Last updated on July 25, 2023
AWS vs Azure Services Comparison Cheat Sheet
To help you learn the different Microsoft Azure services, we’ve come up with this AWS vs Azure services comparison. If you already have some background in AWS (or cloud computing in general) either through work experience or AWS certifications then you won’t have a hard time learning Microsoft Azure.
The following shows the related AWS and Azure services based on function and capabilities. Each AWS service in this list has a similar service in Azure.
Compute
Amazon EC2 vs. Azure Virtual Machine
Amazon EC2 |
Azure VM |
|
Description |
A virtual server that supports both Linux and Windows operating systems. |
A Linux-based / Windows-based virtual server that you can provision. |
Configurations |
EC2 configurations are called instance types. |
Virtual machines configurations are called VM series |
Images |
AMI or operating systems are stored in a root volume. |
VM Images or operating systems are stored in an OS disk. |
OS Volumes |
Root volume type: General purpose SSD (gp2), Provisioned IOPS SSD (io1 and io2), and Magnetic (standard |
OS disk type: Standard HHD, Standard SSD, and Premium SSD |
Storage Volumes |
Persistent storage volumes for your data using Elastic Block Storage volumes. |
Persistent storage volumes for your data using Azure Disk. |
Encryption |
Encrypt EBS volumes with AWS KMS. |
Encrypt OS and data disks with Azure SSE. |
Script |
Add a script that will be run on an instance boot called user-data. |
Add a script that will be run into the virtual machine while it is being provisioned called custom data. |
Security |
Security group enables you to create security rules to allow the traffic going to your instances. |
NIC network security group enables you to create security rules to allow or deny the traffic going to your virtual machine. |
Monitoring |
Monitor the performance of your EC2 instances with Amazon CloudWatch. |
Monitor the performance of your virtual machines with Azure monitor. |
Network |
All EC2 instances are launched in an isolated network called VPC. |
All virtual machines are launched in an isolated network called VNet. |
Other Compute Services Comparison
- AWS Batch and Azure Batch – provision tens, hundreds, or thousands of compute resources based on the job requirements.
- AWS Auto Scaling and Azure VM Scale Sets – increase or decrease the number of your resources as demand changes.
- AWS Lambda and Azure Functions – a serverless computing platform to run code in response to events.
- Amazon ECS, AWS Fargate, and Azure Container Instances – run containerized applications without managing any servers.
- Amazon ECR and Azure Container Registry – a repository to store and manage container images.
- Amazon EKS and Azure Kubernetes Service – simplify the management of your containerized applications across a cluster of nodes.
Storage
Amazon S3 vs. Azure Blob
Amazon S3 |
Azure Blob |
|
Description |
Object storage service of AWS |
Object storage service of Azure. |
Components |
S3 is composed of Buckets and objects. |
Blob storage resources: Storage Account, Container, and Blob |
Max File Size |
The maximum file size for each object is 5 TB. |
The maximum file size for each blob: Block (190.7 TiB), Append (195 GiB), and page (8 TiB). |
Max Storage Size |
Bucket capacity is virtually unlimited. |
Single blob container size is the same as the maximum storage account capacity. |
Tiers |
S3 tiers: Standard, Standard-IA, One Zone-IA, Intelligent – Tiering, Glacier, Deep Archive |
Blob tiers: Hot, Cool, and Archive. |
Durability |
Data durability across multi-AZ is 11 9’s. |
Data durability across LRS (11 9’s), ZRS (12 9’s), GRS, and RA-GRS, and RA-GRS (16 9’s). |
Replication |
Copy objects across S3 buckets in different AWS Regions using Cross-Region Replication. |
Copy block blobs between a source and destination account using Object Replication. |
CDN |
Cache content from a static website with Amazon CloudFront. |
Cache content from a static website with Azure CDN. |
Encryption |
Encrypt objects using Client-Side and Server-Side Encryption. |
Encrypt storage account using Microsoft- and Customer-manage keys. |
Endpoint |
Endpoint: <tutorialsdojo> .s3. <region> .amazonaws.com |
Endpoint: <tutorialsdojo> .blob.core.windows.net |
Other Storage Services Comparison
- Amazon EBS and Azure Disk – a disk storage to store your data and operating system.
- Amazon EFS and Azure Files – create and configure file systems and share your files across multiple resources.
- AWS Storage Gateway and Azure StorSimple – simplify storage management by using a hybrid cloud storage solution.
- AWS Snow Family and Azure Data Box – transfer petabytes and exabytes of data to the cloud.
Database
Amazon RDS vs. Azure SQL
Amazon RDS |
Azure SQL |
|
Description |
Configure and scale a relational database in the cloud. |
Fully managed and intelligent relational database in the cloud. |
DB Engines |
Database engines: Amazon Aurora, PostgreSQL, Oracle, MariaDB, and Microsoft SQL Server |
Database Engine: Microsoft SQL Server |
Serverless |
The serverless database is called Amazon Aurora Serverless. |
The serverless database is called Azure SQL Database serverless, |
Templates |
DB templates are Free Tier, Dev/Test, and Production. |
DB templates are Basic, Standard, and Premium. |
Performance |
DB performance: Standard, Memory-Optimized, and Burstable Classes |
DB performance: General Purpose, Hyperscale, and Business Critical |
High Availability |
Eliminate a single point of failure with Multi-AZ deployment. |
Eliminate a single point of failure with zone redundant configuration. |
Secondary DB |
Create readable secondary databases in the same or different region with read replicas |
Create readable secondary databases in the same or different region with active geo-replication |
Backup |
Automated backups retention period up to 35 days. |
|
Monitoring |
Monitor the metrics of your database with Amazon CloudWatch |
Monitor the metrics of your database with Azure Monitor. |
Endpoint |
Endpoint: rds. <region> .amazonaws.com |
Endpoint: <server_name> .database.windows.net |
Other Database Services Comparison
- Amazon DynamoDB and Azure Cosmos DB – a database model for document and key-value stores.
- Amazon Redshift and Azure Synapse Analytics – a cloud data warehouse service used for analytics and business intelligence tools.
- Amazon ElastiCache and Azure Cache for Redis – an in-memory-based caching service to improve the performance of your existing database.
- AWS DMS and Azure DMS – automate the migration of your data from multiple databases.
Networking
Amazon VPC vs. Azure VNet
Amazon VPC |
Azure VNet |
|
Description |
A virtual network service in AWS where you can launch your resources. |
An isolated network service in Azure to run your VMs and applications. |
Default |
Default VPC in each region. |
Default VNet is not existing. |
Reserved IP address |
AWS reserves 5 IP addresses within each subnet. |
|
Subnets |
Subnets are from /28 to /16. |
Subnets are from /29 to /8. |
Subnet Types |
Subnets types: Private, Public and VPN-only |
Subnets types: Private, Public and Gateway |
Static IP address |
You can assign a static IPv4 to your resources with Elastic IP address |
You can assign a static IPv4 and IPv6 address to your resources. |
Security |
Secure your network using NACLs and Security Groups. |
Secure your network using NSGs and ASGs. |
Gateways |
Types of gateways: Internet Gateway, Egress-only, NAT Gateway, Virtual Private Gateway, and Customer Gateway |
Types of gateways: VPN Gateway and ExpressRoute Gateway |
Route Table |
By default, subnets are automatically associated with the main route table. |
Route tables are not automatically associated with your subnets. |
Peering |
A VPC peering enables communication between two VPCs. |
A VPC peering enables the communication between virtual networks. |
Other Networking Services Comparison
- AWS VPN Gateway and Azure VPN Gateway – secure connection from your on-premises network to your cloud private network.
- Amazon Route 53 and Azure DNS – helps you manage your DNS records.
- AWS Direct Connect and Azure ExpressRoute – dedicated private connection between the cloud provider and your data center.
- Amazon ELB: NLB and Azure Load Balancer – layer 4 load balancer for TCP and UDP protocols.
- Amazon ELB: ALB and Azure Application Gateway – load balancer for layer 7 traffic (SSL termination, cookie stickiness, and round-robin routing).
Security and Identity
AWS Identity & Access Management (IAM) vs. Azure Active Directory & RBAC
AWS IAM |
Azure AD & RBAC |
|
Description |
Create and manage users, Groups, roles, and policies in your account. |
Create users and group with Azure Active Directory. |
MFA |
Secure your account by activating MFA. |
Secure your account by activating MFA in Azure AD. |
Groups |
IAM groups allow you to organize a large number of IAM users. |
Azure AD allows you to assign a large number of users to groups. |
Roles |
Delegate administrator roles using identity–based policies. |
Delegate administrator roles using Azure AD. |
Access |
Access resources only in the AWS console |
Azure AD supports hybrid identity to access resources in the cloud or on-premises. |
Monitoring |
Monitor the status of your user accounts with a credential report. |
Monitor the security and usage patterns of your environment with Azure AD reports and monitoring. |
Domain |
Unique account sign-in page URL: https://<My_AWS_Account_ID>.signin.aws.amazon.com/console/ |
The domain name of Azure AD tenant: <Azure_Tenant>.onmicrosoft.com |
Permission |
Grant users temporary permission using IAM roles. |
RBAC enables you to grant users certain roles to access specific resources. |
Policy |
A collection of permission written in JSON is called IAM policies. |
A collection of permissions written in JSON is called role definition in RBAC. |
Multiple roles |
You can assign multiple permissions to an IAM user. |
You can assign multiple roles to a resource group with RBAC. |
Other Security and Identity Services Comparison
- AWS WAF and Azure WAF on Application Gateway – protects web applications from common exploits and vulnerabilities.
- AWS Shield and Azure DDoS Protection – protect your resources from denial of service attacks.
- AWS KMS and Azure Key Vault – create and manage the keys used to encrypt your data.
- AWS Trusted Advisor and Azure Advisor – provides recommendations in operational excellence, security, performance, reliability, and cost.
References:
https://aws.amazon.com/
https://docs.microsoft.com/en-us/azure/architecture/aws-professional/