1.2 Cloud Deployment Models
Key Takeaways
- The three cloud deployment models are Public Cloud (fully on AWS), Hybrid (mix of on-premises and cloud), and Private Cloud (on-premises with cloud-like features).
- Public cloud is the most common model and offers the greatest agility, scalability, and cost efficiency.
- Hybrid cloud is ideal for organizations with regulatory requirements that mandate keeping certain data on-premises.
- AWS Outposts brings AWS infrastructure and services to on-premises data centers for hybrid deployments.
- The cloud-native (cloud-first) approach builds applications specifically for the cloud to maximize its benefits.
Cloud Deployment Models
Understanding the different ways to deploy cloud infrastructure is a key concept tested on the CLF-C02 exam. There are three primary deployment models.
Public Cloud
In a public cloud deployment, all resources run on the cloud provider's infrastructure (e.g., AWS). This is the most common model for startups, web applications, and organizations that want maximum agility.
Characteristics:
- All infrastructure is in the cloud provider's data centers
- Resources are shared across multiple tenants (isolated logically, not physically)
- Accessed over the public internet or Direct Connect
- Pay-as-you-go pricing with no upfront hardware investment
- Maximum scalability and global reach
Best for: Startups, web/mobile apps, SaaS products, development/test environments, any workload without strict data residency requirements.
AWS Example: A company runs its entire e-commerce platform on EC2, RDS, S3, and CloudFront — all hosted entirely on AWS.
Hybrid Cloud
A hybrid cloud deployment connects on-premises infrastructure (or a private cloud) with public cloud resources. Workloads can move between private and public environments as needs change.
Characteristics:
- Some resources on-premises, some in the cloud
- Connected via VPN, AWS Direct Connect, or AWS Outposts
- Organizations keep sensitive data on-premises while leveraging cloud for scalability
- More complex to manage than pure public cloud
Best for: Organizations with regulatory or compliance requirements, legacy systems that cannot be migrated, workloads that need to burst to the cloud during peak demand.
AWS Services for Hybrid:
| Service | Purpose |
|---|---|
| AWS Outposts | AWS infrastructure and services deployed in your own data center |
| AWS Direct Connect | Dedicated private network connection from on-premises to AWS |
| AWS VPN | Encrypted connection over the internet between on-premises and AWS |
| AWS Storage Gateway | Hybrid cloud storage connecting on-premises to AWS storage |
| AWS Snow Family | Physical devices for data migration and edge computing |
Private Cloud (On-Premises)
A private cloud uses cloud-like technologies but runs entirely in the organization's own data center. It is NOT hosted by a third-party provider.
Characteristics:
- Infrastructure owned and managed by the organization
- Resources not shared with other organizations
- Full control over hardware, software, and security
- Higher upfront cost and operational burden
- Limited scalability compared to public cloud
Best for: Organizations with strict security or compliance requirements that prohibit any data leaving their premises, government agencies, and organizations with significant existing infrastructure investments.
On the Exam: The exam may describe a scenario and ask you to identify the deployment model. Key signals: "entirely on AWS" = public cloud, "some on-premises + some on AWS" = hybrid, "own data center with cloud-like features" = private cloud.
Cloud Service Models: IaaS, PaaS, SaaS
Beyond deployment models, you need to understand the three cloud service models:
| Model | What You Manage | What AWS Manages | Example |
|---|---|---|---|
| IaaS (Infrastructure as a Service) | OS, applications, data, middleware, runtime | Hardware, networking, storage, virtualization | Amazon EC2 |
| PaaS (Platform as a Service) | Applications, data | Everything else (OS, runtime, middleware, hardware) | AWS Elastic Beanstalk |
| SaaS (Software as a Service) | Just your data and configuration | Everything including the application | Amazon WorkSpaces, Salesforce |
IaaS — Infrastructure as a Service
IaaS provides the building blocks for cloud IT. It gives you the highest level of flexibility and control over your IT resources, and is most similar to traditional on-premises IT. You manage the operating system, applications, and data.
AWS IaaS Examples: Amazon EC2, Amazon EBS, Amazon VPC
PaaS — Platform as a Service
PaaS removes the need for you to manage the underlying infrastructure (hardware and operating systems). You focus on deploying and managing your applications rather than provisioning and configuring servers.
AWS PaaS Examples: AWS Elastic Beanstalk, AWS App Runner, Amazon Lightsail
SaaS — Software as a Service
SaaS provides a completed product that the service provider runs and manages. You only need to think about how you will use the software. Most SaaS applications are accessed through a web browser.
AWS SaaS Examples: Amazon WorkSpaces (virtual desktops), Amazon Chime (communications), AWS Marketplace SaaS offerings
A company runs some workloads on its own servers in its own data center and uses AWS for other workloads. What deployment model is this?
Which AWS service brings AWS infrastructure and services to a customer's on-premises data center?
In the PaaS (Platform as a Service) model, which of the following is the customer responsible for?