AWS / AZURE / GCP COMPARED
These three top cloud providers are used daily by millions of users across the world – but what sets them apart? We take a magnifying glass to the features that matter.
For any modern business, it’s no longer a question of whether you should investigate moving your high availability IT services to the cloud; rather, it’s a matter of which clouds you should be using, which service offerings, and how to strategically deploy them to accomplish your business goals. From scalable storage of data to the compute power needed to analyze and transform data, the cloud has become a core component in the way enterprises run their business with competitive advantage in mind.
Dominating the Cloud Service Provider (CSP) market are three hyperscalers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). They consume an impressive 34%, 21%, and 10% respectively of the global cloud infrastructure market (as at June 2022), which is worth a staggering $203 billion.
And while they each generally share the same mission—to connect users across the globe to on-demand, “as a service” cloud consumption models—they each differ in their offerings, whether it be pricing modalities, storage capabilities, or hybrid multicloud use cases.
In this guide, we identify and assess some of the crucial criteria that you need to consider when shopping for cloud computing services from these major providers.
AWS offers over 200 fully-featured services from its global spread of data centers. Notable customers include BMW, Netflix, and Coca-Cola, but AWS serves millions of customers around the world, from start-ups to government agencies, and has been since 2006.
Azure was launched in 2010, offering more than 200 products and cloud services on its platform. Users can build, run, and manage applications across not only clouds but also on-premises, and at the edge. 95% of Fortune 500 companies trust their business with Azure. Notable customers include the NBA, American Cancer Society, and PepsiCo.
Google Cloud includes a broad suite of services accessed over the internet that help organizations go digital. Google Cloud Platform (which provides public cloud infrastructure for web-based applications) is a part of the larger Google Cloud suite. Since it first came online in 2008, some notable customers include LinkedIn, NewsCorp, Facebook, Verizon, and Twitch.
Features
While each CSP generally offers the same basic capabilities, like dedicated connections, storage, and compute, there are some variations that may make one CSP suit your needs over another, depending on your use case. Variations in offerings also mean multicloud could very well suit your enterprise: By opting for storage with AWS and computing with GCP, for example, you can avoid over-reliance on a single CSP.
The below table represents some of the key features of the highlighted CSPs, including their varying service naming:
Performance
Each of the CSPs offer varying performance speeds across their dedicated connections:
Gateways
AWS
AWS offers three native network routing services. Transit Gateway (TGW) is a cloud-based network gateway that allows customers to connect Virtual Private Clouds (VPCs) across different accounts in a hub-and-spoke topology, and is the third evolution in the feature set. The release was preceded by Direct Connect Gateway (DGW), which was announced in 2017, and prior to that, Virtual Private Gateway (VGW). TGW serves as the most inclusive release yet, with an expansion of features upon previous versions meaning more networking possibilities.
However, all three routing services are offered by AWS, and each suits different use cases: For example, VGW might be a great solution for a company looking to lower costs while operating in a single region, therefore having no need for the multi-region support that DGW and TGW offer.
Azure
Azure’s VNet is the fundamental building block for customer networks. VNet lets you create your own private space or “network bubble” in Azure, and is crucial to your cloud network as it offers isolation, segmentation, and other key benefits. Its prime function is to send traffic between an Azure virtual network and your business’ on-premises location over the public internet (but you can also use a VPN gateway to send traffic between VNets).
GCP
Google’s Cloud Router enables you to dynamically exchange routes between your Virtual Private Cloud (VPC) and peer network by using Border Gateway Protocol (BGP). Users can peer on their on-premises network, multicloud network, or another VPC network. Cloud Router has the ability to learn new IP addresses in your VPC network, and share them with the peering network.
Computing
Virtual Machines (VMs), commonly referred to as “instances,” are used in servers for various purposes, and act as the “motor that practically runs every aspect of our modern life.”
AWS
AWS offers computing through its EC2. These are highly customizable: Users can expand storage, add additional network interfaces, add resiliency leveraging Availability Zones, and more. AWS allows you to only pay for the capability you use, and offers different types of instances including on-demand, spot, and reserve, which can all benefit different use cases.
Azure
Azure’s compute solution is its Virtual Machines (VMs). This provides users with tools like Cloud Services and Resource Manager to help with cloud application deployment and Azure Autoscaling.
GCP
Compute Engine VMs deliver configurable virtual machines running in Google’s data centers. These are customizable to your needs and can be created quickly, and host a lot of storage space.
Below are the various billing models on offer from each of the leading CSPs:
Security
There are three key factors that are important to consider when evaluating the security of cloud vendors: physical security (protecting enterprise data centers), technical security (monitoring network traffic and fixing vulnerabilities), and data access (controlling who has access to which data, and encryption functionality). Depending on your enterprise size and needs, you may need tighter protection in some areas, while look to save costs in other areas on measures you don’t need.
AWS
AWS shares its security products and features in this whitepaper. AWS provides security-specific tools and features across network security, configuration management, access control, and data security. In addition, AWS provides monitoring and logging tools to provide visibility into what is happening in your cloud environment.
AWS provides several security capabilities and services to increase privacy and control network access. These include:
Azure
Microsoft offers two key security solutions:
Recommended by LinkedIn
GCP
GCP’s infrastructure security whitepaper goes into detail describing the layers of security measures, starting with hardware and ending with operational security. Some of the components include:
Pricing
Deciphering the costs for cloud services can be a daunting task, especially when CSPs differ in their pricing models, also varying by solution. This section provides a high-level overview of the charges you can expect to be billed as an enterprise customer. As a note, you should always verify pricing using the various cloud provider website links provided and work with your cloud provider representative to fully understand the pricing for your particular solution.
Learn more about AWS product and service pricing.
Learn more about Azure product and service pricing.
Learn more about GCP product and service pricing.
Egress fees
While you can migrate as much data into a CSP as you want for free, you’ll be charged per GB of data when you migrate it out – hence egress, meaning “leaving.” These costs may run up behind-the-scenes as applications continue to extract data, and are billed in arrears. Egress fees can vary depending on the volume of data you move, as well as where you move it to (transferring data among availability zones will come at a lower cost, but moving across continents, for example, could raise your cloud bill significantly). Plus, all of these fees are charged at a higher rate when routing traffic or data via a public connection, like the internet.
Egress rates per GB (in $USD)
AWS
Azure
GCP
Dedicated connections
There are numerous benefits to using a CSP’s dedicated network connection to connect to its respective cloud rather than the public internet, similar to the benefits of using a private cloud over a public one. These include bolstered security, greater oversight and control, and more stable performance. Each CSP’s dedicated connection serves as a protected, private path for your workload to travel between your premises and the cloud.
AWS
AWS Direct Connect is the “shortest path to your AWS resources.” With Direct Connect, your network traffic remains on AWS’ global network and therefore never touches the public internet, reducing the chances of bottlenecking or latency.
Azure
Azure ExpressRoute acts similarly and allows you to create private connections between Azure data centers and your own data centers or on-premises infrastructure. Connecting via ExpressRoute can be useful for companies heavily relying on Microsoft cloud for services such as virtual compute, database service, or cloud storage, as is also the case with AWS cloud products.
With Azure ExpressRoute, you can configure both Microsoft peering (to access public resources) and private peering over the single logical layer 2 connection. Each ExpressRoute comes with two configurable circuits that are included when you order your ExpressRoute. With the standard ExpressRoute, you can connect multiple VNets within the same geographical region to a single ExpressRoute circuit and can configure a premium SKU (global reach) to allow connectivity from any VNet in the world to the same ExpressRoute circuit.
GCP
Over GCP’s Interconnect, you can only natively access private resources. If connectivity to GCP public resources (such as cloud storage) is required, you can configure private Google access for your on-premises resources. This does not include GCP’s SaaS offering, G Suite. In order to reach G Suite, you can always ride the public internet or configure peering using an IX. With the GCP Cloud Router having 1:1 mapping with a single VPC and region, the peerings (or rather VLAN attachments) are created on top of the Cloud Router. This functionality and model is similar to AWS Direct Connect and creating a virtual network interface (VIF) directly on a VGW.
Regions and availability
Each of the three leading hyperscalers also vary in their global and regional availability. This is especially important to consider for enterprises that operate across multiple regions, as well as when needing to support a distributed and remote workforce. And while each CSP defines regions and zones slightly differently, they can generally be defined by the following.
While a region refers to separate geographic areas (such as countries), availability zones are multiple, unique, and isolated locations within these regions. These availability zones may be a single or grouped selection of data centers that serve adjacent enterprises, and are “engineered to be isolated from failures in other availability zones” to ensure redundancy. Zones provide the ability to place cloud functions, such as storage, closer to various end users.
AWS was the earliest in the cloud domain market by several years, which means that they’ve had more time to establish and expand their network. So, AWS is hosting in many locations worldwide. Azure and GCP are also hosting in many, but the difference is in the number of their respective availability zones.
Storage
Each CSP offers three tiers of storage functionality: 1. File, 2. Block, and 3. Object. While file storage organizes data into a hierarchy of files in folders, block storage groups data into arbitrarily organized, evenly sized volumes, and object storage manages data and links it to its associated metadata.
There are a handful of commonalities among the three CSPs storage solutions. They all offer:
AWS — Amazon Simple Storage Service (S3)
Azure — Azure Blob Storage
GCP — Cloud Storage