SkarpSkarp

Chapter 4 of 20

Cloud Service Models: IaaS, PaaS, and SaaS in Practice

Move beyond buzzwords as you break down IaaS, PaaS, and SaaS using concrete Azure and Microsoft 365 examples, clarifying who manages what in each model.

27 min readen

Orienting: Where Service Models Fit in AZ-900

From Deployment to Service Models

You already met public, private, and hybrid cloud. Now we switch axis: service models describe how much of the stack you want Microsoft to manage for you.

Exam-Relevant Skills

For AZ-900 you must list the three service models in order, give their canonical definitions, map Azure/Microsoft 365 services to each, and explain who manages what.

Stack Perspective

Visualize a web app stack: datacenter, servers, VMs, OS, runtime, app code, data. Moving from IaaS to PaaS to SaaS, you manage less and Microsoft manages more.

Link to Shared Responsibility

This is all about the shared responsibility model: a framework describing how security and compliance duties are divided between you and the cloud provider.

The Canonical List and Definitions

Canonical List (Order Matters)

The three cloud service models, in order, are: 1) Infrastructure as a Service (IaaS), 2) Platform as a Service (PaaS), 3) Software as a Service (SaaS).

IaaS Definition

Infrastructure as a Service (IaaS) is a cloud service model that provides virtualized computing resources such as servers, storage, and networking on demand.

PaaS Definition

Platform as a Service (PaaS) is a cloud service model that provides a complete development and deployment environment in the cloud, including infrastructure, middleware, and development tools.

SaaS Definition

Software as a Service (SaaS) is a cloud service model that delivers software applications over the internet on a subscription basis.

Memory Hook

Shortcut: IaaS = building blocks, PaaS = construction site and tools, SaaS = finished house you just move into and use.

Who Manages What: On-Prem vs IaaS vs PaaS vs SaaS

Four Scenarios

Compare one app in four ways: on-premises, IaaS on Azure, PaaS on Azure, and SaaS (for example Microsoft 365). Each shifts who manages what.

The Stack Layers

Layers: datacenter, physical servers, virtualization, operating system, middleware/runtime, application code, and data/access control.

On-Prem vs IaaS

On-prem: you manage every layer. IaaS: Microsoft manages datacenter, physical hardware, and virtualization; you manage OS, middleware, app, and data.

PaaS Responsibilities

PaaS: Microsoft manages infrastructure, OS, and runtime. You focus on your code, configuration, and your data (schemas, backups, access).

SaaS Responsibilities

SaaS: Microsoft runs the full app. You manage users, access, data inside the app, and configuration. Shared responsibility still applies.

IaaS in Practice: Azure Virtual Machines and Networking

IaaS Definition Reminder

Infrastructure as a Service (IaaS) is a cloud service model that provides virtualized computing resources such as servers, storage, and networking on demand.

Common Azure IaaS Services

Key IaaS services: Azure Virtual Machines, Virtual Network, Network Security Groups, Azure Load Balancer, and Azure Disk Storage.

Legacy App Migration Scenario

You move a legacy .NET app from on-prem Windows Server to Azure VMs. The app architecture stays the same; only the hardware location changes.

What Microsoft Manages (IaaS)

In IaaS, Microsoft manages the datacenter, physical hardware, storage, networking, and virtualization layer hosting your VMs.

What You Manage (IaaS)

You choose VM sizes, install and patch the OS, configure runtimes and your app, and manage NSGs, backups, and monitoring. RDP/SSH access is a strong IaaS clue.

PaaS in Practice: Azure App Service and Azure SQL Database

PaaS Definition Reminder

Platform as a Service (PaaS) is a cloud service model that provides a complete development and deployment environment in the cloud, including infrastructure, middleware, and development tools.

Azure PaaS Examples

Classic PaaS on Azure: Azure App Service for web apps/APIs and Azure SQL Database as a fully managed relational database.

Modern Web App Scenario

You build a new .NET 8 web app and deploy it to Azure App Service, with data in Azure SQL Database, without provisioning any VMs yourself.

What Microsoft Manages (PaaS)

Microsoft handles infrastructure, OS, web server, runtimes, database engine, and many backups and patches for you.

What You Manage (PaaS)

You own your code, configuration, database schema, queries, and access control. No RDP, no OS patching. "Focus on code" is a PaaS clue.

SaaS in Practice: Microsoft 365 and Dynamics 365

SaaS Definition Reminder

Software as a Service (SaaS) is a cloud service model that delivers software applications over the internet on a subscription basis.

Microsoft SaaS Examples

Key SaaS offerings: Microsoft 365 (Exchange Online, SharePoint Online, Teams) and Dynamics 365 business apps, plus many third-party SaaS apps.

Migration to Microsoft 365 Scenario

You replace on-prem email and file servers with Microsoft 365. Users access apps via browser or client apps; there is no custom server deployment.

What Microsoft Manages (SaaS)

Microsoft runs the entire application stack, including infrastructure, OS, and app code, plus updates, patches, and availability.

What You Manage (SaaS)

You manage users and access via Microsoft Entra ID, tenant settings, permissions, and how data is used and protected. Subscription per user is a SaaS clue.

Thought Exercise: Classify These Azure Services

Use this self-check to strengthen your ability to map services to IaaS, PaaS, or SaaS. Do it as a quick mental drill.

Task 1: Classify each service

For each of the following, decide whether it is Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS). Then reveal the answer mentally or by writing it down.

  1. Azure Virtual Machine
  2. Azure Kubernetes Service (AKS)
  3. Microsoft 365 Exchange Online
  4. Azure SQL Database
  5. Azure Virtual Network (VNet)
  6. Dynamics 365 Sales
  7. Azure Functions
  8. Azure Disk Storage

Suggested answers (check after you have tried):

  • Azure Virtual Machine → IaaS (you manage the OS)
  • Azure Kubernetes Service → PaaS (managed Kubernetes platform)
  • Microsoft 365 Exchange Online → SaaS (email application delivered as a service)
  • Azure SQL Database → PaaS (managed database platform)
  • Azure Virtual Network → IaaS (networking infrastructure)
  • Dynamics 365 Sales → SaaS (CRM application)
  • Azure Functions → PaaS (serverless compute platform)
  • Azure Disk Storage → IaaS (storage for VMs)

Reflection prompts

  • Which ones were hardest to classify? Why?
  • Did you rely more on the name or on who manages what?
  • For any you misclassified, re-state in one sentence what the customer manages and what Microsoft manages.

Quick Check: Canonical List and Definitions

Test your recall of the ordered list and core definitions.

Which option lists the cloud service models in the correct canonical order for AZ-900?

  1. Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS)
  2. Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS)
  3. Platform as a Service (PaaS), Infrastructure as a Service (IaaS), Software as a Service (SaaS)
  4. Infrastructure as a Service (IaaS), Software as a Service (SaaS), Platform as a Service (PaaS)
Show Answer

Answer: B) Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS)

The canonical list of cloud service models, in order, is: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS). Memorize this exact sequence for AZ-900.

Quick Check: Who Manages What?

Apply the shared responsibility idea to classify scenarios.

A company wants to deploy its custom web application but does NOT want to manage operating system patching or web server configuration. They still want to deploy and manage their own code. Which service model best fits this requirement?

  1. Infrastructure as a Service (IaaS)
  2. Platform as a Service (PaaS)
  3. Software as a Service (SaaS)
  4. Hybrid cloud
Show Answer

Answer: B) Platform as a Service (PaaS)

They still deploy and manage their own code (so not SaaS), but they do not want to manage the OS or web server. That is exactly Platform as a Service (PaaS), which provides a complete development and deployment environment including infrastructure and middleware.

Flashcards: Lock In Key Definitions

Use these flashcards to cement the canonical definitions and the ordered list.

List the three cloud service models in canonical order.
Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS).
Define Infrastructure as a Service (IaaS).
Infrastructure as a Service (IaaS) is a cloud service model that provides virtualized computing resources such as servers, storage, and networking on demand.
Define Platform as a Service (PaaS).
Platform as a Service (PaaS) is a cloud service model that provides a complete development and deployment environment in the cloud, including infrastructure, middleware, and development tools.
Define Software as a Service (SaaS).
Software as a Service (SaaS) is a cloud service model that delivers software applications over the internet on a subscription basis.
In IaaS, who manages the operating system?
In Infrastructure as a Service (IaaS), the customer manages the operating system, including installation, configuration, and patching.
In PaaS, what does the customer mainly focus on?
In Platform as a Service (PaaS), the customer mainly focuses on application code, configuration, and data, while Microsoft manages infrastructure, OS, and middleware/runtime.
In SaaS, what are typical customer responsibilities?
In Software as a Service (SaaS), the customer typically manages user identities and access, configuration of the application, and how data is used, shared, and protected.
Give one Azure example of IaaS.
Azure Virtual Machines (VMs) are a core example of Infrastructure as a Service (IaaS).
Give one Azure example of PaaS.
Azure App Service or Azure SQL Database are classic examples of Platform as a Service (PaaS).
Give one Microsoft example of SaaS.
Microsoft 365 (for example, Exchange Online, SharePoint Online, Teams) is a key example of Software as a Service (SaaS).

Pulling It Together and Next Steps in Your Path

What You Now Know

You can state the ordered list and canonical definitions of IaaS, PaaS, and SaaS, and explain how responsibilities shift across these models.

Mapping Patterns

Remember: VMs and VNets → IaaS; App Service, Azure SQL, Functions → PaaS; Microsoft 365 and Dynamics 365 → SaaS.

Exam Domain Connection

These ideas support Cloud Concepts (28%) and Azure Architecture and Services (38%) in AZ-900. They are heavily tested basics.

Your Next Steps in Skarp

Next, use the diagnostic, mock exam, and spaced review queue to pressure-test and reinforce your understanding of service models.

Key Terms

Dynamics 365
A set of Software as a Service (SaaS) business applications for CRM and ERP workloads.
Microsoft 365
A suite of Software as a Service (SaaS) productivity applications including Exchange Online, SharePoint Online, Teams, and Office apps.
Azure App Service
An Azure Platform as a Service (PaaS) offering for hosting web apps and APIs without managing underlying servers.
Azure SQL Database
A fully managed relational database Platform as a Service (PaaS) offering in Azure.
Microsoft Entra ID
Microsoft Entra ID is Microsoft’s cloud-based identity and access management service that helps employees sign in and access resources such as Microsoft 365, the Azure portal, and thousands of other SaaS applications.
Azure Virtual Machine
An Azure service that provides resizable, on-demand virtual servers in the cloud; a core example of Infrastructure as a Service (IaaS).
shared responsibility model
The shared responsibility model is a framework that defines how security and compliance responsibilities are divided between the cloud provider and the customer.
Platform as a Service (PaaS)
Platform as a Service (PaaS) is a cloud service model that provides a complete development and deployment environment in the cloud, including infrastructure, middleware, and development tools.
Software as a Service (SaaS)
Software as a Service (SaaS) is a cloud service model that delivers software applications over the internet on a subscription basis.
Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS) is a cloud service model that provides virtualized computing resources such as servers, storage, and networking on demand.

Finished reading?

Test your understanding with a custom practice exam on this chapter.

Test yourself