SkarpChapter 3 of 20
Cloud Deployment Models: Public, Private, and Hybrid Cloud in Practice
Walk through real-world scenarios to see when organizations choose public, private, or hybrid cloud and what each model means for control, cost, and compliance.
Orienting to Cloud Deployment Models (AZ-900 Lens)
Deployment vs Service Models
Deployment models describe where your cloud runs and who controls the infrastructure. Service models (IaaS, PaaS, SaaS) describe what level of abstraction you consume.
AZ-900 Focus
AZ-900 loves scenario questions: you read a short story about a company and must pick the best deployment model based on cost, control, and compliance needs.
What You Will Learn
You will memorize canonical definitions, walk through real-world scenarios, and practice spotting trade-offs between public, private, and hybrid cloud.
Modern Reality
Most organizations now use a mix of models. Hybrid and multi-cloud are common, but the exam centers on the three core deployment models and their characteristics.
Public Cloud: Definition, Characteristics, and Azure Examples
Public Cloud: Canonical Definition
A public cloud is a cloud deployment model in which a cloud provider owns and operates the infrastructure and delivers computing resources over the public internet to multiple tenants.
Provider-Owned, Multi-Tenant
The provider builds and runs the data centers. Many customers share the same physical hardware, separated logically, which enables low cost and high scale.
Azure Public Cloud Examples
Azure Virtual Machines, Azure Blob Storage, and Azure SQL Database are classic public cloud services you access via the internet under an Azure subscription.
Why Organizations Choose Public Cloud
They avoid buying hardware, scale quickly, and tap into advanced services. On the exam, clues like “no upfront hardware” and “global scale” usually indicate public cloud.
Private Cloud: Definition, Control, and When It Makes Sense
Private Cloud: Canonical Definition
A private cloud is a cloud deployment model in which cloud resources are used exclusively by a single organization, either hosted on-premises or by a third-party provider.
Exclusive Use, More Control
Only one organization uses the environment. You get more control over hardware, networking, and security, which can help with strict compliance or legacy needs.
Cloud Principles Still Apply
A private cloud is not just a traditional data center. It still aims for self-service, elasticity, and resource pooling, often using platforms like Azure Stack.
Exam Clues for Private Cloud
Watch for “single organization only”, “on-premises cloud-like environment”, or “cannot use shared infrastructure” as strong hints toward private cloud.
Hybrid Cloud: Definition and Why It Dominates in 2026
Hybrid Cloud: Canonical Definition
A hybrid cloud is a computing environment that combines public and private clouds, allowing data and applications to be shared between them.
Connected Environments
Hybrid means your on-premises or private cloud and public cloud (like Azure) are connected so workloads and data can move or integrate across them.
Why Hybrid is Common
Organizations keep some workloads on-premises for compliance or latency and use Azure public cloud for elasticity and innovation, creating a hybrid setup.
Exam Clues for Hybrid
Look for “keep some systems on-premises”, “gradual migration”, or “burst to the cloud during peaks” as clear signals of a hybrid cloud deployment.
Scenario Walkthrough: Startup vs Bank vs Hospital
Startup: FastLaunch
A 15-person startup with no data center and global ambitions picks Azure public cloud to avoid hardware costs and launch quickly using App Service and managed databases.
Bank: SecureBank
A regulated bank keeps core systems on-premises but uses Azure for mobile apps and analytics, connecting both. This is a classic hybrid cloud pattern.
Hospital: CareHealth
A hospital with strict patient-data rules runs a private cloud in its own data center, possibly using Azure only for non-sensitive workloads like a public website.
Mapping Scenarios to Models
FastLaunch → public cloud; SecureBank → hybrid cloud; CareHealth → private cloud (with limited hybrid). These patterns appear frequently in exam scenarios.
Trade-offs: Cost, Control, Security, and Compliance
Cost Trade-offs
Public cloud is mostly OpEx and pay-as-you-go. Private cloud demands CapEx for hardware. Hybrid combines both, keeping some on-prem while using cloud elasticity.
Control vs Flexibility
Private cloud offers maximum control over hardware and security. Public cloud offers less low-level control but high flexibility and rapid innovation. Hybrid mixes both.
Shared Responsibility Model
The shared responsibility model is a framework that defines how security and compliance responsibilities are divided between the cloud provider and the customer.
Compliance and Exam Hints
Strict isolation or data residency → private or hybrid. Lowest cost and speed → public. Mix of on-prem and cloud workloads with connectivity → hybrid.
Thought Exercise: Classify These Situations
Scenario 1: QuickShop
Existing on-prem ERP plus a new scalable online store. Ask yourself: does this sound like a single model, or a mix of on-prem and cloud working together?
Scenario 2: CityServices
Citizen data must stay in government-controlled facilities, but they still want cloud-like features. What model keeps control yet offers cloud characteristics?
Scenario 3: LearnNow
Digital-only, global students, traffic spikes, no interest in owning hardware. Which model offers the most agility with minimal infrastructure management?
Check Your Answers
Typical mappings: QuickShop → hybrid, CityServices → private cloud, LearnNow → public cloud. Focus on constraints: legacy, law, and appetite for owning hardware.
Quick Check: Canonical Definitions
Test your recall of the exact wording for the deployment model definitions.
Which statement correctly defines a public cloud?
- A public cloud is a cloud deployment model in which a cloud provider owns and operates the infrastructure and delivers computing resources over the public internet to multiple tenants.
- A public cloud is a computing environment that combines public and private clouds, allowing data and applications to be shared between them.
- A public cloud is a cloud deployment model in which cloud resources are used exclusively by a single organization, either hosted on-premises or by a third-party provider.
- A public cloud is any cloud service that runs virtual machines in a shared data center.
Show Answer
Answer: A) A public cloud is a cloud deployment model in which a cloud provider owns and operates the infrastructure and delivers computing resources over the public internet to multiple tenants.
For AZ-900 you must know the canonical definition: A public cloud is a cloud deployment model in which a cloud provider owns and operates the infrastructure and delivers computing resources over the public internet to multiple tenants. The other options describe hybrid and private clouds or are imprecise.
Scenario Quiz: Pick the Deployment Model
Apply what you have learned to a short scenario.
A company wants to keep its existing on-premises HR system but use Azure to run a new employee self-service portal that connects back to the HR database. Which deployment model best describes this setup?
- Public cloud
- Private cloud
- Hybrid cloud
- Traditional on-premises data center
Show Answer
Answer: C) Hybrid cloud
This is a classic hybrid cloud scenario: some workloads remain on-premises (HR system) while new workloads run in Azure public cloud, and they are integrated. Public cloud alone would not include the on-premises system; private cloud would not typically use Azure public services.
Key Term Flashcards: Public, Private, Hybrid, Shared Responsibility
Use these flashcards to lock in the exact wording of critical terms.
- Public cloud (canonical definition)
- A public cloud is a cloud deployment model in which a cloud provider owns and operates the infrastructure and delivers computing resources over the public internet to multiple tenants.
- Private cloud (canonical definition)
- A private cloud is a cloud deployment model in which cloud resources are used exclusively by a single organization, either hosted on-premises or by a third-party provider.
- Hybrid cloud (canonical definition)
- A hybrid cloud is a computing environment that combines public and private clouds, allowing data and applications to be shared between them.
- Cloud computing (canonical definition)
- Cloud computing is the delivery of computing services over the internet, enabling faster innovation, flexible resources, and economies of scale.
- Shared responsibility model (canonical definition)
- The shared responsibility model is a framework that defines how security and compliance responsibilities are divided between the cloud provider and the customer.
Linking Deployment Models to Azure Services and Exam Strategy
Public Cloud and Azure
Most services you run in Azure regions are public cloud. You typically sign in with Microsoft Entra ID to manage these resources via the Azure portal.
Azure and Hybrid/Private
Azure Stack, VPN Gateway, ExpressRoute, and Azure Arc help you build private and hybrid clouds that integrate on-premises resources with Azure services.
Azure Policy
Azure Policy is a service in Azure that you use to create, assign, and manage policies so your resources stay compliant with corporate standards and SLAs.
Exam Tactics
Separate deployment vs service models, scan for keywords that signal public, private, or hybrid, and lean on the canonical definitions you memorized.
Key Terms
- Azure Policy
- Azure Policy is a service in Azure that you use to create, assign, and manage policies that enforce rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.
- hybrid cloud
- A hybrid cloud is a computing environment that combines public and private clouds, allowing data and applications to be shared between them.
- public cloud
- A public cloud is a cloud deployment model in which a cloud provider owns and operates the infrastructure and delivers computing resources over the public internet to multiple tenants.
- private cloud
- A private cloud is a cloud deployment model in which cloud resources are used exclusively by a single organization, either hosted on-premises or by a third-party provider.
- cloud computing
- Cloud computing is the delivery of computing services over the internet, enabling faster innovation, flexible resources, and economies of scale.
- Microsoft Entra ID
- Microsoft Entra ID is Microsoft’s cloud-based identity and access management service that helps employees sign in and access resources such as Microsoft 365, the Azure portal, and thousands of other SaaS applications.
- shared responsibility model
- The shared responsibility model is a framework that defines how security and compliance responsibilities are divided between the cloud provider and the customer.
- Platform as a Service (PaaS)
- Platform as a Service (PaaS) is a cloud service model that provides a complete development and deployment environment in the cloud, including infrastructure, middleware, and development tools.
- Software as a Service (SaaS)
- Software as a Service (SaaS) is a cloud service model that delivers software applications over the internet on a subscription basis.
- Infrastructure as a Service (IaaS)
- Infrastructure as a Service (IaaS) is a cloud service model that provides virtualized computing resources such as servers, storage, and networking on demand.