Actually just getting a virtual machine running on one of their powerful physical servers in a data center.

1. Order a cloud server (e.g., AWS EC2 instance).
2. Cloud provider picks a physical server in data center that has free capacity.
3. Use virtualization software (hypervisor) to create your VM.
4. You get full access to that VM but actually you’re sharing the real hardware with other ppl’ VMs.

How AWS keeps your VM?

When you create an EC2 instance (AWS’s VM service):

1. AWS runs a virtualization layer (currently based on Nitro Hypervisor, a modified KVM).
2. Your VM can’t directly access hardware — it can only use the “virtual” CPU, memory, and disk AWS gives it.
3. Hypervisor prevents u or others from touching each other’s VM’s data.
4. AWS gives each VM its own private virtual network interface.
   1. Packets to/from VM are routed through AWS’s network layer, which filters and isolates traffic.
5. VM’s “disk” is really an EBS volume, stored as encrypted chunks in AWS’s storage backend. No one else can read it.

Core service

1. VPC → Create your own network in AWS.
2. EC2 → Launch virtual servers for your app/backend.
3. EBS → Attach storage to each EC2 instance for the OS and app data. Auto built when creating EC2.
4. S3 → Store static assets like images, videos, or backups.