When discussing the cloud you’ll often hear the term shared responsibility. What this refers to is for each service there’s a shared responsibility between the cloud provider and the cloud consumer. The cloud provider is responsible for some layers of the service while the consumer is responsible for other layers of the service. Who is responsible for what depends on the service category offered. The main service categories are Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (Paas), and Software-as-a-Service (SaaS). In an on-premise environment, the customer is responsible for every layer.
- Data
- Application
- Runtime
- OS
- Hypervisor
- Compute
- Network
- Storage
In the IaaS category, the cloud provider will take responsibility for all layers from storage up to and including the hypervisor layer. The customer is responsible for the OS all the way up to the data used in that service. This means that customer has to take care of patching and upgrades of the OS, and the applications. An example of an IaaS service is Azure Virtual Machine. The main benefit of IaaS is that it’s very customizable for the customer. This is the most flexible option of all service categories.
With PaaS, more responsibility is moved towards the cloud provider. The cloud provider now takes care of the OS and maintains any runtimes of the service. Examples of Azure services that belong to the PaaS service category are Azure Kubernetes Service (AKS), Azure CDN, and Azure App Service. Since more layers are taken care of by Azure it’s less flexible for the customer compared to an IaaS offering. We also have serverless offerings in this layer such as Azure Functions and Azure Logic Apps.
Finally, we have the SaaS category where the cloud provider takes care of everything except the consumer data. The most common example is Office 365.
So which service category should you pick? It all depends on what you want to accomplish. In a lift-and-shift case, where you move your on-premise infrastructure to the cloud the most likely service category will be IaaS. If you run for example a container platform on-prem and you would like to move it to the cloud a PaaS solution could be viable, such as AKS. If you want to run some code in response to an event you’ll probably want to go to some serverless PaaS instead of having to take care of a full-blown virtual machine for such a simple case.