in this lesson we're going to explore the differences between the different categories of cloud service if we go and look at these skills objectives what we're going to focus on in this particular lesson is describing that shared responsibility model but then also looking at describing infrastructure as a service platform as a service serverless computing and software as a service so we're going to hit five of those assessed skills in this particular video now if you think about shared responsibility the idea here is that as the customer there are certain things i am responsible for and then as the provider there are things microsoft and azure are responsible for now who is responsible for what actually varies depending on what service are we using but it's definitely the idea that hey there are different layers in any particular service and maybe sometimes i'm responsible sometimes microsoft are responsible sometimes there's a mixture of both of us now the easiest way to think about this is think about layers and i can think about hey there's a storage layer i need to store stateful information a networking layer connectivity compute either servers there's a hypervisor so in azure this is built on hyper-v and then a building block is a virtual machine that that hypervisor exposes so inside of that virtual machine some kind of thing there's a vm here there's an operating system that could be windows that could be linux i might have a runtime like java enterprise edition or net and then there's the application and the data and as an organization where is that differentiation between my company another company where's the innovation that's going to set me apart well it's here it's the application of my data that we really care about the most most of this other stuff is just things that have to be there for me to be able to operate but that's not really how i excel as a company these things may be pain points so i want to be as efficient as possible to maybe reduce my operational costs but what sets me apart from anyone else what helps me be agile is my applications is the data that i have now i can think about from a responsibility perspective if i think premises well who is responsible for this it's me it's the customer the customer is responsible for everything now they may have different teams i might have a storage team i might have a hypervisor team i have maybe a team that manages the operating system out of a database team but i am responsible for everything identities in there as well everything is my responsibility when i start to look at cloud models the first cloud we seem to see and this type of service we're going to consume is infrastructure as a service iaas this can largely be thought of as a vm in the cloud now in this model if i think about the physical fabric the storage the network the compute and the hypervisor that sits on top of that all of that is the responsibility of the cloud provider so i can draw this line for i as here so the responsibility of all of those things in this case i can say is azure's responsibility i am not worried about a physical server i'm not worried about a certain disk i'm not worried about networks which i'm not worried about managing or patching a hypervisor none of that is my problem so that's all azure's responsibility but because it's a vm in the cloud everything picking the operating system windows linux what version what distribution any runtimes i install my app my data well that's all me so that's the customer's responsibility now that doesn't mean you're on your own there are many things like extensions and other services in azure to help you when i think about operating systems there's responsibilities i have to perform i have to think about well patching i have to think about antivirus i have to think about backup i have to think about configuration there are extensions and services to help me with all of that so even though it's my responsibility it doesn't mean i'm on my own in terms of tooling so there are things in azure that can help me do all of that so yes it's my responsibility but hey azure's going to try and help you out on a lot of those things that can apply to other things up the stack as well but that's the key point that's infrastructure as a service now because of the responsibility of everything inside the os and above is mine i have fantastic flexibility i can pretty much do whatever i want inside that operating system i have a huge range of operating systems i can pick i can configure it any way i want i have direct access into that os so in terms of flexibility i have full access it's the most flexible option but with that flexibility comes the most responsibility i am focusing on all of those different layers and things like firewalling there's all of those aspects i have to think about so as we move up the stack the next one actually we do this a slightly different color is pads platform as a service now there are different kind of shades of pads and this will make a little bit more sense later on now there are likely still virtual machines running but i don't see them i'm not worrying about them with pairs the line of responsibility shifts all the way up to here so with pez azure my cloud provider is now responsible for all of that me as the customer i only care about my app and my data i don't worry about anything else now there are still operating systems there there are still run times there might be middleware systems there i am laser focused on my app on my data what delivers the value to my company now there's a lot of different options in azure there's different types of pas services and that's why i talked about kind of these kind of shades that we get in here because there's things like hey i can run azure kubernetes services to run containers all the way up to app services where i run some web-based focus component now my options are more limited so if pairs because my interaction is i'm deploying my application but i do not have full access to for example the operating system there's going to be specific operating systems that are supported there are going to be specific run times that are supported there's going to be a specific level of access i get to that operating system am i going to get root access to that os no because now microsoft and azure are responsible for that so they can't have me just going in and tinkering about however i want that makes it very hard for them to manage so i have less flexibility but i have a lot less responsibility and hopefully i don't need that flexibility because there's a huge range of services within those services there's a lot of different options so i pick the one that matches the requirements of my application for example in azure app service i can pick windows or linux i can pick hey do i want net do i want different types of java there's a whole bunch of different runtimes i can select so although sure i am losing some flexibility there are a lot of configuration and choices so i can pick the one that is closest to what i actually need so if i think about from a type of service perspective absolutely i as we kind of start as a virtual machine there are even things like virtual machine scale sets where it creates and deletes the vms based on scaling options then i can think about there's containers so i can have individual containers with azure container instances i can have full kubernetes which is an orchestrator for richer container environments but azure is managing that kubernetes management fabric then everything's about app services anything that's http https web-based this could be hey it's an endpoint it could be a website it could be a mobile api that i want to access app services are very rich for that so i pick what do i need based on what i want to do now another type of pass service and it still pass but you'll hear the idea of serverless so what does that mean for all of these types of servers i've mentioned there is a vm building block underneath what i'm paying for is a certain type of virtual machine a certain number of virtual machines that i need for that service to run with a serverless offering there is no underlying unit of infrastructure i see or pay for i pay for the work that is done to achieve the goal of that particular function of that particular flow that it needs to do these are typically event driven so event driven means something happens that triggers this to run i'm writing a file to a storage account like a blob i'm writing a message to a queue i'm calling a restful endpoint there's something happening could even be a scheduled event something is happening that is going to trigger so an event happens that's going to trigger these serverless things to run and then i pay for the work that is done the cpu cycles that are used and maybe the amount of memory that is consumed and this is really the gold standard if i can get to here we love the serverless there are different types of offerings here there are things like functions which is actually part of app service there are things like logic apps logic apps are very good it's a graphical flow that i can drag and drop components hey someone post a twitter message we'll go and call this maybe cognitive service to get a sentiment is it positive or negative and then go and write out a message or send something else so these are the serverless offerings that i'm not paying even for some unit or virtual machine that these other pad offerings are still built on and what i pay for here i just pay for the work that's actually done and then at the far end of kind of this this scale i'm going to use gold for this one is sas software as a service now this is where the entire business function is delivered with all of these other offerings hey it's delivering maybe a vm hey it's delivering a run time and a unit i can work on with a sas solution it delivers the actual business value because for ios and pass it's given me something but i have to still write my application to deliver the business value with sas it's delivering that so this is not really an azure function but this could be something like microsoft 365. dynamics 365 maybe using salesforce those are sas solutions it's delivering a business value and you'll notice there on that line what are you responsible for nothing you're not up if this was microsoft 365 are you upgrading exchange no that messaging service is just delivered and it's maintained by the microsoft 365 team so software as a service is delivering the business function that we actually care about it's delivering the app i'm not worrying about the availability of messaging servers i'm not worrying about hey is my data backed up and replicated that's part of the service now as i think about this there might be basic admin i do like enabling users but it's just delivered for me and so as i'm looking at what do i want to use what matters to your company the business function if i can use a sas service that exists out there and does the job fantastic i'm responsible for nothing i'm just getting the business value okay it doesn't exist i need to create it if i'm writing something in my architecture i want to use serverless as much as possible maybe i'll use app services different types depending on the use case but i'm minimizing my responsibility to again just be my app and my data the things that deliver real value maybe it's saying legacy i'm moving something from an on-premises well then hey i can use a virtual machine because that makes sense for this unit of work and maybe i just need to run it on premises i still have those choices but as much as possible i want to get as far to the right as possible if i can use sas i want to use sas if i can't hey i want to use paths and then maybe i use i as maybe i still run it on premises so those are the key different types of cloud service we have