Are you new to the cloud and want to learn more? The aim of this article is to provide an introduction to what the Cloud is, some key Cloud nomenclature, core elements of the Cloud and a high-level view of the services each major cloud service provider is currently offering. Subsequent articles will go into much more detailed comparisons (performance, cost, differentiating features) within each of the 4 core elements of cloud computing.
What is the Cloud?
The usage of the Cloud is one of the biggest trends in the Tech Industry today. What is the Cloud? According to Cloudflare, “the Cloud” refers to servers that are accessed over the internet and the software and databases that run on those servers. One of the reasons for the cloud’s popularity is because it allows customers to purchase services in a pay-as-you-go model. Customers don’t have to buy and maintain their own infrastructure (servers) which saves upfront capital expenditures and increases the speed of deployment. The Cloud is versatile: it offers high-speed access, high availability, and elasticity. Elasticity refers to the resources (server capacity and storage capacity) in the cloud that can increase and decrease based on the amount of information needed to process.
Who are the Major Providers in the Cloud?
The 3 major cloud providers currently are Amazon Web Services (AWS), Microsoft’s Azure, and Google Cloud Platform (GCP).
At the time of publication for this article, AWS offers the most diverse suite of services, tools, and support; while having the largest market share. According to Canalys as of October 2020, AWS holds 32% of the market share, far ahead of the competition. Behind it is Azure which currently holds 19% of the market share. Even though there is a sizable gap between AWS and Azure, Azure has gained some momentum over the few years and continues to close the market share gap. GCP is currently in position 3 which holds 7% of the market. GCP may be at the bottom of the trio but it provides some outstanding ways they offer their services.
There are several reasons for AWS’ lead in the market. One of the main reasons is that it was one of the earliest Cloud Computing Companies. Amazon launched AWS in 2006 and was one of the main driving forces in popularizing the cloud. AWS also boasts a significant number of services: offering more than 175 with a diverse array of functionality. AWS’ global footprint is quite impressive as they currently host 24 regions around the globe along with 77 availability zones. Regions are actual, real-life geographic locations where public cloud resources are located. Availability Zones are isolated locations within regions from which public cloud services originate and operate. In AWS’s case, they plan to increase those regions to 30 and add 18 more availability zones!
Next up is Azure, which comes in at a strong second in terms of market share. Microsoft released Azure in 2010 originally as Windows Azure. Later they renamed it Microsoft Azure. Although they were a bit behind AWS providing a cloud service offering, Azure offers more than 200 products and services for the cloud. Azure also has the biggest global footprint out of the three major cloud providers with over 60 regions and ~100 availability zones.
Last of the major three is GCP. Google originally launched GCP in 2008 along with one of its more famous services called App Engine. Since then, GCP has come a long way and now provides customers over 90 products for the cloud and has 24 regions around the globe with 73 zones, which is comparable to AWS.
What are the Different Compute Services offered by AWS, Azure, and GCP and how do they compare?
We have covered some of the history, market share, volume of services offered and global footprint. Let’s move on to talking about some of the core elements in the cloud and what each cloud provider offers. The core elements of the cloud include Compute, Storage/Databases, Networking, and Security. We are going to compare each provider’s Compute service offering first.
Depending on the needs, customers are able to choose from Compute services that give control over infrastructure, to other services where the infrastructure is fully managed by the cloud provider. One of the hottest trends today is moving to serverless technology where users do not have access to the underlying infrastructure because the Cloud Provider manages the infrastructure based on demand. This completely removes the need for internal human resources to manage infrastructure resources.
Another popular trend in the tech industry right now is the use of containers and container orchestration. Containers are a method for packaging applications so they can be run with their dependencies isolated from other processes. This reduces the infrastructure resources needed and hence saves money. Containers also offer a blend between fully managing infrastructure (non-cloud, cloud VMs) and gaining the simplicity of not having to manage anything at all (serverless). Container orchestration is a process used to manage multiple containers, especially in large, dynamic environments.
What Compute Services does AWS offer?
AWS offers a large range of compute services. Here we will cover the primary ones offered including:
- EC2
- Elastic Beanstalk
- Lambda
- ECS
- EKS
‘EC2’ (‘Elastic Compute Cloud’) is likely the most widely used service in the cloud. ‘EC2’ is part of AWS’ IaaS (Infrastructure as a Service) and many of AWS services sit on top of ‘EC2’ because of its flexibility and control. Users can manually provision and scale as much computing infrastructure as needed, as well as select an underlying operating system.
‘Elastic Beanstalk’ is AWS’ PaaS (Platform as a Service) that allows customers to deploy web applications with minimum effort and developers to focus on writing code while not having to worry about provisioning the infrastructure resources.
Simply by configuring some basic parameters, ‘Elastic Beanstalk’ will automatically provision the infrastructure and handle the operations such as: load balancing, storage, and server provisioning. Even though ‘Elastic Beanstalk’ does this provisioning automatically, the customer still has control of the infrastructure (such as the EC2 instances that can be accessed at any time).
‘Lambda’ is AWS’ serverless compute offering that allows developers to simply focus on writing functions. ‘Lambda’ does not offer any control over the infrastructure.
AWS offers a few container orchestration services including ‘ECS’ (Elastic Container Service), which is AWS’s PaaS (not serverless) container orchestration service, ‘EKS’ (Elastic Kubernetes Service) which is AWS’s managed Kubernetes (open source) service, and ‘Fargate’, which is AWS’s serverless container orchestration service.
What Compute Services does Azure offer?
Azure’s compute offering is similar to that of AWS’, including the following:
- Virtual Machines
- App Service
- Azure Functions
- Container Instances
- AKS
‘Virtual Machines’ are Azure’s IaaS offering and allows the customer the most flexibility over their infrastructure.
‘App Service’ is Azure’s PaaS Compute offering and allows developers to easily deploy their web and mobile applications without worrying about provisioning the infrastructure.
‘Azure Functions’ are Azure’s serverless compute offering. Like AWS ‘Lambda’, Azure ‘Functions’ also automatically (no human involvement) scales up and down based on demand.
Azure’s ‘Container Instances’ is a serverless offering that provides a way to start containers in seconds without the need to provision or manage infrastructure.
They also have ‘AKS’ (‘Azure Kubernetes Service’) which is Azure’s managed Kubernetes service and allows developers to use Kubernetes in Azure.
What Compute Services does GCP offer?
GCP of course offers similar services to those of AWS and Azure. Currently including:
- Compute Engine
- App Engine
- Firebase
- Cloud Functions
- GKE
- Cloud Run
GCP’s Compute IaaS offering is called ‘Compute Engine’. ‘Compute Engine’ comes with a ton of features, including some notable ones dedicated to Machine Learning such as TPUs (Tensor Processing Units).
GCP’s PaaS offering is called ‘App Engine’. ‘App Engine Standard’ is serverless and scales on-demand with no infrastructure to manage. ‘App Engine Flexible’, however, is most similar to AWS Elastic Beanstalk in that it automatically provisions infrastructure, while still providing access to the infrastructure.
‘Firebase’ is a popular platform developed by Google for creating mobile and web applications. Firebase is backed by GCP, but offers more of a “consumer-grade” cloud offering.
GCP also has a serverless compute offering called Cloud Functions which is similar to AWS’ ‘Lambda’ and ‘Azure Functions’.
GCP has a few container orchestration services with ‘GKE’ (‘Google Kubernetes Engine’) and ‘Cloud Run’. As the creator of Kubernetes, GKE is arguably the most efficient and easy-to-use Kubernetes service. ‘Cloud Run’ is a serverless offering that allows developers to deploy container images and have the infrastructure scale on-demand.
Compute Service Comparison
| Service Name | Type | AWS | GCP | Azure |
|---|---|---|---|---|
| Compute Server Secure and resizable compute capacity (virtual servers) in the cloud. | Unmanaged | EC2 | Compute Engine | Virtual Machine |
| Serverless Functions Run code without the need to manage servers. Create Functions that respond to cloud events. | Serverless | Lambda | Cloud Functions | Azure Functions |
| Low-Cost Servers Highly affordable compute instances suitable for batch jobs and fault-tolerant workloads. | Unmanaged | EC2 Spot | Preemptible VMs | Spot VMs |
| Scale Servers Automatically add or remove compute capacity to meet changes in demand. | Managed | EC2 AutoScaling | Managed Instance Groups | Virtual Machine Scale Sets |
| Easy-to-Use Cloud Cloud platform that offers you everything you need to build an application or website. | Managed | Amazon LightSail | ||
| Large-scale Computing Run large-scale parallel and high-performance computing applications efficiently in the cloud. | Serverless | AWS Batch | Batch | |
| Container Orchestration Fully managed container orchestration service that provides the most secure, reliable, and scalable way to run containerized applications. | Serverless/Managed | Elastic Container Service (ECS) | Container Instances | |
| Container Registry Easily store, manage, and deploy container images. | Managed | Amazon Elastic Container Registry (ECR) | Container Registry | Container Registry |
| Managed Kubernetes Provides the most secure, reliable, and scalable way to run containerized applications using Kubernetes. | Managed | Amazon Elastic Kubernetes Service (EKS) | Google Kubernetes Engine (GKE) | Azure Kubernetes Service (AKS) |
| Serverless Containers Serverless compute engine for containers. | Serverless | AWS Fargate | Cloud Run | |
| Managed Application Platform Quickly create cloud apps for web and mobile with a fully managed platform. | Managed | Elastic Beanstalk | App Engine Flexible | App Service |
| Serverless Application Platform Serverless application platform for apps and backends. | Serverless | App Engine Standard | ||
| Block Storage Easy to use, high-performance storage that allows you to store data at any scale. | Unmanaged | EBS | Compute Engine Persistent Disks | Managed Disks |
| Infrastructure On-Premise Run infrastructure and services on-premise for a truly consistent hybrid experience. | Managed | Outposts | Anthos | Stack |
| VMWare on Cloud Migrate and run your VMWare workloads natively on the cloud. | Managed | VMWare Cloud on AWS | VMWare Engine | VMWare Solution |
| Serverless Repository Managed repository for serverless applications | Managed | Serverless Application Repository | Cloud Services | |
| Dedicated Hardware Dedicated servers for compliance, licensing, and management. | Unmanaged | EC2 Dedicated Host | Sole-tenant Nodes | Dedicated Host |
| Service Mesh Provides application-level networking to make it easy for your services to communicate with each other across multiple types of compute infrastructure. | Managed | App Mesh | Service Fabric | |
| Specialized Workload Compute Infrastructure to run specialized workloads on Google Cloud. | Unmanaged | EC2 Bare Metal | Bare Metal | Bare Metal |
| Intensive Compute GPUs GPUs for ML, Scientific Computing, and 3D visualization. | Unmanaged | Cloud GPUs | ||
| Highly Secure VMs Virtual machines on the Cloud protected by a set of security controls that help defend against attacks. | Unmanaged | Shielded VMs | ||
| Server Migration Server and Virtual Machine migration to the Cloud provider. | Managed | Server Migration Service | Migrate for Compute Engine | Azure Migrate: Server Migration |
| Cloud Workload Advisor Proactive, easily actionable recommendations to keep your cloud optimized | Managed | Trusted Advisor | Recommender | Azure Advisor |
| SQL Server on VM Options for running SQL server virtual machines on Cloud provider. | Managed | Azure SQL Managed Instance | ||
| OpenShift in Cloud Run fully managed OpenShift clusters, jointly operated with Red Hat. | Managed | Red Hat OpenShift Service | Azure Red Hat OpenShift | |
| Language/Container Registry Store, manage, and secure container images and language packages. | Managed | CodeArtifact | Artifact Registry | Artifacts |
| Docker Build Solution for running build steps in a docker container. | Managed | Cloud Build | ||
| Container Security Container environment security for each stage of the build-and-deploy life cycle. | Managed | Container Security | ||
| Kubernetes Software Components to create Kubernetes-native cloud-based software. | Managed | Knative |
What are the Different Database and Storage Services offered by AWS, Azure, and GCP and how do they compare?
What Database and Storage Services does AWS offer?
AWS offers a variety of database/storage services to choose from. Some include:
- S3
- EFS
- Glacier
- Storage Gateway
- RDS/Aurora
- DynamoDB
Their most popular storage service is ‘simple storage service’ or ‘S3’ which has a virtually unlimited capacity. ‘S3’ can store images, large videos, and host websites too. It comes with numerous security features from fine-grained access control to different levels of encryption. It has various tiers that allow customers to save money by selecting the best tier for the availability they need.
For cases where high-performance is needed, AWS offers ‘EFS’ (‘Elastic File System’) for high-speed access file storage.
For storing large amounts of data, that do not need to be accessed often, customers can archive their data with a service called ‘Glacier’.
‘Storage Gateway’ is used for hybrid cloud storage.
For Databases, AWS has its relational database service called ‘Amazon RDS’ (‘Relational Database Service’) which supports many database systems such as MySQL, PostgreSQL, MariaDB. RDS has a cloud-optimized version called ‘Aurora’ which gives higher performance than ‘Amazon RDS’ but has a cost premium.
‘DynamoDB’ is their fully managed NoSQL database with high-speed performance and an abundance of features. ‘DynamoDB’ allows customers to use their key-value and document database for mobile, web, gaming, ad tech, IoT, and other applications that require low-latency data access at any scale.
What Database/Storage Services does Azure offer?
Azure brings some significant storage services. Some of which include:
- Azure Blobs
- Azure Tables
- Azure Files
- Azure Queues
- Azure Database for PostgreSQL
- Azure Database for MariaDB
- Azure SQL Database
- Azure Cosmos DB
Azure’s storage services are all combined into a platform called ‘Azure Storage’. It consists of Azure ‘Blobs’, ‘Tables,’ ‘Files’, ‘Queues’, and ‘Disks.’ Azure structured their storage differently than AWS but still provides customers the ability to store a large amount of data and scale as much as needed.
‘Azure Storage’ provides multiple options for availability. Locally Redundant Storage has the least availability because it only replicates within a single physical location. Geo-Zone-Redundant Storage (GZRS) has high availability because it replicates data across regions. Microsoft recommends using GZRS for applications requiring maximum consistency, durability, and availability, excellent performance, and resilience for disaster recovery.
Azure ‘Blobs’ has an archive feature similar to that of ‘Glacier’ from AWS.
Azure ‘File Storage’ provides file share hosting making it possible for on-premise applications and cloud-hosted applications to access files with ease.
Azure has different managed services for different database systems such as Azure ‘Database for PostgreSQL’ and Azure ‘Database for MariaDB’ whereas AWS combines all of them into ‘RDS’.
Azure’s SQL Database offering is a native Microsoft product and is designed to deliver performance, security, and innovation.
Azure has its high-performance NoSQL database types (Key-Value, Document, Graph) combined into a service called Azure ‘Cosmos DB’.
What Database/Storage Services does GCP offer?
GCP’s main storage services include:
- Cloud Storage
- Cloud Filestore
- Cloud SQL
- Cloud Spanner
- Cloud Bigtable
‘Cloud Storage’ is very similar to AWS ‘S3’: it has unlimited capacity with very high durability. It comes with an abundance of features including the ability to archive data and Multiple Redundancy options where customers can store data across multiple locations.
‘Cloud Filestore’ is GCPs high-performance file storage service and is comparable to AWS ‘EFS’.
‘Cloud SQL’ is GCP’s option for hosting MySQL, PostgreSQL, or SQL server managed databases.
For relational database customers that need even higher availability, and performance across the globe, GCP provides their ultra-performance offering called ‘Cloud Spanner’.
GCP has a NoSQL database service known as ‘Cloud Bigtable’ which is designed for high-performance NoSQL workloads similar to ‘AWS DynamoDB’.
Database/Storage Service Comparison
| Service Name | Type | AWS | GCP | Azure |
|---|---|---|---|---|
| Relational Database Service Easy to set up, operate, and scale a relational database (collection of data items with pre-defined relationships between them) in the cloud. | Managed | RDS | Cloud SQL | Azure PostgreSQL Database, Azure MySQL Database, Azure database for MariaDB |
| Cloud Optimized RDS Build modern cloud applications with an always up-to-date relational database service that includes serverless compute, hyperscale storage, and automated features to optimize performance and durability. | Managed/Serverless | Aurora | Azure SQL Database | |
| Massive Scale RDS Relational database with unlimited scale, strong consistency, and up to 99.999% availability. | Managed | Cloud Spanner | ||
| NoSQL Databases Key-value, document, graph, and time-series databases that deliver single-digit millisecond performance at any scale. | Managed/Serverless | DynamoDB, DocumentDB, Keyspaces, Neptune, QLDB, TimeStream | Bigtable, Firestore, Firebase Realtime Database | Cosmos DB |
| Caching Databases Power fast and scalable applications with an open-source-compatible in-memory data store. | Managed | Elasticache | Memorystore | Azure Cache for Redis |
| SQL Server Instance Migrate your SQL workloads to the Cloud while maintaining complete SQL Server compatibility, with all the benefits of a fully managed platform as a service. | Managed | Azure SQL Managed Instance | ||
| Database Migration Accelerate your database to the cloud transition using a simple, self-guided moving process. | Managed/Serverless | AWS Database Migration Service | Database Migration Service | Azure Database Migration Service |
| Object Storage Find massively scalable and secure storage for your unstructured data. | Serverless | S3 | Cloud Storage | Blob Storage |
| File System Simple, scalable, fully managed way of separating data into individual pieces. | Managed | EFS | Filestore | Azure Files |
| Archive Storage Secure, durable, and extremely low-cost cloud storage classes for data storing and long-term backup. | Serverless | Glacier | Archive Storage | Archive Storage |
| Transfer Data Tools and services for moving your data to the cloud provider. | Managed | AWS Snow Family | Cloud Data Transfer | Data Box |
| Messaging Service Secure storage for message-based communication between apps. | Serverless | SQS | Cloud Pub/Sub | Queue Storage |
| Hybrid Storage A storage service that gives you on-premise access to virtually unlimited cloud storage. | Managed | Storage Gateway | StorSimple | |
| NetApp Files Create powerful file shares for enterprise workloads, including open-source/Linux. | Managed | Azure NetApp Files | ||
| HPC Cache File caching for high-performance computing (HPC). | Managed | Azure HPC Cache | ||
| Windows Files Fully managed file storage built on Windows server. | Managed | Amazon FSx for Windows File Server | ||
| Lustre Fully managed high-performance file system integrated with Amazon S3. | Managed | Amazon FSx for Lustre |
What are the Different Networking Services offered by AWS, Azure, and GCP and how do they compare?
What Networking Services does AWS offer?
AWS’ Networking Services include:
- Elastic Load Balancing
- VPC
- Cloudfront
- Route53
‘Elastic Load Balancing’ is an AWS networking service that offers multiple types of load balancers for any customer’s needs. For example, a customer could use an ‘Application Load Balancer’ for their web application that uses HTTP connections, or a ‘Network Load Balancer’ for high-speed TCP connections.
AWS has a ‘VPC’ (‘Virtual Private Cloud’) service that comes with various managed tools such as ‘NAT Gateway’ that allows a private subnet to connect to the internet securely.
AWS can also send information throughout the globe at high speeds with ‘Cloudfront’.
AWS uses ‘Route53’ for DNS workloads and allows users to access websites with a human-readable URL.
What Networking Services does Azure offer?
Azure’s Networking Services include:
- Azure Load Balancer
- Application Gateway
- Virtual Network
- Azure CDN
- Azure DNS
‘Azure Load Balancer’ is a service that operates on layer 4 (the transport layer) for TCP connection; similar to AWS’ ‘Network Load Balancer’.
‘Application Gateway’ is Azure’s version of AWS’ ‘Application Load Balancer’ that operates on layer 7 (the application layer) for HTTP connections.
Azure has a ‘Virtual Network’ that allows customers to host their cloud resources privately. ‘Virtual Network’ has useful tools including ‘Virtual Network NAT’ that allows private resources secure access to the internet, and ‘Virtual Network Peering’ that enables customers to connect two or more ‘Virtual Networks’ in Azure so resources can be shared between them.
Azure has a content delivery network called ‘Azure CDN’ that delivers content at a high speed to users all over the world.
Azure’s domain hosting service is called ‘Azure DNS’ and allows users to access websites with a human-readable URL.
What Networking Services does GCP offer?
GCP’s Networking Services include:
- Cloud Load Balancing Service
- VPC
- Cloud NAT
- Cloud CDN
- Cloud DNS
GCP contains various networking services very similar to Azure and AWS. GCP’s load balance service is called ‘Cloud Load Balancing Service’. However, unlike AWS and Azure, GCP load balances across the globe as well as internally which provides higher availability and provisioning flexibility.
Customers can configure a ‘VPC’ to host all their cloud services privately, while using services such as ‘Cloud NAT’ to control secure access of specific resources to the internet.
‘Cloud CDN’ provides high-speed content to users around the globe similar to ‘Azure CDN’.
GCP’s domain hosting service is called ‘Cloud DNS’ and allows users to access websites with a human-readable URL.
Networking Service Comparison
| Service Name | Type | AWS | GCP | Azure |
|---|---|---|---|---|
| Virtual Network Define and provision a logically isolated network for your resources. | Managed | VPC | VPC | Virtual Network |
| DNS and Domains Route users to Internet applications with a managed Domain Name System (DNS) service. | Managed | Route53 | Cloud DNS/ Domains | Azure DNS/ Traffic Manager |
| Load Balancing Automatically distribute traffic across a pool of resources, such as instances, containers, IP addresses, and functions. | Managed | Elastic Load Balancing | Cloud Load Balancing | Azure Load Balancer and Application Gateway |
| Private Link Provide private connectivity between VPCs, services, and on-premises applications. | Managed | PrivateLink | Private Service Connect | Private Link |
| Content Delivery Network Securely deliver data, videos, applications, and APIs to customers globally with low-latency and high-transfer speeds. | Managed | Cloudfront | CDN | CDN |
| Private Connection Add private network connectivity from your corporate network to cloud. | Managed | Direct Connect | Interconnect | ExpressRoute |
| Global Traffic Scalable and security-enhanced delivery point for global, microservice-based web applications. | Managed | Global Accelerator | Front Door | |
| API Management Create, maintain, and secure APIs at any scale. | Managed | API Gateway | Cloud Endpoints | API Management |
| Network Gateway Connect VPCs and on-premises networks through a central hub. | Managed | Transit Gateway | Cloud Router | Vnet Gateway |
| Service Map Discover services connected to your applications. | Managed | Cloud Map | ||
| VPN Gateway Securely use the internet to access Virtual Networks. | Managed | VPN Gateway | Hybrid Connectivity | VPN Gateway |
| NAT Gateway A service for giving your private resources internet access. | Managed | NAT gateway | Cloud NAT | Virtual Network NAT |
| Firewall Manager Centrally configure and manage firewall rules. | Managed | Firewall Manager | Firewall Manager | |
| Network Firewall Native firewall capabilities with built-in high availability and zero maintenance. | Managed | Network Firewall | Firewalls | Azure Firewall |
| Traffic Director Traffic control pane and management for open service mesh. | Managed | Traffic Director |
What are the Different Security Services offered by AWS, Azure, and GCP and how do they compare?
What Security Services does AWS offer?
Security is one of the most important aspects of the Cloud. AWS does a great job with this as they have some useful security services that can prevent disasters from occurring including:
- IAM
- Web Application Firewall
- Shield
- KMS
AWS has ‘IAM’ (‘Identity and Access Management’) which is central for managing permissions and access in the cloud.
AWS also has a service to protect applications from web attacks with AWS ‘Web Application Firewall’ and from DDOS Attacks with AWS ‘Shield’.
‘Shield’ has a standard and advanced tier. The advanced tier is significantly more expensive at $3,000 a month but provides more protection than the standard tier which has no additional charge.
AWS also comes with AWS ‘KMS’ (‘Key Management Service’) in order to manage encryption keys.
What Security Services does Azure offer?
Azure’s Security Services include:
- Active Directory
- DDOS Protection
- Web Application Firewall
- Key Vault
Azure’s ‘Active Directory’ is a cloud-native Active Directory service used for access management within the Cloud.
Azure also comes with security services such as Azure ‘DDOS Protection’ which protects applications from DDOS attacks and ‘Web Application Firewall’ (‘WAF’) which protects applications from web attacks.
Azure’s ‘Key Vault’ gives the customers the option to store and manage keys.
What Security Services does GCP offer?
Some of GCP’s Security Services include:
- IAM
- Cloud Armor
- Cloud Key Management
GCP consists of standard security services like ‘IAM’ which is similar to AWS ‘IAM’ for controlling access and permissions within the cloud.
GCP provides a service named ‘Cloud Armor’ which consists of both DDOS protection as well as WAF for applications.
GCP’s ‘Cloud Key Management’ provides the ability to store and manage encryption keys securely.
Security Service Comparison
| Service Name | Type | AWS | GCP | Azure |
|---|---|---|---|---|
| Application Protection Help protect your applications and websites against denial of service and web attacks. | Managed | Shield, Web Application Firewall | Armor | DDOS Protection, Web Application Firewall |
| Sensitive Information Store Safeguard cryptographic keys and other secrets used by cloud apps and services. | Managed | CloudHSM, Secrets Manager, KMS (Key Management Service) | Cloud Key Management, Cloud HSM, Secret Manager | Key Vault |
| Certificate Manager Provision, manage, and deploy public and private SSL/TLS certificates. | Managed | Certificate Manager | App Service Certificates available on the Portal | |
| Self-Service Portal No cost website that offers information and resources to help users find answers and resolve their issue for on-demand access to compliance reports. | Managed | Artifact | Service Trust Portal | |
| Information Protection Data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in the Cloud. | Managed | Macie | Cloud Data Loss Prevention | |
| Security Agent Security assessment service that helps improve the security and compliance of applications deployed on the Cloud. | Managed | Inspector | Web Security Scanner | Security Center |
| Threat Intelligence Detection Threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your account. | Managed | GuardDuty | Advanced Threat Protection | |
| Identity and Access Management Securely manage access to services and resources. | Unmanaged | IAM | IAM | Active Directory |
| Security Center Comprehensive view of your security alerts and security posture across your accounts. | Managed | Security Hub | Security Command Center | Security Center |
Summary with More Depth Comparison in Subsequent Articles
In conclusion, the three major cloud providers all provide valuable services in each of the 4 core cloud elements. They just approach ease of use, integration, and cost differently. The series of articles that will follow this high-level overview will be broken out into each of the cloud computing elements and go into an in-depth comparison of all the services you have learned about in this article.