Cloud computing rents computing resources from a provider that operates the underlying hardware in shared datacenters, and bills the renter only for what the renter consumes. The renter no longer purchases servers, rack space, switches, or backup tapes; the renter purchases capacity, time, and service availability, and consumes them across a network connection. Microsoft Azure is one of the two largest public-cloud platforms by revenue, sits behind the same identity, billing, and support fabric as Microsoft 365 and Dynamics 365, and is the platform that this exam covers.
The shift from on-premises ownership to cloud consumption changes more than the location of the physical hardware. It changes the financial model from capital expenditure (CapEx, paying for assets that depreciate on a balance sheet over multiple years) to operating expenditure (OpEx, paying a recurring bill that posts straight to the operating ledger). It changes the procurement model from a multi-quarter purchase order to a self-service portal that provisions a virtual machine in minutes. It changes the operations model from a fixed-size team of system administrators to a flexible mix of platform engineers, site reliability engineers, and finance partners watching live cost dashboards. The exam does not test cost accounting in detail, but it does test the recognition of which model is at play in a given scenario.
A useful working definition for the exam: cloud computing is the delivery of computing services (servers, storage, databases, networking, software, analytics, and intelligence) over the internet, billed by usage, and accessed self-service through portals, command-line tools, and programmatic interfaces. The provider operates a global fleet of datacenters; the customer rents slices of that fleet on demand. The contract is governed by a service-level agreement (SLA) that describes the availability and the financial credit if the provider misses it.
Describe the benefits of using cloud services
The benefits of using cloud services fall into five families that the official study guide names explicitly: high availability and scalability, reliability and predictability, security and governance, and manageability. Each family answers a different stakeholder question. High availability and scalability address the application architect who needs the service to stay up during a regional failure and to absorb a holiday traffic spike. Reliability and predictability speak to the finance director who needs the monthly bill to match a forecast and the chief operating officer who needs the platform behaviour to remain consistent across regions. Security and governance answer the chief information security officer who needs encryption, identity, audit logs, and policy enforcement to satisfy a regulator. Manageability answers the platform engineer who needs to apply a setting once and have it propagate across thousands of resources without manual click-through.
These benefits compound. A team that gains scalability also gains predictability, because traffic spikes no longer demand emergency hardware purchases. A team that gains manageability also gains security, because a single policy change applied centrally beats a thousand server-by-server console sessions where mistakes accumulate. The exam expects the candidate to map a stakeholder problem to the right benefit family rather than memorise a long list of features.
Describe software as a service (SaaS)
Cloud services arrive in three layers: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Software as a Service is the highest layer and the most familiar one for non-technical readers. In a SaaS arrangement the customer signs in to a finished application running entirely on the provider's infrastructure. The customer does not install the application, does not patch the operating system, does not run the database, and does not size the virtual machines. The customer creates user accounts, configures the application settings inside the application's own administrative console, and pays a per-user or per-feature subscription. Microsoft 365 (Outlook, Word, Excel, Teams, SharePoint Online, OneDrive for Business), Dynamics 365 (sales, finance, customer service), and GitHub Enterprise Cloud are SaaS offerings that share a sign-in with Azure and bill through the same enterprise agreement.
A SaaS customer trades flexibility for speed. The customer cannot change the data schema of a SaaS application, cannot install a custom database extension, and cannot run a background job in a runtime of their choosing; the provider controls all of that. The customer gains a fast path to value: the team signs in, imports data, configures workflows, and uses the application within hours rather than the weeks an equivalent on-premises deployment would consume. The cost arrives as a predictable per-user monthly charge that scales as the user count grows or shrinks, with no upfront hardware purchase to amortise. Patching, version upgrades, capacity expansion, backup, and security monitoring of the underlying platform are the provider's responsibility, not the customer's.
The customer's remaining duties on SaaS are narrow but important: managing user identities and their access rights, classifying and protecting the data that the customer places into the application, configuring conditional access and multi-factor authentication, and reading the audit logs the provider exposes. A SaaS application does not relieve the customer of compliance duties; the regulator still expects the customer to know who can see which records.
| Benefit category | Question it answers | Primary stakeholder | Azure capability that delivers it |
|---|---|---|---|
| High availability | Will the service stay online during a hardware failure? | Application architect | Availability zones, load balancers, paired regions |
| Scalability | Will the service absorb a 10x traffic spike? | Capacity planner | Auto-scale, virtual machine scale sets, serverless burst |
| Reliability | Will the service recover from a disaster? | Continuity manager | Geo-redundant storage, Azure Site Recovery |
| Predictability | Will the cost and behaviour match the forecast? | Finance director | Reserved instances, Pricing Calculator, Microsoft Cost Management |
| Security | Will customer data stay private and uncompromised? | Chief information security officer | Microsoft Entra ID, Defender for Cloud, Key Vault |
| Governance | Will the platform follow our policies? | Compliance lead | Azure Policy, management groups, resource locks |
| Manageability | Will operations scale with the workload? | Platform engineer | Resource Manager, tags, Azure Cloud Shell, Azure Arc |
Cloud service stack overview
💡 Exam Trap: AZ-900 questions sometimes describe Microsoft 365 as an "Azure service". Microsoft 365 is a separate Microsoft cloud product family that shares identity (Microsoft Entra ID) and support with Azure, but it is sold and billed under a different agreement and is classified as SaaS, not as an Azure-native PaaS or IaaS resource.
💡 Exam Trap: SaaS is the only cloud service layer in which the customer does NOT manage an operating system. If an exam stem requires the customer to patch the OS, the answer is not SaaS.
⚠️ Anti-Pattern: Treating a SaaS subscription as relief from data classification and access control. The provider operates the application; the customer still owns the data, the identities, and the access decisions, and a regulator will hold the customer accountable for them.
🎯 Scenario: A finance director at Northwind Traders asks why the team should pay a monthly Microsoft 365 subscription instead of installing Office and Exchange on company-owned servers. The platform lead answers: the SaaS subscription removes hardware purchase, server patching, mailbox failover engineering, and storage capacity planning from the team's plate; the per-user price replaces a five-figure CapEx purchase with a predictable monthly OpEx line that scales with headcount.
Decision Anchor: choose SaaS when the application is a commodity (mail, productivity, CRM, ERP) and the value lies in using it, not in customising its internals. Choose PaaS or IaaS when the workload is the organisation's own intellectual property and the team needs to control the runtime.
