34  Cloud Platforms & Services

In 60 Seconds

Cloud platforms provide IoT solutions through layered service models (IaaS, PaaS, SaaS), each trading control for convenience. Major platforms like AWS IoT Core, Azure IoT Hub, and ClearBlade offer device registries, rule engines, and device shadow patterns that form the building blocks of scalable IoT cloud architectures.

34.1 Learning Objectives

By the end of this chapter, you will be able to:

• Compare Cloud Service Models: Distinguish between IaaS, PaaS, and SaaS and their IoT applications
• Evaluate Cloud Platforms: Compare AWS IoT Core, Azure IoT Hub, and alternatives for specific requirements
• Design Cloud Architectures: Create multi-tier cloud data pipelines for IoT applications
• Understand Responsibility Models: Identify management responsibilities across different service models

For Beginners: Cloud Data Platforms and Services

Cloud data platforms provide ready-made building blocks for managing IoT data. Instead of building everything from scratch, you use pre-built services for storing, processing, and analyzing sensor data – like renting a fully equipped kitchen rather than constructing one yourself.

34.2 Prerequisites

Before diving into this chapter, you should be familiar with:

• Cloud Data Reference Model: Understanding IoT Reference Model Levels 5-7
• Cloud Computing for IoT: Basic cloud computing concepts

34.3 Cloud Computing Overview

⏱️ ~10 min | ⭐ Foundational | 📋 P10.C03.U02

Figure 34.1: Cloud Service Models IaaS PaaS SaaS for IoT Data Pipeline

The Cloud is a way of provisioning services to clients, providing shared resources for organizations:

Service Models:

• IaaS (Infrastructure as a Service): Virtual machines, storage, networks
• PaaS (Platform as a Service): Development platforms and tools
• SaaS (Software as a Service): Complete applications

Advantages:

• Lower computer and software costs
• Instant software updates
• Unlimited storage capacity
• Device independence
• Economies of scale

Disadvantages:

• Requires constant Internet connection
• Needs high-speed Internet
• Security concerns with data storage
• Potential latency in connections

34.4 Cloud Service Model Stack

Figure 34.2: Vertical layered stack showing how cloud service models build upon each other. Edge devices feed into IaaS infrastructure, which powers PaaS development platforms, ultimately delivering SaaS applications.

Alternative View: Edge-to-Cloud Data Journey

This sequence diagram shows the temporal flow of data from IoT device through edge to cloud:

This view emphasizes how data volume is progressively reduced at each tier, with the cloud receiving pre-processed summaries rather than raw sensor streams.

34.5 Cloud Responsibility Matrix

Figure 34.3: Cloud Responsibility Matrix: Who manages what in each service model

Academic Reference: Cloud Service Models (IaaS, PaaS, SaaS)

Cloud service models architecture showing the layered relationship between IaaS (Infrastructure), PaaS (Platform), and SaaS (Software) with their respective components and interfaces

This diagram illustrates the cloud computing stack showing how IaaS provides virtualized infrastructure (compute, storage, network), PaaS adds development platforms and services on top, and SaaS delivers complete applications to end users.

34.6 IoT Cloud Platform Comparison

Figure 34.4: IoT Cloud Platform Comparison: AWS vs Azure vs ClearBlade decision guide

Note (2025): Google Cloud IoT Core was discontinued in August 2023. Google recommends ClearBlade as the migration path. AWS IoT Core and Azure IoT Hub remain the dominant cloud IoT platforms.

Figure 34.5: Cloud service providers comparison

34.7 Cloud Architecture Patterns

IoT cloud architectures follow common patterns that appear across all major platforms. These patterns solve recurring challenges: how to connect devices, process data streams, and deliver insights to applications.

Figure 34.6: Using cloud for IoT data management

The complete IoT cloud architecture integrates multiple services to handle device connectivity, data ingestion, processing, storage, and application delivery.

Figure 34.7: Complete IoT cloud architecture from devices to applications

Three key building blocks appear in every cloud IoT platform:

Rule Engine – A rule engine evaluates incoming telemetry against user-defined conditions and triggers automated actions. For example, “if temperature > 80C, send alert and throttle device.” This enables event-driven automation without custom application code.

Figure 34.8: IoT rule engine for event-driven automation

Device Shadow – A device shadow (AWS) or device twin (Azure) is a cloud-side JSON document that stores the last known state of each device. When a device goes offline, applications can still read its shadow. When the device reconnects, it synchronizes with any desired-state changes queued while it was away.

Figure 34.9: Device shadow pattern for reliable cloud-device synchronization

Device Registry – The device registry maintains an authoritative record of every device’s identity, security credentials, and configuration state. It enables fleet-wide management operations such as firmware updates, access revocation, and group provisioning.

Figure 34.10: Device registry services form the foundation of cloud IoT platforms, maintaining authoritative records of device identities, security credentials, and configuration state.

34.8 Worked Example: Platform Selection

Worked Example: Selecting Cloud Platform and Estimating Costs for IoT Fleet

Scenario: A logistics company wants to deploy GPS trackers on 10,000 delivery vehicles. Each tracker reports location, speed, and engine diagnostics every 30 seconds. The company needs to select a cloud platform and estimate monthly costs for the first year.

Given:

• Fleet size: 10,000 vehicles
• Reporting interval: Every 30 seconds (2 messages/minute per vehicle)
• Payload size: 200 bytes per message (GPS + diagnostics)
• Operating hours: 12 hours/day, 6 days/week
• Retention requirement: 90 days of raw data, 2 years of aggregated data
• Analytics: Real-time dashboards + daily route optimization reports
• Existing infrastructure: Microsoft Azure Active Directory for employee auth

Solution:

Step 1: Calculate message volume

Messages per vehicle per day:

• 12 hours × 60 minutes × 2 messages/min = 1,440 messages/vehicle/day

Total daily messages:

• 10,000 vehicles × 1,440 = 14.4 million messages/day

Monthly messages (26 operating days):

• 14.4M × 26 = 374.4 million messages/month

Step 2: Calculate data volume

Daily data volume:

• 14.4M messages × 200 bytes = 2.88 GB/day

Monthly ingest:

• 2.88 GB × 26 = 74.88 GB/month

Step 3: Compare cloud platform pricing

Service	AWS IoT Core	Azure IoT Hub
Message pricing	$1.00/million msgs (pay-per-use)	S3 tier: $3,000/mo for 300M msgs included
Overage rate	Same rate applies	$0.80/million additional msgs
Monthly msg cost	374.4 × $1.00 = $374	$3,000 + (74.4M × $0.80) = $3,060
Device registry	Free (first 500K)	Included in tier
Storage (hot)	S3: $0.023/GB	Blob: $0.018/GB
Integration benefit	None	Azure AD SSO included

Step 4: Evaluate platform fit

Criterion	AWS IoT Core	Azure IoT Hub	Decision
IoT messaging cost	$374/month	$3,060/month (S3 tier)	AWS wins on raw cost
Auth integration	Requires Cognito setup	Native Azure AD	Azure wins
Analytics tools	QuickSight ($250/mo)	Power BI (included with M365)	Azure wins
Total cost of ownership	Higher integration effort	Lower with existing Azure infra	Azure wins overall

Step 5: Calculate total monthly cost (Azure)

Component	Monthly Cost
IoT Hub (S3 tier, 300M msgs included)	$3,000
Additional messages (74.4M x $0.80/M)	$60
Blob Storage (hot tier, ~75 GB)	$1.35
Stream Analytics (6 streaming units)	$360
Azure Maps (route optimization)	$450
Power BI Pro (5 analysts)	$50
Total	$3,921/month

Annual cost: $3,921 x 12 = $47,052/year Cost per vehicle: $47,052 / 10,000 = $4.71/vehicle/year

Result: Azure IoT Hub is the recommended platform. Although AWS IoT Core has lower raw messaging costs ($374/month vs $3,060/month), Azure wins on total cost of ownership because the company already uses Azure AD (no additional authentication setup), Power BI is included with existing Microsoft 365 licensing, and native integration reduces development and maintenance effort.

Key Insight: Cloud platform selection should prioritize existing infrastructure integration over raw messaging pricing. Include the full stack cost (messaging + storage + analytics + visualization + integration effort) rather than comparing IoT service pricing alone.

Putting Numbers to It

Fleet Tracking Platform Cost Breakdown: 10,000 vehicles reporting every 30 seconds over 12-hour operating days = \(10{,}000 \times 2 \text{ msg/min} \times 720\text{ min/day} = 14.4M \text{ messages/day}\). Monthly (26 operating days): \(14.4M \times 26 = 374.4M\) messages.

Azure IoT Hub: Base tier S3 (300M messages included) \(\$3{,}000/\text{month}\) + overage \((74.4\text{M} \times \$0.80/\text{M}) = \$59.52\). Storage \((74.88\text{ GB} \times \$0.018/\text{GB}) = \$1.35\). Stream Analytics (6 SU) \(\$360\). Total infrastructure: \(\approx\$3{,}421/\text{month}\).

Per-vehicle cost: \(\$3{,}421 / 10{,}000 = \$0.34/\text{vehicle/month}\) or \(\$4.10/\text{vehicle/year}\). Compare to cellular data alone: \(14.4M \times 200\text{ bytes} \times 26 = 74.88\text{ GB/month} \times \$8/\text{GB} = \$599/\text{month}\) (\(\$7{,}189/\text{year}\)).

ROI: Cloud platform (\(\$41{,}052/\text{year}\)) + cellular (\(\$7{,}189\)) = \(\$48{,}241\) total. Route optimization savings: 5% fuel reduction x 10,000 vehicles x \(\$5{,}000/\text{vehicle/year}\) fuel = \(\$2{,}500{,}000/\text{year}\). Net benefit: \(\$2{,}451{,}759/\text{year}\). Platform pays for itself in under 1 month.

34.8.1 IoT Fleet Cloud Cost Calculator

Use this calculator to estimate monthly cloud platform costs for your own IoT fleet. Adjust the parameters to see how fleet size, reporting frequency, and operating hours affect total cost.

viewof fleetSize = Inputs.range([100, 100000], {
  value: 10000, step: 100, label: "Fleet size (devices)"
})

viewof reportInterval = Inputs.range([1, 300], {
  value: 30, step: 1, label: "Report interval (seconds)"
})

viewof operatingHours = Inputs.range([1, 24], {
  value: 12, step: 1, label: "Operating hours/day"
})

viewof operatingDays = Inputs.range([1, 31], {
  value: 26, step: 1, label: "Operating days/month"
})

viewof payloadBytes = Inputs.range([50, 2000], {
  value: 200, step: 10, label: "Payload size (bytes)"
})

fleetCalc = {
  const msgsPerMin = 60 / reportInterval;
  const msgsPerDevicePerDay = operatingHours * 60 * msgsPerMin;
  const dailyMsgs = fleetSize * msgsPerDevicePerDay;
  const monthlyMsgs = dailyMsgs * operatingDays;
  const dailyDataGB = (dailyMsgs * payloadBytes) / 1e9;
  const monthlyDataGB = dailyDataGB * operatingDays;

  // AWS IoT Core: pay-per-use at $1.00/million messages
  const awsMsgCost = (monthlyMsgs / 1e6) * 1.00;
  const awsStorageCost = monthlyDataGB * 0.023;
  const awsTotal = awsMsgCost + awsStorageCost;

  // Azure IoT Hub S3 tier: $3,000/mo for 300M msgs, $0.80/M overage
  const azureBaseCost = 3000;
  const azureIncludedMsgs = 300e6;
  const azureOverageMsgs = Math.max(0, monthlyMsgs - azureIncludedMsgs);
  const azureOverageCost = (azureOverageMsgs / 1e6) * 0.80;
  const azureMsgCost = azureBaseCost + azureOverageCost;
  const azureStorageCost = monthlyDataGB * 0.018;
  const azureTotal = azureMsgCost + azureStorageCost;

  return {
    msgsPerMin, msgsPerDevicePerDay, dailyMsgs, monthlyMsgs,
    dailyDataGB, monthlyDataGB,
    awsMsgCost, awsStorageCost, awsTotal,
    azureMsgCost, azureStorageCost, azureTotal
  };
}

html`<div style="background: var(--bs-light, #f8f9fa); border-radius: 8px; padding: 1.5rem; margin: 1rem 0; border-left: 4px solid #16A085;">
<h4 style="color: #2C3E50; margin-top: 0;">Message Volume</h4>
<table style="width: 100%; border-collapse: collapse; color: var(--bs-body-color);">
<tr><td style="padding: 4px 8px;">Messages per device per day</td><td style="text-align: right; font-weight: bold; padding: 4px 8px;">${fleetCalc.msgsPerDevicePerDay.toLocaleString()}</td></tr>
<tr><td style="padding: 4px 8px;">Daily messages (fleet)</td><td style="text-align: right; font-weight: bold; padding: 4px 8px;">${(fleetCalc.dailyMsgs / 1e6).toFixed(2)}M</td></tr>
<tr><td style="padding: 4px 8px;">Monthly messages</td><td style="text-align: right; font-weight: bold; padding: 4px 8px;">${(fleetCalc.monthlyMsgs / 1e6).toFixed(1)}M</td></tr>
<tr><td style="padding: 4px 8px;">Monthly data volume</td><td style="text-align: right; font-weight: bold; padding: 4px 8px;">${fleetCalc.monthlyDataGB.toFixed(2)} GB</td></tr>
</table>

<h4 style="color: #2C3E50; margin-top: 1rem;">Monthly Cost Comparison</h4>
<table style="width: 100%; border-collapse: collapse; color: var(--bs-body-color);">
<tr style="border-bottom: 2px solid #7F8C8D;"><th style="text-align: left; padding: 4px 8px;">Component</th><th style="text-align: right; padding: 4px 8px;">AWS IoT Core</th><th style="text-align: right; padding: 4px 8px;">Azure IoT Hub</th></tr>
<tr><td style="padding: 4px 8px;">Messaging</td><td style="text-align: right; padding: 4px 8px;">$${fleetCalc.awsMsgCost.toFixed(2)}</td><td style="text-align: right; padding: 4px 8px;">$${fleetCalc.azureMsgCost.toFixed(2)}</td></tr>
<tr><td style="padding: 4px 8px;">Storage</td><td style="text-align: right; padding: 4px 8px;">$${fleetCalc.awsStorageCost.toFixed(2)}</td><td style="text-align: right; padding: 4px 8px;">$${fleetCalc.azureStorageCost.toFixed(2)}</td></tr>
<tr style="border-top: 2px solid #7F8C8D; font-weight: bold;"><td style="padding: 4px 8px;">Total (messaging + storage)</td><td style="text-align: right; padding: 4px 8px; color: #E67E22;">$${fleetCalc.awsTotal.toFixed(2)}</td><td style="text-align: right; padding: 4px 8px; color: #16A085;">$${fleetCalc.azureTotal.toFixed(2)}</td></tr>
<tr><td style="padding: 4px 8px;">Per device/year</td><td style="text-align: right; padding: 4px 8px;">$${((fleetCalc.awsTotal * 12) / fleetSize).toFixed(2)}</td><td style="text-align: right; padding: 4px 8px;">$${((fleetCalc.azureTotal * 12) / fleetSize).toFixed(2)}</td></tr>
</table>
<p style="font-size: 0.85em; color: #7F8C8D; margin-top: 0.5rem; margin-bottom: 0;">Note: Costs shown are messaging + storage only. Total cost of ownership includes analytics, integration, and development effort.</p>
</div>`

34.9 Knowledge Check

Quiz: Cloud Platforms

For Kids: Meet the Sensor Squad!

Cloud platforms are like different playgrounds – each one has special equipment for different kinds of fun!

34.9.1 The Sensor Squad Adventure: Picking the Perfect Playground

Sammy the Sensor wanted to play in the cloud, but she needed to pick the right playground. Max the Microcontroller showed her three options.

“First, there’s the IaaS Playground,” Max said. “They give you sand, wood, and nails, and YOU build whatever you want. It takes work, but you can make anything!” Sammy thought this sounded like a lot of effort.

“Next is the PaaS Playground,” continued Max. “They’ve already built the swings and slides, and you just decide how to arrange them and play.” Lila the LED liked this one – less building, more playing!

“Finally, the SaaS Playground is completely ready to go – just walk in and start having fun!” said Max. “But you can’t change anything.”

Bella the Battery noticed something important: “Each playground also has special features for IoT!” She pointed out the Device Registry (a sign-in book where every sensor checks in), the Rule Engine (a referee who watches for special events and blows a whistle), and the Device Shadow (a magic mirror that remembers what each sensor said, even if the sensor falls asleep).

“The secret,” said Max, “is picking the playground that matches what you need. If you want total control, pick IaaS. If you want to get started fast, pick SaaS. And PaaS is the sweet spot in between!”

34.9.2 Key Words for Kids

Word	What It Means
Device Registry	A sign-in book that keeps track of every sensor connected to the cloud
Rule Engine	A helper that watches data and triggers actions when something important happens
Device Shadow	A cloud copy of a sensor’s last known state, even when the sensor is offline
Service Model	How much of the system the cloud provider manages for you

34.10 Vendor Lock-In: The Hidden Cost of Cloud IoT Platforms

Cloud platform selection creates long-term dependencies that are expensive to reverse. Understanding lock-in vectors helps architects make defensible choices.

The five lock-in vectors for IoT cloud platforms:

Lock-In Vector	AWS Example	Azure Example	Migration Cost
Device provisioning	AWS IoT Core X.509 certificates	Azure DPS enrollment groups	Must re-provision every device in the field
Rule engine logic	AWS IoT Rules (SQL-like syntax)	Azure Stream Analytics (SQL-like query language)	Complete rewrite of event processing
Device shadows	AWS IoT Device Shadow (JSON)	Azure IoT Hub device twins (JSON)	Different APIs, state sync semantics differ
Proprietary services	AWS Greengrass (edge runtime)	Azure IoT Edge (Docker-based)	Different container formats, SDK dependencies
Data format coupling	Kinesis Data Streams (shards)	Event Hubs (partitions)	Different scaling models, consumer group semantics

Case study: Wistron NeWeb Corporation (2023 Google Cloud IoT Core shutdown)

When Google discontinued Cloud IoT Core in August 2023, Wistron NeWeb – a Taiwanese ODM managing 2+ million connected devices across automotive, networking, and IoT segments – faced a forced migration. Their experience illustrates lock-in costs:

• Timeline: 12 months from announcement to shutdown (announced Aug 2022, shutdown Aug 2023)
• Migration path: Google recommended ClearBlade as the official migration partner
• Hidden costs discovered during migration:
  • Device certificates: 2.1 million X.509 certificates needed re-issuance (6 weeks of provisioning infrastructure work)
  • Rule engine: 340 Google Cloud IoT Core rules translated to ClearBlade’s edge computing model (different paradigm, not just syntax)
  • Firmware OTA: Devices in the field needed firmware updates to point to new MQTT endpoints, requiring a rolling update across 2.1 million devices over 4 months
  • Testing: Full regression of device-to-cloud telemetry paths (3 months)

Mitigation strategies:

1. Abstract the MQTT layer: Use a thin client library that wraps platform-specific SDKs. Changing the underlying platform requires modifying only the wrapper, not every device’s firmware
2. Store data in open formats: Use Apache Parquet or Delta Lake rather than proprietary storage formats. Your historical data survives a platform migration
3. Avoid proprietary edge runtimes: Docker containers run on any edge platform. AWS Greengrass Lambda functions do not
4. Negotiate exit clauses: Include data export SLAs and migration support in enterprise contracts before signing

Interactive Quiz: Match Concepts

Interactive Quiz: Sequence the Steps

Common Pitfalls

1. Conflating cloud platform and cloud service

A cloud platform (AWS, Azure, GCP) provides infrastructure; a cloud IoT service (AWS IoT Core, Azure IoT Hub) provides managed IoT-specific capabilities. Choosing a cloud platform without evaluating its IoT services portfolio leads to gaps filled with expensive custom development.

2. Ignoring regional availability of IoT services

Not all cloud IoT services are available in every region. A deployment requiring data residency in a specific country must verify that the chosen platform’s IoT services are available in that region before committing to the architecture.

3. Overlooking free tier limitations during prototyping

Cloud platforms offer generous free tiers for prototyping that do not reflect production costs. Message limits, storage caps, and connection limits in free tiers can mask the true cost implications of an architecture until it is too late to change.

4. Not designing for multi-cloud or hybrid scenarios from the start

Regulatory requirements or business continuity needs may force hybrid cloud or multi-cloud architectures later. Design device communication and data formats to be cloud-agnostic from the start even if deploying to a single cloud initially.

Label the Diagram

Code Challenge

34.11 Summary

Key Concepts

• Cloud Service Models: IaaS (infrastructure control), PaaS (managed platforms), SaaS (complete applications) offering different management-control trade-offs
• Platform Selection: AWS IoT Core for maximum scale, Azure IoT Hub for Microsoft integration, ClearBlade for edge-first design
• Responsibility Matrix: Each service model shifts management burden from customer to provider at the cost of control
• Architecture Patterns: Device registry, rule engines, device shadows enable scalable IoT cloud solutions

34.12 What’s Next

If you want to…	Read this
Explore specific cloud IoT platforms and services	Cloud Data Platforms and Services
Understand the IoT cloud reference model	Cloud Data IoT Reference Model
Explore architecture patterns for cloud deployments	Cloud Data Architecture Gallery
Learn about data quality and security	Cloud Data Quality and Security
Return to the module overview	Big Data Overview