Cloud Terminology Mapping

Learn how OCI terms and concepts correspond to those in other cloud environments.

Use the tables in this topic to match OCI resource names to similar resources in Azure.

The terms are grouped as follows:

While the terms mapped in these tables are mostly equivalent, the features and capabilities of the listed items might differ slightly between the cloud environments. There might also be other services or limitations relevant to your deployment that aren't documented here. See the cloud service documentation of each cloud provider for more information on using these services effectively.

For a comprehensive service comparison, see "Compare OCI with AWS, Azure, and Google Cloud".

Account and Tenancy Concepts

Term or concept	OCI	AWS	Azure	Google Cloud
Isolated collection of regions	Realm	Partition	Cloud	not applicable (global by design)
Localized geographic area	Region	Region	Region	Region
One or more data centers located within a region	Availability Domains (AD)	Availability Zone (AZ)	Availability Zone (AZ)	Availability Zone
Hardware grouping within a data center	Fault Domains	not applicable	Fault domains	Failure Domain
Top management group	Organization and Parent Tenancy	Organization	Root Management Group and Subscriptions	Organization
Multiple account management	Organization	Organization	Management Groups	Organization
Organizing resources	Compartments	not applicable (see AWS and Compartmentalization for more information)	Subscriptions and Resource Groups	Folders and projects
Metadata for resources	Tags	Tags	Tags	Labels
IAM resource location	Home region	AWS commercial regions: IAM control plane located in US East (N. Virginia) (see Resilience in AWS Identity and Access Management for more information)	Tenant Location	not applicable (global by design)

Security

Term or concept	OCI	AWS	Azure	Google Cloud
Identity and access management (IAM)	OCI Identity Domain	Identity and Access Management (IAM)	Entra ID (formerly Azure Active Directory)	Identity and Access Management (IAM)
Access control assignment	Managing Groups	IAM Groups, Roles and Users	Entra ID roles	IAM Access Management
Audit	OCI Audit	AWS CloudTrail AWS Config, AWS Audit Manager	Activity Log	Cloud Audit Logs
Key management: Hardware security modules (HSMs)	OCI Vault	AWS Key Management AWS Secrets Manager	Key Vault	Cloud Key Management
Key management: Single-tenant HSM partition	Private Vault or Dedicated KMS	AWS CloudHSM	Key Vault Managed HSM	Cloud HSM
Key management: Oracle-optimized software appliance	Oracle Key Vault (OKV)	not applicable	not applicable	not applicable
Security monitoring	OCI Cloud Guard	Amazon GuardDuty AWS Security Hub	Defender for Cloud	Security Command Center
Security monitoring, assessment, and advice	OCI Cloud Guard	AWS Trusted Advisor AWS Security Hub	Microsoft Sentinel	Security Command Center
Access governance	Oracle Access Governance	AWS Artifact AWS Identity and Access Management AWS Audit Manager	Microsoft Entra ID Governance	Access Context Manager

Networking

Term or concept	OCI	AWS	Azure	Google Cloud
Virtual network	OCI Virtual Cloud Network (VCN)	Amazon Virtual Private Cloud (Amazon VPC)	Virtual Network (VNET)	Virtual Private Cloud
Network traffic control: Subnet-based	Security Lists (SL)	security groups	Network Security Group (NSG)	VPC firewall rules
Network traffic control: Rule or group-based	Network Security Groups	network access control lists	Application Security Groups (ASG)	VPC firewall rules
Internet connectivity: inbound and outbound traffic	Internet Gateway and public subnet	internet gateway	Network Security Group (NSG) rule	internet gateway
Internet connectivity: outbound traffic	NAT Gateway	NAT devices (gateways and instances)	NAT Gateway	Cloud NAT
Service network connectivity - without traversing the internet	Service Gateway (SGW)	AWS PrivateLink	Service Endpoints	Private Service Connect
Hybrid connectivity	Dynamic Routing Gateways	AWS Direct Connect gateways	VNET Gateway - ExpressRoute	HA VPN over Cloud Interconnect
Virtual network connectivity: same region	Local VCN peering	VPC peering	VNet Peering	VPC Peering
Virtual network connectivity: across regions	Remote VCN peering	VPC peering	Global VNet Peering	VPC Peering
Private network connectivity	FastConnect	AWS Direct Connect	ExpressRoute	Cloud Interconnect
Virtual Private Network (VPN) connectivity	Site-to-Site VPN	Virtual Private Network (VPN)	VNET Gateway - VPN	Cloud VPN
Public DNS	OCI DNS: public zones	Amazon Route 53	Azure DNS	Cloud DNS (Public)
Private DNS	OCI DNS: private zones	Amazon Route 53 private hosted zones	Azure Private DNS	Cloud DNS (Private)
Load balancing: Global traffic	OCI DNS: Traffic Management	Elastic Load Balancing	Azure Traffic Manager	Cloud Load Balancing (global)
Load balancing: Network (L3 or L4)	OCI Network Load Balancer	Network Load Balancer	Azure Load Balancer	Cloud Load Balancing (regional)
Load balancing: Application (L7)	OCI Load Balancer	Application Load Balancer	Azure Application Gateway	Internal Application Load Balancer
Firewall: Network (L3 or L4)	Network Firewall	AWS Network Firewall	Azure Firewall	VPC firewall rules
Firewall: Application (L7)	Web Application Firewall	AWS WAF (web application firewall)	Web Application Firewall	Cloud Armor
DDoS protection: Network layer (L3 or L4)	Network Firewall and NGFW	AWS Shield	DDoS Protection	Cloud Armor
DDoS protection: Application (L7)	Web Application Firewall: DDoS Mitigation	AWS Shield	Azure Web Application Firewall and Frontdoor	Cloud Armor

Management and Operations

Term or concept	OCI	AWS	Azure	Google Cloud
Resource management	OCI Resource Manager	AWS CloudFormation	Azure Resource Manager	Deployment Manager
Monitoring	OCI Monitoring	Amazon CloudWatch AWS CloudTrail	Azure Monitor	Cloud Monitoring
Alert notification	OCI Notifications	Amazon SNS (Simple Notification Service) Amazon Simple Queue Amazon EventBridge	Azure Monitor Alert	Cloud Monitoring (Alerting)
Logging	OCI Logging	Amazon CloudWatch AWS CloudTrail	Azure Monitor Logs	Cloud Logging
Cloud event routing	OCI Events	Amazon CloudWatch	Event Grid	Eventarc
Messaging	OCI Streaming	AWS End User Messaging SMS	Service Bus	Pub/Sub

Compute

Term or concept	OCI	AWS	Azure	Google Cloud
Multi-tenant virtual machines	OCI Virtual Machine Instances	Amazon EC2 (Elastic Compute Cloud)	Azure Virtual Machines	Compute Engine
Single tenant virtual machines	OCI Dedicated Virtual Machine Hosts	Amazon EC2 Dedicated Instances	Azure Dedicated Hosts	Sole-Tenant Nodes
Bare metal hosts	OCI Bare Metal Instances	Amazon EC2 Dedicated Hosts	Azure BareMetal Infrastructure	Bare Metal Solution
Managed Kubernetes service	OCI Kubernetes Engine (OKE)	Amazon EKS (Elastic Kubernetes Service)	Azure Kubernetes Service (AKS)	Google Kubernetes Engine (GKE)
Container registry	OCI Container Registry	Amazon ECR (Elastic Container Registry)	Azure Container Registry	Artifact Registry
Serverless	OCI Functions	AWS Lambda	Azure Functions	Cloud Run Functions

Storage

Term or concept	OCI	AWS	Azure	Google Cloud
Object storage	Object Storage	Amazon S3 (Simple Storage Service)	Blob Storage	Cloud Storage
Archival storage	Archive Storage	Amazon S3 Glacier	Blob Storage (archive access tier)	Cloud Storage (Coldline, Archvie)
Block storage	Block Volumes	Amazon Elastic Block Store	Managed disks	Persistent Disk volumes
Shared file system	File Storage	Amazon Elastic File System	Azure Files	Filestore

Oracle Cloud Infrastructure Documentation