4 min read
On this page

Cloud Computing Fundamentals

NIST Definition

The National Institute of Standards and Technology defines cloud computing through five essential characteristics:

  1. On-demand self-service - Provision resources without human interaction with provider
  2. Broad network access - Available over the network via standard mechanisms
  3. Resource pooling - Multi-tenant model with dynamic assignment of resources
  4. Rapid elasticity - Scale out/in quickly, appearing unlimited to the consumer
  5. Measured service - Metered usage with pay-per-use billing transparency

Service Models

Cloud Service Models: IaaS, PaaS, SaaS, FaaS Stack

Infrastructure as a Service (IaaS)

Provides virtualized computing resources over the internet. The consumer manages OS, storage, and applications.

| Provider | Service | Description | |----------|---------|-------------| | AWS | EC2 | Virtual servers with instance type families | | GCP | Compute Engine | VMs with per-second billing | | Azure | Virtual Machines | Windows/Linux VMs with hybrid benefit |

Platform as a Service (PaaS)

Provides a platform for developing, running, and managing applications without infrastructure complexity.

  • AWS Elastic Beanstalk - Deploy and scale web apps
  • Google App Engine - Fully managed serverless platform
  • Azure App Service - Build and host web apps
  • Heroku - Developer-focused PaaS with buildpacks

Software as a Service (SaaS)

Complete applications delivered over the internet. Users consume the software; the provider manages everything.

Examples: Gmail, Salesforce, Slack, Microsoft 365, Snowflake.

Function as a Service (FaaS)

Event-driven, ephemeral compute that executes single-purpose functions.

Event Source → Function Invocation → Response
   (S3 upload)    (resize image)      (save thumbnail)
  • AWS Lambda, Google Cloud Functions, Azure Functions
  • Pay only for execution time (per-millisecond billing)
  • No server management, automatic scaling to zero

Deployment Models

Public Cloud

Resources owned and operated by a third-party provider, delivered over the internet.

  • Advantages: No upfront cost, global scale, managed services
  • Concerns: Data sovereignty, vendor lock-in, shared tenancy

Private Cloud

Cloud infrastructure operated solely for a single organization, on-premises or hosted.

  • OpenStack - Open-source private cloud platform
  • VMware vSphere - Enterprise virtualization
  • Use cases: Regulated industries, data-sensitive workloads

Hybrid Cloud

Combines public and private clouds with orchestration between them.

┌──────────────┐     ┌──────────────┐
│ Private Cloud│◄───►│ Public Cloud  │
│ (sensitive   │ VPN │ (burst       │
│  workloads)  │     │  capacity)   │
└──────────────┘     └──────────────┘
  • AWS Outposts - AWS infrastructure on-premises
  • Azure Arc - Manage resources across environments
  • Anthos - Google's hybrid/multi-cloud platform

Multi-Cloud

Using multiple public cloud providers simultaneously.

  • Motivation: Avoid vendor lock-in, best-of-breed services, resilience
  • Challenges: Operational complexity, data transfer costs, skill requirements
  • Tools: Terraform, Pulumi, Crossplane for cross-cloud abstraction

Shared Responsibility Model

┌─────────────────────────────────────────────────────────┐
│                    Customer Responsibility               │
│  IaaS: OS, apps, data, networking, access control       │
│  PaaS: Apps, data, access control                       │
│  SaaS: Data, access control                             │
├─────────────────────────────────────────────────────────┤
│                    Provider Responsibility               │
│  Physical security, network infrastructure, hypervisor  │
│  Hardware, facilities, global infrastructure            │
└─────────────────────────────────────────────────────────┘

The dividing line shifts upward as you move from IaaS to SaaS:

| Layer | IaaS | PaaS | SaaS | |-------|------|------|------| | Data | Customer | Customer | Customer | | Application | Customer | Customer | Provider | | Runtime | Customer | Provider | Provider | | OS | Customer | Provider | Provider | | Virtualization | Provider | Provider | Provider | | Hardware | Provider | Provider | Provider |

Cloud Economics

OpEx vs CapEx

| Aspect | CapEx (Traditional) | OpEx (Cloud) | |--------|-------------------|--------------| | Cost model | Large upfront investment | Pay-as-you-go | | Depreciation | Assets depreciate over time | No asset ownership | | Flexibility | Locked into hardware cycles | Scale on demand | | Risk | Over/under-provisioning | Right-sizing possible | | Tax treatment | Capitalized, amortized | Operating expense |

Total Cost of Ownership (TCO)

TCO analysis must account for hidden on-premises costs:

  • Direct: Hardware, software licenses, power, cooling, floor space
  • Indirect: IT staff, training, downtime, opportunity cost
  • Cloud-specific: Data egress fees, reserved vs on-demand pricing, support tiers

Cost Optimization Strategies

  1. Reserved Instances / Savings Plans - 30-72% discount for 1-3 year commitments
  2. Spot / Preemptible Instances - Up to 90% discount for interruptible workloads
  3. Right-sizing - Match instance types to actual utilization
  4. Auto-scaling - Scale to zero during off-hours
  5. Storage tiering - Move infrequently accessed data to cheaper classes

Regions and Availability Zones

Regions

Geographically distinct locations, each containing multiple data centers.

  • Selection criteria: Latency to users, data residency laws, service availability, pricing
  • AWS: 30+ regions, GCP: 40+ regions, Azure: 60+ regions

Availability Zones (AZs)

Isolated data centers within a region, connected by low-latency links.

Region: us-east-1
├── AZ: us-east-1a  ─── Data Center(s)
├── AZ: us-east-1b  ─── Data Center(s)
├── AZ: us-east-1c  ─── Data Center(s)
└── AZ: us-east-1d  ─── Data Center(s)

Each AZ has independent power, cooling, and networking.
Cross-AZ latency: < 2ms

High Availability Design

  • Deploy across multiple AZs for fault tolerance within a region
  • Deploy across multiple regions for disaster recovery
  • Use global load balancing for geo-routing users to nearest region

Edge Locations

Points of presence (PoPs) for content delivery and edge computing.

  • CDN: CloudFront (200+ edge locations), Cloud CDN, Azure CDN
  • Edge compute: Lambda@Edge, CloudFront Functions, Cloudflare Workers

Key Takeaways

  • Cloud computing is defined by on-demand, elastic, metered resource delivery
  • Service models (IaaS/PaaS/SaaS/FaaS) represent increasing abstraction levels
  • The shared responsibility model defines who secures what
  • Cloud economics favor OpEx flexibility over CapEx rigidity
  • Multi-AZ and multi-region architectures provide resilience at different scales