Cloud Computing Deep Dive — Cloud Certifications

Christmas Day, 2012: 33 million people hit "play" — and nothing happened

It was December 24th. Families across the US had just unwrapped shiny new streaming devices. Kids wanted to watch Elf. Parents wanted The Crown. Grandma wanted her murder mysteries. At 1 p.m. Eastern, Netflix usage spiked harder than it ever had before.

And then — nothing. Error screens. Spinning wheels. An endless void where movies should have been.

The culprit? A single outage at Amazon Web Services, the cloud infrastructure Netflix runs on. One misconfigured load balancer at AWS took down the Elastic Load Balancing service in the US-East region. Netflix, along with dozens of other companies, went dark. 33 million subscribers sat staring at error messages on Christmas Eve.

The incident lasted hours. Netflix engineers scrambled. Amazon engineers scrambled harder. By morning, everything was back — but the lesson was burned into every CTO on the planet: the cloud gives you superpowers, and those superpowers come with a single point of failure you do not control.

This module goes deep. If you already read our introductory cloud module, buckle up — we are going beneath the surface.

94%of enterprises use cloud services (Flexera, 2023)

600B+global cloud market in USD (Gartner, 2024)

33MNetflix subscribers affected on Christmas Eve 2012

Cloud service models: the pizza analogy you will never forget

You already know the cloud has three service models — IaaS, PaaS, SaaS. But most explanations stop at definitions. Lets go deeper with a pizza analogy that makes the differences stick.

Scenario: you want pizza for dinner tonight.

Option	What you do	What someone else does	Cloud equivalent
Make at home (Traditional IT)	Buy flour, tomatoes, cheese. Make dough. Build an oven. Cook. Clean up.	Nothing. You handle everything.	On-premises data centre
Take and bake (IaaS)	Buy a pre-made pizza from the store. Take it home. Cook it in your oven.	The store made the dough and added toppings.	AWS EC2, Azure VMs
Pizza delivery (PaaS)	Order on an app. Open the box when it arrives. Maybe add red pepper flakes.	The restaurant makes the pizza, cooks it, and delivers it.	AWS Elastic Beanstalk, Heroku, Google App Engine
Dine in (SaaS)	Walk into a restaurant. Sit down. Eat. Leave.	The restaurant handles the ingredients, cooking, serving, dishes, and cleanup.	Gmail, Slack, Salesforce

The further right you go in that table, the more you give up control — but the less work you do. Most businesses pick the model that lets them focus on what they are actually good at.

🔑The control-convenience tradeoff

IaaS gives you maximum control but maximum responsibility. SaaS gives you maximum convenience but minimum customisation. PaaS sits in the sweet spot for most developers — you write the code, the platform handles everything else. Pick the model that matches your team size and expertise.

Concrete examples of each model:

IaaS (Infrastructure as a Service) — You rent raw virtual machines, storage, and networking. You install the OS, configure the firewall, deploy the app. Examples: AWS EC2, Google Compute Engine, Azure Virtual Machines. Best for: teams that need full control over their stack.

PaaS (Platform as a Service) — You push code, the platform handles servers, scaling, and deployment. Examples: AWS Elastic Beanstalk, Heroku, Google App Engine, Cloudflare Workers. Best for: developers who want to ship fast without managing infrastructure.

SaaS (Software as a Service) — You open a browser and use a finished product. Examples: Gmail, Salesforce, Notion, Figma, Slack. Best for: everyone. You already use SaaS daily.

There Are No Dumb Questions

"If SaaS is easiest, why would anyone choose IaaS?"

Because SaaS is a finished product someone else built. If you need to build your own product — say, a custom video streaming platform — Gmail is not going to help you. You need raw computing power (IaaS) or a deployment platform (PaaS) to build your own thing. SaaS is for using software. IaaS and PaaS are for building software.

"Where does serverless fit in?"

Serverless (like AWS Lambda or Cloudflare Workers) is a flavour of PaaS taken to the extreme. You write a single function, upload it, and the cloud runs it only when someone triggers it. No servers, no scaling decisions, no idle costs. You pay per execution — literally per millisecond of compute time.

⚡

Pizza Model Match-Up

25 XP

Match each real-world scenario to the correct cloud service model — **IaaS**, **PaaS**, or **SaaS**: 1. A data scientist spins up a powerful virtual machine on AWS, installs Python and TensorFlow, and trains a machine learning model overnight. --> ___ 2. A marketing team uses HubSpot through their browser to manage email campaigns. --> ___ 3. A startup pushes their Node.js code to Heroku and the platform handles deployment, scaling, and SSL certificates. --> ___ 4. A finance team uses Google Sheets to build budget forecasts collaboratively. --> ___ 5. An engineering team configures virtual networking, firewalls, and load balancers on Azure to run a custom microservices architecture. --> ___ *Hint: If you are just using a finished app in a browser, it is SaaS. If you are writing code and pushing it to a platform that handles the rest, it is PaaS. If you are managing virtual machines and infrastructure yourself, it is IaaS.*

Deployment models: public, private, hybrid, and multi-cloud

Service models tell you what the cloud provides. Deployment models tell you where it lives and who can use it.

Deployment	What it means	Best for	Example
Public cloud	Shared infrastructure run by a provider, available to anyone who pays	Startups, most businesses, anyone who wants low cost and fast setup	AWS, Azure, Google Cloud
Private cloud	Dedicated infrastructure for one organisation, either on-premises or hosted	Banks, hospitals, government agencies with strict data regulations	A hospital running OpenStack in its own data centre
Hybrid cloud	Mix of public and private — sensitive workloads on private, everything else on public	Large enterprises balancing compliance with flexibility	A bank using private cloud for customer data, public cloud for its website
Multi-cloud	Using multiple public cloud providers simultaneously	Companies that want to avoid vendor lock-in or use best-of-breed services	Netflix on AWS for compute, Google Cloud for analytics, Azure for Active Directory

✗ Without AI

✗Simpler to manage
✗One bill, one console, one team
✗Risk: vendor lock-in
✗Risk: single provider outage takes you down

✓ With AI

✓Reduces vendor lock-in
✓Best-of-breed services from each provider
✓More complex to manage
✓Requires expertise across multiple platforms

When does each make sense?

Public cloud: You are a startup. You have no data centre. You want to launch next week. Use public cloud.
Private cloud: You are a defence contractor. Your data literally cannot leave a government-certified facility. Build private.
Hybrid: You are a large retailer. Customer payment data stays on your private cloud for PCI compliance, but your marketing website and analytics run on AWS. Hybrid.
Multi-cloud: You are a Fortune 500 company. You run core workloads on AWS, data warehousing on Google BigQuery, and Office 365 on Azure. That is multi-cloud, and 87% of enterprises do it (Flexera, 2023).

Cloud economics: why CFOs love (and fear) the cloud

Before the cloud, buying computing power was like buying a house. After the cloud, it became like renting an apartment. That shift from CapEx to OpEx changed how every company budgets for technology.

Term	What it means	Traditional IT	Cloud
CapEx (Capital Expenditure)	Big upfront purchases that depreciate over time	Buy $500K of servers, depreciate over 5 years	Rarely applies
OpEx (Operating Expenditure)	Ongoing monthly/yearly expenses	Electricity, IT staff salaries	Monthly cloud bill — pay for what you use

The three pricing models you need to know:

On-demand (pay-as-you-go) — The default. Use a server for 3 hours, pay for 3 hours. Like a taxi meter. Most expensive per hour, but zero commitment. AWS EC2 on-demand pricing starts around $0.01/hour for a small instance.

Reserved instances — Commit to 1-3 years of usage upfront in exchange for 30-72% discounts. Like signing a lease on an apartment instead of paying nightly hotel rates. Great when your workload is predictable.

Spot instances — Bid on unused cloud capacity at up to 90% discount. The catch? The provider can reclaim your instance with 2 minutes notice. Like flying standby — cheap but unpredictable. Perfect for batch processing, data analysis, and anything that can be interrupted.

There Are No Dumb Questions

"Does the cloud always save money?"

No. The cloud saves money when your workload is variable (spiky traffic, seasonal demand) or when you are starting small. But if you run the same servers 24/7 for years, on-premises can be cheaper. Dropbox famously saved $75 million over two years by moving off AWS and building their own data centres (Dropbox S-1 Filing, 2018). The breakeven point depends on scale, predictability, and whether you have the team to manage hardware.

"What is cloud cost overrun?"

The cloud makes it very easy to spin up resources and very easy to forget to turn them off. A developer runs a test on a large instance, forgets about it, and the company gets a $50,000 bill next month. This happens constantly. Gartner estimates that up to 30% of cloud spending is wasted on unused or underutilised resources.

30%of cloud spend is wasted (Gartner, 2023 estimate)

72%max savings with reserved instances vs on-demand

90%max savings with spot instances vs on-demand

Core cloud services: the building blocks

Every cloud provider offers hundreds of services. But they all boil down to four categories. Think of these as the four food groups of cloud computing.

Compute — the brains

Compute is the processing power that runs your code. Three flavours:

Type	What it is	When to use it	Example services
Virtual machines	A full computer in the cloud. You pick the OS, CPU, memory.	Long-running applications, databases, legacy software	AWS EC2, Azure VMs, Google Compute Engine
Containers	Lightweight, portable packages that include your app and everything it needs to run.	Microservices, CI/CD pipelines, consistent dev-to-prod environments	AWS ECS, Google Kubernetes Engine, Azure Container Apps
Serverless	You upload a function. The cloud runs it when triggered. No server to manage.	Event-driven tasks, APIs, lightweight processing	AWS Lambda, Cloudflare Workers, Azure Functions

Storage — the memory

Type	What it is	When to use it	Example services
Object storage	Store any file (images, videos, backups) as objects with metadata. Infinitely scalable.	Media files, backups, data lakes, static website hosting	AWS S3, Azure Blob Storage, Google Cloud Storage
Block storage	High-performance storage that acts like a hard drive attached to a VM.	Databases, high-performance applications	AWS EBS, Azure Managed Disks
File storage	Shared file systems multiple servers can access simultaneously.	Shared content, legacy applications that need a file system	AWS EFS, Azure Files

Networking — the plumbing

VPC (Virtual Private Cloud) — Your own isolated network in the cloud. Like having your own private floor in a shared office building.
Load balancers — Distribute traffic across multiple servers so no single server gets overwhelmed. The thing that failed in the Netflix Christmas outage.
CDN (Content Delivery Network) — Cache your content on servers worldwide so users in Tokyo get your website as fast as users in New York. CloudFront, Cloudflare, Akamai.

Databases — the organised memory

Type	Best for	Example services
Relational (SQL)	Structured data with relationships — orders, users, products	AWS RDS, Azure SQL, Google Cloud SQL
NoSQL / Document	Flexible schemas, high-speed reads/writes — user profiles, IoT data	AWS DynamoDB, Azure Cosmos DB, Google Firestore
In-memory	Caching, real-time leaderboards, session storage	AWS ElastiCache (Redis), Azure Cache

⚡

Pick the Right Cloud Service

25 XP

For each scenario, choose the most appropriate cloud service type: 1. A social media app needs to store 50 million user-uploaded photos cheaply and reliably. --> ___ 2. A gaming company needs sub-millisecond response times for their real-time leaderboard. --> ___ 3. An e-commerce site needs to run a function that resizes product images every time a seller uploads one — but only when uploads happen. --> ___ 4. A machine learning team needs powerful virtual machines with GPUs to train models for 3 days, then shut everything down. --> ___ *Hint: Think about what each service type is optimised for. Photos at scale = object storage. Real-time speed = in-memory database. Triggered functions = serverless. Temporary heavy compute = VMs (bonus: spot instances would save money here).*

Cloud reliability: regions, availability zones, and the nines

Remember the Netflix outage? It happened because the failure was concentrated in a single AWS region (US-East-1). Understanding how cloud providers architect for reliability will help you understand both why outages happen and why they are actually rare.

Regions and Availability Zones:

Region = a geographic area (e.g., Northern Virginia, London, Tokyo). Each region has multiple data centres.
Availability Zone (AZ) = a physically separate data centre within a region, with its own power, cooling, and networking. If one AZ floods, the others keep running.

The "nines" of uptime — and why they matter more than you think:

SLA	Uptime %	Allowed downtime per year	Allowed downtime per month
Two nines	99%	3 days, 15 hours	7 hours, 18 minutes
Three nines	99.9%	8 hours, 46 minutes	43 minutes
Four nines	99.99%	52 minutes	4 minutes, 23 seconds
Five nines	99.999%	5 minutes, 15 seconds	26 seconds

The difference between 99.9% and 99.99% sounds tiny — just one decimal place. But it is the difference between 8 hours of downtime per year and 52 minutes of downtime per year. For a payment processing system handling millions of dollars per hour, those 7 extra hours of downtime could cost tens of millions.

⚠️SLAs are promises, not guarantees

A 99.99% SLA means the provider commits to that level of uptime — and gives you service credits (partial refunds) if they miss it. But a credit on your cloud bill does not compensate for the revenue you lost during the outage. SLAs protect your wallet. Disaster recovery architecture protects your business.

Disaster recovery strategies (from cheapest to most resilient):

The shared responsibility model: who secures what?

This is the concept that trips up most newcomers to cloud. When you move to the cloud, security is not entirely your problem — but it is not entirely the provider's problem either. It is shared.

✗ Without AI

✗Physical data centre security (guards, locks, cameras)
✗Hardware maintenance and replacement
✗Network infrastructure and DDoS protection
✗Hypervisor and virtualisation layer
✗Compliance certifications (SOC 2, ISO 27001)

✓ With AI

✓Your data and how it is encrypted
✓Identity and access management (who can log in)
✓Application-level security (your code)
✓Network configuration (firewall rules, VPCs)
✓Operating system patches (on IaaS)

Think of it like renting an apartment. The landlord secures the building — locks on the front door, security cameras in the lobby, fire alarms. But if you leave your apartment door unlocked and your laptop on the kitchen table, that is on you.

The most common cloud security breaches are not providers getting hacked. They are customers misconfiguring their own settings — leaving an S3 bucket public, using weak passwords, or giving too many people admin access.

There Are No Dumb Questions

"So if I use SaaS, do I have zero security responsibility?"

Less, but not zero. With SaaS, the provider handles almost everything — but you still control who has access (user accounts and passwords), what data you put into the system, and how you integrate it with other tools. If you give every employee admin access to your CRM, that is your problem, not Salesforce's.

"What is the number one cloud security mistake companies make?"

Overly permissive access. The principle of least privilege says every user and every service should have only the minimum permissions needed to do their job. In practice, teams give broad access because it is easier — and then a compromised credential exposes everything.

Why certifications matter: the career case for cloud knowledge

This is a cloud certifications track, so let us talk about why you are here. Cloud certifications are not just resume decorations. They are one of the clearest signals you can send to employers about your technical competence.

70%of IT pros expected to hold cloud certs (Global Knowledge, 2024)

15%average salary premium for certified cloud pros vs non-certified (Global Knowledge)

3M+AWS certifications issued worldwide

The major cloud certifications, ranked by difficulty:

Cert	Provider	Level	Who it is for
AWS Cloud Practitioner	Amazon	Foundational	Anyone — business, sales, managers, new to cloud
AZ-900	Microsoft	Foundational	Anyone wanting Azure basics
Google Cloud Digital Leader	Google	Foundational	Anyone wanting GCP basics
AWS Solutions Architect Associate	Amazon	Associate	Developers, architects designing cloud systems
AZ-104	Microsoft	Associate	Azure administrators
AWS Solutions Architect Professional	Amazon	Professional	Senior architects, 2+ years cloud experience

🔑Start foundational, go deep later

If you are new to cloud, start with AWS Cloud Practitioner or AZ-900. They cover the breadth of cloud concepts without requiring hands-on coding. Once you pass a foundational cert, the associate-level exams are where the real career value kicks in — that is where salary premiums jump significantly.

⚡

Your Cloud Architecture Decision

50 XP

You are the CTO of a mid-sized e-commerce company (500 employees, $50M annual revenue). You currently run everything on physical servers in a rented data centre. The CEO wants to move to the cloud. Your team has asked you to make decisions on: 1. **Service model:** Would you use IaaS, PaaS, or SaaS for your main e-commerce platform? What about for internal tools like email and chat? Explain your reasoning. 2. **Deployment model:** Would you go public, private, hybrid, or multi-cloud? Consider that you process credit card payments (PCI compliance required). 3. **Pricing strategy:** Your traffic is highly seasonal — 40% of annual revenue happens in November-December. Would you use on-demand, reserved, or spot instances? Could you combine them? 4. **Reliability:** What uptime SLA would you need for your checkout system? How would you architect for disaster recovery? Write out your decisions with reasoning. There are no perfect answers — the goal is to apply what you have learned.

Back to Christmas Day, 2012

After the Netflix outage, the company did not leave AWS. Instead, they became one of the most resilient cloud architectures on Earth. They built Chaos Monkey — a tool that randomly kills their own servers during business hours to make sure the system can survive failures. They deployed across multiple AWS regions so a single-region outage could never take them fully down again. They open-sourced their reliability tools so other companies could benefit.

The lesson is not "the cloud is dangerous." The lesson is that the cloud is powerful infrastructure that demands the same engineering discipline as any critical system. The companies that understand cloud deeply — its service models, its economics, its reliability architecture, its shared security model — are the ones that build on it successfully.

You now have that foundation. The rest of this track will take you from understanding to certification.

Key takeaways

Cloud service models (IaaS, PaaS, SaaS) represent a spectrum from maximum control to maximum convenience. Pick the model that matches your team and your problem.
Deployment models (public, private, hybrid, multi-cloud) determine where your infrastructure lives and who controls it. Most enterprises use hybrid or multi-cloud.
Cloud economics shifted IT from CapEx to OpEx. Pay-as-you-go is flexible but can spiral — reserved and spot instances can save 30-90%.
Core services fall into four categories: compute, storage, networking, and databases. Every cloud product is a variation on one of these.
Reliability is measured in nines. The difference between 99.9% and 99.99% is 8 hours vs 52 minutes of downtime per year. Architect across Availability Zones and regions.
Security is shared. The provider secures the infrastructure. You secure your data, your access controls, and your configuration.
Cloud certifications carry a measurable salary premium and are increasingly expected across IT roles, not just engineering.

Knowledge Check

1.A startup needs to launch a web application quickly. They have a small team of three developers who want to focus on writing code, not managing servers or infrastructure. Which cloud service model is the best fit?

2.An e-commerce company gets 40% of its annual traffic during November and December. They run baseline servers year-round. Which pricing combination would BEST optimise their cloud costs?

3.In the shared responsibility model, which of the following is the CUSTOMER's responsibility, not the cloud provider's?

4.A company's SLA guarantees 99.9% uptime. Their competitor's SLA guarantees 99.99%. How much additional downtime per year does the 99.9% SLA allow compared to 99.99%?

Christmas Day, 2012: 33 million people hit "play" — and nothing happened

And then — nothing. Error screens. Spinning wheels. An endless void where movies should have been.

This module goes deep. If you already read our introductory cloud module, buckle up — we are going beneath the surface.

94%of enterprises use cloud services (Flexera, 2023)

600B+global cloud market in USD (Gartner, 2024)

33MNetflix subscribers affected on Christmas Eve 2012

Cloud service models: the pizza analogy you will never forget

You already know the cloud has three service models — IaaS, PaaS, SaaS. But most explanations stop at definitions. Lets go deeper with a pizza analogy that makes the differences stick.

Scenario: you want pizza for dinner tonight.

Option	What you do	What someone else does	Cloud equivalent
Make at home (Traditional IT)	Buy flour, tomatoes, cheese. Make dough. Build an oven. Cook. Clean up.	Nothing. You handle everything.	On-premises data centre
Take and bake (IaaS)	Buy a pre-made pizza from the store. Take it home. Cook it in your oven.	The store made the dough and added toppings.	AWS EC2, Azure VMs
Pizza delivery (PaaS)	Order on an app. Open the box when it arrives. Maybe add red pepper flakes.	The restaurant makes the pizza, cooks it, and delivers it.	AWS Elastic Beanstalk, Heroku, Google App Engine
Dine in (SaaS)	Walk into a restaurant. Sit down. Eat. Leave.	The restaurant handles the ingredients, cooking, serving, dishes, and cleanup.	Gmail, Slack, Salesforce

The further right you go in that table, the more you give up control — but the less work you do. Most businesses pick the model that lets them focus on what they are actually good at.

🔑The control-convenience tradeoff

Concrete examples of each model:

SaaS (Software as a Service) — You open a browser and use a finished product. Examples: Gmail, Salesforce, Notion, Figma, Slack. Best for: everyone. You already use SaaS daily.

There Are No Dumb Questions

"If SaaS is easiest, why would anyone choose IaaS?"

Because SaaS is a finished product someone else built. If you need to build your own product — say, a custom video streaming platform — Gmail is not going to help you. You need raw computing power (IaaS) or a deployment platform (PaaS) to build your own thing. SaaS is for using software. IaaS and PaaS are for building software.

"Where does serverless fit in?"

Serverless (like AWS Lambda or Cloudflare Workers) is a flavour of PaaS taken to the extreme. You write a single function, upload it, and the cloud runs it only when someone triggers it. No servers, no scaling decisions, no idle costs. You pay per execution — literally per millisecond of compute time.

⚡

Pizza Model Match-Up

25 XP

Deployment models: public, private, hybrid, and multi-cloud

Service models tell you what the cloud provides. Deployment models tell you where it lives and who can use it.

Deployment	What it means	Best for	Example
Public cloud	Shared infrastructure run by a provider, available to anyone who pays	Startups, most businesses, anyone who wants low cost and fast setup	AWS, Azure, Google Cloud
Private cloud	Dedicated infrastructure for one organisation, either on-premises or hosted	Banks, hospitals, government agencies with strict data regulations	A hospital running OpenStack in its own data centre
Hybrid cloud	Mix of public and private — sensitive workloads on private, everything else on public	Large enterprises balancing compliance with flexibility	A bank using private cloud for customer data, public cloud for its website
Multi-cloud	Using multiple public cloud providers simultaneously	Companies that want to avoid vendor lock-in or use best-of-breed services	Netflix on AWS for compute, Google Cloud for analytics, Azure for Active Directory

✗ Without AI

✗Simpler to manage
✗One bill, one console, one team
✗Risk: vendor lock-in
✗Risk: single provider outage takes you down

✓ With AI

✓Reduces vendor lock-in
✓Best-of-breed services from each provider
✓More complex to manage
✓Requires expertise across multiple platforms

When does each make sense?

Public cloud: You are a startup. You have no data centre. You want to launch next week. Use public cloud.
Private cloud: You are a defence contractor. Your data literally cannot leave a government-certified facility. Build private.
Hybrid: You are a large retailer. Customer payment data stays on your private cloud for PCI compliance, but your marketing website and analytics run on AWS. Hybrid.
Multi-cloud: You are a Fortune 500 company. You run core workloads on AWS, data warehousing on Google BigQuery, and Office 365 on Azure. That is multi-cloud, and 87% of enterprises do it (Flexera, 2023).

Cloud economics: why CFOs love (and fear) the cloud

Before the cloud, buying computing power was like buying a house. After the cloud, it became like renting an apartment. That shift from CapEx to OpEx changed how every company budgets for technology.

Term	What it means	Traditional IT	Cloud
CapEx (Capital Expenditure)	Big upfront purchases that depreciate over time	Buy $500K of servers, depreciate over 5 years	Rarely applies
OpEx (Operating Expenditure)	Ongoing monthly/yearly expenses	Electricity, IT staff salaries	Monthly cloud bill — pay for what you use

The three pricing models you need to know:

There Are No Dumb Questions

"Does the cloud always save money?"

No. The cloud saves money when your workload is variable (spiky traffic, seasonal demand) or when you are starting small. But if you run the same servers 24/7 for years, on-premises can be cheaper. Dropbox famously saved $75 million over two years by moving off AWS and building their own data centres (Dropbox S-1 Filing, 2018). The breakeven point depends on scale, predictability, and whether you have the team to manage hardware.

"What is cloud cost overrun?"

The cloud makes it very easy to spin up resources and very easy to forget to turn them off. A developer runs a test on a large instance, forgets about it, and the company gets a $50,000 bill next month. This happens constantly. Gartner estimates that up to 30% of cloud spending is wasted on unused or underutilised resources.

30%of cloud spend is wasted (Gartner, 2023 estimate)

72%max savings with reserved instances vs on-demand

90%max savings with spot instances vs on-demand

Core cloud services: the building blocks

Every cloud provider offers hundreds of services. But they all boil down to four categories. Think of these as the four food groups of cloud computing.

Compute — the brains

Compute is the processing power that runs your code. Three flavours:

Type	What it is	When to use it	Example services
Virtual machines	A full computer in the cloud. You pick the OS, CPU, memory.	Long-running applications, databases, legacy software	AWS EC2, Azure VMs, Google Compute Engine
Containers	Lightweight, portable packages that include your app and everything it needs to run.	Microservices, CI/CD pipelines, consistent dev-to-prod environments	AWS ECS, Google Kubernetes Engine, Azure Container Apps
Serverless	You upload a function. The cloud runs it when triggered. No server to manage.	Event-driven tasks, APIs, lightweight processing	AWS Lambda, Cloudflare Workers, Azure Functions

Storage — the memory

Type	What it is	When to use it	Example services
Object storage	Store any file (images, videos, backups) as objects with metadata. Infinitely scalable.	Media files, backups, data lakes, static website hosting	AWS S3, Azure Blob Storage, Google Cloud Storage
Block storage	High-performance storage that acts like a hard drive attached to a VM.	Databases, high-performance applications	AWS EBS, Azure Managed Disks
File storage	Shared file systems multiple servers can access simultaneously.	Shared content, legacy applications that need a file system	AWS EFS, Azure Files

Networking — the plumbing

VPC (Virtual Private Cloud) — Your own isolated network in the cloud. Like having your own private floor in a shared office building.
Load balancers — Distribute traffic across multiple servers so no single server gets overwhelmed. The thing that failed in the Netflix Christmas outage.
CDN (Content Delivery Network) — Cache your content on servers worldwide so users in Tokyo get your website as fast as users in New York. CloudFront, Cloudflare, Akamai.

Databases — the organised memory

Type	Best for	Example services
Relational (SQL)	Structured data with relationships — orders, users, products	AWS RDS, Azure SQL, Google Cloud SQL
NoSQL / Document	Flexible schemas, high-speed reads/writes — user profiles, IoT data	AWS DynamoDB, Azure Cosmos DB, Google Firestore
In-memory	Caching, real-time leaderboards, session storage	AWS ElastiCache (Redis), Azure Cache

⚡

Pick the Right Cloud Service

25 XP

Cloud reliability: regions, availability zones, and the nines

Regions and Availability Zones:

Region = a geographic area (e.g., Northern Virginia, London, Tokyo). Each region has multiple data centres.
Availability Zone (AZ) = a physically separate data centre within a region, with its own power, cooling, and networking. If one AZ floods, the others keep running.

The "nines" of uptime — and why they matter more than you think:

SLA	Uptime %	Allowed downtime per year	Allowed downtime per month
Two nines	99%	3 days, 15 hours	7 hours, 18 minutes
Three nines	99.9%	8 hours, 46 minutes	43 minutes
Four nines	99.99%	52 minutes	4 minutes, 23 seconds
Five nines	99.999%	5 minutes, 15 seconds	26 seconds

⚠️SLAs are promises, not guarantees

Disaster recovery strategies (from cheapest to most resilient):

The shared responsibility model: who secures what?

This is the concept that trips up most newcomers to cloud. When you move to the cloud, security is not entirely your problem — but it is not entirely the provider's problem either. It is shared.

✗ Without AI

✗Physical data centre security (guards, locks, cameras)
✗Hardware maintenance and replacement
✗Network infrastructure and DDoS protection
✗Hypervisor and virtualisation layer
✗Compliance certifications (SOC 2, ISO 27001)

✓ With AI

✓Your data and how it is encrypted
✓Identity and access management (who can log in)
✓Application-level security (your code)
✓Network configuration (firewall rules, VPCs)
✓Operating system patches (on IaaS)

There Are No Dumb Questions

"So if I use SaaS, do I have zero security responsibility?"

Less, but not zero. With SaaS, the provider handles almost everything — but you still control who has access (user accounts and passwords), what data you put into the system, and how you integrate it with other tools. If you give every employee admin access to your CRM, that is your problem, not Salesforce's.

"What is the number one cloud security mistake companies make?"

Overly permissive access. The principle of least privilege says every user and every service should have only the minimum permissions needed to do their job. In practice, teams give broad access because it is easier — and then a compromised credential exposes everything.

Why certifications matter: the career case for cloud knowledge

70%of IT pros expected to hold cloud certs (Global Knowledge, 2024)

15%average salary premium for certified cloud pros vs non-certified (Global Knowledge)

3M+AWS certifications issued worldwide

The major cloud certifications, ranked by difficulty:

Cert	Provider	Level	Who it is for
AWS Cloud Practitioner	Amazon	Foundational	Anyone — business, sales, managers, new to cloud
AZ-900	Microsoft	Foundational	Anyone wanting Azure basics
Google Cloud Digital Leader	Google	Foundational	Anyone wanting GCP basics
AWS Solutions Architect Associate	Amazon	Associate	Developers, architects designing cloud systems
AZ-104	Microsoft	Associate	Azure administrators
AWS Solutions Architect Professional	Amazon	Professional	Senior architects, 2+ years cloud experience

🔑Start foundational, go deep later

⚡

Your Cloud Architecture Decision

50 XP

Back to Christmas Day, 2012

You now have that foundation. The rest of this track will take you from understanding to certification.

Key takeaways

Cloud service models (IaaS, PaaS, SaaS) represent a spectrum from maximum control to maximum convenience. Pick the model that matches your team and your problem.
Deployment models (public, private, hybrid, multi-cloud) determine where your infrastructure lives and who controls it. Most enterprises use hybrid or multi-cloud.
Cloud economics shifted IT from CapEx to OpEx. Pay-as-you-go is flexible but can spiral — reserved and spot instances can save 30-90%.
Core services fall into four categories: compute, storage, networking, and databases. Every cloud product is a variation on one of these.
Reliability is measured in nines. The difference between 99.9% and 99.99% is 8 hours vs 52 minutes of downtime per year. Architect across Availability Zones and regions.
Security is shared. The provider secures the infrastructure. You secure your data, your access controls, and your configuration.
Cloud certifications carry a measurable salary premium and are increasingly expected across IT roles, not just engineering.

Knowledge Check

2.An e-commerce company gets 40% of its annual traffic during November and December. They run baseline servers year-round. Which pricing combination would BEST optimise their cloud costs?

3.In the shared responsibility model, which of the following is the CUSTOMER's responsibility, not the cloud provider's?

4.A company's SLA guarantees 99.9% uptime. Their competitor's SLA guarantees 99.99%. How much additional downtime per year does the 99.9% SLA allow compared to 99.99%?