(Domain 1) Foundations — Cloud Concepts

Capital Expense (CapEx)

Money spent upfront to acquire, upgrade, and maintain physical assets. In traditional IT, this means purchasing servers, building data centers, hiring staff to manage them, and paying for physical security, all before you even know how much you'll use them. You pay whether resources are used or not, and the procurement cycle is long and rigid.

Operational Expense (OpEx)

Money spent on an as-needed basis for day-to-day operations. Cloud computing converts IT spending into an operational expense. You pay only for what you consume, when you consume it. There are no large upfront investments, and costs can be scaled up or down based on actual usage.

First Advantage of Cloud Computing

Trade Capital Expense for Variable Expense; Instead of investing heavily in data centers and servers before knowing how you'll use them, you pay only when you consume resources and only for the amount you consume. This reduces wasted spending and lowers the barrier to adopting new technology.

Second Advantage of Cloud Computing

Benefit from Massive Economies of Scale; Because AWS aggregates usage from hundreds of thousands of customers, they can achieve higher economies of scale and pass those savings on to customers through lower pay-as-you-go prices. Individual businesses could never achieve this pricing on their own.

Third Advantage of Cloud Computing

Stop Guessing Capacity; Traditional IT forces you to estimate your maximum capacity needs upfront — leading to either costly idle resources (overestimated) or insufficient capacity (underestimated). Cloud computing lets you scale up or down in minutes based on actual demand, eliminating the guesswork entirely.

Fourth Advantage of Cloud Computing

Increase Speed and Agility; In traditional IT, obtaining new resources can take weeks due to procurement processes. In the cloud, new IT resources are available in minutes with just a few clicks. This dramatically lowers the cost and time needed to experiment, develop, and innovate.

Fifth Advantage of Cloud Computing

Stop Spending Money on Running and Maintaining Data Centers; Cloud computing frees organizations from the burden of racking, stacking, and powering physical servers. Instead of focusing on infrastructure maintenance, teams can redirect their time, energy, and money toward projects that differentiate their business and serve their customers.

Sixth Advantage of Cloud Computing

Go Global in Minutes; With AWS, you can deploy your application across multiple geographic regions around the world with just a few clicks. This allows businesses to provide lower latency and a better user experience for customers globally, at minimal additional cost.

Public Cloud

Everything runs fully in the cloud. All parts of your application are built and hosted on the cloud provider's infrastructure (like AWS). You don't own any physical hardware — the cloud provider owns and manages it all. Best for businesses that want to take full advantage of cloud benefits with no on-premises equipment.

Private Cloud (On-Premises)

Everything runs on your own physical hardware, located in your own data center. Sometimes called "on-premises." You own, manage, and maintain all the equipment yourself. It offers dedicated resources but misses out on most cloud benefits like easy scaling and reduced costs.

Hybrid

A mix of both public cloud and private/on-premises infrastructure, connected together. For example, a company might keep sensitive data on their own servers while running other parts of their application in the cloud. Best for organizations that need to gradually transition to the cloud or have specific requirements that prevent fully moving to the cloud.

Software as a Service (SAAS)

SaaS is the most native and utilitarian of all cloud service models available today. It is a fully managed application exposing only business process functionality. Service handoff typically occurs in a browser or client application UI.

Infrastructure as a Service (IAAS)

IaaS is the most basic of all cloud service models available today. It is a fully managed compute, storage, and network service exposing only logical IT asset abstractions. Compute handoff interface is the guest VM and guest VM OS.

Platform as a Service (PAAS)

PaaS is the most application centric of all cloud service models available today. It is a fully managed app hosting and development runtime service exposing only application centric abstractions.

AWS Region

A separate geographic area around the world where AWS has data centers (e.g. US East, Europe, Asia Pacific).

Availability Zone (AZ)

An individual data center or group of data centers within an AWS Region, isolated from each other to prevent failures from spreading.

Edge Location

A site placed in or near heavily populated areas that stores cached content closer to end users for faster delivery.

AWS Well-Architected Framework

A guide created by AWS that provides best practices to help you build cloud systems that are secure, reliable, and efficient; built around six pillars.

First Pillar AWS WAF

Operational Excellence; Running and monitoring your systems smoothly while constantly looking for ways to improve. For example, automating tasks and fixing problems quickly when they arise.

Second Pillar AWS WAF

Security; Protecting your data, systems, and resources from unauthorized access or threats. example: Using passwords, encryption, and controlling who has access to what

Third Pillar AWS WAF

Reliability; Making sure your system keeps working correctly and can recover quickly when something goes wrong. example: Having a backup plan so your website stays online even if one server fails.

Fourth Pillar AWS WAF

Performance Efficiency; Using only the computing resources you need, without wasting anything, while still meeting demand. example: Choosing the right size server for your workload so you are not overpaying or underperforming.

Fifth Pillar AWS WAF

Cost Optimization; Getting the most value out of your cloud spending by eliminating waste and unnecessary costs. example: Turning off servers you are not using to avoid paying for idle resources.

Sixth Pillar AWS WAF

Sustainability; Minimizing the environmental impact of your cloud workloads by using resources as efficiently as possible. example: Reducing energy consumption by rightsizing your infrastructure and avoiding waste.

Shared Responsibility Model

A security agreement between AWS and the customer that defines who is responsible for what when it comes to keeping cloud systems and data safe and secure.

The Simple Rule of the Shared Responsibility Model

AWS is responsible for security OF the cloud. The Customer is responsible for security IN the cloud.

What is AWS Responsible For in the SRM?

1. Physical Security; Protecting the actual buildings and hardware where AWS data centers are located.

2. Hardware; Maintaining and replacing servers, storage, and networking equipment.

3. Networking Infrastructure; Managing the routers, switches, and cables that connect AWS services.

4. Global Infrastructure; Securing all Regions, Availability Zones, and Edge Locations worldwide.

5. Software; Managing the core software that runs AWS services.

What is THE Customer Responsible For in the SRM?

1. Data; Protecting and encrypting the data you store in the cloud.

2. Applications; Securing the applications you build and deploy on AWS.

3. User Access; Managing who has permission to access your AWS resources using IAM.

4. Operating Systems; Patching and updating the operating systems on your own servers.

5. Network Configuration; Setting up firewalls, security groups, and network settings correctly.