation that corresponds to any one or a combination of the set of cloning parameters comprising: the resource type; the restore point within the defined period; or the target available zone.

4. The method of Claim 3, wherein the requested cloud resource comprises a compute resource and / or a storage resource.37321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO15. The computer implemented method of Claim 4, wherein the set of cloning operations deployed to generate the cloned cloud resource comprises: restoring data from a selected restore point to a restored data storage; moving the restored data storage to the target availability zone linked with a target non-production cloud resource; and attaching the restored data storage to the target non-production cloud resource.

6. The computer implemented method of Claim 5, wherein the set of cloning operations deployed to generate the cloned cloud resource comprises selecting a target storage type of the restored data storage.

7. The computer implemented method of Claim 1 , wherein the deployed set of postcloning operations performed on the cloned cloud resource comprises any one or a combination of cleaning sensitive data from the cloned cloud resource, adjusting a configuration of the cloned cloud resource, disabling scheduled tasks, disabling applicationspecific operations, or using post-cloning instructions.

8. The computer implemented method of Claim 1 , wherein a set of post-cloning operations are selected based on an artificial intelligence (Al) process model.

9. The computer implemented method of Claim 8, wherein the Al process model is trained based on an output of the post-cloning operations and any other data received during the cloning operation.

10. The computer implemented method of Claim 1 , comprising continuously monitoring and updating the status of the cloning request.

11. The computer implemented method of Claim 10, comprising in response to detecting an issue associated with the status of the cloning request, wherein transmitting the notification to the computer interface indicating the status of the cloning request comprises requesting additional information related to the cloning request at the computer interface.

12. A system for cloning cloud resources, the system comprising: a self-service interface configured to receive a cloning request for cloning a requested cloud resource; a cloning engine configured to:38321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 select a set of cloning operations based on the cloning request received by the self- service interface; and issue the set of cloning operations to a cloud service provider to generate a cloned cloud resource of the requested cloud resource; a post-cloning engine configured to: select a set of post-cloning operations based on the cloning request received by the self-service interface; and deploy the set of post cloning operations to modify a configuration of the cloned cloud resource and selectively remove data from the cloned cloud resource; and a checkpoint system configured to: monitor a status of the cloning request; and issue a notification indicating the status of the cloning request at the self- service interface.

13. The system of claim 12, wherein the requested cloud resource comprises a source production cloud resource and the cloned cloud resource is a target non-production cloud resource, and wherein the set of cloning instructions issued by the cloning engine are configured to: initiate a backup restoration of data corresponding to the source production cloud resource to a restored data storage; relocate the restored data storage to an availability zone corresponding to the target non-production cloud resource; and attach the restored data storage to the target non-production cloud resource.

14. The system of Claim 13, comprising a policy compliance module to restrict data flow to non-production environments to maintain production data integrity.

15. The system of claim 14, wherein the policy compliance module is configured to enforce policy frameworks to manage data security and prevent segregation of duties violations.

16. The system of claim 12, wherein the cloning engine and the post-cloning engine comprise cloud-agnostic components to facilitate compatibility with multiple cloud service providers.

17. The system of claim 12, wherein the checkpoint system is further configured to: detect an issue associated with the status of the cloning request;39321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 request additional information related to the cloning request at the self-service interface; and resume the cloning request based on receiving the additional information at the self- service interface.

18. The system of claim 12, wherein the cloning engine is configured to: extract a set of operational data based on the cloning request and the requested cloud resource; and select the set of cloning operations based on the extracted set of operational data.

19. The system of claim 12, wherein the cloning request comprises any one or a combination of a set of cloning parameters comprising: a resource type of the requested cloud resource; a restore point of the requested cloud resource within a defined period; or a target availability zone for the cloned cloud resource.

20. The system of claim 19, wherein the cloning engine is configured to select a cloning operation that corresponds to any one or a combination of the set of cloning parameters comprising: the resource type; the restore point; or the target available zone.

21. The system of claim 12, wherein the cloning engine comprises an artificial intelligence (Al) process model configured to select the set of post-cloning operations.

22. The system of claim 21, wherein the Al process model is trained based on an output of the post-cloning operations and any other data received during the cloning operation.

23. A computer-readable medium comprising instructs executable by a processor to: receive a cloning request for cloning a requested cloud resource; extract a set of operational data based on the cloning request and the requested cloud resource; select, based on the extracted set of operational cloning data, a set of cloning operations; deploy the selected set of cloning operations to generate a cloned cloud resource of the requested cloud resource;40321774853.3PCT / US24 / 60975 19 December 2024 (19.12.2024)Attorney Docket No. 241774PCT / P101085WOUO1 deploy a set of post-cloning operations performed on the cloned cloud resource that are selected based on the set of operational cloning data and associated with a resource type of the requested cloud resource; transmit a notification indicating a status of the cloning request; and provide, in response to a successful completion of the set of post-cloning operations, access to the cloned cloud resource.41321774853.3