Skip to main content

Menu

LEVEL 0
0/5 XP
HomeAboutTopicsPricingMy VaultStatsPractice TestsCertifications

Categories

πŸŽ“ Certifications
πŸ€– Artificial Intelligence
☁️ Cloud and Infrastructure
πŸ’Ύ Data and Databases
πŸ’Ό Professional Skills
🎯 Programming and Development
πŸ”’ Security and Networking
πŸ“š Specialized Topics
CheatGrid
HomeAboutTopicsPricingMy VaultStatsPractice TestsCertifications
LVLEVEL 0
0/5 XP
GitHub
Β© 2026 CheatGridβ„’. All rights reserved.
Privacy PolicyTerms of UseAboutContact

Cloud Computing Basics Cheat Sheet

Cloud Computing Basics Cheat Sheet

Tables
Back to Cloud Computing
Updated 2026-04-20
Next Topic: Cloud Cost Optimization Strategies Cheat Sheet

Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing, fundamentally changing how organizations access and manage technology infrastructure. Rather than investing in and maintaining physical data centers, organizations can provision compute, storage, databases, networking, and other services instantly from cloud providers like AWS, Microsoft Azure, and Google Cloud Platform. The key mental model: cloud computing shifts IT from a capital expenditure (buying servers) to an operational expenditure (renting capacity), enabling unprecedented agility, scalability, and cost efficiency while letting teams focus on innovation rather than infrastructure management.

Quick Index108Β entriesΒ Β·Β 15Β tables
Mind Map

15 tables, 108 concepts. Select a concept node to jump to its table row.

Preparing mind map...

Table 1: Service Models

Service models answer a single question: how much of the stack does the provider manage versus you? The classic trio β€” IaaS, PaaS, SaaS β€” runs from renting raw virtual machines to consuming finished applications in a browser, with each step handing off more of the underlying layers. The newer "as-a-service" rows extend the same idea to functions, containers, databases, and even AI, so you can outsource exactly the layer that isn't your core problem.

ModelExampleDescription
Infrastructure as a Service (IaaS)
AWS EC2, Azure Virtual Machines, Google Compute Engine
Provides virtualized computing resources over the internet β€” you manage OS, runtime, middleware, and applications while the provider manages physical infrastructure, networking, and storage hardware
Platform as a Service (PaaS)
AWS Elastic Beanstalk, Azure App Service, Google App Engine
Offers a complete development and deployment environment in the cloud β€” handles infrastructure, OS, middleware, and runtime so developers focus solely on code and data
Software as a Service (SaaS)
Microsoft 365, Salesforce, Google Workspace, Dropbox
Delivers fully managed applications over the internet β€” users access via browser with zero infrastructure management, automatic updates, and subscription pricing
Function as a Service (FaaS)
AWS Lambda, Azure Functions, Google Cloud Functions
Enables event-driven code execution without managing servers β€” pay only for actual compute time in milliseconds, with automatic scaling from zero to thousands of concurrent executions
Container as a Service (CaaS)
Amazon ECS, Azure Container Instances, Google Kubernetes Engine
Offers container orchestration and management β€” deploy, scale, and manage containerized applications without managing the underlying infrastructure
Database as a Service (DBaaS)
Amazon RDS, Azure SQL Database, Google Cloud SQL
Provides managed database services with automated backups, patching, and scaling β€” eliminates database administration overhead while maintaining high availability
Backend as a Service (BaaS)
Firebase, AWS Amplify, Azure Mobile Apps
Delivers ready-to-use backend functionality like authentication, databases, and APIs β€” primarily for mobile and web applications with minimal backend coding
Disaster Recovery as a Service (DRaaS)
Zerto, Azure Site Recovery, AWS Elastic Disaster Recovery
Provides cloud-based disaster recovery β€” replicates and hosts physical or virtual servers to provide failover in the event of a natural or man-made disaster
Network as a Service (NaaS)
Cisco Meraki, Megaport, Cloudflare Magic WAN
Delivers virtualized networking services over the cloud β€” replaces traditional hardware-centric networking with on-demand, software-defined connectivity
AI as a Service (AIaaS)
Amazon SageMaker, Google Vertex AI, Azure AI Services
Provides managed AI and ML platforms β€” offers pre-trained models, training infrastructure, and inference APIs without building ML pipelines from scratch

Table 2: Deployment Models

Where the infrastructure lives and who shares it is a separate decision from which service model you pick. Public cloud means shared, provider-owned infrastructure at maximum scale; private cloud is dedicated to one organization for tighter control; and hybrid and multi-cloud blend approaches to balance cost, compliance, and vendor lock-in. The sovereign and community rows reflect the growing pressure to keep data inside specific legal borders.

ModelExampleDescription
Public Cloud
AWS, Microsoft Azure, Google Cloud Platform
Infrastructure owned and operated by third-party cloud providers β€” resources shared among multiple organizations (multi-tenancy) with internet access, offering maximum scalability and cost efficiency
Private Cloud
VMware Cloud, OpenStack on-premises, Azure Stack
Dedicated infrastructure used exclusively by one organization β€” can be hosted on-premises or by a third party, providing greater control, security, and compliance at higher cost
Hybrid Cloud
AWS Outposts, Azure Arc, Google Anthos
Combines public and private clouds with orchestration between them β€” allows workloads to move between environments based on computing needs, compliance, or cost optimization
Multi-Cloud
Using AWS + Azure + GCP simultaneously
Strategy using multiple cloud providers concurrently β€” avoids vendor lock-in, leverages best-of-breed services, and provides redundancy, but increases management complexity
Community Cloud
AWS GovCloud, Azure Government
Shared infrastructure for organizations with common concerns β€” typically regulatory compliance, security requirements, or industry-specific needs like healthcare or finance
Sovereign Cloud
T-Systems Sovereign Cloud, Google Distributed Cloud
Infrastructure ensuring data stays within national borders under local jurisdiction β€” addresses data sovereignty and regulatory requirements increasingly mandated by governments in 2026

Table 3: Essential Characteristics (NIST SP 800-145)

These five traits are NIST's official definition of what makes something genuinely "cloud" rather than just hosting β€” and they show up constantly on certification exams. Together they describe a system you can provision yourself, reach from any device, that pools resources across many tenants, scales elastically with demand, and meters everything so you pay only for what you use.

CharacteristicExampleDescription
On-Demand Self-Service
Launching a VM via AWS console without calling support
Users can provision resources automatically without human interaction with the service provider β€” typically through web consoles, APIs, or command-line tools
Broad Network Access
Accessing cloud applications from laptop, phone, tablet
Resources accessible over the network via standard protocols β€” supports heterogeneous client platforms including mobile phones, tablets, laptops, and workstations
Resource Pooling
Multiple tenants sharing same physical servers
Provider's computing resources serve multiple customers using multi-tenancy β€” physical and virtual resources dynamically assigned based on demand with location independence
Rapid Elasticity
Auto-scaling web servers during traffic spike
Resources can be scaled up or down quickly and automatically β€” often seamlessly to the user, appearing unlimited and available in any quantity at any time
Measured Service
Pay-per-GB storage, pay-per-hour compute
Resource usage is monitored, controlled, and reported β€” provides transparency for both provider and consumer, enabling pay-per-use or charge-per-use business models

Table 4: Core Benefits

This is the "why bother" list β€” the concrete payoffs that drive organizations off their own data centers. The headline is the shift from capital expense to operational expense, but the rest of the table is just as important: scalability and elasticity to match capacity to demand, agility to ship faster, and the global reach, reliability, and security you'd struggle to build alone. A handy distinction to hold onto is scalability (the ability to grow) versus elasticity (growing and shrinking automatically).

BenefitExampleDescription
Cost Savings (CapEx to OpEx)
Trading 100K data center investment for 1K/month cloud bill
Eliminates capital expenses for hardware and data centers β€” converts to variable operational expenses with pay-only-for-what-you-use pricing and economies of scale
Scalability
Adding 100 servers during holiday shopping season
Ability to increase or decrease resources to handle workloads β€” can scale vertically (bigger machines) or horizontally (more machines) based on demand
Elasticity
Auto-scaling from 2 to 200 instances and back to 2
Automatic scaling of resources based on current demand β€” scales both up and down dynamically, ensuring optimal resource utilization and cost efficiency
Agility
Deploying new environment in minutes vs weeks
Faster time-to-market for new capabilities β€” provision resources in minutes, experiment rapidly, and iterate quickly without long procurement cycles
Global Reach
Deploying application to 30+ geographic regions in minutes
Deploy applications in multiple geographic locations worldwide β€” reduces latency for end users and enables disaster recovery across continents
Reliability
99.99% uptime SLA with automatic failover
Enhanced availability through multiple redundant sites β€” providers offer backup, disaster recovery, and data replication across geographically distributed infrastructure
Security
Built-in DDoS protection, encryption, compliance certifications
Benefit from provider's massive security investments β€” includes physical security, network security, encryption, compliance certifications, and continuous monitoring at enterprise scale
Performance
Access to latest CPUs, GPUs, and high-speed networking
Use cutting-edge hardware without capital investment β€” providers continually upgrade infrastructure with latest processors, storage, and networking technologies
Sustainability
AWS targets 100% renewable energy by 2025, Azure carbon-negative by 2030
Cloud providers invest heavily in energy-efficient data centers and renewable energy β€” migrating to cloud can reduce carbon footprint by up to 80% compared to on-premises

Table 5: Global Infrastructure

Cloud providers organize their physical footprint into a nested geography that you'll deploy into deliberately. Regions are broad geographic areas, availability zones are the isolated data centers inside them that let you survive a single failure, and edge and local zones push compute closer to users for lower latency. Data sovereignty is the legal overlay β€” the rules dictating which region your data is even allowed to sit in.

ConceptExampleDescription
Region
us-east-1 (N. Virginia), eu-west-1 (Ireland)
A geographic area containing multiple isolated data center clusters β€” choose regions based on latency, compliance, and data residency requirements
Availability Zone (AZ)
us-east-1a, us-east-1b, us-east-1c
Isolated data center(s) within a region β€” connected via low-latency links, designed so a failure in one AZ does not affect others
Edge Location
CloudFront PoP in Tokyo caching static content
CDN endpoint closer to end users β€” caches content at 400+ points of presence worldwide for lower latency content delivery
Local Zone
AWS Local Zone in Los Angeles for low-latency gaming
Extension of a region placed in a metro area β€” provides single-digit millisecond latency for latency-sensitive applications
Data Sovereignty
GDPR requiring EU citizen data stays in EU
Legal requirement that data is subject to laws of the country where it is stored β€” increasingly important as regulations like GDPR, NIS2, and DORA tighten in 2026

Table 6: Computing Resources

These are the actual ways you run code in the cloud, arranged loosely from heaviest to lightest. Virtual machines give you a full OS to control, containers package just your app and its dependencies for faster, denser deployment, and serverless functions strip it down to running code on a trigger with no server to manage. The specialty rows β€” bare metal, GPU, and spot instances β€” handle performance-critical, accelerated, or cost-sensitive interruptible workloads.

TypeExampleDescription
Virtual Machines
aws ec2 run-instances --image-id ami-12345678
Virtualized servers running complete operating systems β€” provide full OS control with customizable CPU, memory, and storage configurations
Containers
Docker containers running on Amazon ECS or Kubernetes
Lightweight virtualization packaging application and dependencies β€” share OS kernel for faster startup and higher density than VMs
Serverless Functions
def lambda_handler(event, context):
return {'statusCode': 200}
Event-triggered code execution without server management β€” scales automatically from zero, charges only for actual execution time
Bare Metal Instances
AWS i3.metal, Azure Bare Metal, GCP C3 bare metal
Physical servers without virtualization layer β€” provides maximum performance for workloads sensitive to virtualization overhead or requiring specific hardware access
GPU Instances
NVIDIA H100 instances for LLM training
Specialized compute with graphics processing units β€” accelerates machine learning, scientific computing, graphics rendering, and video encoding workloads
Spot/Preemptible Instances
Bidding for unused EC2 capacity at 90% discount
Unused capacity at significantly reduced prices β€” can be interrupted with short notice, ideal for fault-tolerant batch processing and stateless workloads

Table 7: Storage Services

Cloud storage isn't one thing β€” the type you choose depends on how your data is accessed. Object storage holds unstructured files like media and backups at near-infinite scale, block storage gives VMs fast low-latency volumes for databases, and file storage offers shared network filesystems multiple machines can mount at once. Archive storage trades retrieval speed for the lowest cost, while ephemeral storage is fast but vanishes when the instance stops.

TypeExampleDescription
Object Storage
Amazon S3, Azure Blob Storage, Google Cloud Storage
Stores data as discrete objects with metadata β€” highly scalable and durable (99.999999999% durability), accessed via HTTP APIs, ideal for unstructured data like images, videos, and backups
Block Storage
Amazon EBS, Azure Managed Disks, GCP Persistent Disk
Provides raw storage volumes attached to VMs β€” low-latency persistent storage for databases and applications requiring direct block-level access
File Storage
Amazon EFS, Azure Files, Google Filestore
Offers network-attached file systems β€” supports concurrent access from multiple instances using standard file protocols like NFS or SMB
Archive Storage
Amazon S3 Glacier, Azure Archive Storage
Long-term cold storage at lowest cost β€” optimized for data accessed rarely, with retrieval times from minutes to hours
Ephemeral Storage
EC2 instance store volumes
Temporary storage physically attached to host β€” high performance but data lost when instance stops, suitable for temporary caches and buffers

Table 8: Networking Concepts

The VPC is the foundation of cloud networking β€” your own isolated, software-defined network where you control IP ranges, subnets, and routing. The rest of the table builds outward from there: subnets segment it into public and private zones, load balancers and CDNs distribute traffic, and gateways and connectivity options (VPN, Direct Connect, Transit Gateway, Private Link) govern how traffic flows in, out, and between networks securely.

ConceptExampleDescription
Virtual Private Cloud (VPC)
Isolated network: 10.0.0.0/16 with private subnets
Logically isolated network within cloud provider β€” provides complete control over IP addressing, subnets, routing tables, and network gateways
Subnet
Public subnet: 10.0.1.0/24, Private: 10.0.2.0/24
Segment of VPC's IP address range β€” resources in public subnets have internet access while private subnets remain isolated
Load Balancer
Distributing traffic across 10 web servers
Distributes incoming traffic across multiple targets β€” improves availability and fault tolerance by routing around unhealthy instances
Content Delivery Network (CDN)
CloudFront caching static assets at 400+ edge locations
Globally distributed cache servers β€” serve content closer to end users, reducing latency and bandwidth costs for static and dynamic content
DNS Service
Route 53 resolving example.com to load balancer IP
Domain Name System management β€” translates domain names to IP addresses with routing policies for failover, geolocation, and latency-based routing
Virtual Private Network (VPN)
Encrypted tunnel between on-premises and cloud VPC
Secure encrypted connection over public internet β€” connects on-premises networks to cloud resources with IPsec encryption
Direct Connect / ExpressRoute
Dedicated 10 Gbps fiber connection to AWS
Private dedicated network connection β€” bypasses internet for more reliable, lower-latency, and higher-throughput access to cloud resources
NAT Gateway
Private instances accessing internet for software updates
Enables instances in private subnets to reach the internet β€” outbound-only connectivity that prevents unsolicited inbound connections
Transit Gateway
Connecting 50 VPCs and on-premises networks through a hub
Central hub that connects multiple VPCs and on-premises networks β€” simplifies network architecture by replacing complex peering relationships
Private Link / Private Endpoint
Accessing S3 from VPC without traversing public internet
Private connectivity to cloud services β€” keeps traffic within provider's network without exposure to the public internet

Table 9: Database Services

There's no universal database, so the cloud offers a managed engine for every data shape. Relational databases handle structured, transactional data with ACID guarantees; NoSQL trades that rigidity for flexible schemas and horizontal scale; and in-memory stores deliver microsecond latency for caching. The specialized rows β€” data warehouses, time-series, graph, and lakehouse β€” exist because analytics, sensor streams, relationship data, and mixed structured/unstructured workloads each query very differently.

TypeExampleDescription
Relational Databases (SQL)
Amazon RDS (MySQL, PostgreSQL), Azure SQL Database
SQL databases managed by provider β€” automated backups, patching, scaling, and high availability for ACID-compliant transactional workloads
NoSQL Databases
DynamoDB, Azure Cosmos DB, MongoDB Atlas
Non-relational databases for flexible schemas β€” supports key-value, document, column-family, and graph models with horizontal scaling
In-Memory Databases
Redis, Memcached on Amazon ElastiCache
RAM-based databases for microsecond latency β€” ideal for caching, session management, real-time analytics, and leaderboards
Data Warehouses
Amazon Redshift, Azure Synapse Analytics, Google BigQuery
Columnar storage optimized for analytics β€” handles petabyte-scale data with fast query performance for business intelligence and reporting
Time-Series Databases
Amazon Timestream, Azure Data Explorer
Specialized for timestamped data β€” efficiently stores and queries IoT sensor data, metrics, and events with time-based aggregations
Graph Databases
Amazon Neptune, Azure Cosmos DB (Gremlin API)
Optimized for relationships between data β€” uses nodes, edges, and properties for social networks, recommendation engines, and fraud detection
Data Lake / Lakehouse
AWS Lake Formation, Databricks Lakehouse, Azure Data Lake
Centralized repository storing structured and unstructured data at any scale β€” lakehouse architecture combines data lake flexibility with warehouse performance for both analytics and ML

Table 10: Pricing Models

How you pay for the same resource can swing the bill dramatically. On-demand is the flexible default with zero commitment, while reserved instances and savings plans trade a one-to-three-year commitment for discounts of up to 72%. Spot pricing offers the deepest cuts on spare capacity that can be reclaimed at any moment, and the free tier and data transfer rows are the two that catch newcomers out β€” one for what's free, the other for the egress charges that quietly add up.

ModelExampleDescription
Pay-As-You-Go (On-Demand)
0.10/hour for compute, 0.023/GB-month for storage
Pay only for resources actually consumed β€” no upfront costs or long-term commitments, billed by second, hour, or GB with usage-based pricing
Reserved Instances / Committed Use
1-year commitment for 40% discount, 3-year for 72%
Commit to usage for discounted rates β€” pay upfront or monthly for 1–3 year terms, saving up to 72% over on-demand pricing
Savings Plans
Commit to $10/hour for 72% discount vs on-demand
Flexible pricing model β€” commit to consistent usage measured in $/hour for 1–3 years, applies automatically across eligible compute services
Spot / Preemptible Pricing
Bidding for unused capacity at up to 90% discount
Purchase spare capacity at deep discounts β€” prices fluctuate based on supply and demand, instances can be interrupted with 2-minute notice
Free Tier
750 hours/month EC2 t2.micro, 5 GB S3 storage
Limited free usage for new accounts β€” typically 12 months of certain services plus always-free offerings to experiment and learn
Data Transfer Pricing
Free inbound, $0.09/GB outbound to internet
Charges for data movement β€” inbound typically free, outbound to internet charged per GB, inter-region transfer also incurs costs

Table 11: Security and Compliance

Security in the cloud starts with the shared responsibility model β€” understanding the line between what the provider secures and what stays on you is the single most important concept here. The remaining rows are the controls you own on your side of that line: IAM for who can access what, encryption at rest and in transit for protecting data, MFA and zero trust for verifying identity, and security groups, KMS, and WAF for guarding traffic, keys, and applications.

ConceptExampleDescription
Shared Responsibility Model
Provider secures infrastructure; customer secures data and config
Defines who is responsible for what β€” provider manages security of the cloud (physical, network, hypervisor), customer manages security in the cloud (data, IAM, encryption, app config)
Identity and Access Management (IAM)
Creating user with read-only S3 access policy
Controls who can access what β€” manages authentication and authorization with users, groups, roles, and fine-grained permissions using least-privilege principle
Encryption at Rest
S3 bucket with AES-256 server-side encryption
Data encrypted while stored on disk β€” uses provider-managed or customer-managed keys to protect data from unauthorized physical access
Encryption in Transit
TLS 1.3 for HTTPS connections to cloud services
Data encrypted during transmission β€” uses SSL/TLS protocols to protect data moving between clients and cloud services or between cloud services
Multi-Factor Authentication (MFA)
Requiring password + authenticator app token
Additional authentication factor beyond password β€” requires something you know (password) and something you have (device) for critical operations
Security Groups / Firewalls
Allow port 443 from 0.0.0.0/0
Allow port 22 from 10.0.0.0/8
Virtual firewalls controlling inbound and outbound traffic β€” stateful rules applied at instance level based on protocol, port, and source/destination
Zero Trust Security
Verifying every request regardless of network location
"Never trust, always verify" security model β€” requires strict identity verification for every user and device, even inside the network perimeter
Key Management Service (KMS)
Creating and rotating encryption keys automatically
Centralized encryption key management β€” create, rotate, and control cryptographic keys used to encrypt data with audit logging
Web Application Firewall (WAF)
Blocking SQL injection and XSS attacks
Application-layer protection β€” filters malicious traffic based on rules for common web exploits before reaching applications
Compliance Certifications
SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR
Third-party validated compliance β€” providers maintain certifications for industry standards and regulations, simplifying customer compliance

Table 12: Migration Strategies (The 7 Rs)

When moving existing workloads to the cloud, the "7 Rs" are the standard menu of approaches, ranging from minimal change to total reinvention. Rehosting is the fast lift-and-shift that changes nothing, replatforming makes small cloud optimizations along the way, and refactoring fully re-architects for cloud-native benefits. The rest cover the choices to repurchase a SaaS alternative, relocate at the hypervisor level, retire what's no longer needed, or simply retain it on-premises for now.

StrategyExampleDescription
Rehost (Lift and Shift)
Moving VM from VMware to AWS EC2 unchanged
Migrate without modifications β€” move applications as-is to cloud infrastructure, fastest approach but doesn't leverage cloud-native features
Replatform (Lift and Reshape)
Migrating database from self-managed MySQL to Amazon RDS
Minor optimizations during migration β€” make targeted cloud optimizations without changing core architecture, like switching to managed services
Refactor (Re-architect)
Redesigning monolith as microservices with containers
Redesign for cloud-native β€” completely rearchitect applications to leverage cloud features like auto-scaling, serverless, and managed services
Repurchase (Drop and Shop)
Replacing on-premises CRM with Salesforce SaaS
Switch to different product β€” typically moving from traditional software to SaaS, abandoning existing application for cloud-native alternative
Relocate (Hypervisor-Level Lift)
VMware Cloud on AWS moving entire vSphere environment
Move at infrastructure level β€” migrate existing VMs to cloud without purchasing new hardware, using hypervisor-level compatibility
Retire
Decommissioning unused legacy application
Eliminate unnecessary systems β€” identify and turn off applications no longer needed, reducing migration scope and costs
Retain
Keeping mainframe system on-premises for now
Keep in current environment β€” defer migration for applications not ready for cloud or requiring specialized on-premises infrastructure

Table 13: Management and Monitoring

Once workloads are live, these practices keep them healthy, affordable, and under control. Infrastructure as code makes deployments repeatable and auditable, monitoring and observability tell you what's actually happening, and auto scaling adjusts capacity to demand. Rounding it out are the disciplines that keep an estate sane at scale β€” backup and DR for continuity, FinOps for spend, tagging for organization, landing zones for governance, and SLAs for the uptime you're promised.

ConceptExampleDescription
Infrastructure as Code (IaC)
Terraform, AWS CloudFormation, Pulumi, OpenTofu
Define infrastructure in code β€” version-controlled templates that provision and manage resources consistently, enabling repeatable and auditable deployments
Monitoring and Observability
CloudWatch, Datadog, Grafana tracking CPU and latency
Collect and correlate metrics, logs, and traces β€” monitors resource utilization, application performance, and operational health with dashboards and alerting
Auto Scaling
Scale from 2 to 10 instances when CPU > 70%
Automatic capacity adjustment β€” adds or removes resources based on demand using policies (target tracking, step, scheduled), ensuring performance while controlling costs
Backup and Disaster Recovery
Automated daily snapshots with 30-day retention
Automated data protection β€” scheduled backups, point-in-time recovery, and cross-region replication for business continuity
Cost Management / FinOps
Budget alerts when spending exceeds $1,000/month
Track and optimize cloud spending β€” provides cost visibility, budgets, forecasting, rightsizing recommendations, and anomaly detection to reduce waste
Resource Tagging
Environment: Production, Team: Engineering
Metadata labels for resources β€” enables organization, cost allocation, access control, and automation based on tag key-value pairs
Landing Zone
AWS Control Tower setting up multi-account environment
Pre-configured multi-account environment with guardrails β€” establishes security baselines, network architecture, and governance policies for cloud adoption at scale
Service Level Agreements (SLAs)
EC2 SLA: 99.99% monthly uptime (~4.3 min downtime/month)
Contractual uptime guarantees from provider β€” defines availability targets (e.g., three nines = 99.9%, four nines = 99.99%) and credits for breaches

Table 14: Development and DevOps

These are the building blocks of modern cloud-native applications and the pipelines that ship them. CI/CD automates build-test-deploy, container orchestration manages fleets of containers, and API gateways expose and protect your services. Message queues and event streaming decouple components for resilience, while artifact registries, secrets management, and service mesh handle storing builds, guarding credentials, and securing service-to-service traffic.

ConceptExampleDescription
CI/CD Pipelines
GitHub Actions, GitLab CI, AWS CodePipeline, Azure DevOps
Automated build, test, and deployment β€” continuous integration and delivery workflows that validate and deploy code changes automatically
Container Orchestration
Kubernetes managing 100 containerized microservices
Automated container lifecycle management β€” handles scheduling, scaling, networking, load balancing, and self-healing for containerized applications
API Gateway
Exposing Lambda functions as REST/HTTP APIs
Managed API creation and management β€” create, publish, and secure APIs at scale with authentication, throttling, rate limiting, and monitoring
Message Queues
Amazon SQS, Azure Service Bus, Google Pub/Sub
Asynchronous message passing β€” decouples components using queues for reliable message delivery between distributed systems
Event Streaming
Amazon MSK (Kafka), Amazon Kinesis, Azure Event Hubs
Real-time data streaming β€” processes high-throughput event streams for analytics, log aggregation, and event-driven architectures
Artifact Registry
Amazon ECR, Azure Container Registry, Google Artifact Registry
Store and manage build artifacts β€” private registries for container images, packages, and dependencies with vulnerability scanning
Secrets Management
Storing database credentials with automatic rotation
Centralized secrets storage β€” securely stores and rotates credentials, API keys, and certificates with encryption and access control
Service Mesh
Istio, Linkerd, Consul Connect on Kubernetes
Dedicated infrastructure layer for service-to-service communication β€” provides traffic management, observability, and security (mTLS) for microservices

Table 15: Well-Architected Framework Pillars

These six pillars are the lens cloud providers use to evaluate whether a workload is built well, and they make a useful checklist for any architecture review. Each one names a tension worth balancing β€” operational excellence and reliability for running smoothly and recovering from failure, security for protecting it, performance efficiency and cost optimization for doing more with less, and sustainability for minimizing environmental impact.

PillarExampleDescription
Operational Excellence
Automated runbooks, IaC deployments, incident response plans
Run and monitor systems to deliver business value β€” focuses on automating operations, responding to events, and continuously improving processes
Security
Least-privilege IAM, encryption everywhere, audit logging
Protect information and systems β€” implement strong identity controls, enable traceability, apply security at all layers, and automate security best practices
Reliability
Multi-AZ deployments, auto-recovery, chaos engineering
Ensure workloads perform correctly and consistently β€” design for automatic recovery from failure, test disaster procedures, and scale horizontally
Performance Efficiency
Right-sizing instances, using serverless, caching layers
Use computing resources efficiently as demand changes β€” select the right resource types, monitor performance, and evolve with new technologies
Cost Optimization
Reserved instances, spot usage, rightsizing, idle shutdown
Deliver value at the lowest price point β€” understand spending, select the right pricing models, and eliminate waste through continuous optimization
Sustainability
Choosing efficient instance types, reducing idle resources
Minimize environmental impact of cloud workloads β€” select efficient hardware, right-size resources, and use managed services to share infrastructure
Back to Cloud Computing
Next Topic: Cloud Cost Optimization Strategies Cheat Sheet

More in Cloud Computing

  • Cloud Compute Cheat Sheet
  • Cloud Cost Optimization Strategies Cheat Sheet
  • AI Agent Mesh and Agentic Cloud Infrastructure Cheat Sheet
  • Cloud Auto-Scaling Cheat Sheet
  • Cloud Pricing Models and Commitments Cheat Sheet
  • Google Cloud Platform - GCP Core Cheat Sheet
View all 57 topics in Cloud Computing

References

Official Documentation

  1. AWS - What is Cloud Computing? https://aws.amazon.com/what-is-cloud-computing/
  2. Microsoft Azure - What is Cloud Computing? https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-cloud-computing/
  3. Google Cloud - What is Cloud Computing? https://cloud.google.com/learn/what-is-cloud-computing
  4. NIST Definition of Cloud Computing (SP 800-145) https://csrc.nist.gov/pubs/sp/800/145/final
  5. NIST SP 800-145 PDF https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-145.pdf
  6. AWS - What is IaaS? https://aws.amazon.com/what-is/iaas/
  7. Microsoft Azure - What is PaaS? https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-paas/
  8. AWS - What is SaaS? https://aws.amazon.com/what-is/saas/
  9. AWS - What is Serverless Computing? https://aws.amazon.com/what-is/serverless-computing/
  10. AWS - Amazon RDS https://aws.amazon.com/rds/
  11. AWS - Amazon ECS https://aws.amazon.com/ecs/
  12. Firebase Documentation https://firebase.google.com/docs
  13. IBM - What is DRaaS? https://www.ibm.com/think/topics/draas
  14. Cloudflare - What is NaaS? https://www.cloudflare.com/learning/network-layer/network-as-a-service-naas/
  15. AWS - Machine Learning https://aws.amazon.com/machine-learning/
  16. Microsoft Azure - What is a Public Cloud? https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-a-public-cloud/
  17. Microsoft Azure - What is a Private Cloud? https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-a-private-cloud/
  18. AWS - What is Hybrid Cloud? https://aws.amazon.com/what-is/hybrid-cloud/
  19. IBM - What is Multi-Cloud? https://www.ibm.com/think/topics/multicloud
  20. Google Cloud - Sovereign Controls https://cloud.google.com/sovereign-controls
  21. AWS - Types of Cloud Computing https://aws.amazon.com/types-of-cloud-computing/
  22. Microsoft Azure - What are IaaS, PaaS, and SaaS? https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-are-iaas-paas-and-saas
  23. IBM - IaaS, PaaS, SaaS https://www.ibm.com/think/topics/iaas-paas-saas
  24. AWS - Amazon EC2 https://aws.amazon.com/ec2/
  25. AWS - Containers https://aws.amazon.com/containers/
  26. AWS Lambda https://aws.amazon.com/lambda/
  27. AWS EC2 Instance Types https://aws.amazon.com/ec2/instance-types/
  28. AWS EC2 P5 Instances https://aws.amazon.com/ec2/instance-types/p5/
  29. AWS EC2 Spot Instances https://aws.amazon.com/ec2/spot/
  30. AWS - Amazon S3 https://aws.amazon.com/s3/
  31. AWS - Amazon EBS https://aws.amazon.com/ebs/
  32. AWS - Amazon EFS https://aws.amazon.com/efs/
  33. AWS S3 Storage Classes - Glacier https://aws.amazon.com/s3/storage-classes/glacier/
  34. AWS EC2 Instance Storage https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html
  35. AWS - Amazon VPC https://aws.amazon.com/vpc/
  36. AWS VPC - Configure Subnets https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html
  37. AWS - Elastic Load Balancing https://aws.amazon.com/elasticloadbalancing/
  38. AWS - Amazon CloudFront https://aws.amazon.com/cloudfront/
  39. AWS VPN https://aws.amazon.com/vpn/
  40. AWS Direct Connect https://aws.amazon.com/directconnect/
  41. AWS Route 53 https://aws.amazon.com/route53/
  42. AWS NAT Gateway https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
  43. AWS Transit Gateway https://aws.amazon.com/transit-gateway/
  44. AWS PrivateLink https://aws.amazon.com/privatelink/
  45. AWS - Amazon DynamoDB https://aws.amazon.com/dynamodb/
  46. AWS - Amazon ElastiCache https://aws.amazon.com/elasticache/
  47. AWS - Amazon Redshift https://aws.amazon.com/redshift/
  48. AWS - Amazon Timestream https://aws.amazon.com/timestream/
  49. AWS - Amazon Neptune https://aws.amazon.com/neptune/
  50. AWS Lake Formation https://aws.amazon.com/lake-formation/
  51. AWS Pricing https://aws.amazon.com/pricing/
  52. AWS EC2 Reserved Instances https://aws.amazon.com/ec2/pricing/reserved-instances/
  53. AWS Savings Plans https://aws.amazon.com/savingsplans/
  54. AWS Free Tier https://aws.amazon.com/free/
  55. AWS EC2 On-Demand Pricing https://aws.amazon.com/ec2/pricing/on-demand/
  56. AWS Shared Responsibility Model https://aws.amazon.com/compliance/shared-responsibility-model/
  57. AWS IAM https://aws.amazon.com/iam/
  58. AWS S3 Server-Side Encryption https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html
  59. AWS Security https://aws.amazon.com/security/
  60. AWS IAM - Multi-Factor Authentication https://aws.amazon.com/iam/features/mfa/
  61. AWS VPC Security Groups https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html
  62. NIST Zero Trust Architecture https://www.nist.gov/publications/zero-trust-architecture
  63. AWS Key Management Service https://aws.amazon.com/kms/
  64. AWS WAF https://aws.amazon.com/waf/
  65. AWS Compliance https://aws.amazon.com/compliance/
  66. AWS Prescriptive Guidance - Migration Strategies https://docs.aws.amazon.com/prescriptive-guidance/latest/large-migration-guide/migration-strategies.html
  67. Terraform Documentation https://www.terraform.io/docs
  68. AWS CloudFormation https://aws.amazon.com/cloudformation/
  69. AWS CloudWatch https://aws.amazon.com/cloudwatch/
  70. AWS Auto Scaling https://aws.amazon.com/autoscaling/
  71. AWS Backup https://aws.amazon.com/backup/
  72. FinOps Foundation https://www.finops.org/
  73. AWS Tagging Best Practices https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html
  74. AWS Control Tower https://docs.aws.amazon.com/controltower/latest/userguide/what-is-control-tower.html
  75. AWS Service Level Agreements https://aws.amazon.com/legal/service-level-agreements/
  76. AWS CodePipeline https://aws.amazon.com/codepipeline/
  77. Kubernetes Concepts https://kubernetes.io/docs/concepts/overview/
  78. AWS API Gateway https://aws.amazon.com/api-gateway/
  79. AWS SQS https://aws.amazon.com/sqs/
  80. Amazon MSK https://aws.amazon.com/msk/
  81. AWS ECR https://aws.amazon.com/ecr/
  82. AWS Secrets Manager https://aws.amazon.com/secrets-manager/
  83. Istio Service Mesh https://istio.io/latest/docs/overview/what-is-istio/
  84. AWS Well-Architected Framework https://aws.amazon.com/architecture/well-architected/
  85. AWS Well-Architected - Operational Excellence https://docs.aws.amazon.com/wellarchitected/latest/operational-excellence-pillar/welcome.html
  86. AWS Well-Architected - Security Pillar https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/welcome.html
  87. AWS Well-Architected - Reliability Pillar https://docs.aws.amazon.com/wellarchitected/latest/reliability-pillar/welcome.html
  88. AWS Well-Architected - Performance Efficiency https://docs.aws.amazon.com/wellarchitected/latest/performance-efficiency-pillar/welcome.html
  89. AWS Well-Architected - Cost Optimization https://docs.aws.amazon.com/wellarchitected/latest/cost-optimization-pillar/welcome.html
  90. AWS Well-Architected - Sustainability https://docs.aws.amazon.com/wellarchitected/latest/sustainability-pillar/sustainability-pillar.html
  91. AWS Well-Architected Whitepaper https://docs.aws.amazon.com/wellarchitected/latest/framework/welcome.html
  92. AWS Global Infrastructure - Regions and AZs https://aws.amazon.com/about-aws/global-infrastructure/regions_az/
  93. AWS EC2 Availability Zones https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
  94. AWS CloudFront Features https://aws.amazon.com/cloudfront/features/
  95. AWS Local Zones https://aws.amazon.com/about-aws/global-infrastructure/localzones/
  96. Splunk - Data Sovereignty vs Data Residency https://www.splunk.com/en_us/blog/learn/data-sovereignty-vs-data-residency.html
  97. Amazon Sustainability https://sustainability.aboutamazon.com/products-services/the-cloud
  98. Microsoft Azure Cloud Adoption Framework https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/considerations/fundamental-concepts
  99. Microsoft Azure - What is Cloud Scalability? https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-cloud-scalability/
  100. AWS Organizations https://aws.amazon.com/organizations/

Technical Blogs & Tutorials

  1. AWS Architecture Blog https://aws.amazon.com/blogs/architecture/
  2. Azure Architecture Center https://learn.microsoft.com/en-us/azure/architecture/
  3. Google Cloud Blog https://cloud.google.com/blog/
  4. AWS News Blog https://aws.amazon.com/blogs/aws/
  5. AWS Compute Blog https://aws.amazon.com/blogs/compute/
  6. Azure Updates https://azure.microsoft.com/en-us/updates/
  7. Google Cloud Release Notes https://cloud.google.com/release-notes
  8. IBM - What is XaaS? https://www.ibm.com/think/topics/xaas
  9. Splunk - Availability Zones Guide https://www.splunk.com/en_us/blog/learn/availability-zones.html
  10. Synopsys - Essential Cloud Computing Characteristics https://www.synopsys.com/blogs/chip-design/essential-cloud-computing-characteristics.html
  11. AWS re:Invent Conference https://reinvent.awsevents.com/
  12. Microsoft Ignite https://ignite.microsoft.com/
  13. Google Cloud Next https://cloud.withgoogle.com/next
  14. AWS Training and Certification https://aws.amazon.com/training/
  15. Microsoft Learn for Azure https://learn.microsoft.com/en-us/training/azure/
  16. Google Cloud Skills Boost https://www.cloudskillsboost.google/
  17. AWS Best Practices for Event-Driven Architectures https://aws.amazon.com/blogs/architecture/best-practices-for-implementing-event-driven-architectures-in-your-organization/
  18. OpenTelemetry Observability Primer https://opentelemetry.io/docs/concepts/observability-primer/
  19. Wiz - Cloud Security Best Practices https://www.wiz.io/academy/cloud-security/cloud-security-best-practices
  20. Wiz - Shared Responsibility Model https://www.wiz.io/academy/cloud-security/shared-responsibility-model
  21. IBM - 7 Rs of Cloud Migration https://www.ibm.com/think/insights/7-rs-cloud-migration
  22. AWS Cost Management https://aws.amazon.com/aws-cost-management/
  23. The Twelve-Factor App Methodology https://12factor.net/
  24. Cloudflare - Vendor Lock-In https://www.cloudflare.com/learning/cloud/what-is-vendor-lock-in/
  25. VMware - DRaaS https://www.vmware.com/topics/disaster-recovery-service-draas

GitHub Repositories & Code Examples

  1. AWS Samples GitHub https://github.com/aws-samples
  2. Azure Samples GitHub https://github.com/Azure-Samples
  3. Google Cloud Platform GitHub https://github.com/GoogleCloudPlatform
  4. Terraform AWS Modules https://github.com/terraform-aws-modules
  5. AWS CDK Examples https://github.com/aws-samples/aws-cdk-examples
  6. Azure Quickstart Templates https://github.com/Azure/azure-quickstart-templates
  7. Kubernetes Examples https://github.com/kubernetes/examples
  8. AWS SDK for Python (Boto3) https://github.com/boto/boto3
  9. Azure SDK for Python https://github.com/Azure/azure-sdk-for-python
  10. Google Cloud Python Client https://github.com/googleapis/google-cloud-python
  11. Pulumi Examples https://github.com/pulumi/examples
  12. OpenTofu https://github.com/opentofu/opentofu

Industry Best Practice Guides & Books

  1. "Cloud Native Patterns" by Cornelia Davis
  2. "Designing Data-Intensive Applications" by Martin Kleppmann
  3. "The Phoenix Project" by Gene Kim, Kevin Behr, George Spafford
  4. "Site Reliability Engineering" by Google
  5. "Cloud Computing: Concepts, Technology & Architecture" by Thomas Erl
  6. Azure Architecture Best Practices https://learn.microsoft.com/en-us/azure/architecture/best-practices/
  7. Google Cloud Best Practices https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations
  8. CNCF Cloud Native Glossary https://glossary.cncf.io/
  9. AWS Security Best Practices https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
  10. Microsoft Cloud Adoption Framework https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/
  11. Google Cloud Adoption Framework https://cloud.google.com/adoption-framework
  12. AWS Cost Optimization Best Practices https://aws.amazon.com/aws-cost-management/aws-cost-optimization/
  13. Cloud Security Alliance https://cloudsecurityalliance.org/
  14. Cloud Native Computing Foundation https://www.cncf.io/
  15. AWS Shared Responsibility Model https://aws.amazon.com/compliance/shared-responsibility-model/
  16. Microsoft Trust Center https://www.microsoft.com/en-us/trust-center
  17. Google Cloud Trust Center https://cloud.google.com/security
  18. Azure Well-Architected Framework https://learn.microsoft.com/en-us/azure/well-architected/
  19. Google Cloud Architecture Framework https://cloud.google.com/architecture/framework

Video Resources

  1. AWS Online Tech Talks https://www.youtube.com/c/AWSOnlineTechTalks
  2. Microsoft Azure YouTube Channel https://www.youtube.com/c/MicrosoftAzure
  3. Google Cloud Tech YouTube https://www.youtube.com/c/GoogleCloudTech
  4. AWS re:Invent Videos https://www.youtube.com/user/AmazonWebServices
  5. Cloud Native Computing Foundation YouTube https://www.youtube.com/c/CloudNativeComputingFoundation
  6. freeCodeCamp - AWS Certified Cloud Practitioner https://www.youtube.com/watch?v=SOTamWNgDKc
  7. The Ultimate Beginner's Guide to Cloud Computing in 2026 https://www.youtube.com/watch?v=AOUSI1b7DAw

Other

  1. Coursera - Cloud Computing Specializations https://www.coursera.org/specializations/cloud-computing
  2. edX - Cloud Computing Courses https://www.edx.org/learn/cloud-computing
  3. A Cloud Guru https://acloudguru.com/
  4. Cloud Academy https://cloudacademy.com/
  5. Pluralsight Cloud Courses https://www.pluralsight.com/cloud
  6. Docker Documentation https://docs.docker.com/
  7. Google Kubernetes Engine https://cloud.google.com/kubernetes-engine/docs
  8. Azure Container Instances https://azure.microsoft.com/en-us/products/container-instances/
  9. Terraform Documentation https://www.terraform.io/docs
  10. Azure Resource Manager Templates https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/
  11. VMware Cloud https://www.vmware.com/products/cloud-infrastructure.html
  12. OpenStack Documentation https://docs.openstack.org/
  13. Azure Stack https://azure.microsoft.com/en-us/products/azure-stack/
  14. AWS Outposts https://aws.amazon.com/outposts/
  15. Azure Arc https://azure.microsoft.com/en-us/products/azure-arc/
  16. Google Anthos https://cloud.google.com/anthos/docs
  17. AWS GovCloud https://aws.amazon.com/govcloud-us/
  18. Azure Government https://azure.microsoft.com/en-us/explore/global-infrastructure/government/
  19. Amazon ECS https://aws.amazon.com/ecs/
  20. AWS Amplify https://aws.amazon.com/amplify/
  21. Google Firebase https://firebase.google.com/docs
  22. Microsoft Azure SQL Database https://azure.microsoft.com/en-us/products/azure-sql/database/
  23. Google BigQuery https://cloud.google.com/bigquery/docs
  24. Microsoft Azure Synapse Analytics https://azure.microsoft.com/en-us/products/synapse-analytics/
  25. Google Cloud SDK https://cloud.google.com/sdk/docs
  26. AWS Global Infrastructure https://aws.amazon.com/about-aws/global-infrastructure/
  27. AWS - Compare Block, File, Object Storage https://aws.amazon.com/compare/the-difference-between-block-file-object-storage/
  28. Google Cloud - Object vs Block vs File Storage https://cloud.google.com/discover/object-vs-block-vs-file-storage
  29. IBM - Object vs File vs Block Storage https://www.ibm.com/think/topics/object-vs-file-vs-block-storage
  30. AWS Networking Services Whitepaper https://docs.aws.amazon.com/whitepapers/latest/aws-overview/networking-services.html
  31. AWS Disaster Recovery Shared Responsibility https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/shared-responsibility.html
  32. CNCF State of Cloud Native Development Q1 2026 https://www.cncf.io/reports/state-of-cloud-native-development-q1-2026/
  33. NIST Cloud Computing Reference Architecture (SP 500-292) https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication500-292.pdf
  34. Azure - What are Private, Public, Hybrid Clouds? https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-are-private-public-hybrid-clouds
  35. Google Compute Engine - Bare Metal Instances https://docs.cloud.google.com/compute/docs/instances/bare-metal-instances
  36. Pulumi Documentation https://www.pulumi.com/docs/
  37. AWS Elastic Disaster Recovery https://aws.amazon.com/disaster-recovery/