Cloud Concepts
Cloud Service Models
// Infrastructure as a Service (IaaS)
- Virtualized computing resources over the internet
- Examples: AWS EC2, Azure VMs, Google Compute Engine
- You manage: Applications, Data, Runtime, Middleware, OS
- Provider manages: Virtualization, Servers, Storage, Networking
// Platform as a Service (PaaS)
- Platform for developing and deploying applications
- Examples: AWS Elastic Beanstalk, Azure App Service, Google App Engine
- You manage: Applications and Data
- Provider manages: Runtime, Middleware, OS, Virtualization, Servers, Storage, Networking
// Software as a Service (SaaS)
- Software applications over the internet
- Examples: Gmail, Office 365, Salesforce
- You manage: Nothing (just use the software)
- Provider manages: Everything
- Virtualized computing resources over the internet
- Examples: AWS EC2, Azure VMs, Google Compute Engine
- You manage: Applications, Data, Runtime, Middleware, OS
- Provider manages: Virtualization, Servers, Storage, Networking
// Platform as a Service (PaaS)
- Platform for developing and deploying applications
- Examples: AWS Elastic Beanstalk, Azure App Service, Google App Engine
- You manage: Applications and Data
- Provider manages: Runtime, Middleware, OS, Virtualization, Servers, Storage, Networking
// Software as a Service (SaaS)
- Software applications over the internet
- Examples: Gmail, Office 365, Salesforce
- You manage: Nothing (just use the software)
- Provider manages: Everything
Note: Understanding these service models helps determine responsibility and control over cloud resources.
Cloud Deployment Models
// Public Cloud
- Services delivered over the public internet
- Available to anyone who wants to purchase them
- Examples: AWS, Azure, Google Cloud Platform
- Benefits: Cost-effective, scalable, no maintenance
// Private Cloud
- Cloud infrastructure dedicated to a single organization
- May be managed internally or by a third party
- Examples: VMware Cloud, OpenStack
- Benefits: More control, enhanced security
// Hybrid Cloud
- Combination of public and private clouds
- Data and applications can move between them
- Examples: AWS Outposts, Azure Stack
- Benefits: Flexibility, optimization of existing infrastructure
// Community Cloud
- Infrastructure shared by several organizations
- With common concerns (security, compliance, etc.)
- Examples: Government community clouds
- Benefits: Cost sharing, specialized requirements
- Services delivered over the public internet
- Available to anyone who wants to purchase them
- Examples: AWS, Azure, Google Cloud Platform
- Benefits: Cost-effective, scalable, no maintenance
// Private Cloud
- Cloud infrastructure dedicated to a single organization
- May be managed internally or by a third party
- Examples: VMware Cloud, OpenStack
- Benefits: More control, enhanced security
// Hybrid Cloud
- Combination of public and private clouds
- Data and applications can move between them
- Examples: AWS Outposts, Azure Stack
- Benefits: Flexibility, optimization of existing infrastructure
// Community Cloud
- Infrastructure shared by several organizations
- With common concerns (security, compliance, etc.)
- Examples: Government community clouds
- Benefits: Cost sharing, specialized requirements
AWS Services
AWS Compute Services
// EC2 (Elastic Compute Cloud)
- Virtual servers in the cloud
- Instance types: General purpose, compute optimized, memory optimized, etc.
- Pricing models: On-demand, reserved instances, spot instances
// Lambda
- Serverless compute service
- Run code without provisioning servers
- Pay only for compute time consumed
- Supports: Node.js, Python, Java, C#, Go, Ruby
// ECS (Elastic Container Service)
- Highly scalable container orchestration service
- Supports Docker containers
- Alternatives: EKS (Kubernetes service), Fargate (serverless)
// Elastic Beanstalk
- PaaS for deploying and scaling web applications
- Supports: Java, .NET, PHP, Node.js, Python, Ruby, Go, Docker
- Automatically handles deployment, capacity provisioning, load balancing, auto-scaling
- Virtual servers in the cloud
- Instance types: General purpose, compute optimized, memory optimized, etc.
- Pricing models: On-demand, reserved instances, spot instances
// Lambda
- Serverless compute service
- Run code without provisioning servers
- Pay only for compute time consumed
- Supports: Node.js, Python, Java, C#, Go, Ruby
// ECS (Elastic Container Service)
- Highly scalable container orchestration service
- Supports Docker containers
- Alternatives: EKS (Kubernetes service), Fargate (serverless)
// Elastic Beanstalk
- PaaS for deploying and scaling web applications
- Supports: Java, .NET, PHP, Node.js, Python, Ruby, Go, Docker
- Automatically handles deployment, capacity provisioning, load balancing, auto-scaling
Note: Choose EC2 for full control, Lambda for event-driven tasks, and containers for microservices architecture.
AWS Storage Services
// S3 (Simple Storage Service)
- Object storage with high durability (99.999999999%)
- Storage classes: Standard, Intelligent-Tiering, Standard-IA, One Zone-IA, Glacier, Deep Archive
- Features: Versioning, lifecycle policies, encryption, static website hosting
// EBS (Elastic Block Store)
- Block storage for EC2 instances
- Volume types: General Purpose (SSD), Provisioned IOPS (SSD), Throughput Optimized (HDD), Cold (HDD)
- Features: Snapshots, encryption
// EFS (Elastic File System)
- Managed NFS (network file system)
- Can be shared across multiple EC2 instances
- Scales automatically as files are added/removed
// Glacier
- Low-cost storage for data archiving and backup
- Retrieval options: Expedited (1-5 min), Standard (3-5 hours), Bulk (5-12 hours)
- Often used with S3 lifecycle policies for automatic archiving
- Object storage with high durability (99.999999999%)
- Storage classes: Standard, Intelligent-Tiering, Standard-IA, One Zone-IA, Glacier, Deep Archive
- Features: Versioning, lifecycle policies, encryption, static website hosting
// EBS (Elastic Block Store)
- Block storage for EC2 instances
- Volume types: General Purpose (SSD), Provisioned IOPS (SSD), Throughput Optimized (HDD), Cold (HDD)
- Features: Snapshots, encryption
// EFS (Elastic File System)
- Managed NFS (network file system)
- Can be shared across multiple EC2 instances
- Scales automatically as files are added/removed
// Glacier
- Low-cost storage for data archiving and backup
- Retrieval options: Expedited (1-5 min), Standard (3-5 hours), Bulk (5-12 hours)
- Often used with S3 lifecycle policies for automatic archiving
Azure Services
Azure Compute Services
// Virtual Machines
- IaaS offering for deploying persistent VMs
- Series: B (burstable), D (general purpose), F (compute optimized), E/M (memory optimized)
- Pricing models: Pay-as-you-go, reserved instances, spot VMs
// App Service
- PaaS for building web apps, mobile backends, and RESTful APIs
- Supports: .NET, .NET Core, Java, Ruby, Node.js, PHP, Python
- Plans: Free, Shared, Basic, Standard, Premium, Isolated
// Azure Functions
- Serverless compute service
- Event-driven scale
- Pricing: Consumption plan (pay per execution), Premium plan (pre-warmed instances)
- Supports: C#, Java, JavaScript, PowerShell, Python, TypeScript
// Azure Kubernetes Service (AKS)
- Managed Kubernetes container orchestration service
- Simplifies deploying, managing, and scaling containerized applications
- Features: Integrated monitoring, automatic upgrades, self-healing
- IaaS offering for deploying persistent VMs
- Series: B (burstable), D (general purpose), F (compute optimized), E/M (memory optimized)
- Pricing models: Pay-as-you-go, reserved instances, spot VMs
// App Service
- PaaS for building web apps, mobile backends, and RESTful APIs
- Supports: .NET, .NET Core, Java, Ruby, Node.js, PHP, Python
- Plans: Free, Shared, Basic, Standard, Premium, Isolated
// Azure Functions
- Serverless compute service
- Event-driven scale
- Pricing: Consumption plan (pay per execution), Premium plan (pre-warmed instances)
- Supports: C#, Java, JavaScript, PowerShell, Python, TypeScript
// Azure Kubernetes Service (AKS)
- Managed Kubernetes container orchestration service
- Simplifies deploying, managing, and scaling containerized applications
- Features: Integrated monitoring, automatic upgrades, self-healing
Note: Azure Functions is great for event-driven architectures, while AKS is ideal for containerized microservices.
Azure Storage Services
// Blob Storage
- Object storage solution for the cloud
- Tiers: Hot (frequent access), Cool (infrequent access), Archive (rarely accessed)
- Types: Block blobs (text, binary), Append blobs (logging), Page blobs (VHDs)
// Azure Files
- Fully managed file shares in the cloud
- Accessible via SMB protocol
- Can be mounted concurrently by cloud or on-premises deployments
// Azure Disk Storage
- Block-level storage volumes for Azure VMs
- Types: Ultra disks, Premium SSDs, Standard SSDs, Standard HDDs
- Features: Encryption, backups, snapshots
// Azure Data Lake Storage
- Hyperscale repository for big data analytics workloads
- Supports: POSIX compliance, hierarchical namespace
- Integrates with: Azure Databricks, HDInsight, Synapse Analytics
- Object storage solution for the cloud
- Tiers: Hot (frequent access), Cool (infrequent access), Archive (rarely accessed)
- Types: Block blobs (text, binary), Append blobs (logging), Page blobs (VHDs)
// Azure Files
- Fully managed file shares in the cloud
- Accessible via SMB protocol
- Can be mounted concurrently by cloud or on-premises deployments
// Azure Disk Storage
- Block-level storage volumes for Azure VMs
- Types: Ultra disks, Premium SSDs, Standard SSDs, Standard HDDs
- Features: Encryption, backups, snapshots
// Azure Data Lake Storage
- Hyperscale repository for big data analytics workloads
- Supports: POSIX compliance, hierarchical namespace
- Integrates with: Azure Databricks, HDInsight, Synapse Analytics
Google Cloud Services
GCP Compute Services
// Compute Engine
- IaaS offering for creating and running virtual machines
- Machine types: General-purpose, memory-optimized, compute-optimized
- Pricing models: On-demand, sustained use discounts, committed use contracts
// App Engine
- Fully managed serverless platform for apps and backends
- Environments: Standard (sandboxed), Flexible (containers)
- Supports: Python, Java, Node.js, Go, Ruby, PHP, .NET
// Cloud Functions
- Event-driven serverless compute platform
- Triggers: HTTP, Cloud Storage, Pub/Sub, Firestore, etc.
- Supports: Node.js, Python, Go, Java, .NET, Ruby, PHP
// Google Kubernetes Engine (GKE)
- Managed Kubernetes service
- Features: Auto-repair, auto-upgrade, node auto-provisioning
- Options: Standard mode, Autopilot mode (fully managed)
- IaaS offering for creating and running virtual machines
- Machine types: General-purpose, memory-optimized, compute-optimized
- Pricing models: On-demand, sustained use discounts, committed use contracts
// App Engine
- Fully managed serverless platform for apps and backends
- Environments: Standard (sandboxed), Flexible (containers)
- Supports: Python, Java, Node.js, Go, Ruby, PHP, .NET
// Cloud Functions
- Event-driven serverless compute platform
- Triggers: HTTP, Cloud Storage, Pub/Sub, Firestore, etc.
- Supports: Node.js, Python, Go, Java, .NET, Ruby, PHP
// Google Kubernetes Engine (GKE)
- Managed Kubernetes service
- Features: Auto-repair, auto-upgrade, node auto-provisioning
- Options: Standard mode, Autopilot mode (fully managed)
Note: GKE Autopilot reduces operational overhead by managing nodes automatically.
GCP Storage Services
// Cloud Storage
- Unified object storage
- Storage classes: Standard, Nearline, Coldline, Archive
- Features: Versioning, lifecycle management, uniform bucket-level access
// Persistent Disk
- Block storage for Google Cloud VM instances
- Types: Standard HDD, Balanced SSD, Performance SSD, Extreme SSD
- Options: Zonal (single zone), Regional (across two zones)
// Filestore
- Managed file storage for applications
- Fully managed NFS file servers on Google Cloud
- Tiers: Basic HDD, Basic SSD, High Scale SSD
// Cloud Storage for Firebase
- Built for app developers to store and serve user-generated content
- Integrates with Firebase Authentication for security rules
- Scales automatically and offers robust operations
- Unified object storage
- Storage classes: Standard, Nearline, Coldline, Archive
- Features: Versioning, lifecycle management, uniform bucket-level access
// Persistent Disk
- Block storage for Google Cloud VM instances
- Types: Standard HDD, Balanced SSD, Performance SSD, Extreme SSD
- Options: Zonal (single zone), Regional (across two zones)
// Filestore
- Managed file storage for applications
- Fully managed NFS file servers on Google Cloud
- Tiers: Basic HDD, Basic SSD, High Scale SSD
// Cloud Storage for Firebase
- Built for app developers to store and serve user-generated content
- Integrates with Firebase Authentication for security rules
- Scales automatically and offers robust operations
Cloud Security
Security Best Practices
// Identity and Access Management (IAM)
- Follow principle of least privilege
- Use groups/roles instead of individual user permissions
- Enable multi-factor authentication (MFA)
- Regularly review and audit permissions
// Data Protection
- Encrypt data at rest and in transit
- Use customer-managed keys (CMK) when possible
- Implement data classification and handling policies
- Regularly backup critical data
// Network Security
- Use VPCs (Virtual Private Clouds) to isolate resources
- Implement security groups and network ACLs
- Use private subnets for non-public facing resources
- Implement VPN or Direct Connect for hybrid environments
// Monitoring and Logging
- Enable cloud trail/audit logging
- Set up alerts for suspicious activities
- Regularly review logs and monitor access patterns
- Use services like AWS GuardDuty, Azure Security Center, GCP Security Command Center
- Follow principle of least privilege
- Use groups/roles instead of individual user permissions
- Enable multi-factor authentication (MFA)
- Regularly review and audit permissions
// Data Protection
- Encrypt data at rest and in transit
- Use customer-managed keys (CMK) when possible
- Implement data classification and handling policies
- Regularly backup critical data
// Network Security
- Use VPCs (Virtual Private Clouds) to isolate resources
- Implement security groups and network ACLs
- Use private subnets for non-public facing resources
- Implement VPN or Direct Connect for hybrid environments
// Monitoring and Logging
- Enable cloud trail/audit logging
- Set up alerts for suspicious activities
- Regularly review logs and monitor access patterns
- Use services like AWS GuardDuty, Azure Security Center, GCP Security Command Center
Note: Security is a shared responsibility between the cloud provider and the customer.
Compliance & Governance
// Compliance Standards
- Major cloud providers comply with numerous standards:
- SOC 1/2/3, ISO 27001, PCI DSS, HIPAA, GDPR, FedRAMP
- Check provider documentation for specific compliance certifications
// Governance Tools
- AWS: Organizations, Control Tower, Config, Trusted Advisor
- Azure: Policy, Blueprints, Management Groups, Advisor
- GCP: Organization Policies, Resource Manager, Security Health Analytics
// Cost Management
- Set up billing alerts and budgets
- Use cost explorer tools to analyze spending
- Implement tagging strategies for cost allocation
- Use reserved instances/savings plans for predictable workloads
// Resource Management
- Implement resource naming conventions
- Use infrastructure as code (IaC) for consistent deployments
- Regularly clean up unused resources
- Implement auto-scaling to optimize resource utilization
- Major cloud providers comply with numerous standards:
- SOC 1/2/3, ISO 27001, PCI DSS, HIPAA, GDPR, FedRAMP
- Check provider documentation for specific compliance certifications
// Governance Tools
- AWS: Organizations, Control Tower, Config, Trusted Advisor
- Azure: Policy, Blueprints, Management Groups, Advisor
- GCP: Organization Policies, Resource Manager, Security Health Analytics
// Cost Management
- Set up billing alerts and budgets
- Use cost explorer tools to analyze spending
- Implement tagging strategies for cost allocation
- Use reserved instances/savings plans for predictable workloads
// Resource Management
- Implement resource naming conventions
- Use infrastructure as code (IaC) for consistent deployments
- Regularly clean up unused resources
- Implement auto-scaling to optimize resource utilization
Cloud Architecture
Design Principles
// Well-Architected Framework (AWS)
- Operational Excellence: Run and monitor systems, continually improve processes
- Security: Protect information, systems, and assets
- Reliability: Recover from infrastructure or service disruptions
- Performance Efficiency: Use computing resources efficiently
- Cost Optimization: Avoid unnecessary costs
// Design for Failure
- Assume everything will eventually fail
- Implement redundancy at all levels
- Use multiple availability zones/regions
- Design stateless applications when possible
// Decouple Components
- Use message queues (SQS, Service Bus, Pub/Sub)
- Implement event-driven architectures
- Use API gateways for service communication
- Avoid tight coupling between services
// Implement Elasticity
- Design systems to scale automatically
- Use auto-scaling groups/functions
- Implement caching strategies
- Use content delivery networks (CDNs) for static assets
- Operational Excellence: Run and monitor systems, continually improve processes
- Security: Protect information, systems, and assets
- Reliability: Recover from infrastructure or service disruptions
- Performance Efficiency: Use computing resources efficiently
- Cost Optimization: Avoid unnecessary costs
// Design for Failure
- Assume everything will eventually fail
- Implement redundancy at all levels
- Use multiple availability zones/regions
- Design stateless applications when possible
// Decouple Components
- Use message queues (SQS, Service Bus, Pub/Sub)
- Implement event-driven architectures
- Use API gateways for service communication
- Avoid tight coupling between services
// Implement Elasticity
- Design systems to scale automatically
- Use auto-scaling groups/functions
- Implement caching strategies
- Use content delivery networks (CDNs) for static assets
Note: These principles apply across all major cloud platforms with slight variations in implementation.
Migration Strategies
// 6 R's of Migration
- Rehost (Lift and Shift): Move applications without changes
- Replatform (Lift, Tinker, and Shift): Make minor optimizations
- Refactor (Re-architect): Significantly modify application code
- Repurchase: Switch to a different product (e.e., SaaS)
- Retire: Decommission unused applications
- Retain: Keep applications in current environment
// Migration Process
- Assessment: Discover and analyze current environment
- Planning: Prioritize workloads, choose migration strategy
- Migration: Execute the actual migration
- Operation: Optimize and manage in the new environment
// Tools and Services
- AWS: Migration Hub, Application Discovery Service, Server Migration Service, Database Migration Service
- Azure: Migrate, Data Box, Site Recovery, Database Migration Service
- GCP: Migrate for Compute Engine, Storage Transfer Service, Database Migration Service
// Common Challenges
- Network bandwidth limitations
- Application compatibility issues
- Data transfer costs
- Staff skills and training requirements
- Rehost (Lift and Shift): Move applications without changes
- Replatform (Lift, Tinker, and Shift): Make minor optimizations
- Refactor (Re-architect): Significantly modify application code
- Repurchase: Switch to a different product (e.e., SaaS)
- Retire: Decommission unused applications
- Retain: Keep applications in current environment
// Migration Process
- Assessment: Discover and analyze current environment
- Planning: Prioritize workloads, choose migration strategy
- Migration: Execute the actual migration
- Operation: Optimize and manage in the new environment
// Tools and Services
- AWS: Migration Hub, Application Discovery Service, Server Migration Service, Database Migration Service
- Azure: Migrate, Data Box, Site Recovery, Database Migration Service
- GCP: Migrate for Compute Engine, Storage Transfer Service, Database Migration Service
// Common Challenges
- Network bandwidth limitations
- Application compatibility issues
- Data transfer costs
- Staff skills and training requirements
Comprehensive Cloud Computing Concepts Cheatsheet Reference
This Cloud Computing Concepts cheatsheet on Nikhil Learn Hub collects syntax, commands, and practical snippets for quick revision. Explore cloud computing models, virtualization, deployment methods, storage, and networking concepts with simple examples.
Use the reference cards and examples above during coding sessions; return here instead of scattered searches when you need dependable reminders. Follow the Cloud computing learning roadmap when you want structured lessons beyond one-page lookups.
Quick lookup coverage
- Syntax, commands, and API signatures
- Copy-ready examples and common patterns
- Terminology for coursework and interviews
- Cross-links to the matching learning roadmap
How to study with this sheet
- Production debugging and tuning reminders
- Security, performance, or scale cautions
- Integration with adjacent stacks on this site
- Deeper study through tutorials and roadmaps
Who Should Use This Cheatsheet
Students, self-taught developers, and professionals who need fast Cloud Computing Concepts lookups during labs, debugging, or interview revision should keep this page bookmarked.
Related Resources on Nikhil Learn Hub
- Cloud computing learning roadmapstructured learning path for the same technology
- Cheatsheets hubbrowse all quick-reference sheets
- Technology hubtutorials, roadmaps, and practice hubs