Skip to content

Cloud Core Concepts

From AWS Re/Start (2025) and the computing model ILT.

Ultra-Short Summary

Cloud computing is renting compute, storage, and networking from someone else's data centre — paying per use instead of owning hardware. Understanding why cloud exists requires understanding what came before it (physical servers, virtualisation) and what problem cloud actually solves (capital cost, scalability, speed of provisioning).

The Computing Stack (From the Bottom Up)

Everything in cloud builds on these layers:

1. Physics
   Electricity flips transistors (switches)
   Switches form 0/1 bits
   Bit patterns form instructions
   Nothing above is magic — it's fast, structured electricity

2. Hardware
   CPU  → runs instructions (everything you write becomes CPU instructions)
   RAM  → fast, temporary workspace (lost on power-off)
   Disk → slow, persistent storage (SSD/HDD/S3 "behind the scenes")
   NIC  → sends bytes to another machine

3. Operating System
   Traffic controller doing 4 jobs:
   → Run processes
   → Allocate memory
   → Read/write storage
   → Send network packets
   Linux runs 99% of cloud servers: simple, predictable, efficient

4. Virtualisation
   Hypervisor sits between OS and hardware
   Divides one physical server into many virtual machines (VMs)
   Each VM thinks it has dedicated hardware
   AWS Nitro took this further: dedicated hardware cards handle the hypervisor

5. Application
   Apps = input → logic → output
   Every language (Python, Go, Java) compiles down to CPU instructions

6. Cloud
   A giant warehouse of computers someone else manages
   You get building blocks via API: compute, storage, networking, databases, ML

Why Cloud Exists — The Problem It Solved

Before cloud (on-premises):

Want to launch a new service?
→ Order servers (weeks)
→ Wait for delivery (weeks)
→ Install in data centre (days)
→ Configure OS, networking (days)
→ Finally deploy your app
Total: months, large upfront cost (CAPEX)

With cloud:

Want to launch a new service?
→ Call the AWS API
→ Running in seconds
Total: minutes, pay-as-you-go (OPEX)

This is the core business value of cloud.

CAPEX vs OPEX

Model What It Is Cloud Equivalent
CAPEX Capital expenditure — buy hardware upfront On-premises servers
OPEX Operational expenditure — pay as you use AWS monthly bill

Cloud shifts spend from unpredictable large capital purchases to predictable operational costs that scale with usage.

The 6 Cloud Benefits (AWS Framework)

  1. Trade fixed expense for variable expense — pay only for what you use
  2. Benefit from massive economies of scale — AWS buys hardware cheaper than any single company
  3. Stop guessing capacity — scale up/down on demand
  4. Increase speed and agility — minutes to deploy vs weeks for physical
  5. Stop spending money on data centre operations — AWS handles the physical layer
  6. Go global in minutes — deploy to regions worldwide with one API call

Service Models

IaaS  (Infrastructure as a Service)
  You manage: OS, runtime, apps, data
  AWS manages: hardware, virtualisation, networking
  Example: EC2

PaaS  (Platform as a Service)
  You manage: apps, data
  AWS manages: everything below
  Example: Elastic Beanstalk, RDS

SaaS  (Software as a Service)
  You manage: configuration only
  AWS manages: everything
  Example: WorkMail, Chime

More control ←————————————————→ Less control
     IaaS          PaaS          SaaS
      EC2       Beanstalk      WorkMail

Deployment Models

Model What It Is Use Case
Public Cloud Resources on AWS shared infrastructure Most workloads
Private Cloud Cloud-like infra owned by the company Strict compliance/data residency
Hybrid Mix of on-premises + public cloud Gradual migration, latency needs
Multi-cloud Multiple cloud providers Vendor independence, best-of-breed

The Shared Responsibility Model

One of the most important concepts in cloud security:

AWS is responsible for security OF the cloud:
  → Physical data centres (locks, guards, power)
  → Hardware (servers, networking gear)
  → Virtualisation layer (Hypervisor / Nitro)
  → Global infrastructure (regions, AZs)

Customer is responsible for security IN the cloud:
  → Data (encryption at rest and in transit)
  → IAM (who has access to what)
  → OS patching (on EC2)
  → Network configuration (VPC, Security Groups)
  → Application security (your code)

It shifts by service:

EC2 (IaaS) → you own the OS, middleware, app security
RDS (PaaS) → AWS manages OS + DB engine patching, you own data + access
S3 (Object) → AWS manages the infrastructure, you manage access policies
Lambda (Serverless) → AWS manages runtime, you manage code + config

AWS Global Infrastructure

Region
  → A geographic area (e.g. ap-southeast-2 = Sydney)
  → Isolated — a failure in one region doesn't affect others
  → Contains 3+ Availability Zones

Availability Zone (AZ)
  → One or more discrete data centres in the region
  → Low-latency links to other AZs in the same region
  → Isolated from each other (separate power, cooling, networking)
  → Design for HA: spread across at least 2 AZs

Edge Location
  → Points of presence globally for CloudFront CDN
  → Much more numerous than regions (~400+ vs ~30+ regions)
  → Cache content close to end users

EC2 Pricing Models (Cloud Economics)

Model Commitment Discount Best For
On-Demand None 0% Dev/test, unpredictable
Reserved 1 or 3 years Up to 72% Steady-state production
Savings Plans 1 or 3 years (flexible) Up to 66% Mixed workloads
Spot None (can be interrupted) Up to 90% Batch, fault-tolerant
Dedicated Host Optional Compliance, BYOL

Mental Model

Cloud = electricity → transistors → CPU → OS → virtualisation → API

AWS took the "IT department" and turned it into an API.
Instead of "we need a server" → purchase order → delivery → setup
You call:  aws ec2 run-instances ...  and it's running in 30 seconds.

The business value is speed and variable cost.
The technical value is managed infrastructure and global scale.

Self-Quiz

  1. What are the 4 things an OS does?
  2. What's the difference between CAPEX and OPEX? Which does cloud use?
  3. EC2 vs RDS vs Lambda — how does the shared responsibility model shift between them?
  4. What's an Availability Zone and why does it matter for HA design?
  5. Your company needs to run some workloads on-premises due to latency. What model is this?
  6. What's the difference between a Region and an Edge Location?
  7. "It works on my machine." How does cloud + containers solve this?
  8. Why can AWS offer infrastructure cheaper than most companies building on-premises?